Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/gWlbN8a-tX0DZRiO2txlfj9x2LY.roa
File:                     gWlbN8a-tX0DZRiO2txlfj9x2LY.roa (raw, json)
Hash identifier:          qxfru7m+6gYQlC/w0tY4x21Eo4v8bCZ0o1DeybCfEUA=
Subject key identifier:   81:69:5B:37:C6:BE:B5:7D:03:65:18:8E:DA:DC:65:7E:3F:71:D8:B6
Certificate issuer:       /CN=d38cd9440552e7dab9cd5631d4ab872451535b7a
Certificate serial:       0188725FA98EE70DB9FA057764882C62AC90
Authority key identifier: D3:8C:D9:44:05:52:E7:DA:B9:CD:56:31:D4:AB:87:24:51:53:5B:7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/04zZRAVS59q5zVYx1KuHJFFTW3o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/gWlbN8a-tX0DZRiO2txlfj9x2LY.roa
Signing time:             Wed 31 May 2023 15:14:11 +0000
ROA not before:           Wed 31 May 2023 15:14:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.180.144.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 30 Jun 2023 03:18:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:72:5f:a9:8e:e7:0d:b9:fa:05:77:64:88:2c:62:ac:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d38cd9440552e7dab9cd5631d4ab872451535b7a
        Validity
            Not Before: May 31 15:14:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=81695b37c6beb57d0365188edadc657e3f71d8b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:8a:e1:98:62:14:7e:16:5d:34:e8:b0:a0:76:
                    22:33:72:03:f6:ef:80:f6:2d:55:27:02:53:b5:55:
                    72:3c:e2:92:1e:29:19:11:1f:49:66:84:ea:5c:ab:
                    87:66:f5:ef:d0:c0:ce:ec:5f:f7:fd:7b:43:22:4d:
                    3f:e6:13:ae:dd:1d:11:54:f5:41:d8:4c:a9:56:97:
                    27:d9:ba:06:e9:2a:0a:d7:dd:28:c5:b2:dc:9f:f8:
                    84:36:20:67:cd:cc:26:00:5c:18:a8:ef:00:91:b8:
                    84:8c:e5:c8:4f:17:ec:ed:ed:33:17:35:ee:15:81:
                    bc:15:c0:cd:6e:77:3e:6e:25:2d:6c:37:1e:c0:9b:
                    17:bd:17:a4:37:76:54:54:41:a1:2a:1a:79:a4:e0:
                    af:24:e1:08:a3:e9:eb:4d:87:16:9b:21:46:fc:a9:
                    b2:49:60:99:63:3d:67:a5:4d:68:21:51:7f:c3:48:
                    a0:4b:a0:a3:cc:bd:1e:18:a5:27:2c:dc:8d:48:ee:
                    90:75:b1:10:b1:49:84:dc:dc:02:fc:31:de:f7:26:
                    df:18:9b:e0:03:2c:33:5d:c5:80:69:71:f9:d1:90:
                    e4:ef:5d:36:ae:f8:48:d3:82:08:fb:af:d3:42:f4:
                    99:5a:f9:42:41:d1:2a:49:3b:9b:0f:e1:95:82:1a:
                    f3:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:69:5B:37:C6:BE:B5:7D:03:65:18:8E:DA:DC:65:7E:3F:71:D8:B6
            X509v3 Authority Key Identifier:
                keyid:D3:8C:D9:44:05:52:E7:DA:B9:CD:56:31:D4:AB:87:24:51:53:5B:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04zZRAVS59q5zVYx1KuHJFFTW3o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/gWlbN8a-tX0DZRiO2txlfj9x2LY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/4c3160-de12-4929-a483-7c65a852f092/1/04zZRAVS59q5zVYx1KuHJFFTW3o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.180.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:a7:bd:dc:56:e6:1b:ca:43:25:9b:e1:2d:52:07:e5:f6:48:
         f2:7b:bc:08:93:ac:6b:1b:e8:d9:94:d5:17:ac:52:78:ad:c5:
         23:22:26:62:62:7c:f0:ef:63:0e:0e:2c:8e:09:ff:1c:74:51:
         03:72:c7:bd:ab:c2:63:aa:e0:8d:3b:05:1c:28:ce:53:fa:8f:
         7c:f3:f7:89:76:56:8d:d4:6e:05:57:cd:4b:1b:df:c9:3b:dd:
         f5:09:c0:20:ba:09:ec:46:33:0c:10:83:a4:b3:d6:ce:fe:4d:
         30:44:6a:ea:75:37:fb:51:69:2f:c6:5f:39:6b:48:fb:7d:2e:
         85:98:ce:13:ab:43:78:a4:6f:14:24:26:88:b8:59:9c:f7:8f:
         4f:bc:e7:71:ab:13:7e:bf:5f:a9:64:72:fe:44:8d:a1:70:d4:
         91:4c:1f:5b:88:0a:69:3a:7f:59:0c:35:95:2a:75:79:c9:de:
         ab:e0:fe:d0:0d:f8:b1:4a:7e:03:a7:b2:de:85:1c:1b:04:f3:
         56:40:93:bf:79:82:3d:50:27:c2:97:34:bc:ee:54:64:72:d4:
         5d:1a:90:08:05:5b:9c:bf:a3:5e:96:35:e0:00:76:e3:bb:45:
         70:50:d4:8a:54:4e:a2:db:e1:70:a7:88:e1:c5:39:7e:a0:15:
         00:ea:8d:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhyX6mO5w25+gV3ZIgsYqyQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzOGNkOTQ0MDU1MmU3ZGFiOWNkNTYzMWQ0YWI4NzI0NTE1
MzViN2EwHhcNMjMwNTMxMTUxNDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTY5NWIzN2M2YmViNTdkMDM2NTE4OGVkYWRjNjU3ZTNmNzFkOGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4rhmGIUfhZdNOiwoHYiM3ID9u+A
9i1VJwJTtVVyPOKSHikZER9JZoTqXKuHZvXv0MDO7F/3/XtDIk0/5hOu3R0RVPVB
2EypVpcn2boG6SoK190oxbLcn/iENiBnzcwmAFwYqO8AkbiEjOXITxfs7e0zFzXu
FYG8FcDNbnc+biUtbDcewJsXvRekN3ZUVEGhKhp5pOCvJOEIo+nrTYcWmyFG/Kmy
SWCZYz1npU1oIVF/w0igS6CjzL0eGKUnLNyNSO6QdbEQsUmE3NwC/DHe9ybfGJvg
AywzXcWAaXH50ZDk7102rvhI04II+6/TQvSZWvlCQdEqSTubD+GVghrzrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIFpWzfGvrV9A2UYjtrcZX4/cdi2MB8GA1UdIwQY
MBaAFNOM2UQFUufauc1WMdSrhyRRU1t6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDR6WlJBVlM1OXE1elZZeDFLdUhKRkZUVzNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi80YzMxNjAtZGUxMi00OTI5LWE0ODMt
N2M2NWE4NTJmMDkyLzEvZ1dsYk44YS10WDBEWlJpTzJ0eGxmajl4MkxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi80YzMxNjAtZGUxMi00OTI5LWE0ODMtN2M2NWE4NTJmMDky
LzEvMDR6WlJBVlM1OXE1elZZeDFLdUhKRkZUVzNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubSQMA0G
CSqGSIb3DQEBCwUAA4IBAQCVp73cVuYbykMlm+EtUgfl9kjye7wIk6xrG+jZlNUX
rFJ4rcUjIiZiYnzw72MODiyOCf8cdFEDcse9q8JjquCNOwUcKM5T+o988/eJdlaN
1G4FV81LG9/JO931CcAgugnsRjMMEIOks9bO/k0wRGrqdTf7UWkvxl85a0j7fS6F
mM4Tq0N4pG8UJCaIuFmc949PvOdxqxN+v1+pZHL+RI2hcNSRTB9biAppOn9ZDDWV
KnV5yd6r4P7QDfixSn4Dp7LehRwbBPNWQJO/eYI9UCfClzS87lRkctRdGpAIBVuc
v6NeljXgAHbju0VwUNSKVE6i2+Fwp4jhxTl+oBUA6o2a
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:47 2024 by rpki-client on console-ams.rpki-client.org