Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/3ZuPkkcy9kyKqG8vttOPHmyJSc0.roa
File:                     3ZuPkkcy9kyKqG8vttOPHmyJSc0.roa (raw, json)
Hash identifier:          /RfjGJZxUrSEGUOjSKVGKoyakI1xGcmGEidQbyBjrCI=
Subject key identifier:   DD:9B:8F:92:47:32:F6:4C:8A:A8:6F:2F:B6:D3:8F:1E:6C:89:49:CD
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       0185708CE1AAE12CC3F1B1F1CB92FE65406B
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/3ZuPkkcy9kyKqG8vttOPHmyJSc0.roa
Signing time:             Mon 02 Jan 2023 03:35:59 +0000
ROA not before:           Mon 02 Jan 2023 03:35:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56815
IP address blocks:        185.140.240.0/24 maxlen: 24
                          185.140.243.0/24 maxlen: 24
                          185.140.242.0/24 maxlen: 24
                          185.140.241.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:31:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:8c:e1:aa:e1:2c:c3:f1:b1:f1:cb:92:fe:65:40:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Jan  2 03:35:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dd9b8f924732f64c8aa86f2fb6d38f1e6c8949cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:f0:41:3d:75:fc:bb:50:bb:5c:6f:f6:74:04:
                    9e:0e:c4:9f:a3:f3:c5:88:96:ce:4d:5e:12:7c:6c:
                    25:ed:44:d5:5a:cf:1a:bc:38:d8:3a:55:83:e5:70:
                    ef:85:4e:53:ee:78:70:25:cf:70:eb:b9:d2:fe:fb:
                    5f:8b:0c:a5:67:dd:9e:08:26:ae:2e:2e:73:94:59:
                    fa:fd:ba:83:df:0a:51:9b:01:5f:a9:cf:a6:05:87:
                    02:4d:21:2b:e0:03:48:d7:f7:d9:4b:de:02:25:e2:
                    a6:5a:a9:4e:ed:ca:ef:21:ae:6c:f1:b5:59:2a:9e:
                    14:61:6a:9b:2c:f8:eb:a7:cb:47:f0:31:70:3b:18:
                    5b:11:1b:aa:60:07:29:45:f9:0a:7b:4e:a4:4b:88:
                    41:4a:a2:8d:cc:fd:ec:13:b3:53:c3:eb:03:22:6c:
                    ff:5d:ac:44:70:d9:5b:ad:98:9b:73:b5:b7:23:d8:
                    c3:85:4c:7c:ab:3d:66:83:eb:80:22:f5:dd:9c:91:
                    a6:07:4f:a6:24:aa:51:fe:3d:3c:3e:24:e6:2c:34:
                    2c:a1:f0:5c:60:0b:4e:a7:00:a9:e7:f5:89:bf:36:
                    f3:39:1d:52:33:97:77:25:31:47:ad:a4:8a:8f:a4:
                    45:f1:dc:92:4f:2a:20:51:e3:40:6f:38:66:3e:af:
                    11:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:9B:8F:92:47:32:F6:4C:8A:A8:6F:2F:B6:D3:8F:1E:6C:89:49:CD
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/3ZuPkkcy9kyKqG8vttOPHmyJSc0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.140.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         25:aa:5b:c0:08:41:f5:50:32:61:38:ec:c4:27:0c:33:8d:71:
         1d:0f:db:ba:1b:74:fb:f3:7f:60:7b:21:7c:fe:0c:74:80:56:
         1d:5b:f4:30:c6:9c:c2:fa:35:ba:04:58:00:34:bd:50:cc:60:
         75:93:a1:f4:c7:b1:2e:7b:73:ad:b9:5e:4e:10:ca:6e:24:15:
         76:b0:3e:24:6a:f5:ca:8e:e0:f7:97:d6:c8:d0:32:90:b7:68:
         6e:45:f2:ee:24:37:64:9b:cd:5c:b7:2f:c8:1a:df:92:73:b6:
         df:bc:d9:7f:6d:1a:d6:e0:55:0a:52:e2:dd:15:b0:65:30:62:
         4e:58:3e:58:fb:dd:db:f2:ca:a7:4f:bb:01:68:40:71:3f:64:
         45:15:85:78:2d:7e:3b:b0:0b:82:b7:15:08:19:0d:85:76:24:
         03:79:2b:92:41:3d:1d:72:dd:c3:26:6d:de:04:2b:f9:8c:f9:
         e5:81:37:dd:d6:d8:2f:f2:ac:5c:f2:8a:54:ec:19:ce:dd:35:
         2e:f1:d4:33:18:3f:13:cb:38:57:dc:03:97:25:45:ce:58:79:
         49:57:87:32:b2:0a:8e:e3:3c:5a:4f:f4:cc:b6:da:df:80:d7:
         cf:55:f2:40:cd:e9:7d:74:45:f8:b7:e1:6d:33:05:ed:00:41:
         67:5d:45:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjOGq4SzD8bHxy5L+ZUBrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwMTAyMDMzNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDliOGY5MjQ3MzJmNjRjOGFhODZmMmZiNmQzOGYxZTZjODk0OWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifBBPXX8u1C7XG/2dASeDsSfo/PF
iJbOTV4SfGwl7UTVWs8avDjYOlWD5XDvhU5T7nhwJc9w67nS/vtfiwylZ92eCCau
Li5zlFn6/bqD3wpRmwFfqc+mBYcCTSEr4ANI1/fZS94CJeKmWqlO7crvIa5s8bVZ
Kp4UYWqbLPjrp8tH8DFwOxhbERuqYAcpRfkKe06kS4hBSqKNzP3sE7NTw+sDImz/
XaxEcNlbrZibc7W3I9jDhUx8qz1mg+uAIvXdnJGmB0+mJKpR/j08PiTmLDQsofBc
YAtOpwCp5/WJvzbzOR1SM5d3JTFHraSKj6RF8dySTyogUeNAbzhmPq8RPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN2bj5JHMvZMiqhvL7bTjx5siUnNMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvM1p1UGtrY3k5a3lLcUc4dnR0T1BIbXlKU2MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYzwMA0G
CSqGSIb3DQEBCwUAA4IBAQAlqlvACEH1UDJhOOzEJwwzjXEdD9u6G3T7839geyF8
/gx0gFYdW/QwxpzC+jW6BFgANL1QzGB1k6H0x7Eue3OtuV5OEMpuJBV2sD4kavXK
juD3l9bI0DKQt2huRfLuJDdkm81cty/IGt+Sc7bfvNl/bRrW4FUKUuLdFbBlMGJO
WD5Y+93b8sqnT7sBaEBxP2RFFYV4LX47sAuCtxUIGQ2FdiQDeSuSQT0dct3DJm3e
BCv5jPnlgTfd1tgv8qxc8opU7BnO3TUu8dQzGD8TyzhX3AOXJUXOWHlJV4cysgqO
4zxaT/TMttrfgNfPVfJAzel9dEX4t+FtMwXtAEFnXUXh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:18 2024 by rpki-client on console-ams.rpki-client.org