Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/ef3e43-7bf7-404f-a9a3-b3e9255d2b3e/1/k1HA1-pwEXXeU0zPcj-dTiYfU34.roa
File:                     k1HA1-pwEXXeU0zPcj-dTiYfU34.roa (raw, json)
Hash identifier:          l7QA8dOEtcL736++v6MeiAX/4pb2aWgF+VDGLkKMsYA=
Subject key identifier:   93:51:C0:D7:EA:70:11:75:DE:53:4C:CF:72:3F:9D:4E:26:1F:53:7E
Certificate issuer:       /CN=b8d5b3d379d21162e2b522c43801fb9603988245
Certificate serial:       018570F08C4827133E1752454B7C7ECE5A39
Authority key identifier: B8:D5:B3:D3:79:D2:11:62:E2:B5:22:C4:38:01:FB:96:03:98:82:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uNWz03nSEWLitSLEOAH7lgOYgkU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/ef3e43-7bf7-404f-a9a3-b3e9255d2b3e/1/k1HA1-pwEXXeU0zPcj-dTiYfU34.roa
Signing time:             Mon 02 Jan 2023 05:24:50 +0000
ROA not before:           Mon 02 Jan 2023 05:24:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211732
IP address blocks:        185.243.128.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:f0:8c:48:27:13:3e:17:52:45:4b:7c:7e:ce:5a:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8d5b3d379d21162e2b522c43801fb9603988245
        Validity
            Not Before: Jan  2 05:24:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9351c0d7ea701175de534ccf723f9d4e261f537e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:4b:ed:02:a7:e5:c4:6a:c7:7c:66:34:46:12:
                    1a:4a:f2:73:32:05:09:b5:32:53:6b:aa:84:c8:4f:
                    6f:0e:b6:82:77:18:bc:9d:86:2f:82:3f:90:96:96:
                    ee:11:55:d9:cf:3c:8b:07:a3:28:0d:10:22:71:5e:
                    e4:3b:50:1f:fe:80:d9:a6:44:d6:b9:33:6d:47:f1:
                    d9:39:a4:05:e5:0c:e1:ac:03:ee:72:cd:37:87:a4:
                    78:21:ca:09:46:6c:65:36:8c:61:34:af:38:85:52:
                    02:dd:ba:c1:7b:cc:0d:b7:a1:df:73:63:e3:d4:72:
                    d8:86:f8:45:3e:8e:b5:1a:b4:b9:33:37:4f:5a:d8:
                    a5:22:48:ec:a0:4a:54:70:14:9c:cd:5f:bc:47:5b:
                    6f:67:03:ad:bc:85:d5:35:ca:2a:d1:78:c6:72:29:
                    3b:ce:c5:a2:9b:53:4a:d6:1a:04:1c:72:4d:e4:b4:
                    3d:81:1f:cc:07:51:4c:23:e8:50:3a:4f:8d:50:09:
                    69:37:cc:f2:36:ea:8a:2f:7a:28:2b:05:c1:f5:b3:
                    3b:96:91:27:5d:3f:a5:cf:b0:d9:6e:e1:99:4a:fd:
                    2c:7f:24:63:68:c1:f3:0d:db:eb:87:7c:72:67:5c:
                    7c:31:55:4a:ed:09:66:40:b9:2b:0b:04:b7:e9:22:
                    85:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:51:C0:D7:EA:70:11:75:DE:53:4C:CF:72:3F:9D:4E:26:1F:53:7E
            X509v3 Authority Key Identifier:
                keyid:B8:D5:B3:D3:79:D2:11:62:E2:B5:22:C4:38:01:FB:96:03:98:82:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uNWz03nSEWLitSLEOAH7lgOYgkU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/ef3e43-7bf7-404f-a9a3-b3e9255d2b3e/1/k1HA1-pwEXXeU0zPcj-dTiYfU34.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/ef3e43-7bf7-404f-a9a3-b3e9255d2b3e/1/uNWz03nSEWLitSLEOAH7lgOYgkU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.243.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:36:78:8d:d4:24:4c:af:e7:f6:5b:f4:8c:d1:a6:a3:7b:c9:
         2c:71:39:1d:ce:08:a9:95:f4:91:4b:fe:49:ed:68:77:0d:6b:
         a5:23:f6:9d:85:e9:a5:4b:88:7e:13:cf:01:b1:71:af:63:c6:
         f9:e9:af:56:ee:fb:f0:36:fa:ef:73:c7:84:c4:4e:8b:54:64:
         50:b6:e6:d3:14:c8:19:67:82:38:4f:47:fe:c6:1f:15:27:04:
         ee:46:91:7d:9a:64:04:3e:29:b0:5e:17:1a:93:5a:50:14:68:
         c7:a5:8b:33:91:53:8c:99:27:be:57:5b:eb:d1:13:27:e0:af:
         f9:8d:f7:a4:25:83:3e:b4:7e:7b:df:80:6b:ff:23:84:0b:fa:
         73:ab:95:7b:92:9b:67:f6:b4:d0:1e:f2:34:28:f4:92:36:eb:
         36:e3:39:e1:b7:78:a3:19:45:ec:6c:49:c0:71:fa:39:17:75:
         08:93:e0:53:58:cd:d5:44:cf:02:a5:d0:2b:91:7d:02:ce:24:
         62:95:eb:b6:e6:8d:5b:54:fa:7f:db:20:41:86:c5:fe:ad:1d:
         69:d8:d8:08:7f:70:73:8d:cb:e1:d5:c3:0e:4e:92:9d:4e:82:
         1f:58:b9:b5:09:f7:5a:3f:e9:d2:0c:46:bb:9e:7a:1d:24:cf:
         2b:8a:2e:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw8IxIJxM+F1JFS3x+zlo5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZDViM2QzNzlkMjExNjJlMmI1MjJjNDM4MDFmYjk2MDM5
ODgyNDUwHhcNMjMwMTAyMDUyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzUxYzBkN2VhNzAxMTc1ZGU1MzRjY2Y3MjNmOWQ0ZTI2MWY1MzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UvtAqflxGrHfGY0RhIaSvJzMgUJ
tTJTa6qEyE9vDraCdxi8nYYvgj+QlpbuEVXZzzyLB6MoDRAicV7kO1Af/oDZpkTW
uTNtR/HZOaQF5QzhrAPucs03h6R4IcoJRmxlNoxhNK84hVIC3brBe8wNt6Hfc2Pj
1HLYhvhFPo61GrS5MzdPWtilIkjsoEpUcBSczV+8R1tvZwOtvIXVNcoq0XjGcik7
zsWim1NK1hoEHHJN5LQ9gR/MB1FMI+hQOk+NUAlpN8zyNuqKL3ooKwXB9bM7lpEn
XT+lz7DZbuGZSv0sfyRjaMHzDdvrh3xyZ1x8MVVK7QlmQLkrCwS36SKFmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJNRwNfqcBF13lNMz3I/nU4mH1N+MB8GA1UdIwQY
MBaAFLjVs9N50hFi4rUixDgB+5YDmIJFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU5XejAzblNFV0xpdFNMRU9BSDdsZ09ZZ2tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lZjNlNDMtN2JmNy00MDRmLWE5YTMt
YjNlOTI1NWQyYjNlLzEvazFIQTEtcHdFWFhlVTB6UGNqLWRUaVlmVTM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lZjNlNDMtN2JmNy00MDRmLWE5YTMtYjNlOTI1NWQyYjNl
LzEvdU5XejAzblNFV0xpdFNMRU9BSDdsZ09ZZ2tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufOAMA0G
CSqGSIb3DQEBCwUAA4IBAQAdNniN1CRMr+f2W/SM0aaje8kscTkdzgiplfSRS/5J
7Wh3DWulI/adhemlS4h+E88BsXGvY8b56a9W7vvwNvrvc8eExE6LVGRQtubTFMgZ
Z4I4T0f+xh8VJwTuRpF9mmQEPimwXhcak1pQFGjHpYszkVOMmSe+V1vr0RMn4K/5
jfekJYM+tH5734Br/yOEC/pzq5V7kptn9rTQHvI0KPSSNus24znht3ijGUXsbEnA
cfo5F3UIk+BTWM3VRM8CpdArkX0CziRileu25o1bVPp/2yBBhsX+rR1p2NgIf3Bz
jcvh1cMOTpKdToIfWLm1CfdaP+nSDEa7nnodJM8rii51
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:11 2024 by rpki-client on console-fra.rpki-client.org