Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/2fc167-b357-4394-b4e8-c825be2813bc/1/3ZBOIzzUIQDccw3IJkhaWLjWhg8.roa
File:                     3ZBOIzzUIQDccw3IJkhaWLjWhg8.roa (raw, json)
Hash identifier:          nwmcMseqU0Eu77FQFqO/ueM0DntHyVBaP/5Czgk4VsI=
Subject key identifier:   DD:90:4E:23:3C:D4:21:00:DC:73:0D:C8:26:48:5A:58:B8:D6:86:0F
Certificate issuer:       /CN=0b84ea549f88211058b34bfcab0640c3030393c3
Certificate serial:       01856EF42C0D1EB001778D8B292AFE9A85E1
Authority key identifier: 0B:84:EA:54:9F:88:21:10:58:B3:4B:FC:AB:06:40:C3:03:03:93:C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C4TqVJ-IIRBYs0v8qwZAwwMDk8M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/2fc167-b357-4394-b4e8-c825be2813bc/1/3ZBOIzzUIQDccw3IJkhaWLjWhg8.roa
Signing time:             Sun 01 Jan 2023 20:09:33 +0000
ROA not before:           Sun 01 Jan 2023 20:09:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203408
IP address blocks:        185.237.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 19 Jun 2023 11:57:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:f4:2c:0d:1e:b0:01:77:8d:8b:29:2a:fe:9a:85:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b84ea549f88211058b34bfcab0640c3030393c3
        Validity
            Not Before: Jan  1 20:09:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dd904e233cd42100dc730dc826485a58b8d6860f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:ea:5c:d5:80:ab:db:50:8b:c8:02:9a:48:e0:
                    e5:d6:5e:12:e1:89:04:d5:dd:66:60:e6:c6:3e:92:
                    c8:a1:5f:f8:2c:f7:86:8d:d0:7e:86:64:c5:2e:74:
                    11:75:d7:5e:29:f3:d3:b6:72:b5:db:6a:cb:28:10:
                    99:b4:b1:de:70:b2:04:39:4e:a1:25:c7:b4:f9:18:
                    cf:56:03:6a:1f:c6:7e:c8:38:6f:e2:c1:06:17:fe:
                    5f:8b:1a:58:70:43:82:cb:c0:a8:6c:ed:a3:76:bc:
                    fc:08:e5:e4:5f:13:57:75:e3:1f:66:95:18:a0:54:
                    8b:a5:c8:93:e8:b0:8a:91:06:6a:e8:50:0a:aa:e7:
                    f0:f5:fb:ae:b8:94:6d:99:7e:9e:dc:47:50:11:99:
                    81:6b:0b:75:d1:b2:8e:84:84:07:fe:62:b3:6d:94:
                    44:e8:d5:67:ec:c1:69:34:03:95:47:81:bc:0b:17:
                    a3:3c:81:ed:f8:2b:59:02:0d:9e:fd:e7:79:c5:99:
                    15:59:5d:de:8e:1d:b3:fa:87:7e:c1:d8:99:a8:b8:
                    4f:59:3f:08:ef:63:10:4b:c3:3c:43:29:ea:3a:2c:
                    d0:b1:c5:d9:80:dc:a5:72:cf:5a:7a:c8:b8:fa:39:
                    41:1e:bc:88:05:0a:35:60:e4:ca:4e:b6:45:e0:40:
                    33:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:90:4E:23:3C:D4:21:00:DC:73:0D:C8:26:48:5A:58:B8:D6:86:0F
            X509v3 Authority Key Identifier:
                keyid:0B:84:EA:54:9F:88:21:10:58:B3:4B:FC:AB:06:40:C3:03:03:93:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C4TqVJ-IIRBYs0v8qwZAwwMDk8M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/2fc167-b357-4394-b4e8-c825be2813bc/1/3ZBOIzzUIQDccw3IJkhaWLjWhg8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/2fc167-b357-4394-b4e8-c825be2813bc/1/C4TqVJ-IIRBYs0v8qwZAwwMDk8M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.237.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:29:ed:e2:99:a2:fe:42:9d:d5:1d:23:e5:48:05:0b:82:37:
         ba:25:33:f7:b2:2e:72:fe:62:3c:02:0e:ce:c7:13:5b:57:6f:
         8d:5d:17:dc:08:ab:55:d1:47:19:68:fd:06:85:bb:54:71:6b:
         79:91:ae:be:76:6e:e9:21:ad:4c:8c:67:e2:5e:6a:2e:35:dc:
         27:53:f6:eb:b8:ed:c7:e1:53:db:d1:1a:3e:1d:62:09:b1:48:
         0a:ed:94:8d:36:96:55:73:ee:0b:ec:81:b4:8c:d6:22:45:ee:
         7b:1b:c7:40:3f:17:11:c3:42:f3:26:c6:aa:96:7e:37:e4:c5:
         6d:62:4f:a0:cc:a5:d8:a5:03:48:3c:3d:f1:8d:56:38:ee:c4:
         c7:df:f3:c7:2c:b6:ce:1a:f4:9b:0c:76:98:44:63:f9:9e:4c:
         e3:94:56:7f:04:10:b5:ac:72:d4:ea:db:49:c6:82:1e:53:84:
         19:d0:02:79:1b:c1:00:3c:0a:4d:aa:83:1f:b8:dd:fc:4a:56:
         2e:34:61:a8:be:e5:b9:b3:8b:5e:a9:45:7d:60:9f:5e:ba:d6:
         b3:73:20:75:06:6a:17:04:05:ab:49:05:7e:34:7c:d1:4d:32:
         50:88:8d:2c:b5:1c:f2:04:5a:92:34:13:14:a0:bc:70:0b:93:
         6a:c4:7f:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu9CwNHrABd42LKSr+moXhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiODRlYTU0OWY4ODIxMTA1OGIzNGJmY2FiMDY0MGMzMDMw
MzkzYzMwHhcNMjMwMTAxMjAwOTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDkwNGUyMzNjZDQyMTAwZGM3MzBkYzgyNjQ4NWE1OGI4ZDY4NjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqupc1YCr21CLyAKaSODl1l4S4YkE
1d1mYObGPpLIoV/4LPeGjdB+hmTFLnQRdddeKfPTtnK122rLKBCZtLHecLIEOU6h
Jce0+RjPVgNqH8Z+yDhv4sEGF/5fixpYcEOCy8CobO2jdrz8COXkXxNXdeMfZpUY
oFSLpciT6LCKkQZq6FAKqufw9fuuuJRtmX6e3EdQEZmBawt10bKOhIQH/mKzbZRE
6NVn7MFpNAOVR4G8CxejPIHt+CtZAg2e/ed5xZkVWV3ejh2z+od+wdiZqLhPWT8I
72MQS8M8QynqOizQscXZgNylcs9aesi4+jlBHryIBQo1YOTKTrZF4EAzAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN2QTiM81CEA3HMNyCZIWli41oYPMB8GA1UdIwQY
MBaAFAuE6lSfiCEQWLNL/KsGQMMDA5PDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzRUcVZKLUlJUkJZczB2OHF3WkF3d01EazhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yZmMxNjctYjM1Ny00Mzk0LWI0ZTgt
YzgyNWJlMjgxM2JjLzEvM1pCT0l6elVJUURjY3czSUpraGFXTGpXaGc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yZmMxNjctYjM1Ny00Mzk0LWI0ZTgtYzgyNWJlMjgxM2Jj
LzEvQzRUcVZKLUlJUkJZczB2OHF3WkF3d01EazhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue2hMA0G
CSqGSIb3DQEBCwUAA4IBAQAxKe3imaL+Qp3VHSPlSAULgje6JTP3si5y/mI8Ag7O
xxNbV2+NXRfcCKtV0UcZaP0GhbtUcWt5ka6+dm7pIa1MjGfiXmouNdwnU/bruO3H
4VPb0Ro+HWIJsUgK7ZSNNpZVc+4L7IG0jNYiRe57G8dAPxcRw0LzJsaqln435MVt
Yk+gzKXYpQNIPD3xjVY47sTH3/PHLLbOGvSbDHaYRGP5nkzjlFZ/BBC1rHLU6ttJ
xoIeU4QZ0AJ5G8EAPApNqoMfuN38SlYuNGGovuW5s4teqUV9YJ9eutazcyB1BmoX
BAWrSQV+NHzRTTJQiI0stRzyBFqSNBMUoLxwC5NqxH+5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:02 2024 by rpki-client on console-fra.rpki-client.org