Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/4TmSsgieUAiYMlla23-iIKRsuG8.roa
File:                     4TmSsgieUAiYMlla23-iIKRsuG8.roa (raw, json)
Hash identifier:          3vL/+4x/dJPqlmjNCBNp+PHnkrS/noVAM1/8Z8d/kAA=
Subject key identifier:   E1:39:92:B2:08:9E:50:08:98:32:59:5A:DB:7F:A2:20:A4:6C:B8:6F
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       01856C540C0F61B7B6ED0A3FBF8D63404273
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/4TmSsgieUAiYMlla23-iIKRsuG8.roa
Signing time:             Sun 01 Jan 2023 07:55:25 +0000
ROA not before:           Sun 01 Jan 2023 07:55:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203125
IP address blocks:        185.188.4.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 31 Jan 2023 23:05:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:54:0c:0f:61:b7:b6:ed:0a:3f:bf:8d:63:40:42:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 07:55:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e13992b2089e50089832595adb7fa220a46cb86f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:ca:bb:bc:c0:87:ff:93:c4:73:8c:45:e6:37:
                    ee:d8:f6:ae:ae:39:7d:db:96:05:54:cf:6c:d4:a0:
                    59:0b:a4:e8:2d:94:df:5d:ac:f1:9d:d6:1a:ec:69:
                    9a:33:67:a4:f3:d1:e1:8c:2b:b0:b0:1d:60:99:07:
                    88:8d:9a:e1:d3:f6:a6:d5:f4:1a:79:02:de:87:41:
                    7b:ce:cf:a9:d5:b7:50:cd:46:e7:b6:80:af:f6:16:
                    21:fb:5d:1b:fc:84:be:6d:ca:f2:ad:80:23:2f:b1:
                    39:16:aa:bd:4a:3f:ee:f6:4a:95:70:19:e4:4e:4f:
                    2a:3e:80:79:66:99:3b:8d:8b:71:15:0e:6f:c1:05:
                    86:e5:cf:bf:81:06:3f:c9:38:00:f9:e5:ac:b9:e7:
                    ff:41:f5:ee:a2:0e:13:e5:5d:95:5f:0f:cd:ad:0c:
                    be:5b:81:d2:17:fe:0a:3a:de:85:5d:fb:66:f5:47:
                    20:3a:39:05:2a:3f:80:f0:33:6d:1c:d3:3d:04:59:
                    98:5b:e7:da:ab:49:9c:6e:39:11:d0:f7:84:ed:fb:
                    a2:e5:78:f1:71:aa:dd:65:05:9f:43:2a:5d:21:03:
                    ca:7b:b4:93:45:08:6c:85:18:45:08:29:7b:13:3f:
                    21:b0:c2:f4:fd:09:12:55:c0:66:d4:63:42:b5:87:
                    a6:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:39:92:B2:08:9E:50:08:98:32:59:5A:DB:7F:A2:20:A4:6C:B8:6F
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/4TmSsgieUAiYMlla23-iIKRsuG8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.188.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:86:4e:7c:e9:68:98:32:97:d3:05:03:11:86:6b:95:8c:a3:
         a6:4d:c2:b7:ac:b8:f7:51:3b:18:05:b3:8e:fa:2d:62:da:ab:
         f7:03:4e:ff:83:cc:a3:10:39:94:d1:8b:f6:ba:53:53:8d:bd:
         eb:ae:38:51:52:cb:88:10:21:53:26:72:d2:4f:5e:6e:35:5e:
         3c:aa:cc:c0:80:0a:85:b3:b4:7e:6f:fe:95:5c:9d:83:37:e8:
         2f:24:4d:01:55:5e:bb:f3:84:c2:3d:b1:d2:7f:0e:16:a3:bd:
         92:ed:a9:f7:53:1d:1f:3d:eb:77:80:39:a1:ea:3a:de:28:f2:
         4b:af:36:05:5c:1d:e5:c4:13:f4:f8:a2:55:bd:67:7c:ba:58:
         05:b1:c8:46:c4:8e:4b:75:71:da:d8:90:49:b7:62:5b:22:65:
         e2:1b:dd:6b:82:ba:13:45:00:91:a4:5e:7a:a5:17:eb:a6:4b:
         c9:fd:69:99:47:98:6a:4e:02:35:77:f5:6e:bc:3b:03:3a:9b:
         ae:a5:4e:8c:6a:99:63:57:c4:79:b1:09:54:8c:61:b6:a2:5b:
         35:0e:5b:dd:3a:1a:62:a5:77:68:91:3c:e7:9e:18:d4:1b:9f:
         73:a1:10:c9:94:93:84:6e:51:60:ea:97:fc:d0:5c:9e:f3:9b:
         e8:f1:a3:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsVAwPYbe27Qo/v41jQEJzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTM5OTJiMjA4OWU1MDA4OTgzMjU5NWFkYjdmYTIyMGE0NmNiODZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMq7vMCH/5PEc4xF5jfu2Paurjl9
25YFVM9s1KBZC6ToLZTfXazxndYa7GmaM2ek89HhjCuwsB1gmQeIjZrh0/am1fQa
eQLeh0F7zs+p1bdQzUbntoCv9hYh+10b/IS+bcryrYAjL7E5Fqq9Sj/u9kqVcBnk
Tk8qPoB5Zpk7jYtxFQ5vwQWG5c+/gQY/yTgA+eWsuef/QfXuog4T5V2VXw/NrQy+
W4HSF/4KOt6FXftm9UcgOjkFKj+A8DNtHNM9BFmYW+faq0mcbjkR0PeE7fui5Xjx
cardZQWfQypdIQPKe7STRQhshRhFCCl7Ez8hsML0/QkSVcBm1GNCtYemiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOE5krIInlAImDJZWtt/oiCkbLhvMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvNFRtU3NnaWVVQWlZTWxsYTIzLWlJS1JzdUc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubwEMA0G
CSqGSIb3DQEBCwUAA4IBAQCGhk586WiYMpfTBQMRhmuVjKOmTcK3rLj3UTsYBbOO
+i1i2qv3A07/g8yjEDmU0Yv2ulNTjb3rrjhRUsuIECFTJnLST15uNV48qszAgAqF
s7R+b/6VXJ2DN+gvJE0BVV6784TCPbHSfw4Wo72S7an3Ux0fPet3gDmh6jreKPJL
rzYFXB3lxBP0+KJVvWd8ulgFschGxI5LdXHa2JBJt2JbImXiG91rgroTRQCRpF56
pRfrpkvJ/WmZR5hqTgI1d/VuvDsDOpuupU6MapljV8R5sQlUjGG2ols1DlvdOhpi
pXdokTznnhjUG59zoRDJlJOEblFg6pf80Fye85vo8aPT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:32 2024 by rpki-client on console-ams.rpki-client.org