Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/DDtumwQZDK6NPAtsynzmKtbEjls.roa
File:                     DDtumwQZDK6NPAtsynzmKtbEjls.roa (raw, json)
Hash identifier:          Ii5VqtMkL758FgD6Vt/O0v44SYOnFMG+hQ9y8+DSxQE=
Subject key identifier:   0C:3B:6E:9B:04:19:0C:AE:8D:3C:0B:6C:CA:7C:E6:2A:D6:C4:8E:5B
Certificate issuer:       /CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
Certificate serial:       018CC8DF7631B3CA534BF4AC1B97BD20585D
Authority key identifier: 57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/DDtumwQZDK6NPAtsynzmKtbEjls.roa
Signing time:             Tue 02 Jan 2024 06:32:17 +0000
ROA not before:           Tue 02 Jan 2024 06:32:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61302
IP address blocks:        178.236.227.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 01 Mar 2024 08:41:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:76:31:b3:ca:53:4b:f4:ac:1b:97:bd:20:58:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
        Validity
            Not Before: Jan  2 06:32:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0c3b6e9b04190cae8d3c0b6cca7ce62ad6c48e5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:da:b4:32:ae:f0:61:93:a2:42:26:70:37:2e:
                    6f:9f:13:b2:34:80:00:56:61:8c:26:09:a9:5f:96:
                    f5:30:27:d1:06:5c:3c:c6:a2:a6:5e:78:45:c9:ce:
                    47:ab:03:d1:72:98:73:92:45:ef:7f:63:10:ed:88:
                    d1:6b:fe:cd:6d:d5:35:89:d4:6f:6e:59:6c:57:9b:
                    46:4b:77:fe:01:a1:b9:17:73:e8:49:8f:e8:c1:fe:
                    68:09:47:35:21:01:d6:68:ca:23:52:68:c8:08:2c:
                    bc:cf:c3:96:d7:93:e9:a0:6c:2d:11:26:af:92:3e:
                    09:ec:b8:db:9a:91:9b:40:7c:84:90:55:8d:4a:a4:
                    87:41:af:22:70:a7:1e:77:6c:cd:09:c7:24:3c:94:
                    ea:90:fc:7a:fb:32:96:31:c4:bd:d5:38:5a:17:42:
                    69:30:f4:d4:dc:09:66:c5:f5:b8:5b:ef:c6:06:33:
                    05:f3:f3:11:64:45:89:68:d4:69:18:69:72:d4:53:
                    8d:dd:9c:10:d6:2f:6d:f8:ed:3e:0e:19:9c:ca:b2:
                    01:0a:7a:61:ea:7f:1c:de:e7:bb:eb:3d:b7:a6:e0:
                    6a:96:0d:87:ff:f9:4c:63:76:8c:01:81:52:40:65:
                    1c:88:90:1a:64:82:8c:8b:09:a6:d3:27:0d:8b:79:
                    a5:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:3B:6E:9B:04:19:0C:AE:8D:3C:0B:6C:CA:7C:E6:2A:D6:C4:8E:5B
            X509v3 Authority Key Identifier:
                keyid:57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/DDtumwQZDK6NPAtsynzmKtbEjls.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/V5Sv215qGIV4CSClT_qCQI6oW6E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.236.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:04:d4:f4:94:71:d3:72:32:c2:f8:51:6e:d3:28:f5:ad:af:
         12:d4:d8:8e:10:a0:04:9d:96:31:fe:8f:e4:6e:63:f8:52:2a:
         28:12:ae:5f:4e:99:6b:e3:72:ff:3c:1b:19:12:15:a5:60:5d:
         a9:2e:d3:4a:80:64:7d:3b:46:0f:3b:16:40:3e:9e:64:9b:88:
         85:87:cb:5b:c6:c1:9e:3e:aa:d0:ad:1d:95:38:36:55:18:6b:
         2e:2d:7c:8b:9c:5a:3c:6b:a0:7a:2b:93:26:d3:1c:c8:b9:8e:
         67:31:5f:18:88:2d:00:ec:ab:e9:d3:df:73:86:d8:2f:f1:f4:
         51:51:e0:a3:e1:c0:5b:b1:f9:f4:1e:de:a0:3b:7e:b4:7f:7c:
         9d:5a:bf:dc:29:89:f3:b9:8d:8d:3c:f6:cc:9c:ef:5d:95:0c:
         d2:0f:59:a5:0b:91:4b:48:f7:29:30:67:52:69:1c:d3:d0:2b:
         b2:6e:15:a6:6a:a1:60:28:88:e7:e6:f0:4a:8f:21:5c:d1:97:
         3a:0f:4c:c6:9c:d7:83:f3:22:d8:56:c9:d1:0f:b5:20:9b:1c:
         48:02:1e:a6:8a:c1:c1:6e:be:1a:72:7e:21:ca:96:ce:5b:25:
         be:64:a1:28:92:59:42:76:82:68:fa:14:6b:93:a0:21:4e:c8:
         fb:fa:54:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI33Yxs8pTS/SsG5e9IFhdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OTRhZmRiNWU2YTE4ODU3ODA5MjBhNTRmZmE4MjQwOGVh
ODViYTEwHhcNMjQwMTAyMDYzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzNiNmU5YjA0MTkwY2FlOGQzYzBiNmNjYTdjZTYyYWQ2YzQ4ZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9q0Mq7wYZOiQiZwNy5vnxOyNIAA
VmGMJgmpX5b1MCfRBlw8xqKmXnhFyc5HqwPRcphzkkXvf2MQ7YjRa/7NbdU1idRv
bllsV5tGS3f+AaG5F3PoSY/owf5oCUc1IQHWaMojUmjICCy8z8OW15PpoGwtESav
kj4J7LjbmpGbQHyEkFWNSqSHQa8icKced2zNCcckPJTqkPx6+zKWMcS91ThaF0Jp
MPTU3AlmxfW4W+/GBjMF8/MRZEWJaNRpGGly1FON3ZwQ1i9t+O0+DhmcyrIBCnph
6n8c3ue76z23puBqlg2H//lMY3aMAYFSQGUciJAaZIKMiwmm0ycNi3mlXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAw7bpsEGQyujTwLbMp85irWxI5bMB8GA1UdIwQY
MBaAFFeUr9teahiFeAkgpU/6gkCOqFuhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVTdjIxNXFHSVY0Q1NDbFRfcUNRSTZvVzZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kZGNlNGQtOTkxMi00ODdkLWI1NWQt
NDdkODJhNDFhOGYzLzEvRER0dW13UVpESzZOUEF0c3luem1LdGJFamxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9kZGNlNGQtOTkxMi00ODdkLWI1NWQtNDdkODJhNDFhOGYz
LzEvVjVTdjIxNXFHSVY0Q1NDbFRfcUNRSTZvVzZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsuzjMA0G
CSqGSIb3DQEBCwUAA4IBAQBvBNT0lHHTcjLC+FFu0yj1ra8S1NiOEKAEnZYx/o/k
bmP4UiooEq5fTplr43L/PBsZEhWlYF2pLtNKgGR9O0YPOxZAPp5km4iFh8tbxsGe
PqrQrR2VODZVGGsuLXyLnFo8a6B6K5Mm0xzIuY5nMV8YiC0A7Kvp099zhtgv8fRR
UeCj4cBbsfn0Ht6gO360f3ydWr/cKYnzuY2NPPbMnO9dlQzSD1mlC5FLSPcpMGdS
aRzT0CuybhWmaqFgKIjn5vBKjyFc0Zc6D0zGnNeD8yLYVsnRD7UgmxxIAh6misHB
br4acn4hypbOWyW+ZKEokllCdoJo+hRrk6AhTsj7+lTY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:19 2024 by rpki-client on console-fra.rpki-client.org