Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/546c7e-d840-4e54-9223-534ebeef3389/1/3Q3VGsNKWb9cieGIdLiu7BO7zTw.roa
File:                     3Q3VGsNKWb9cieGIdLiu7BO7zTw.roa (raw, json)
Hash identifier:          7kVEsE3+xCeikeMoAevmhrwvWykFcoHM9vgJEzTW2j0=
Subject key identifier:   DD:0D:D5:1A:C3:4A:59:BF:5C:89:E1:88:74:B8:AE:EC:13:BB:CD:3C
Certificate issuer:       /CN=10eedc33aa442907189f0b3c563836951fb185bb
Certificate serial:       018570302C3D648F3DF43CD2CA8D55E54DD4
Authority key identifier: 10:EE:DC:33:AA:44:29:07:18:9F:0B:3C:56:38:36:95:1F:B1:85:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EO7cM6pEKQcYnws8Vjg2lR-xhbs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/546c7e-d840-4e54-9223-534ebeef3389/1/3Q3VGsNKWb9cieGIdLiu7BO7zTw.roa
Signing time:             Mon 02 Jan 2023 01:54:43 +0000
ROA not before:           Mon 02 Jan 2023 01:54:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202634
IP address blocks:        185.165.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 09 Feb 2023 16:28:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:30:2c:3d:64:8f:3d:f4:3c:d2:ca:8d:55:e5:4d:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10eedc33aa442907189f0b3c563836951fb185bb
        Validity
            Not Before: Jan  2 01:54:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dd0dd51ac34a59bf5c89e18874b8aeec13bbcd3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:95:a4:d7:ee:25:39:38:49:39:8e:3f:82:64:
                    38:f0:bf:5c:80:e0:69:08:b5:9f:a6:b1:9b:fd:84:
                    ff:82:4b:4b:24:e0:f8:20:69:95:b7:8e:d7:79:fc:
                    0d:c7:cc:27:46:f0:3e:b0:af:fa:a0:da:50:01:31:
                    5b:df:28:d1:8d:0f:0a:40:72:a8:a2:61:8d:e1:ab:
                    d1:d0:e9:90:99:30:fa:0a:53:55:fb:d5:3b:7d:bf:
                    5e:9d:69:3d:cb:3e:74:71:8f:11:4f:8f:94:ae:6d:
                    18:05:66:30:0d:06:6e:66:7a:dd:76:02:46:25:a3:
                    4d:c3:0c:6b:0b:c7:5c:82:58:34:bc:9d:c1:ae:e9:
                    ee:64:8b:47:ef:dc:1f:45:5c:3b:c4:89:aa:84:08:
                    ae:e3:86:47:29:78:5c:70:d1:f9:11:8b:61:a2:75:
                    ad:3b:0d:24:08:96:fe:c7:1c:be:ed:62:ff:3d:c9:
                    91:94:f9:1c:06:8e:67:4d:54:91:19:f1:08:49:b7:
                    41:f4:54:67:c2:e0:80:d0:57:14:ae:18:3c:65:2e:
                    bb:5f:cc:e7:2f:83:31:8d:13:97:e6:8c:53:25:5a:
                    07:e4:bc:47:8b:b1:81:87:20:bf:ae:82:3d:2c:3c:
                    76:dc:42:1b:be:83:1c:9d:3d:fb:dd:3e:39:80:ed:
                    b9:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:0D:D5:1A:C3:4A:59:BF:5C:89:E1:88:74:B8:AE:EC:13:BB:CD:3C
            X509v3 Authority Key Identifier:
                keyid:10:EE:DC:33:AA:44:29:07:18:9F:0B:3C:56:38:36:95:1F:B1:85:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EO7cM6pEKQcYnws8Vjg2lR-xhbs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/546c7e-d840-4e54-9223-534ebeef3389/1/3Q3VGsNKWb9cieGIdLiu7BO7zTw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/546c7e-d840-4e54-9223-534ebeef3389/1/EO7cM6pEKQcYnws8Vjg2lR-xhbs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.165.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:cd:76:b7:c5:a1:a1:d8:8b:e7:fb:23:52:9a:20:03:a8:b2:
         3e:01:af:52:b4:10:d1:62:f5:b5:6d:81:e1:f5:bc:d0:66:e3:
         e2:f8:e0:17:3b:c9:d3:96:f8:21:e9:5d:eb:e3:9d:d8:8a:31:
         84:0a:24:84:30:05:b4:61:b4:fa:ef:52:fb:8c:b4:9e:23:26:
         1a:22:44:fe:07:41:a6:86:16:6d:73:2d:70:2e:fa:05:b8:c2:
         33:db:cd:15:5c:77:9b:5f:53:f5:83:07:97:38:4a:f0:66:05:
         0a:dc:58:06:a3:d2:09:40:fb:ca:ae:0c:e6:8f:8b:2d:52:eb:
         70:f0:56:63:fa:30:d8:06:fb:95:31:ae:ec:7a:88:36:40:06:
         bb:05:3a:ec:6b:18:8d:9d:b9:c3:73:50:f9:25:6c:73:36:30:
         fc:24:e6:de:0d:5c:b8:40:9e:75:be:d3:20:6d:b9:ad:b2:87:
         bb:22:27:e7:d7:5a:7e:fe:72:ad:b0:47:29:1b:90:f7:a3:ae:
         22:18:2e:25:0f:5f:7b:3e:5f:38:5d:30:3d:fd:07:c8:65:df:
         ab:e7:e9:b4:68:3b:85:ef:38:a1:cd:f1:9a:73:11:23:bb:f6:
         6c:31:4a:19:68:e2:3f:62:42:98:79:30:f6:3b:9c:4e:88:67:
         8d:b2:94:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMCw9ZI899DzSyo1V5U3UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwZWVkYzMzYWE0NDI5MDcxODlmMGIzYzU2MzgzNjk1MWZi
MTg1YmIwHhcNMjMwMTAyMDE1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDBkZDUxYWMzNGE1OWJmNWM4OWUxODg3NGI4YWVlYzEzYmJjZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZWk1+4lOThJOY4/gmQ48L9cgOBp
CLWfprGb/YT/gktLJOD4IGmVt47XefwNx8wnRvA+sK/6oNpQATFb3yjRjQ8KQHKo
omGN4avR0OmQmTD6ClNV+9U7fb9enWk9yz50cY8RT4+Urm0YBWYwDQZuZnrddgJG
JaNNwwxrC8dcglg0vJ3BrunuZItH79wfRVw7xImqhAiu44ZHKXhccNH5EYthonWt
Ow0kCJb+xxy+7WL/PcmRlPkcBo5nTVSRGfEISbdB9FRnwuCA0FcUrhg8ZS67X8zn
L4MxjROX5oxTJVoH5LxHi7GBhyC/roI9LDx23EIbvoMcnT373T45gO25HQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN0N1RrDSlm/XInhiHS4ruwTu808MB8GA1UdIwQY
MBaAFBDu3DOqRCkHGJ8LPFY4NpUfsYW7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRU83Y002cEVLUWNZbndzOFZqZzJsUi14aGJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy81NDZjN2UtZDg0MC00ZTU0LTkyMjMt
NTM0ZWJlZWYzMzg5LzEvM1EzVkdzTktXYjljaWVHSWRMaXU3Qk83elR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy81NDZjN2UtZDg0MC00ZTU0LTkyMjMtNTM0ZWJlZWYzMzg5
LzEvRU83Y002cEVLUWNZbndzOFZqZzJsUi14aGJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaXeMA0G
CSqGSIb3DQEBCwUAA4IBAQAqzXa3xaGh2Ivn+yNSmiADqLI+Aa9StBDRYvW1bYHh
9bzQZuPi+OAXO8nTlvgh6V3r453YijGECiSEMAW0YbT671L7jLSeIyYaIkT+B0Gm
hhZtcy1wLvoFuMIz280VXHebX1P1gweXOErwZgUK3FgGo9IJQPvKrgzmj4stUutw
8FZj+jDYBvuVMa7seog2QAa7BTrsaxiNnbnDc1D5JWxzNjD8JObeDVy4QJ51vtMg
bbmtsoe7Iifn11p+/nKtsEcpG5D3o64iGC4lD197Pl84XTA9/QfIZd+r5+m0aDuF
7zihzfGacxEju/ZsMUoZaOI/YkKYeTD2O5xOiGeNspRw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:04 2024 by rpki-client on console-ams.rpki-client.org