Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/Ctg__V7mJl4YqSTTxRgaz_H1iiw.roa
File:                     Ctg__V7mJl4YqSTTxRgaz_H1iiw.roa (raw, json)
Hash identifier:          fyRMJI4d3+iJ7843qEQQSMpxMAk8PfDihrJuiCGtF3g=
Subject key identifier:   0A:D8:3F:FD:5E:E6:26:5E:18:A9:24:D3:C5:18:1A:CF:F1:F5:8A:2C
Certificate issuer:       /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial:       01856D13A8F8B207F1D2EBC9FF7D5DC59AB6
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/Ctg__V7mJl4YqSTTxRgaz_H1iiw.roa
Signing time:             Sun 01 Jan 2023 11:24:43 +0000
ROA not before:           Sun 01 Jan 2023 11:24:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        185.191.144.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 25 Jan 2023 13:48:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:13:a8:f8:b2:07:f1:d2:eb:c9:ff:7d:5d:c5:9a:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
        Validity
            Not Before: Jan  1 11:24:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0ad83ffd5ee6265e18a924d3c5181acff1f58a2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:d7:7a:6a:30:24:6f:2e:f1:b0:e1:65:e2:7b:
                    e4:52:91:02:99:39:2c:d7:ee:bc:6d:1c:d1:17:df:
                    5c:c8:27:fc:79:ad:a1:9e:13:50:e1:96:59:56:52:
                    79:e1:e0:9e:ef:bd:6b:c2:3a:78:54:79:4d:48:46:
                    9e:0d:5b:fd:82:53:a2:15:8c:fd:4e:c9:ef:f1:55:
                    87:fd:d7:80:f1:39:2b:d5:41:56:ad:5a:42:2b:f9:
                    5a:76:d8:6d:b6:1f:92:5d:e6:46:f7:1c:10:a6:f6:
                    51:67:84:62:5d:c2:22:0f:9a:1e:24:f5:a2:fa:25:
                    ac:f2:20:40:fa:c6:c8:2c:57:74:8a:4b:3a:63:7f:
                    af:e5:bc:e4:f4:69:4f:da:05:f1:08:fb:56:cb:19:
                    f5:c9:e2:77:d9:59:8c:bc:e8:95:dd:d7:7c:eb:0f:
                    f7:3b:d7:f2:6a:80:cc:53:a7:14:92:73:ae:aa:78:
                    38:ab:66:7a:dd:66:48:f4:3d:12:98:8d:74:57:ca:
                    62:4e:0d:57:7b:ee:fe:bd:06:e9:e7:24:63:ba:f5:
                    1d:28:eb:09:ca:c3:3a:72:c4:b1:fa:a1:1c:e4:5f:
                    22:30:c8:5e:3e:e2:a9:f0:2b:89:18:47:15:52:f1:
                    31:1c:3c:44:5c:62:27:9f:0d:09:26:c9:a8:26:4b:
                    b9:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:D8:3F:FD:5E:E6:26:5E:18:A9:24:D3:C5:18:1A:CF:F1:F5:8A:2C
            X509v3 Authority Key Identifier:
                keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/Ctg__V7mJl4YqSTTxRgaz_H1iiw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.191.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:a3:d8:46:c2:4c:c7:16:18:4a:8d:61:9e:a5:d4:62:74:36:
         8c:a3:b1:12:a7:01:ee:6e:c9:1e:d0:40:f8:e5:12:8a:ff:8d:
         aa:33:de:d8:ab:a2:5f:53:5b:0b:7f:61:fe:58:d9:5b:70:c6:
         55:3d:c2:b3:4d:4e:21:ec:e1:ba:a5:66:39:74:18:ff:dc:51:
         b3:23:e2:13:94:a4:ce:cf:19:47:63:b4:40:0f:c5:ca:b3:c1:
         ee:fc:2f:f6:e6:2f:33:4a:f4:00:43:b4:70:43:72:33:5f:27:
         58:ee:59:07:12:fb:e9:b8:79:58:af:81:9e:7f:08:b2:b1:1f:
         58:6d:d4:2d:97:fa:33:30:72:93:3a:dd:75:29:81:63:ff:5a:
         73:da:7d:b3:6f:d3:77:c2:eb:4e:d8:67:56:5d:b5:af:7e:d7:
         1d:03:c5:bd:4b:5b:9a:e2:d5:18:f7:51:c2:dc:c5:b3:2b:29:
         0f:00:89:3e:fa:d9:8d:e6:e5:00:20:07:00:3a:ef:2a:1f:37:
         b3:80:c9:e2:09:7b:8a:dd:8b:b0:ac:29:ce:5d:42:4a:fb:27:
         88:be:78:08:ae:d3:70:2b:c6:4c:07:ab:a0:5b:a1:03:50:fc:
         f1:64:aa:aa:c9:ab:77:21:69:02:1c:43:15:c5:18:0f:fc:81:
         a3:e6:eb:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtE6j4sgfx0uvJ/31dxZq2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjMwMTAxMTEyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWQ4M2ZmZDVlZTYyNjVlMThhOTI0ZDNjNTE4MWFjZmYxZjU4YTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNd6ajAkby7xsOFl4nvkUpECmTks
1+68bRzRF99cyCf8ea2hnhNQ4ZZZVlJ54eCe771rwjp4VHlNSEaeDVv9glOiFYz9
Tsnv8VWH/deA8Tkr1UFWrVpCK/ladthtth+SXeZG9xwQpvZRZ4RiXcIiD5oeJPWi
+iWs8iBA+sbILFd0iks6Y3+v5bzk9GlP2gXxCPtWyxn1yeJ32VmMvOiV3dd86w/3
O9fyaoDMU6cUknOuqng4q2Z63WZI9D0SmI10V8piTg1Xe+7+vQbp5yRjuvUdKOsJ
ysM6csSx+qEc5F8iMMhePuKp8CuJGEcVUvExHDxEXGInnw0JJsmoJku5DQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFArYP/1e5iZeGKkk08UYGs/x9YosMB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEvQ3RnX19WN21KbDRZcVNUVHhSZ2F6X0gxaWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+QMA0G
CSqGSIb3DQEBCwUAA4IBAQCRo9hGwkzHFhhKjWGepdRidDaMo7ESpwHubske0ED4
5RKK/42qM97Yq6JfU1sLf2H+WNlbcMZVPcKzTU4h7OG6pWY5dBj/3FGzI+ITlKTO
zxlHY7RAD8XKs8Hu/C/25i8zSvQAQ7RwQ3IzXydY7lkHEvvpuHlYr4GefwiysR9Y
bdQtl/ozMHKTOt11KYFj/1pz2n2zb9N3wutO2GdWXbWvftcdA8W9S1ua4tUY91HC
3MWzKykPAIk++tmN5uUAIAcAOu8qHzezgMniCXuK3YuwrCnOXUJK+yeIvngIrtNw
K8ZMB6ugW6EDUPzxZKqqyat3IWkCHEMVxRgP/IGj5uu5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:05 2024 by rpki-client on console-ams.rpki-client.org