Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/H_i1KfAUnPIyUtm-uE5b5UjgLlE.roa
File:                     H_i1KfAUnPIyUtm-uE5b5UjgLlE.roa (raw, json)
Hash identifier:          VTPdwUILS1Vpygy33lDzuAjc2voueet9AKYbkpX5ZK4=
Subject key identifier:   1F:F8:B5:29:F0:14:9C:F2:32:52:D9:BE:B8:4E:5B:E5:48:E0:2E:51
Certificate issuer:       /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial:       018577451E2762FC923F777257FE062F06F8
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/H_i1KfAUnPIyUtm-uE5b5UjgLlE.roa
Signing time:             Tue 03 Jan 2023 10:54:56 +0000
ROA not before:           Tue 03 Jan 2023 10:54:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3177
IP address blocks:        185.191.147.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 22 Jan 2023 14:43:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:77:45:1e:27:62:fc:92:3f:77:72:57:fe:06:2f:06:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
        Validity
            Not Before: Jan  3 10:54:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1ff8b529f0149cf23252d9beb84e5be548e02e51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:bc:a0:3e:85:60:3a:82:6b:91:e8:a6:33:73:
                    67:61:da:80:96:cf:6a:48:2f:f6:21:6e:70:e5:0d:
                    f8:89:f6:4a:fa:d0:3f:41:4e:1f:12:28:82:7c:b9:
                    97:f6:d5:2f:86:a9:ac:b3:80:d6:d3:98:48:bf:a5:
                    82:0b:6a:e8:7f:a4:83:0f:14:a8:20:a5:90:ec:6f:
                    f3:db:bf:dd:66:b4:aa:4c:9b:d0:64:76:bf:b3:62:
                    ac:57:8f:88:18:30:b3:a3:ed:52:c1:b9:2c:05:23:
                    83:78:01:4e:84:73:d9:5f:5d:32:15:c2:9a:47:c6:
                    69:e7:94:4c:85:1f:16:d8:6a:41:aa:82:87:e0:04:
                    c7:b0:bd:70:82:37:f3:d6:05:43:6b:07:cd:02:f6:
                    a8:5c:d4:9d:11:c2:46:fa:cb:77:7f:1e:86:82:df:
                    9d:7d:66:e7:80:f1:82:e8:3e:2d:19:e0:7c:c0:c9:
                    6a:c0:78:96:84:1c:df:4a:20:6e:74:53:79:c9:da:
                    5c:60:ce:26:9d:5d:97:ac:75:6a:a9:56:41:e0:5e:
                    19:55:59:ca:2b:dd:e0:f9:92:95:1a:e2:66:da:79:
                    db:4c:8d:04:82:88:b8:af:89:33:6f:5f:4e:4e:98:
                    8c:fd:03:00:0c:13:0a:4b:70:b1:6a:8b:90:e0:76:
                    57:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:F8:B5:29:F0:14:9C:F2:32:52:D9:BE:B8:4E:5B:E5:48:E0:2E:51
            X509v3 Authority Key Identifier:
                keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/H_i1KfAUnPIyUtm-uE5b5UjgLlE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.191.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:3c:6d:01:af:47:93:89:a5:f1:ea:71:a9:5e:3d:e7:8e:96:
         52:06:7f:5a:e0:09:3d:a1:10:21:09:0a:e4:fc:31:26:68:23:
         e2:78:ee:75:a4:8b:0c:26:83:3b:9f:05:8c:4e:2a:f7:5e:0a:
         bc:25:d3:7e:f6:36:4f:e0:e1:ed:3f:bf:81:6f:dd:8b:55:c9:
         fc:c3:38:8a:c7:cb:5a:b5:4d:0c:5b:7f:79:0a:85:d2:db:57:
         95:57:db:22:97:58:fc:9d:55:ae:3f:c3:bc:03:af:9a:6b:d1:
         ba:8c:34:39:f8:d0:f3:87:90:a3:ad:d5:8e:6c:fe:6b:02:30:
         74:53:b4:0f:da:7d:79:1e:a5:59:be:8a:91:9a:8b:8c:bf:4c:
         85:3d:4b:0f:c3:6d:5a:20:a9:80:61:b0:28:5f:c3:e0:12:db:
         f1:14:d9:73:8e:4f:24:01:b0:bf:bd:43:e1:02:0e:fa:02:6a:
         cd:3c:7c:fd:ea:42:ea:14:94:6f:64:0f:36:5d:8c:c8:1f:6a:
         34:22:54:5c:10:ec:ef:11:d8:04:f2:91:6a:6c:9c:c2:a9:7c:
         00:83:a0:f8:2f:fc:ee:0d:41:f6:f7:e0:20:80:a1:c4:98:cc:
         4c:fd:8b:5f:c9:5a:1e:dc:49:9f:43:c9:53:2e:7f:90:51:c6:
         e5:93:26:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYV3RR4nYvySP3dyV/4GLwb4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjMwMTAzMTA1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmY4YjUyOWYwMTQ5Y2YyMzI1MmQ5YmViODRlNWJlNTQ4ZTAyZTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibygPoVgOoJrkeimM3NnYdqAls9q
SC/2IW5w5Q34ifZK+tA/QU4fEiiCfLmX9tUvhqmss4DW05hIv6WCC2rof6SDDxSo
IKWQ7G/z27/dZrSqTJvQZHa/s2KsV4+IGDCzo+1SwbksBSODeAFOhHPZX10yFcKa
R8Zp55RMhR8W2GpBqoKH4ATHsL1wgjfz1gVDawfNAvaoXNSdEcJG+st3fx6Ggt+d
fWbngPGC6D4tGeB8wMlqwHiWhBzfSiBudFN5ydpcYM4mnV2XrHVqqVZB4F4ZVVnK
K93g+ZKVGuJm2nnbTI0Egoi4r4kzb19OTpiM/QMADBMKS3CxaouQ4HZXywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB/4tSnwFJzyMlLZvrhOW+VI4C5RMB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEvSF9pMUtmQVVuUEl5VXRtLXVFNWI1VWpnTGxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+TMA0G
CSqGSIb3DQEBCwUAA4IBAQCfPG0Br0eTiaXx6nGpXj3njpZSBn9a4Ak9oRAhCQrk
/DEmaCPieO51pIsMJoM7nwWMTir3Xgq8JdN+9jZP4OHtP7+Bb92LVcn8wziKx8ta
tU0MW395CoXS21eVV9sil1j8nVWuP8O8A6+aa9G6jDQ5+NDzh5CjrdWObP5rAjB0
U7QP2n15HqVZvoqRmouMv0yFPUsPw21aIKmAYbAoX8PgEtvxFNlzjk8kAbC/vUPh
Ag76AmrNPHz96kLqFJRvZA82XYzIH2o0IlRcEOzvEdgE8pFqbJzCqXwAg6D4L/zu
DUH29+AggKHEmMxM/YtfyVoe3EmfQ8lTLn+QUcblkyZW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:09 2024 by rpki-client on console-fra.rpki-client.org