Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/0287cf-853b-4516-9f06-452ec3a9588b/1/RW3AP6aufsCOr7vDbdva82_nSoQ.roa
File:                     RW3AP6aufsCOr7vDbdva82_nSoQ.roa (raw, json)
Hash identifier:          tk9crsfJ2m7XFKfHSHSqxm3ZFfr7qGyXjLCVwlZuOQQ=
Subject key identifier:   45:6D:C0:3F:A6:AE:7E:C0:8E:AF:BB:C3:6D:DB:DA:F3:6F:E7:4A:84
Certificate issuer:       /CN=fc7d4ab7761aba24f33d5b6dfbc27cab738bb5ee
Certificate serial:       0185719E793746E8F3CAAB512CA7B68336CD
Authority key identifier: FC:7D:4A:B7:76:1A:BA:24:F3:3D:5B:6D:FB:C2:7C:AB:73:8B:B5:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_H1Kt3YauiTzPVtt-8J8q3OLte4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/0287cf-853b-4516-9f06-452ec3a9588b/1/RW3AP6aufsCOr7vDbdva82_nSoQ.roa
Signing time:             Mon 02 Jan 2023 08:34:49 +0000
ROA not before:           Mon 02 Jan 2023 08:34:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        185.1.109.0/24 maxlen: 24
                          2001:7f8:c3::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:9e:79:37:46:e8:f3:ca:ab:51:2c:a7:b6:83:36:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc7d4ab7761aba24f33d5b6dfbc27cab738bb5ee
        Validity
            Not Before: Jan  2 08:34:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=456dc03fa6ae7ec08eafbbc36ddbdaf36fe74a84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:a0:f9:5c:00:cc:25:b0:9f:d5:aa:77:e6:15:
                    cc:06:ae:82:19:10:c9:eb:1c:bf:50:d0:16:69:39:
                    80:79:a0:5d:cf:97:cc:d4:bb:fe:4f:b7:00:6e:aa:
                    ab:f4:77:3b:da:a8:d7:1e:92:d6:a6:55:5f:9e:83:
                    40:bb:2e:86:32:1d:74:67:fa:a3:4e:30:fe:64:fd:
                    e9:44:ab:51:0e:0f:d3:c1:8a:28:48:c3:5c:aa:ac:
                    3f:f8:9c:51:87:1f:36:3f:b7:56:43:1d:45:f6:0a:
                    7e:b8:20:e1:df:d6:a2:d7:52:cb:2d:90:e0:c6:03:
                    38:d6:07:21:c1:9a:dd:57:f4:8e:c6:18:eb:5a:38:
                    67:55:c6:58:c1:49:0b:7c:be:83:9e:cb:cb:7d:43:
                    71:be:8d:af:f2:9d:36:a9:7f:5f:8b:f2:35:50:4b:
                    61:06:54:ac:bd:a8:0e:be:61:10:10:80:ef:fb:35:
                    48:38:4f:8f:cd:87:eb:17:7b:6b:f1:88:b1:e4:9c:
                    a0:07:88:77:ce:a3:46:a7:d7:fd:ac:fb:b2:f0:14:
                    d2:46:7f:c7:49:cd:fa:ed:bd:03:62:cb:d9:ed:64:
                    f6:61:99:5b:5a:cd:e7:83:e5:74:8a:d0:ba:0c:0e:
                    37:63:08:b9:05:55:1e:36:4b:de:1a:c7:3a:db:f3:
                    de:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:6D:C0:3F:A6:AE:7E:C0:8E:AF:BB:C3:6D:DB:DA:F3:6F:E7:4A:84
            X509v3 Authority Key Identifier:
                keyid:FC:7D:4A:B7:76:1A:BA:24:F3:3D:5B:6D:FB:C2:7C:AB:73:8B:B5:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_H1Kt3YauiTzPVtt-8J8q3OLte4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0287cf-853b-4516-9f06-452ec3a9588b/1/RW3AP6aufsCOr7vDbdva82_nSoQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0287cf-853b-4516-9f06-452ec3a9588b/1/_H1Kt3YauiTzPVtt-8J8q3OLte4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.1.109.0/24
                IPv6:
                  2001:7f8:c3::/48

    Signature Algorithm: sha256WithRSAEncryption
         c1:10:5d:ea:e5:c6:b5:08:7b:c8:a3:a7:f0:9c:71:4a:c5:c8:
         b4:ab:60:fe:ed:0b:6f:71:75:93:f8:3c:e5:18:e9:db:dd:61:
         9e:82:6d:a6:59:c9:66:e7:c8:09:ae:3e:fd:73:26:6e:e1:87:
         92:a7:18:57:e5:d6:e6:04:a0:95:31:45:50:3d:4b:f7:2f:6c:
         0f:98:61:ac:07:1d:36:a3:63:ec:80:18:f6:83:77:dc:09:73:
         1d:1e:01:50:73:d6:66:b0:2e:73:c5:ec:2f:a9:90:1b:6a:db:
         25:45:a1:4d:41:6d:83:91:d4:04:f8:bc:33:cd:83:e4:49:bc:
         8d:0e:4b:f0:a6:b1:5a:db:64:11:10:1e:aa:57:22:fa:96:13:
         17:0b:e1:af:19:69:59:ab:91:d8:f3:57:55:da:59:98:c6:a9:
         83:03:d4:6c:70:36:b1:ae:b7:5a:de:90:f6:1c:99:97:f9:11:
         e5:54:53:f6:d9:7b:b0:58:e8:73:5c:0c:2d:fe:2a:15:85:02:
         20:ac:b2:e5:c7:55:dc:3b:bd:c7:23:26:5f:04:95:44:1c:8b:
         bb:0f:13:fc:9d:1d:02:ab:d4:81:a3:14:55:e2:2b:f5:d7:ee:
         9c:5e:77:da:2c:4b:03:16:fe:05:c8:3c:ea:67:6c:43:ad:c9:
         73:34:cf:db
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxnnk3RujzyqtRLKe2gzbNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjN2Q0YWI3NzYxYWJhMjRmMzNkNWI2ZGZiYzI3Y2FiNzM4
YmI1ZWUwHhcNMjMwMTAyMDgzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTZkYzAzZmE2YWU3ZWMwOGVhZmJiYzM2ZGRiZGFmMzZmZTc0YTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaD5XADMJbCf1ap35hXMBq6CGRDJ
6xy/UNAWaTmAeaBdz5fM1Lv+T7cAbqqr9Hc72qjXHpLWplVfnoNAuy6GMh10Z/qj
TjD+ZP3pRKtRDg/TwYooSMNcqqw/+JxRhx82P7dWQx1F9gp+uCDh39ai11LLLZDg
xgM41gchwZrdV/SOxhjrWjhnVcZYwUkLfL6DnsvLfUNxvo2v8p02qX9fi/I1UEth
BlSsvagOvmEQEIDv+zVIOE+PzYfrF3tr8Yix5JygB4h3zqNGp9f9rPuy8BTSRn/H
Sc367b0DYsvZ7WT2YZlbWs3ng+V0itC6DA43Ywi5BVUeNkveGsc62/Pe7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEVtwD+mrn7Ajq+7w23b2vNv50qEMB8GA1UdIwQY
MBaAFPx9Srd2Grok8z1bbfvCfKtzi7XuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0gxS3QzWWF1aVR6UFZ0dC04SjhxM09MdGU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8wMjg3Y2YtODUzYi00NTE2LTlmMDYt
NDUyZWMzYTk1ODhiLzEvUlczQVA2YXVmc0NPcjd2RGJkdmE4Ml9uU29RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8wMjg3Y2YtODUzYi00NTE2LTlmMDYtNDUyZWMzYTk1ODhi
LzEvX0gxS3QzWWF1aVR6UFZ0dC04SjhxM09MdGU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQFtMA8E
AgACMAkDBwAgAQf4AMMwDQYJKoZIhvcNAQELBQADggEBAMEQXerlxrUIe8ijp/Cc
cUrFyLSrYP7tC29xdZP4POUY6dvdYZ6CbaZZyWbnyAmuPv1zJm7hh5KnGFfl1uYE
oJUxRVA9S/cvbA+YYawHHTajY+yAGPaDd9wJcx0eAVBz1mawLnPF7C+pkBtq2yVF
oU1BbYOR1AT4vDPNg+RJvI0OS/CmsVrbZBEQHqpXIvqWExcL4a8ZaVmrkdjzV1Xa
WZjGqYMD1GxwNrGut1rekPYcmZf5EeVUU/bZe7BY6HNcDC3+KhWFAiCssuXHVdw7
vccjJl8ElUQci7sPE/ydHQKr1IGjFFXiK/XX7pxed9osSwMW/gXIPOpnbEOtyXM0
z9s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:25 2024 by rpki-client on console-ams.rpki-client.org