Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/pvgQ1ZEJDvx1V507B676XSPYUwo.roa
File:                     pvgQ1ZEJDvx1V507B676XSPYUwo.roa (raw, json)
Hash identifier:          z0Xyxms42/5AGxo3m8GZrHx78RtC65ArNfXeFZJjA4g=
Subject key identifier:   A6:F8:10:D5:91:09:0E:FC:75:57:9D:3B:07:AE:FA:5D:23:D8:53:0A
Certificate issuer:       /CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
Certificate serial:       018A6453BF3A0FBEC437D6BEE20EAA849B8E
Authority key identifier: DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/pvgQ1ZEJDvx1V507B676XSPYUwo.roa
Signing time:             Tue 05 Sep 2023 07:52:04 +0000
ROA not before:           Tue 05 Sep 2023 07:52:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216361
IP address blocks:        185.255.4.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 12 Sep 2023 04:15:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:64:53:bf:3a:0f:be:c4:37:d6:be:e2:0e:aa:84:9b:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
        Validity
            Not Before: Sep  5 07:52:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a6f810d591090efc75579d3b07aefa5d23d8530a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:1b:bb:fa:0f:62:71:f0:f7:b0:22:44:54:3c:
                    c4:b0:b2:19:98:c7:88:5d:94:56:50:cb:93:27:c4:
                    5b:af:11:64:d2:0a:ca:d1:e3:7c:78:4c:fd:c7:5a:
                    aa:c8:e4:44:e6:04:61:69:92:ee:74:49:4c:24:b8:
                    70:e3:c3:69:d3:f0:d0:2d:99:22:26:2c:d8:9e:90:
                    75:78:72:52:9a:e4:bc:06:ca:db:c5:15:e0:e4:d0:
                    ed:93:15:85:38:10:32:81:7a:ac:96:b1:59:37:4a:
                    65:77:28:fd:4e:b5:22:98:80:a7:5f:99:47:ad:e2:
                    39:40:1d:43:a4:05:e1:43:ae:41:c7:ed:48:dc:de:
                    58:70:85:ef:ea:e9:96:94:2c:1a:ba:5e:8e:e9:4d:
                    d5:92:49:d7:1e:71:de:b3:ff:e1:eb:f7:a6:ad:90:
                    ff:05:be:35:9c:87:55:85:d3:61:ea:16:57:f5:2e:
                    4c:84:1f:f0:84:cd:be:72:4d:3d:38:c8:5e:b6:ed:
                    25:a9:cf:ce:07:89:9c:a5:37:c4:ce:ea:01:c1:95:
                    a2:6d:40:ba:ac:49:1d:8a:3b:5a:ab:cb:50:7c:5a:
                    00:75:cb:37:e6:18:f1:f6:4b:07:e6:66:9b:4f:2d:
                    3d:c6:f2:a1:62:f1:6a:97:a5:29:4b:d5:43:b7:e4:
                    3f:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:F8:10:D5:91:09:0E:FC:75:57:9D:3B:07:AE:FA:5D:23:D8:53:0A
            X509v3 Authority Key Identifier:
                keyid:DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/pvgQ1ZEJDvx1V507B676XSPYUwo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/3_JHJt8-d_b0yOBDZhOzURDurzg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.255.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:54:de:ba:ba:f3:fe:99:3b:ad:04:4c:9f:16:0b:49:6e:10:
         7a:42:d7:8f:c5:5a:b4:a2:5b:a1:a2:05:fe:c3:c6:88:03:5c:
         c9:37:27:ed:ed:b9:01:4f:20:27:76:89:4d:75:4b:9c:a7:7e:
         ba:90:42:b4:41:15:cd:a6:75:0d:ff:e3:cc:29:41:2d:1e:54:
         c0:6c:40:0c:93:c3:a3:a2:d7:ee:57:81:ac:fa:ab:6f:10:4a:
         72:45:4c:40:aa:d8:9f:42:24:77:bb:5f:44:0f:d6:7c:2f:6e:
         46:e6:66:14:c7:c5:de:da:68:2b:cf:8e:c9:43:da:bb:26:8e:
         9c:d8:1a:c1:26:34:01:6c:d8:33:95:f4:d2:7b:be:92:86:8d:
         97:4e:2c:de:99:fb:32:f0:f5:67:d9:c2:13:ab:aa:fb:1f:94:
         6e:7d:12:6f:af:1b:7c:31:ba:4b:42:6f:84:e4:3f:ad:f1:24:
         80:f6:3f:93:39:7d:8c:48:19:4c:f5:bf:d2:75:04:71:f0:91:
         30:af:50:1b:2b:7d:17:d7:52:2b:ff:51:43:63:e0:6a:c3:c6:
         e4:33:1b:91:94:9c:23:2c:94:67:4c:93:e7:ec:a3:da:1d:36:
         90:b0:9f:22:90:40:df:36:b1:a9:d1:fe:4e:5c:a5:d1:9d:5d:
         76:ba:ba:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpkU786D77EN9a+4g6qhJuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZjI0NzI2ZGYzZTc3ZjZmNGM4ZTA0MzY2MTNiMzUxMTBl
ZWFmMzgwHhcNMjMwOTA1MDc1MjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmY4MTBkNTkxMDkwZWZjNzU1NzlkM2IwN2FlZmE1ZDIzZDg1MzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxu7+g9icfD3sCJEVDzEsLIZmMeI
XZRWUMuTJ8RbrxFk0grK0eN8eEz9x1qqyORE5gRhaZLudElMJLhw48Np0/DQLZki
JizYnpB1eHJSmuS8BsrbxRXg5NDtkxWFOBAygXqslrFZN0pldyj9TrUimICnX5lH
reI5QB1DpAXhQ65Bx+1I3N5YcIXv6umWlCwaul6O6U3VkknXHnHes//h6/emrZD/
Bb41nIdVhdNh6hZX9S5MhB/whM2+ck09OMhetu0lqc/OB4mcpTfEzuoBwZWibUC6
rEkdijtaq8tQfFoAdcs35hjx9ksH5mabTy09xvKhYvFql6UpS9VDt+Q/JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKb4ENWRCQ78dVedOweu+l0j2FMKMB8GA1UdIwQY
MBaAFN/yRybfPnf29MjgQ2YTs1EQ7q84MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzct
NjJiYjZkNjNlNTlkLzEvcHZnUTFaRUpEdngxVjUwN0I2NzZYU1BZVXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzctNjJiYjZkNjNlNTlk
LzEvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf8EMA0G
CSqGSIb3DQEBCwUAA4IBAQCRVN66uvP+mTutBEyfFgtJbhB6QtePxVq0oluhogX+
w8aIA1zJNyft7bkBTyAndolNdUucp366kEK0QRXNpnUN/+PMKUEtHlTAbEAMk8Oj
otfuV4Gs+qtvEEpyRUxAqtifQiR3u19ED9Z8L25G5mYUx8Xe2mgrz47JQ9q7Jo6c
2BrBJjQBbNgzlfTSe76Sho2XTizemfsy8PVn2cITq6r7H5RufRJvrxt8MbpLQm+E
5D+t8SSA9j+TOX2MSBlM9b/SdQRx8JEwr1AbK30X11Ir/1FDY+Bqw8bkMxuRlJwj
LJRnTJPn7KPaHTaQsJ8ikEDfNrGp0f5OXKXRnV12uroS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:35 2024 by rpki-client on console-fra.rpki-client.org