Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/BDhRRfebl9Sg3GyYsybYnEGViBA.roa
File:                     BDhRRfebl9Sg3GyYsybYnEGViBA.roa (raw, json)
Hash identifier:          g6lRxp1m9UcuRxyyeNjSYQ8MLP+Af7yvavBRy7L9lCg=
Subject key identifier:   04:38:51:45:F7:9B:97:D4:A0:DC:6C:98:B3:26:D8:9C:41:95:88:10
Certificate issuer:       /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial:       018954D63510085EB7A22841BD08CB008FCF
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/BDhRRfebl9Sg3GyYsybYnEGViBA.roa
Signing time:             Fri 14 Jul 2023 14:37:51 +0000
ROA not before:           Fri 14 Jul 2023 14:37:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        185.191.147.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:54:d6:35:10:08:5e:b7:a2:28:41:bd:08:cb:00:8f:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
        Validity
            Not Before: Jul 14 14:37:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=04385145f79b97d4a0dc6c98b326d89c41958810
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:95:0d:5b:98:81:9b:2b:32:f9:4f:23:a1:10:
                    5d:af:f3:7d:a0:43:9b:59:7c:4d:9f:63:0d:b9:d0:
                    ff:bf:b7:b6:b7:21:15:30:72:28:89:1e:d5:fe:3c:
                    1f:6f:69:d3:30:42:bd:c6:5d:df:38:7b:76:3b:c6:
                    e6:93:f6:45:5d:87:3f:3a:00:5e:0e:35:47:53:00:
                    11:fd:c4:41:79:0d:a0:c0:e8:ae:14:fb:3f:07:f8:
                    23:9e:31:7d:45:d9:11:e0:98:82:c3:c7:da:28:97:
                    40:e1:a4:78:09:29:30:b4:69:96:f4:c0:72:9c:c9:
                    44:96:e1:bd:4b:f1:47:35:91:a3:cd:aa:57:6a:a6:
                    71:65:b0:92:c4:60:a1:d6:aa:0a:8e:95:d8:be:53:
                    5a:b3:37:27:37:43:28:c8:21:e2:06:32:c7:3e:1d:
                    ff:98:1f:44:3d:52:62:db:42:f9:51:a9:c8:a0:84:
                    ad:21:c8:86:a6:59:98:95:84:b3:49:9e:7c:29:bc:
                    ad:de:bb:45:46:00:7b:7a:3c:b5:90:37:e5:9f:aa:
                    b1:2f:2d:66:ec:01:73:0c:1d:37:e2:9e:31:9a:5e:
                    4c:ce:46:09:5c:d8:c3:2b:c6:96:10:2e:67:54:e8:
                    54:93:72:79:4a:87:cd:be:60:69:cf:b6:7d:af:ed:
                    e8:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:38:51:45:F7:9B:97:D4:A0:DC:6C:98:B3:26:D8:9C:41:95:88:10
            X509v3 Authority Key Identifier:
                keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/BDhRRfebl9Sg3GyYsybYnEGViBA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.191.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:47:b0:eb:20:ce:a7:26:ab:6d:9a:8b:c7:7c:b4:97:90:a6:
         25:c2:c0:b7:66:54:fd:61:fa:56:cd:8b:9b:aa:bc:1f:e4:e1:
         67:ec:21:83:6b:9f:9e:df:85:71:e5:49:a3:a1:d0:9d:f1:23:
         6e:fc:f4:f1:d2:3b:db:3d:90:4f:d2:e0:b0:57:4b:15:ca:34:
         65:ab:43:3d:1b:0e:b0:60:b7:22:43:d8:f5:84:71:64:5f:8a:
         9e:b0:7e:99:f1:96:72:96:83:f2:40:f8:77:da:5c:a0:ca:e7:
         ab:66:9c:a8:4f:37:40:5b:f2:9a:d3:85:59:d5:a6:78:b6:6f:
         9c:14:a8:5d:9d:4f:96:68:e9:06:e7:70:5b:f9:72:af:51:b7:
         c8:06:ff:c5:07:a5:d3:cb:e0:43:4d:11:2b:90:ea:45:96:f6:
         00:66:10:c7:af:2b:75:70:97:3e:cb:69:f3:8b:a7:04:ce:43:
         2e:f1:72:09:3b:58:e4:d4:c5:ed:4f:6f:11:79:d1:40:93:ad:
         30:e1:92:71:16:d8:24:74:63:1c:9d:61:fa:0c:7c:fe:a8:b6:
         9e:6c:68:93:f4:90:d2:73:0b:8a:3f:a0:14:9f:97:35:dd:bf:
         8f:55:0f:8f:51:fd:38:0d:3c:4e:09:10:b1:cb:f8:7e:03:46:
         a3:7d:c5:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlU1jUQCF63oihBvQjLAI/PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjMwNzE0MTQzNzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDM4NTE0NWY3OWI5N2Q0YTBkYzZjOThiMzI2ZDg5YzQxOTU4ODEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5UNW5iBmysy+U8joRBdr/N9oEOb
WXxNn2MNudD/v7e2tyEVMHIoiR7V/jwfb2nTMEK9xl3fOHt2O8bmk/ZFXYc/OgBe
DjVHUwAR/cRBeQ2gwOiuFPs/B/gjnjF9RdkR4JiCw8faKJdA4aR4CSkwtGmW9MBy
nMlEluG9S/FHNZGjzapXaqZxZbCSxGCh1qoKjpXYvlNaszcnN0MoyCHiBjLHPh3/
mB9EPVJi20L5UanIoIStIciGplmYlYSzSZ58Kbyt3rtFRgB7ejy1kDfln6qxLy1m
7AFzDB034p4xml5MzkYJXNjDK8aWEC5nVOhUk3J5SofNvmBpz7Z9r+3owwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAQ4UUX3m5fUoNxsmLMm2JxBlYgQMB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEvQkRoUlJmZWJsOVNnM0d5WXN5YlluRUdWaUJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+TMA0G
CSqGSIb3DQEBCwUAA4IBAQCnR7DrIM6nJqttmovHfLSXkKYlwsC3ZlT9YfpWzYub
qrwf5OFn7CGDa5+e34Vx5UmjodCd8SNu/PTx0jvbPZBP0uCwV0sVyjRlq0M9Gw6w
YLciQ9j1hHFkX4qesH6Z8ZZyloPyQPh32lygyuerZpyoTzdAW/Ka04VZ1aZ4tm+c
FKhdnU+WaOkG53Bb+XKvUbfIBv/FB6XTy+BDTRErkOpFlvYAZhDHryt1cJc+y2nz
i6cEzkMu8XIJO1jk1MXtT28RedFAk60w4ZJxFtgkdGMcnWH6DHz+qLaebGiT9JDS
cwuKP6AUn5c13b+PVQ+PUf04DTxOCRCxy/h+A0ajfcUD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:05 2024 by rpki-client on console-ams.rpki-client.org