Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/utfqzVVpYBFCU5ikQ3MgX5Z0xD0.roa
File:                     utfqzVVpYBFCU5ikQ3MgX5Z0xD0.roa (raw, json)
Hash identifier:          U44b5qNyQVGczz3Yv49PjD5BdubqbT1QWgPKxujkN+s=
Subject key identifier:   BA:D7:EA:CD:55:69:60:11:42:53:98:A4:43:73:20:5F:96:74:C4:3D
Certificate issuer:       /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial:       01877A62B3D04926583ADBE54B8BB62BD539
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/utfqzVVpYBFCU5ikQ3MgX5Z0xD0.roa
Signing time:             Thu 13 Apr 2023 11:31:41 +0000
ROA not before:           Thu 13 Apr 2023 11:31:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.191.145.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 15 Apr 2023 04:30:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:7a:62:b3:d0:49:26:58:3a:db:e5:4b:8b:b6:2b:d5:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
        Validity
            Not Before: Apr 13 11:31:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bad7eacd55696011425398a44373205f9674c43d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:46:e9:07:c4:6c:2b:93:e3:e7:d6:56:b4:15:
                    08:89:27:fe:18:13:df:85:d1:df:eb:ed:8d:db:85:
                    8a:a0:3a:a0:34:c9:6c:3f:5a:45:92:b2:1d:37:fb:
                    93:0b:ff:a7:db:1a:6a:96:68:17:1f:56:9c:3d:5a:
                    a0:2c:10:e3:76:ec:cc:1f:29:37:2b:aa:08:3c:4c:
                    44:76:7b:a9:10:6b:9e:6c:56:42:69:77:ee:35:85:
                    80:60:e5:52:3e:4d:aa:79:03:c8:af:df:1b:98:c7:
                    90:f2:e8:da:d0:fc:1d:94:e2:e7:70:9b:65:29:e8:
                    d0:29:02:70:99:55:9d:a5:32:23:35:74:dc:cf:81:
                    65:d3:e7:b4:1d:46:7d:50:b4:be:d7:4c:92:fe:c5:
                    9d:a0:6c:80:a1:c2:0d:d7:60:b8:20:b5:c7:19:79:
                    17:4c:9e:85:ab:30:3a:cc:c7:b5:81:61:c4:e5:4d:
                    1a:b4:d2:e1:df:09:8e:62:bc:2c:80:d5:27:18:9f:
                    9f:1f:d8:4c:62:6d:2a:44:18:b0:87:79:04:e5:b4:
                    27:bb:39:cd:00:e2:9b:bd:16:8e:bc:79:56:15:6d:
                    23:26:de:84:f1:c6:e9:09:72:c4:19:25:f3:d7:10:
                    60:66:6a:5b:5d:47:09:0d:c5:e9:fa:8d:3e:42:f7:
                    48:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:D7:EA:CD:55:69:60:11:42:53:98:A4:43:73:20:5F:96:74:C4:3D
            X509v3 Authority Key Identifier:
                keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/utfqzVVpYBFCU5ikQ3MgX5Z0xD0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.191.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:32:c7:e8:e1:5e:b8:e2:ac:62:e9:44:44:82:44:e0:4f:53:
         1c:fa:92:a8:9a:8e:66:d9:1f:d2:7b:03:fa:06:4b:e5:7a:9f:
         96:8f:d4:43:af:27:de:5c:f9:c8:7e:1d:11:39:53:4f:68:dc:
         be:28:6b:98:23:8d:a9:8a:77:23:c1:1a:0c:18:29:a4:01:cd:
         57:b2:17:79:2a:ac:1a:5b:30:24:d4:bd:1c:46:e1:ed:46:b6:
         3b:e3:b2:90:50:1b:04:e9:7a:ca:0c:18:5f:13:7f:77:b4:0a:
         94:6b:a3:ee:d9:b2:e1:63:82:89:ee:ad:73:ca:fa:6a:89:f5:
         0b:48:eb:b3:52:93:e7:54:34:2a:40:a0:c3:19:e1:3c:bd:2b:
         a4:ea:94:d5:c2:44:b5:a3:0a:74:b0:64:8a:00:02:d3:14:53:
         d6:43:1f:ac:d2:05:14:ea:ff:64:fa:37:c1:85:20:c8:ea:4a:
         a4:a3:e3:b4:63:2f:db:3f:57:bb:2c:b0:11:e9:fb:79:c3:fc:
         83:b0:25:4f:13:20:1e:0a:e1:97:ab:3f:ec:92:f8:71:a4:5d:
         cf:04:f7:f0:25:39:11:ba:bd:b6:eb:ad:82:25:b8:e8:74:2d:
         ad:0e:ab:2e:9f:6f:a5:d5:53:fe:69:be:39:7b:de:72:a5:2c:
         a5:50:05:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd6YrPQSSZYOtvlS4u2K9U5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjMwNDEzMTEzMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWQ3ZWFjZDU1Njk2MDExNDI1Mzk4YTQ0MzczMjA1Zjk2NzRjNDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0bpB8RsK5Pj59ZWtBUIiSf+GBPf
hdHf6+2N24WKoDqgNMlsP1pFkrIdN/uTC/+n2xpqlmgXH1acPVqgLBDjduzMHyk3
K6oIPExEdnupEGuebFZCaXfuNYWAYOVSPk2qeQPIr98bmMeQ8uja0PwdlOLncJtl
KejQKQJwmVWdpTIjNXTcz4Fl0+e0HUZ9ULS+10yS/sWdoGyAocIN12C4ILXHGXkX
TJ6FqzA6zMe1gWHE5U0atNLh3wmOYrwsgNUnGJ+fH9hMYm0qRBiwh3kE5bQnuznN
AOKbvRaOvHlWFW0jJt6E8cbpCXLEGSXz1xBgZmpbXUcJDcXp+o0+QvdIiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLrX6s1VaWARQlOYpENzIF+WdMQ9MB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEvdXRmcXpWVnBZQkZDVTVpa1EzTWdYNVoweEQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+RMA0G
CSqGSIb3DQEBCwUAA4IBAQBoMsfo4V644qxi6UREgkTgT1Mc+pKomo5m2R/SewP6
Bkvlep+Wj9RDryfeXPnIfh0ROVNPaNy+KGuYI42pincjwRoMGCmkAc1Xshd5Kqwa
WzAk1L0cRuHtRrY747KQUBsE6XrKDBhfE393tAqUa6Pu2bLhY4KJ7q1zyvpqifUL
SOuzUpPnVDQqQKDDGeE8vSuk6pTVwkS1owp0sGSKAALTFFPWQx+s0gUU6v9k+jfB
hSDI6kqko+O0Yy/bP1e7LLAR6ft5w/yDsCVPEyAeCuGXqz/skvhxpF3PBPfwJTkR
ur22662CJbjodC2tDqsun2+l1VP+ab45e95ypSylUAXh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:05 2024 by rpki-client on console-ams.rpki-client.org