Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/zSVqBT6a9BS-pWoK6wT_PEFtCbs.roa
File:                     zSVqBT6a9BS-pWoK6wT_PEFtCbs.roa (raw, json)
Hash identifier:          h0GINdvLN1Ay3mOrphtc5pZRzyiFt/LQzUi3a/8/Oo8=
Subject key identifier:   CD:25:6A:05:3E:9A:F4:14:BE:A5:6A:0A:EB:04:FF:3C:41:6D:09:BB
Certificate issuer:       /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial:       0189F31EA3E63A52529A799A67E3D7D78B5C
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/zSVqBT6a9BS-pWoK6wT_PEFtCbs.roa
Signing time:             Mon 14 Aug 2023 08:16:58 +0000
ROA not before:           Mon 14 Aug 2023 08:16:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.191.145.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:f3:1e:a3:e6:3a:52:52:9a:79:9a:67:e3:d7:d7:8b:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
        Validity
            Not Before: Aug 14 08:16:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cd256a053e9af414bea56a0aeb04ff3c416d09bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:f3:5b:82:97:84:9c:86:f8:57:24:32:fe:6e:
                    d8:b3:73:07:0c:2c:71:02:02:1b:51:70:a1:75:1d:
                    4c:72:87:3c:44:44:b3:ed:3f:38:5a:89:d3:06:e4:
                    d3:ad:56:96:af:8c:a7:ba:b8:3b:b5:7b:d8:d2:26:
                    83:fd:73:2b:e3:ca:07:27:a3:f6:96:37:34:82:b6:
                    f7:e7:9a:c9:18:f8:f8:df:0e:e2:b1:b1:77:0d:4e:
                    41:5a:98:8c:6f:e3:78:c0:1b:d3:90:d8:46:a5:6d:
                    ae:67:23:bb:69:54:5c:5a:0c:56:00:f0:fd:87:c5:
                    a0:bd:ec:01:83:b5:6c:7a:e2:8f:8a:61:b7:53:a0:
                    51:56:a5:f5:19:15:11:b1:da:d2:7d:1d:5b:a2:6b:
                    b7:7c:5f:6b:10:2c:e8:15:26:6d:1b:fe:29:05:ce:
                    c8:82:5d:78:e1:ca:ce:d0:72:e3:d2:8f:86:1a:65:
                    aa:04:dd:d0:e3:91:f3:d8:c8:08:00:55:58:5c:88:
                    19:18:bd:4d:62:5c:0e:57:09:33:b3:60:db:ae:c8:
                    50:e5:2a:81:08:ed:30:fd:4b:bc:1a:9c:aa:7d:30:
                    ab:7f:8c:5e:8a:78:50:7c:00:34:6e:25:ef:b0:35:
                    b3:a6:58:50:f8:a9:57:a4:e0:17:4d:07:94:fa:9d:
                    2f:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:25:6A:05:3E:9A:F4:14:BE:A5:6A:0A:EB:04:FF:3C:41:6D:09:BB
            X509v3 Authority Key Identifier:
                keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/zSVqBT6a9BS-pWoK6wT_PEFtCbs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.191.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:42:54:ea:c8:cb:ff:be:40:68:a2:26:69:87:6d:96:dd:4e:
         38:eb:26:a1:ae:e9:73:29:93:77:87:a3:87:d1:66:23:f4:14:
         f2:41:d0:20:65:e9:e5:b1:e6:f7:38:e0:ab:4c:4f:fc:da:3f:
         e1:c2:ff:21:7d:9f:48:73:68:18:83:24:1a:c7:76:c4:c3:77:
         ec:d4:07:c0:81:20:97:63:69:cf:0d:3b:6b:0f:26:68:49:ec:
         aa:37:91:eb:52:34:ad:e2:6c:f2:8e:a0:f5:a1:89:4c:32:78:
         2f:6d:4f:50:58:00:51:28:a7:8c:2d:e5:b7:10:31:14:87:ca:
         ac:6d:39:11:0a:47:92:b0:cf:da:07:e4:86:f9:cd:73:7e:9f:
         1b:40:29:f0:2a:72:4b:83:d1:12:99:03:cf:42:68:4c:cf:9e:
         e7:a2:57:1d:a0:e5:66:e3:04:47:56:5d:8c:f7:c1:b3:d4:bb:
         7b:9f:74:6c:cf:a7:b0:c1:55:16:1e:68:b7:d6:87:a4:52:03:
         ba:58:13:51:66:0a:7a:ac:70:ca:bb:46:97:bd:4b:34:d1:41:
         be:d6:65:d2:c7:67:cc:d0:cb:84:85:fa:ff:cc:15:12:d3:86:
         99:05:6d:f8:1b:16:8c:92:11:50:58:52:0f:43:74:c0:00:68:
         e3:71:42:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnzHqPmOlJSmnmaZ+PX14tcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjMwODE0MDgxNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDI1NmEwNTNlOWFmNDE0YmVhNTZhMGFlYjA0ZmYzYzQxNmQwOWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/NbgpeEnIb4VyQy/m7Ys3MHDCxx
AgIbUXChdR1Mcoc8RESz7T84WonTBuTTrVaWr4ynurg7tXvY0iaD/XMr48oHJ6P2
ljc0grb355rJGPj43w7isbF3DU5BWpiMb+N4wBvTkNhGpW2uZyO7aVRcWgxWAPD9
h8WgvewBg7VseuKPimG3U6BRVqX1GRURsdrSfR1bomu3fF9rECzoFSZtG/4pBc7I
gl144crO0HLj0o+GGmWqBN3Q45Hz2MgIAFVYXIgZGL1NYlwOVwkzs2DbrshQ5SqB
CO0w/Uu8GpyqfTCrf4xeinhQfAA0biXvsDWzplhQ+KlXpOAXTQeU+p0vjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM0lagU+mvQUvqVqCusE/zxBbQm7MB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEvelNWcUJUNmE5QlMtcFdvSzZ3VF9QRUZ0Q2JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+RMA0G
CSqGSIb3DQEBCwUAA4IBAQApQlTqyMv/vkBooiZph22W3U446yahrulzKZN3h6OH
0WYj9BTyQdAgZenlseb3OOCrTE/82j/hwv8hfZ9Ic2gYgyQax3bEw3fs1AfAgSCX
Y2nPDTtrDyZoSeyqN5HrUjSt4mzyjqD1oYlMMngvbU9QWABRKKeMLeW3EDEUh8qs
bTkRCkeSsM/aB+SG+c1zfp8bQCnwKnJLg9ESmQPPQmhMz57nolcdoOVm4wRHVl2M
98Gz1Lt7n3Rsz6ewwVUWHmi31oekUgO6WBNRZgp6rHDKu0aXvUs00UG+1mXSx2fM
0MuEhfr/zBUS04aZBW34GxaMkhFQWFIPQ3TAAGjjcUIO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:05 2024 by rpki-client on console-ams.rpki-client.org