Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/D385uv_jGZEBAMwWRE9EIO_ctEM.roa
File:                     D385uv_jGZEBAMwWRE9EIO_ctEM.roa (raw, json)
Hash identifier:          cPdQ3nymmMA9k5zQp9XIxgCEJ4cCZ+3B/Rdej0bgMKI=
Subject key identifier:   0F:7F:39:BA:FF:E3:19:91:01:00:CC:16:44:4F:44:20:EF:DC:B4:43
Certificate issuer:       /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial:       01856D13A99C42DDC862A8EAFFF50C19587A
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/D385uv_jGZEBAMwWRE9EIO_ctEM.roa
Signing time:             Sun 01 Jan 2023 11:24:43 +0000
ROA not before:           Sun 01 Jan 2023 11:24:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209260
IP address blocks:        185.191.145.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 04 Apr 2023 03:35:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:13:a9:9c:42:dd:c8:62:a8:ea:ff:f5:0c:19:58:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
        Validity
            Not Before: Jan  1 11:24:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0f7f39baffe319910100cc16444f4420efdcb443
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:c2:a3:cf:37:d3:e6:dd:1e:30:7d:c4:90:cc:
                    7f:ac:95:27:7b:a2:72:a6:90:58:06:19:2c:c1:e7:
                    04:75:8f:50:c0:bd:2c:c9:8c:c3:fb:c7:d4:16:1c:
                    21:75:7a:97:0c:e9:e5:c8:b5:b4:da:b0:dc:ed:c3:
                    d1:83:58:8f:ce:cb:4e:8a:bf:7d:ea:de:5e:0b:f7:
                    d2:af:52:b1:8a:c5:4b:bd:88:1d:15:37:be:1e:43:
                    f5:45:0e:7d:d0:56:c3:34:3e:fa:54:1c:b4:c0:fb:
                    39:a1:fa:61:60:7a:e8:9b:06:99:1f:d8:7c:df:9b:
                    05:06:98:47:24:e4:d9:b8:95:b9:fb:6c:79:0a:ff:
                    99:05:44:37:52:4a:ad:ce:d8:fd:a8:9c:e7:b2:45:
                    75:46:17:df:4b:b6:86:07:af:47:7c:11:69:90:20:
                    6c:ba:1b:70:aa:f9:7a:8d:3c:99:1b:35:4f:11:3a:
                    63:83:5a:3d:ae:dd:bc:28:51:07:2a:99:dd:2e:ee:
                    ec:c0:28:dd:fb:8e:07:db:50:90:06:87:d8:7e:d7:
                    34:9a:1a:4e:6c:83:5e:94:be:87:b6:16:cd:03:7f:
                    b0:7b:98:f9:d9:c9:d5:0c:2b:9c:18:09:28:5b:b4:
                    b0:ae:6e:c3:df:3a:01:88:08:e7:09:3f:15:78:0e:
                    92:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:7F:39:BA:FF:E3:19:91:01:00:CC:16:44:4F:44:20:EF:DC:B4:43
            X509v3 Authority Key Identifier:
                keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/D385uv_jGZEBAMwWRE9EIO_ctEM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.191.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c5:a7:57:99:fb:80:47:9e:11:fd:04:11:2b:54:5a:e9:1e:63:
         54:1b:f9:79:ad:0a:76:5d:15:b8:c0:42:2b:1b:a1:52:1f:6d:
         f5:1e:a7:93:21:20:09:71:4c:7c:1f:a9:5a:a1:4d:52:37:8a:
         95:e3:eb:87:d9:0a:60:94:61:1c:15:3d:80:25:dd:aa:ad:33:
         55:1f:74:83:a4:5c:60:d1:42:e0:88:a1:3f:51:3c:33:6b:25:
         ee:68:7e:34:31:03:65:6e:49:a1:95:c8:28:35:54:35:b7:c5:
         a2:0e:4a:b0:09:70:c5:9a:e3:be:91:f8:bb:b3:a6:57:6c:e8:
         9e:97:9d:58:e5:d4:dd:c1:2d:cc:f4:76:88:27:46:df:38:64:
         5f:08:bc:f0:f3:22:1a:2d:4d:1e:04:c0:55:6b:56:49:5b:f0:
         68:d4:8d:ce:10:f4:65:6d:be:84:d4:5e:8e:8d:4c:69:e0:8d:
         32:91:55:ed:1c:e3:cb:38:cf:30:ac:69:ab:27:22:4c:3b:83:
         b6:fe:29:e5:a4:b5:89:cf:b1:a7:b3:44:f7:92:e8:48:7c:f3:
         61:66:62:6f:2c:42:8b:86:76:88:8b:a0:07:2e:e9:8e:af:4b:
         e6:47:6a:72:86:36:37:b9:02:cb:7c:e2:ef:d7:39:b9:9e:03:
         2f:02:da:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtE6mcQt3IYqjq//UMGVh6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjMwMTAxMTEyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjdmMzliYWZmZTMxOTkxMDEwMGNjMTY0NDRmNDQyMGVmZGNiNDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1sKjzzfT5t0eMH3EkMx/rJUne6Jy
ppBYBhkswecEdY9QwL0syYzD+8fUFhwhdXqXDOnlyLW02rDc7cPRg1iPzstOir99
6t5eC/fSr1KxisVLvYgdFTe+HkP1RQ590FbDND76VBy0wPs5ofphYHromwaZH9h8
35sFBphHJOTZuJW5+2x5Cv+ZBUQ3Ukqtztj9qJznskV1RhffS7aGB69HfBFpkCBs
uhtwqvl6jTyZGzVPETpjg1o9rt28KFEHKpndLu7swCjd+44H21CQBofYftc0mhpO
bINelL6HthbNA3+we5j52cnVDCucGAkoW7Swrm7D3zoBiAjnCT8VeA6SOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA9/Obr/4xmRAQDMFkRPRCDv3LRDMB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEvRDM4NXV2X2pHWkVCQU13V1JFOUVJT19jdEVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+RMA0G
CSqGSIb3DQEBCwUAA4IBAQDFp1eZ+4BHnhH9BBErVFrpHmNUG/l5rQp2XRW4wEIr
G6FSH231HqeTISAJcUx8H6laoU1SN4qV4+uH2QpglGEcFT2AJd2qrTNVH3SDpFxg
0ULgiKE/UTwzayXuaH40MQNlbkmhlcgoNVQ1t8WiDkqwCXDFmuO+kfi7s6ZXbOie
l51Y5dTdwS3M9HaIJ0bfOGRfCLzw8yIaLU0eBMBVa1ZJW/Bo1I3OEPRlbb6E1F6O
jUxp4I0ykVXtHOPLOM8wrGmrJyJMO4O2/inlpLWJz7Gns0T3kuhIfPNhZmJvLEKL
hnaIi6AHLumOr0vmR2pyhjY3uQLLfOLv1zm5ngMvAtop
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:05 2024 by rpki-client on console-ams.rpki-client.org