Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/3XL1ShyquGhQSUfFqF4WgE3Q4zA.roa
File:                     3XL1ShyquGhQSUfFqF4WgE3Q4zA.roa (raw, json)
Hash identifier:          Gasuw4D8JRuA/vh3nkSoEVxHJVAKm/SflKMLTBrFQpQ=
Subject key identifier:   DD:72:F5:4A:1C:AA:B8:68:50:49:47:C5:A8:5E:16:80:4D:D0:E3:30
Certificate issuer:       /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial:       018A4555C94A277B9CD16E418B140F9848E3
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/3XL1ShyquGhQSUfFqF4WgE3Q4zA.roa
Signing time:             Wed 30 Aug 2023 07:26:04 +0000
ROA not before:           Wed 30 Aug 2023 07:26:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43072
IP address blocks:        185.112.243.0/24 maxlen: 24
                          185.112.241.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:45:55:c9:4a:27:7b:9c:d1:6e:41:8b:14:0f:98:48:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
        Validity
            Not Before: Aug 30 07:26:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dd72f54a1caab868504947c5a85e16804dd0e330
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:3c:4d:a0:5f:76:b3:67:1d:62:23:42:3f:33:
                    2c:07:6a:21:64:ba:ba:3c:ac:30:2b:e8:f7:33:00:
                    52:78:c9:34:a6:7e:08:36:47:45:21:3b:b7:37:68:
                    5d:84:c9:0e:98:75:06:f5:e2:33:8b:03:8b:2e:9c:
                    af:8a:ba:ee:44:77:e1:88:dc:23:f9:a0:35:f9:36:
                    ef:d6:ff:78:03:e4:d5:9f:5a:7e:53:02:00:c9:76:
                    c0:9e:2c:8b:38:4b:1d:87:e1:a9:b5:51:e3:23:3c:
                    ea:5e:59:32:3a:9b:c9:6f:e2:42:da:7a:53:2c:4b:
                    ff:32:93:6e:27:38:f1:a4:0f:fe:09:05:45:f5:f5:
                    54:ea:fe:23:4e:ab:46:25:63:b0:6d:4d:8f:53:2d:
                    f9:27:7f:82:08:07:14:54:ed:48:60:22:e6:72:bc:
                    08:3a:3d:c1:27:f7:79:f5:54:0d:2a:ff:ef:eb:20:
                    0b:82:7b:5d:00:88:d5:e7:29:f8:15:1b:c6:f6:76:
                    a2:9f:c8:58:ac:fa:a4:b1:ee:2b:d1:b4:c6:f4:7b:
                    e2:3a:26:61:65:2e:94:a3:d7:a4:2a:71:7e:3f:d9:
                    c1:93:d7:91:27:96:53:ed:fe:cc:9d:00:0b:7d:68:
                    0b:8e:b1:79:0a:ab:90:d5:3d:bf:d0:40:7c:cc:1b:
                    60:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:72:F5:4A:1C:AA:B8:68:50:49:47:C5:A8:5E:16:80:4D:D0:E3:30
            X509v3 Authority Key Identifier:
                keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/3XL1ShyquGhQSUfFqF4WgE3Q4zA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.112.241.0/24
                  185.112.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:db:ed:d6:d3:40:fc:43:99:de:5c:cf:7b:38:e9:77:c7:3a:
         cc:e5:d9:15:e2:3d:40:9a:de:0d:0b:65:5b:48:c8:cc:2d:98:
         fa:65:8e:55:6f:43:7e:c9:23:c4:fe:7c:bc:a9:c6:6d:d0:cb:
         43:fd:2a:b6:68:29:30:e5:2f:b9:8e:e1:a5:1c:86:31:70:f9:
         51:83:96:29:1a:02:46:a8:de:d6:54:82:9a:45:e6:f0:b1:76:
         97:fe:63:f9:a4:52:54:8e:3f:54:22:ad:8b:01:fd:bd:8c:03:
         b0:15:7e:1e:6b:0a:04:b5:2b:26:74:a6:13:c1:b6:79:23:64:
         78:ee:6c:d5:bb:40:d0:db:76:41:d2:67:cb:05:14:e8:c3:0b:
         07:da:ad:ff:48:10:68:da:54:d5:df:19:a9:6f:31:94:9e:33:
         1a:de:04:74:2c:d6:c1:33:32:03:0e:eb:45:b8:c6:6a:99:1f:
         ae:03:65:9f:f8:fd:9c:76:87:b0:23:0e:d9:0e:83:4f:6d:5a:
         9d:c5:47:12:88:03:ac:ec:2f:e5:ce:45:5c:8d:96:0b:e3:e0:
         e5:07:73:29:f3:83:ae:ee:4d:7b:77:ce:07:95:8b:6c:eb:d0:
         b8:e6:f2:80:6c:a7:d5:13:c0:09:22:01:74:f3:da:b5:b2:83:
         1c:58:87:5b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpFVclKJ3uc0W5BixQPmEjjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjMwODMwMDcyNjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDcyZjU0YTFjYWFiODY4NTA0OTQ3YzVhODVlMTY4MDRkZDBlMzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTxNoF92s2cdYiNCPzMsB2ohZLq6
PKwwK+j3MwBSeMk0pn4INkdFITu3N2hdhMkOmHUG9eIziwOLLpyvirruRHfhiNwj
+aA1+Tbv1v94A+TVn1p+UwIAyXbAniyLOEsdh+GptVHjIzzqXlkyOpvJb+JC2npT
LEv/MpNuJzjxpA/+CQVF9fVU6v4jTqtGJWOwbU2PUy35J3+CCAcUVO1IYCLmcrwI
Oj3BJ/d59VQNKv/v6yALgntdAIjV5yn4FRvG9nain8hYrPqkse4r0bTG9HviOiZh
ZS6Uo9ekKnF+P9nBk9eRJ5ZT7f7MnQALfWgLjrF5CquQ1T2/0EB8zBtgEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN1y9UocqrhoUElHxaheFoBN0OMwMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvM1hMMVNoeXF1R2hRU1VmRnFGNFdnRTNRNHpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuXDxAwQA
uXDzMA0GCSqGSIb3DQEBCwUAA4IBAQAU2+3W00D8Q5neXM97OOl3xzrM5dkV4j1A
mt4NC2VbSMjMLZj6ZY5Vb0N+ySPE/ny8qcZt0MtD/Sq2aCkw5S+5juGlHIYxcPlR
g5YpGgJGqN7WVIKaRebwsXaX/mP5pFJUjj9UIq2LAf29jAOwFX4eawoEtSsmdKYT
wbZ5I2R47mzVu0DQ23ZB0mfLBRTowwsH2q3/SBBo2lTV3xmpbzGUnjMa3gR0LNbB
MzIDDutFuMZqmR+uA2Wf+P2cdoewIw7ZDoNPbVqdxUcSiAOs7C/lzkVcjZYL4+Dl
B3Mp84Ou7k17d84HlYts69C45vKAbKfVE8AJIgF089q1soMcWIdb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:21 2024 by rpki-client on console-ams.rpki-client.org