Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/_wCNc5mFEFXjykpaATx2NrZF5qs.roa
File:                     _wCNc5mFEFXjykpaATx2NrZF5qs.roa (raw, json)
Hash identifier:          wWsz5VbDUQnukh+Y8VReKhuAnIiSRgRcB9I7110Kd8Q=
Subject key identifier:   FF:00:8D:73:99:85:10:55:E3:CA:4A:5A:01:3C:76:36:B6:45:E6:AB
Certificate issuer:       /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial:       0188C261B7468521304D6133EE3E7F2BB8F7
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/_wCNc5mFEFXjykpaATx2NrZF5qs.roa
Signing time:             Fri 16 Jun 2023 04:06:03 +0000
ROA not before:           Fri 16 Jun 2023 04:06:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     394844
IP address blocks:        185.52.136.0/24 maxlen: 24
                          94.154.180.0/23 maxlen: 23
                          45.67.140.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:c2:61:b7:46:85:21:30:4d:61:33:ee:3e:7f:2b:b8:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
        Validity
            Not Before: Jun 16 04:06:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ff008d7399851055e3ca4a5a013c7636b645e6ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:bd:49:b7:7e:2b:ab:be:45:02:0a:67:34:96:
                    97:8d:07:63:45:3b:77:32:72:d8:fe:df:1f:35:b7:
                    df:91:e1:aa:56:ee:b7:b9:c2:6c:45:b9:4d:bb:34:
                    a9:98:7f:89:76:ff:23:f8:ef:8d:74:66:ea:5f:94:
                    56:b4:72:34:d1:8f:03:08:0c:ae:8b:5f:b1:6a:ed:
                    1e:a6:81:c6:32:da:d5:21:ed:66:af:65:c7:9c:f5:
                    30:9c:a1:81:25:7e:3c:61:4c:c6:14:ae:1d:13:2d:
                    f7:8c:54:c0:08:1e:6e:79:4d:db:ab:0d:7b:62:52:
                    5e:f7:6d:e1:71:45:85:91:fa:88:c1:a5:42:04:42:
                    e2:c7:03:42:66:6f:db:ac:87:ee:7f:08:de:48:3d:
                    93:a8:ba:b4:25:ef:dd:0d:1a:5c:48:5a:f0:47:24:
                    b3:3f:fb:0d:da:97:5a:4e:4d:d9:8d:27:66:8b:39:
                    0b:b2:6c:0f:d6:7b:ef:06:70:97:2e:f3:e8:79:4f:
                    72:cb:d4:e9:3d:97:e8:e8:d6:90:29:b3:e2:19:f5:
                    cf:e3:e2:85:09:ac:5f:03:4e:60:58:38:e5:dc:1f:
                    40:4b:bf:7c:05:ea:3f:67:8d:45:e4:b4:1a:a6:c2:
                    8a:30:84:d3:96:fb:1f:b2:c1:24:f3:54:24:46:bd:
                    e3:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:00:8D:73:99:85:10:55:E3:CA:4A:5A:01:3C:76:36:B6:45:E6:AB
            X509v3 Authority Key Identifier:
                keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/_wCNc5mFEFXjykpaATx2NrZF5qs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.140.0/24
                  94.154.180.0/23
                  185.52.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:90:44:ae:23:19:58:eb:3c:7c:f0:15:0e:e1:80:1e:2d:13:
         38:cb:71:c1:63:46:d9:c7:45:62:c7:6c:d5:37:be:02:92:cd:
         35:2a:92:31:18:0f:25:e8:a6:c7:25:c2:01:4e:2c:65:14:9d:
         c9:4d:38:4d:0d:29:78:32:7e:a9:67:b0:ae:09:42:5d:3b:67:
         82:67:1d:d2:25:ee:ef:d0:8c:6b:3b:95:23:6a:17:f5:10:fc:
         2f:fb:c4:78:c6:50:74:8d:c9:55:88:47:73:b9:55:dc:fb:2d:
         fd:77:e7:9a:ea:99:21:f1:1f:1d:6d:4a:27:91:dc:33:f4:7f:
         80:de:a3:4c:52:07:ab:c0:ee:27:d7:e6:5c:c4:fa:70:c5:9b:
         55:58:8c:20:24:22:3c:fd:e3:07:43:fd:35:fd:e3:64:86:78:
         bb:54:3d:33:4a:23:92:b0:ba:c7:44:d7:d0:9a:96:b9:86:58:
         5b:72:a6:c3:25:60:c2:f6:1e:89:4c:c0:dc:8e:6e:e1:79:42:
         0b:34:d0:60:62:f4:4a:f4:d0:ee:b6:81:a1:a6:db:d9:f4:f2:
         b0:24:0d:08:50:63:2a:90:54:a8:68:94:e8:89:75:82:48:30:
         02:10:1a:a1:c7:c8:73:8a:a8:82:04:12:a5:f7:17:7d:9a:ec:
         55:25:6a:b1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYjCYbdGhSEwTWEz7j5/K7j3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwNjE2MDQwNjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjAwOGQ3Mzk5ODUxMDU1ZTNjYTRhNWEwMTNjNzYzNmI2NDVlNmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAir1Jt34rq75FAgpnNJaXjQdjRTt3
MnLY/t8fNbffkeGqVu63ucJsRblNuzSpmH+Jdv8j+O+NdGbqX5RWtHI00Y8DCAyu
i1+xau0epoHGMtrVIe1mr2XHnPUwnKGBJX48YUzGFK4dEy33jFTACB5ueU3bqw17
YlJe923hcUWFkfqIwaVCBELixwNCZm/brIfufwjeSD2TqLq0Je/dDRpcSFrwRySz
P/sN2pdaTk3ZjSdmizkLsmwP1nvvBnCXLvPoeU9yy9TpPZfo6NaQKbPiGfXP4+KF
CaxfA05gWDjl3B9AS798Beo/Z41F5LQapsKKMITTlvsfssEk81QkRr3jzQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP8AjXOZhRBV48pKWgE8dja2RearMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvX3dDTmM1bUZFRlhqeWtwYUFUeDJOclpGNXFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALUOMAwQB
Xpq0AwQAuTSIMA0GCSqGSIb3DQEBCwUAA4IBAQBWkESuIxlY6zx88BUO4YAeLRM4
y3HBY0bZx0Vix2zVN74Cks01KpIxGA8l6KbHJcIBTixlFJ3JTThNDSl4Mn6pZ7Cu
CUJdO2eCZx3SJe7v0IxrO5Ujahf1EPwv+8R4xlB0jclViEdzuVXc+y39d+ea6pkh
8R8dbUonkdwz9H+A3qNMUgerwO4n1+ZcxPpwxZtVWIwgJCI8/eMHQ/01/eNkhni7
VD0zSiOSsLrHRNfQmpa5hlhbcqbDJWDC9h6JTMDcjm7heUILNNBgYvRK9NDutoGh
ptvZ9PKwJA0IUGMqkFSoaJToiXWCSDACEBqhx8hziqiCBBKl9xd9muxVJWqx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:16 2024 by rpki-client on console-ams.rpki-client.org