Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/WOh5hnxoK5APpFjDXQfwbHkHxx0.roa
File:                     WOh5hnxoK5APpFjDXQfwbHkHxx0.roa (raw, json)
Hash identifier:          QhhS29FMW1SCRMClctHB7BaUpjx8/O4NnHtc3+HWA40=
Subject key identifier:   58:E8:79:86:7C:68:2B:90:0F:A4:58:C3:5D:07:F0:6C:79:07:C7:1D
Certificate issuer:       /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial:       0187832EE5F5B0365B9FF72E960ACD15F459
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/WOh5hnxoK5APpFjDXQfwbHkHxx0.roa
Signing time:             Sat 15 Apr 2023 04:31:41 +0000
ROA not before:           Sat 15 Apr 2023 04:31:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212886
IP address blocks:        185.191.145.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 14 Aug 2023 08:14:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:83:2e:e5:f5:b0:36:5b:9f:f7:2e:96:0a:cd:15:f4:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
        Validity
            Not Before: Apr 15 04:31:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=58e879867c682b900fa458c35d07f06c7907c71d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:1f:b9:74:7e:27:fb:45:e4:5d:0a:60:ed:22:
                    a9:51:49:0b:fa:bf:d8:1c:42:b7:ab:42:11:f5:ee:
                    22:d3:51:8c:9c:42:1e:0e:d8:08:37:ee:6d:45:05:
                    0c:e3:71:12:46:df:26:d9:3e:32:1b:cc:50:f3:2a:
                    4c:75:51:a1:da:1f:16:dc:19:e1:8b:52:2a:6d:e0:
                    2d:ef:e2:00:af:b3:bf:57:af:4e:87:e0:4c:14:0e:
                    85:04:20:66:a0:da:31:e8:b9:6e:cc:70:71:4a:5f:
                    3a:80:a4:cc:7d:55:b2:2e:e4:ec:2f:cb:67:46:14:
                    d8:0d:25:b1:08:6e:3a:7e:8b:1d:e7:f3:a8:3a:ed:
                    26:c1:ee:80:e3:f3:09:cf:a5:32:c5:9f:63:51:88:
                    ca:77:cf:0b:f8:f7:98:29:0f:ad:a1:65:15:7b:65:
                    4d:26:ea:b5:b4:c1:fb:49:83:52:30:09:e0:84:71:
                    44:1a:2e:1f:ea:62:a5:18:13:13:94:63:f6:a2:be:
                    9c:94:cb:d4:75:36:8f:53:b1:9b:56:1c:4a:1f:14:
                    4b:a7:d1:a7:6f:36:32:d9:77:52:1d:72:15:a4:96:
                    71:6c:a0:06:ce:bf:e2:92:da:5b:4c:2f:80:78:b0:
                    bd:16:2f:bb:02:27:73:0e:5e:41:6f:61:d0:58:03:
                    69:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:E8:79:86:7C:68:2B:90:0F:A4:58:C3:5D:07:F0:6C:79:07:C7:1D
            X509v3 Authority Key Identifier:
                keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/WOh5hnxoK5APpFjDXQfwbHkHxx0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.191.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:b8:c0:5a:85:b1:2b:8b:f9:65:32:b4:b5:b5:7b:a2:a2:09:
         9d:2d:b0:b2:78:9d:3e:f1:84:a3:4e:d9:dc:b1:b0:b2:a8:58:
         ae:44:c1:ab:75:ef:b2:c2:22:0d:e5:2b:c0:f0:d3:74:c7:2e:
         b7:03:94:f9:0e:4e:44:1c:4a:7f:6e:b0:6f:88:6a:3b:f2:ae:
         a4:f9:c8:b1:73:83:d6:46:8e:9f:8f:42:9f:d9:d4:64:56:b1:
         cb:67:37:50:fb:80:96:aa:11:08:35:0c:9c:d8:d8:3c:8c:15:
         16:f8:d9:d8:d9:10:79:69:45:7e:02:0e:f8:2a:90:f2:71:9c:
         0c:89:78:68:06:fc:97:bc:34:17:7c:05:ba:80:15:2a:ee:c9:
         4e:f6:28:80:fa:a7:b1:d3:0c:a5:fd:fb:89:ab:26:4b:f0:83:
         a0:93:3c:0e:7f:42:b8:ca:2c:64:b3:12:d2:05:d4:dd:f7:11:
         d7:0f:a5:e2:49:91:7f:5f:38:5c:dc:cc:1e:6c:f6:65:a0:e3:
         30:d0:f2:ba:bb:27:f8:84:1c:d7:d0:fa:62:83:ad:6b:e4:ed:
         94:32:cc:19:db:5b:94:de:14:6d:a6:eb:fd:4f:3e:95:3b:bb:
         33:62:6c:3a:3d:92:c6:2e:77:2d:44:18:1d:92:9e:a6:66:05:
         2f:bd:78:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeDLuX1sDZbn/culgrNFfRZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjMwNDE1MDQzMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGU4Nzk4NjdjNjgyYjkwMGZhNDU4YzM1ZDA3ZjA2Yzc5MDdjNzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgB+5dH4n+0XkXQpg7SKpUUkL+r/Y
HEK3q0IR9e4i01GMnEIeDtgIN+5tRQUM43ESRt8m2T4yG8xQ8ypMdVGh2h8W3Bnh
i1IqbeAt7+IAr7O/V69Oh+BMFA6FBCBmoNox6LluzHBxSl86gKTMfVWyLuTsL8tn
RhTYDSWxCG46fosd5/OoOu0mwe6A4/MJz6UyxZ9jUYjKd88L+PeYKQ+toWUVe2VN
Juq1tMH7SYNSMAnghHFEGi4f6mKlGBMTlGP2or6clMvUdTaPU7GbVhxKHxRLp9Gn
bzYy2XdSHXIVpJZxbKAGzr/iktpbTC+AeLC9Fi+7AidzDl5Bb2HQWANpHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFjoeYZ8aCuQD6RYw10H8Gx5B8cdMB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEvV09oNWhueG9LNUFQcEZqRFhRZndiSGtIeHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+RMA0G
CSqGSIb3DQEBCwUAA4IBAQCKuMBahbEri/llMrS1tXuiogmdLbCyeJ0+8YSjTtnc
sbCyqFiuRMGrde+ywiIN5SvA8NN0xy63A5T5Dk5EHEp/brBviGo78q6k+cixc4PW
Ro6fj0Kf2dRkVrHLZzdQ+4CWqhEINQyc2Ng8jBUW+NnY2RB5aUV+Ag74KpDycZwM
iXhoBvyXvDQXfAW6gBUq7slO9iiA+qex0wyl/fuJqyZL8IOgkzwOf0K4yixksxLS
BdTd9xHXD6XiSZF/Xzhc3MwebPZloOMw0PK6uyf4hBzX0Ppig61r5O2UMswZ21uU
3hRtpuv9Tz6VO7szYmw6PZLGLnctRBgdkp6mZgUvvXiR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:05 2024 by rpki-client on console-ams.rpki-client.org