Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/1LQCtZnfUGqd8KyQA-HacF-tGBQ.roa
File:                     1LQCtZnfUGqd8KyQA-HacF-tGBQ.roa (raw, json)
Hash identifier:          yOYHnFekcPAP+efARUxy2qjkV/2ZlJddS5aVPt2UJkE=
Subject key identifier:   D4:B4:02:B5:99:DF:50:6A:9D:F0:AC:90:03:E1:DA:70:5F:AD:18:14
Certificate issuer:       /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial:       0187532790C2A1DA5E9FFACBA71FBA2B3352
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/1LQCtZnfUGqd8KyQA-HacF-tGBQ.roa
Signing time:             Wed 05 Apr 2023 20:41:54 +0000
ROA not before:           Wed 05 Apr 2023 20:41:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     140947
IP address blocks:        185.191.145.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 13 Apr 2023 11:30:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:53:27:90:c2:a1:da:5e:9f:fa:cb:a7:1f:ba:2b:33:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
        Validity
            Not Before: Apr  5 20:41:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d4b402b599df506a9df0ac9003e1da705fad1814
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:79:0d:3c:c3:20:58:af:57:69:83:89:12:12:
                    21:69:ba:d2:e1:1c:bb:07:cf:8e:82:6a:32:a7:d0:
                    eb:a1:91:8f:ed:b8:43:0c:e0:9f:d7:8b:b4:8d:88:
                    9d:7a:22:63:c5:e7:d6:3a:c5:97:d1:ae:27:00:2d:
                    0a:94:73:4b:07:7a:2c:5e:34:84:e7:08:2b:a7:bd:
                    db:0e:99:88:7c:0b:82:34:7f:cb:b1:7e:81:2a:bc:
                    11:11:61:c4:79:ce:1f:6f:be:7d:d6:4a:e0:a8:20:
                    a6:be:52:02:e7:f5:2b:00:37:24:10:ec:2c:c0:e6:
                    0b:f6:ae:79:12:a0:ac:82:27:21:19:6d:f4:30:a2:
                    bb:fc:02:76:48:75:db:7e:13:1a:05:aa:a1:38:d5:
                    bd:a1:ef:f2:46:c7:77:95:c5:ae:3f:04:6e:25:5d:
                    f5:ff:5d:a6:13:0b:2d:cd:f7:3c:dd:cf:0f:af:67:
                    00:79:63:ab:77:61:47:ec:11:5c:f8:b8:33:35:b5:
                    3a:75:b9:89:9c:01:79:9b:fe:9b:88:f8:73:0e:c8:
                    b5:74:26:2d:e8:36:fb:87:ba:d9:ec:b6:77:61:d3:
                    ca:a6:a4:60:90:87:e4:d7:e0:f2:d2:5a:eb:6d:1f:
                    53:79:2f:47:10:e5:5a:5b:76:2d:c9:26:91:74:2a:
                    5e:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:B4:02:B5:99:DF:50:6A:9D:F0:AC:90:03:E1:DA:70:5F:AD:18:14
            X509v3 Authority Key Identifier:
                keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/1LQCtZnfUGqd8KyQA-HacF-tGBQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.191.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:82:0c:15:8e:c6:89:36:b7:f9:93:85:15:0b:4e:4c:98:59:
         c8:c6:00:d3:2f:db:24:26:77:51:58:a1:a7:e5:ca:eb:0c:aa:
         1e:ee:5f:c6:f7:36:bc:e9:1e:5d:c8:0d:a9:a7:6b:93:65:16:
         b7:f1:29:1c:7f:93:5b:b4:a7:cd:af:c0:8f:05:52:fc:27:4d:
         9d:74:f4:fc:9e:52:bb:c3:86:46:f3:64:31:3b:f0:55:22:ba:
         91:55:91:a9:fb:5e:ef:dc:45:de:ef:a6:ff:44:b8:a1:a4:50:
         eb:bf:c3:c5:c8:80:3a:e2:d3:da:08:d0:b3:75:a8:85:8b:15:
         f2:92:5f:2f:2e:89:a5:20:45:9f:3d:49:68:4d:ff:57:32:cf:
         2d:d3:4a:3c:de:0c:58:12:9b:90:50:e4:7a:b1:f2:50:87:19:
         58:49:cd:89:92:8a:14:a6:f8:b4:12:3e:57:df:22:cb:31:f2:
         e9:30:89:7f:1c:7f:32:53:4d:28:2a:fb:21:c7:80:07:f6:4a:
         0b:ea:37:9b:97:ea:62:82:ce:79:63:ab:91:79:64:61:38:74:
         63:33:f4:08:97:c5:21:f5:9a:73:d8:dd:e6:5a:1b:d3:d8:c8:
         94:34:67:d3:d9:3a:6d:80:57:53:6f:be:35:b9:b2:1f:a9:9b:
         ef:64:61:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdTJ5DCodpen/rLpx+6KzNSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjMwNDA1MjA0MTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGI0MDJiNTk5ZGY1MDZhOWRmMGFjOTAwM2UxZGE3MDVmYWQxODE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnkNPMMgWK9XaYOJEhIhabrS4Ry7
B8+Ogmoyp9DroZGP7bhDDOCf14u0jYideiJjxefWOsWX0a4nAC0KlHNLB3osXjSE
5wgrp73bDpmIfAuCNH/LsX6BKrwREWHEec4fb7591krgqCCmvlIC5/UrADckEOws
wOYL9q55EqCsgichGW30MKK7/AJ2SHXbfhMaBaqhONW9oe/yRsd3lcWuPwRuJV31
/12mEwstzfc83c8Pr2cAeWOrd2FH7BFc+LgzNbU6dbmJnAF5m/6biPhzDsi1dCYt
6Db7h7rZ7LZ3YdPKpqRgkIfk1+Dy0lrrbR9TeS9HEOVaW3YtySaRdCpebQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNS0ArWZ31BqnfCskAPh2nBfrRgUMB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEvMUxRQ3RabmZVR3FkOEt5UUEtSGFjRi10R0JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+RMA0G
CSqGSIb3DQEBCwUAA4IBAQCfggwVjsaJNrf5k4UVC05MmFnIxgDTL9skJndRWKGn
5crrDKoe7l/G9za86R5dyA2pp2uTZRa38Skcf5NbtKfNr8CPBVL8J02ddPT8nlK7
w4ZG82QxO/BVIrqRVZGp+17v3EXe76b/RLihpFDrv8PFyIA64tPaCNCzdaiFixXy
kl8vLomlIEWfPUloTf9XMs8t00o83gxYEpuQUOR6sfJQhxlYSc2JkooUpvi0Ej5X
3yLLMfLpMIl/HH8yU00oKvshx4AH9koL6jebl+pigs55Y6uReWRhOHRjM/QIl8Uh
9Zpz2N3mWhvT2MiUNGfT2TptgFdTb741ubIfqZvvZGEy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:09 2024 by rpki-client on console-fra.rpki-client.org