Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/I7exddMozpwXa2KO9H4Zqe2GN0w.roa
File:                     I7exddMozpwXa2KO9H4Zqe2GN0w.roa (raw, json)
Hash identifier:          ICgm1Pa+0Ceeq7EJcy/qmr9bN9J/HgZ1jvF/sAykJxA=
Subject key identifier:   23:B7:B1:75:D3:28:CE:9C:17:6B:62:8E:F4:7E:19:A9:ED:86:37:4C
Certificate issuer:       /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial:       018925AE5C0001A3370AA8BEB37140CECBF7
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/I7exddMozpwXa2KO9H4Zqe2GN0w.roa
Signing time:             Wed 05 Jul 2023 10:52:11 +0000
ROA not before:           Wed 05 Jul 2023 10:52:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212238
IP address blocks:        185.191.144.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 14 Jul 2023 14:37:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:25:ae:5c:00:01:a3:37:0a:a8:be:b3:71:40:ce:cb:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
        Validity
            Not Before: Jul  5 10:52:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=23b7b175d328ce9c176b628ef47e19a9ed86374c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:9c:c5:4d:22:31:3b:84:64:bc:af:4d:ee:93:
                    30:da:d9:9a:9d:3c:02:fe:01:f0:64:13:92:b6:a4:
                    8f:eb:83:fc:05:27:ca:18:3c:3e:10:33:72:ee:de:
                    c1:a2:15:60:0f:53:f0:17:2f:85:8f:68:f2:cc:83:
                    01:f8:f8:ed:9d:09:49:b9:ed:59:85:9c:15:a8:fd:
                    d4:1f:b7:3a:96:13:00:af:72:d2:cc:ed:b5:92:f7:
                    fe:9d:31:44:5d:5c:ca:2f:a2:5c:13:62:58:13:f5:
                    67:f6:a7:f4:34:1a:df:61:da:ea:e2:bf:cd:c8:e9:
                    13:85:be:94:a7:19:7e:06:d0:18:af:7a:f8:0e:0f:
                    ce:8b:58:e4:01:c0:bc:44:33:54:48:bf:ba:63:c2:
                    de:63:31:9a:06:8e:a7:5a:36:41:8e:f1:3b:1f:af:
                    35:4a:35:d1:b2:15:bb:19:0c:5c:87:65:98:cf:f9:
                    61:04:6f:fd:51:7c:cc:3b:0e:62:52:9e:7d:ce:c1:
                    1a:0b:e9:b1:89:c2:26:2a:95:3e:02:cb:ee:a6:d9:
                    7c:42:78:ad:0e:2e:b1:4d:1d:f5:8c:68:6c:b0:66:
                    cf:cb:2e:39:fc:0b:fb:ba:ee:7a:55:58:dc:80:2e:
                    43:bf:82:2d:ca:86:1f:65:e1:85:1f:dd:18:5a:34:
                    91:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:B7:B1:75:D3:28:CE:9C:17:6B:62:8E:F4:7E:19:A9:ED:86:37:4C
            X509v3 Authority Key Identifier:
                keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/I7exddMozpwXa2KO9H4Zqe2GN0w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.191.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ba:cf:92:d6:9c:1e:a1:d5:82:67:3d:93:f4:31:09:c1:66:68:
         39:19:3c:74:72:d5:45:9c:0f:2d:0b:4c:08:f2:90:6d:cb:2f:
         e0:4b:5c:60:3d:79:8c:4c:51:0a:49:be:d1:46:08:6b:34:eb:
         49:06:59:43:bf:5d:0b:66:0f:d6:04:1c:8d:b7:8c:54:4e:60:
         f6:c9:f1:9a:4e:7f:a1:ec:f8:df:b2:ec:1f:52:a6:e3:f3:12:
         6f:2d:5b:a3:e4:58:e8:19:2d:99:a8:f7:3b:20:ca:76:1e:b6:
         3d:dd:4f:ce:cb:4a:53:34:0e:c7:8f:24:39:c1:2b:89:a2:1d:
         04:ba:46:9c:69:44:3a:ff:1f:34:e2:06:79:16:b4:b8:4a:2d:
         6a:ad:f2:12:b9:82:d5:de:d0:a9:be:04:14:e7:8f:c9:f0:f1:
         79:8d:47:8d:6a:4b:76:b6:7e:b5:02:bf:2d:00:27:71:99:f0:
         cf:26:a0:fb:fc:8e:3e:08:41:6f:63:08:24:20:26:6f:5d:dc:
         a1:d8:86:e3:b1:07:d7:ca:92:fa:44:f8:92:6e:29:52:b7:07:
         3f:f6:7e:8d:d3:68:46:33:1a:0d:64:17:88:3c:db:76:ff:37:
         46:15:38:d6:50:53:da:d0:2e:55:ed:5c:31:46:41:ed:e2:79:
         ce:43:22:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYklrlwAAaM3Cqi+s3FAzsv3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjMwNzA1MTA1MjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2I3YjE3NWQzMjhjZTljMTc2YjYyOGVmNDdlMTlhOWVkODYzNzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJzFTSIxO4RkvK9N7pMw2tmanTwC
/gHwZBOStqSP64P8BSfKGDw+EDNy7t7BohVgD1PwFy+Fj2jyzIMB+PjtnQlJue1Z
hZwVqP3UH7c6lhMAr3LSzO21kvf+nTFEXVzKL6JcE2JYE/Vn9qf0NBrfYdrq4r/N
yOkThb6Upxl+BtAYr3r4Dg/Oi1jkAcC8RDNUSL+6Y8LeYzGaBo6nWjZBjvE7H681
SjXRshW7GQxch2WYz/lhBG/9UXzMOw5iUp59zsEaC+mxicImKpU+Asvuptl8Qnit
Di6xTR31jGhssGbPyy45/Av7uu56VVjcgC5Dv4ItyoYfZeGFH90YWjSRkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCO3sXXTKM6cF2tijvR+GanthjdMMB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEvSTdleGRkTW96cHdYYTJLTzlINFpxZTJHTjB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+QMA0G
CSqGSIb3DQEBCwUAA4IBAQC6z5LWnB6h1YJnPZP0MQnBZmg5GTx0ctVFnA8tC0wI
8pBtyy/gS1xgPXmMTFEKSb7RRghrNOtJBllDv10LZg/WBByNt4xUTmD2yfGaTn+h
7PjfsuwfUqbj8xJvLVuj5FjoGS2ZqPc7IMp2HrY93U/Oy0pTNA7HjyQ5wSuJoh0E
ukacaUQ6/x804gZ5FrS4Si1qrfISuYLV3tCpvgQU54/J8PF5jUeNakt2tn61Ar8t
ACdxmfDPJqD7/I4+CEFvYwgkICZvXdyh2IbjsQfXypL6RPiSbilStwc/9n6N02hG
MxoNZBeIPNt2/zdGFTjWUFPa0C5V7VwxRkHt4nnOQyJQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:05 2024 by rpki-client on console-ams.rpki-client.org