Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/e5d580-eee8-463e-84a8-eaccb8b42dc9/1/4AnSIk4izAALtWg2svul2CtkVYs.roa
File:                     4AnSIk4izAALtWg2svul2CtkVYs.roa (raw, json)
Hash identifier:          f8f+wIL7QIsbU8QSnXT9HUYyEoofGn+KMhlJxowO4fQ=
Subject key identifier:   E0:09:D2:22:4E:22:CC:00:0B:B5:68:36:B2:FB:A5:D8:2B:64:55:8B
Certificate issuer:       /CN=b7e34f57d007166def4dd881d8f7d5b6ed95e656
Certificate serial:       01857139E17486F042B6BF6DEFACF2FDBFC8
Authority key identifier: B7:E3:4F:57:D0:07:16:6D:EF:4D:D8:81:D8:F7:D5:B6:ED:95:E6:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t-NPV9AHFm3vTdiB2PfVtu2V5lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/e5d580-eee8-463e-84a8-eaccb8b42dc9/1/4AnSIk4izAALtWg2svul2CtkVYs.roa
Signing time:             Mon 02 Jan 2023 06:44:56 +0000
ROA not before:           Mon 02 Jan 2023 06:44:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     24961
IP address blocks:        185.171.218.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:39:e1:74:86:f0:42:b6:bf:6d:ef:ac:f2:fd:bf:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b7e34f57d007166def4dd881d8f7d5b6ed95e656
        Validity
            Not Before: Jan  2 06:44:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e009d2224e22cc000bb56836b2fba5d82b64558b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:0b:3e:3a:2d:12:65:2e:59:fd:29:42:56:23:
                    1e:cc:d3:37:67:a4:99:4f:41:20:93:f7:bf:4e:39:
                    e7:dd:62:fe:70:45:88:08:85:80:46:6c:5e:d5:3c:
                    89:b5:71:46:80:bd:19:17:9d:c4:bf:2b:83:ea:9b:
                    e0:4b:ec:bb:96:a9:f3:55:de:75:86:81:bc:26:76:
                    43:01:9f:61:54:85:a5:e0:cd:fd:df:f4:09:f4:d0:
                    5c:d0:68:b7:86:4b:e1:56:d8:a4:82:51:be:8a:14:
                    20:06:51:b0:72:c0:61:02:ce:ab:ff:0c:95:f2:6f:
                    a2:b3:be:17:cf:9a:b2:42:37:de:ce:46:4a:d4:32:
                    10:d6:37:da:ed:dc:08:de:28:04:74:b3:9e:cd:65:
                    13:c3:49:0f:a4:5c:05:e4:b5:72:9c:fa:58:16:4b:
                    28:d3:7d:f8:71:87:b4:67:3f:4a:2c:63:14:9a:46:
                    60:32:de:fa:34:11:71:6d:9a:44:1b:6d:3e:95:40:
                    5b:a6:f5:4b:97:a0:e8:6e:c4:17:5a:4c:eb:b7:0e:
                    19:15:a1:02:99:49:e5:bf:42:59:a4:da:2c:0e:b7:
                    1b:38:66:bf:a6:86:55:0c:2c:a4:0d:32:2e:ee:02:
                    66:d2:a8:f4:5b:8e:b6:b7:bd:7c:84:9a:ca:74:22:
                    f4:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:09:D2:22:4E:22:CC:00:0B:B5:68:36:B2:FB:A5:D8:2B:64:55:8B
            X509v3 Authority Key Identifier:
                keyid:B7:E3:4F:57:D0:07:16:6D:EF:4D:D8:81:D8:F7:D5:B6:ED:95:E6:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t-NPV9AHFm3vTdiB2PfVtu2V5lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e5d580-eee8-463e-84a8-eaccb8b42dc9/1/4AnSIk4izAALtWg2svul2CtkVYs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/e5d580-eee8-463e-84a8-eaccb8b42dc9/1/t-NPV9AHFm3vTdiB2PfVtu2V5lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.171.218.0/23

    Signature Algorithm: sha256WithRSAEncryption
         21:0e:63:3c:cd:a0:82:2c:8d:a3:74:a4:27:ad:d2:aa:1d:ff:
         f0:bb:9b:7a:d7:44:74:f0:98:22:0a:8f:e7:18:ac:36:a4:bb:
         a8:63:06:98:8f:5c:9e:d0:8e:93:ff:a2:58:7c:34:4a:be:81:
         83:35:53:43:7e:97:a6:aa:c2:7c:14:35:59:88:c7:25:4c:c0:
         47:1a:8b:aa:7c:14:26:b0:e2:ac:6b:10:75:df:e4:56:f0:ed:
         fe:03:d2:27:bf:3a:2b:67:1a:d3:b6:6d:23:7d:b4:6f:85:30:
         ee:97:99:fa:ba:73:02:94:4a:9b:a9:63:c3:2c:f5:df:d9:63:
         ec:1e:d9:37:b7:37:26:91:98:75:d9:9c:c7:a5:a8:9c:94:c8:
         17:da:cd:53:ff:ce:91:62:10:ee:18:5f:ec:94:d4:c0:d0:86:
         8a:c9:c4:5a:e5:44:bb:ba:b5:ca:c6:9f:8b:5a:f2:71:81:4f:
         f2:d6:1d:40:e1:a9:7e:cb:af:fa:6d:81:6c:13:f7:f3:a4:d5:
         86:85:a0:d3:15:62:16:3b:64:d2:f3:ee:2c:86:a8:a0:00:c2:
         52:85:f0:15:29:11:1f:61:ba:0b:62:f9:90:94:f7:8c:c4:49:
         58:85:fb:93:d1:8c:bd:c2:92:70:eb:df:1c:b0:ca:e0:38:f3:
         97:ba:71:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxOeF0hvBCtr9t76zy/b/IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ZTM0ZjU3ZDAwNzE2NmRlZjRkZDg4MWQ4ZjdkNWI2ZWQ5
NWU2NTYwHhcNMjMwMTAyMDY0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDA5ZDIyMjRlMjJjYzAwMGJiNTY4MzZiMmZiYTVkODJiNjQ1NThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlws+Oi0SZS5Z/SlCViMezNM3Z6SZ
T0Egk/e/Tjnn3WL+cEWICIWARmxe1TyJtXFGgL0ZF53EvyuD6pvgS+y7lqnzVd51
hoG8JnZDAZ9hVIWl4M393/QJ9NBc0Gi3hkvhVtikglG+ihQgBlGwcsBhAs6r/wyV
8m+is74Xz5qyQjfezkZK1DIQ1jfa7dwI3igEdLOezWUTw0kPpFwF5LVynPpYFkso
0334cYe0Zz9KLGMUmkZgMt76NBFxbZpEG20+lUBbpvVLl6DobsQXWkzrtw4ZFaEC
mUnlv0JZpNosDrcbOGa/poZVDCykDTIu7gJm0qj0W462t718hJrKdCL0oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOAJ0iJOIswAC7VoNrL7pdgrZFWLMB8GA1UdIwQY
MBaAFLfjT1fQBxZt703Ygdj31bbtleZWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdC1OUFY5QUhGbTN2VGRpQjJQZlZ0dTJWNWxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lNWQ1ODAtZWVlOC00NjNlLTg0YTgt
ZWFjY2I4YjQyZGM5LzEvNEFuU0lrNGl6QUFMdFdnMnN2dWwyQ3RrVllzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lNWQ1ODAtZWVlOC00NjNlLTg0YTgtZWFjY2I4YjQyZGM5
LzEvdC1OUFY5QUhGbTN2VGRpQjJQZlZ0dTJWNWxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuavaMA0G
CSqGSIb3DQEBCwUAA4IBAQAhDmM8zaCCLI2jdKQnrdKqHf/wu5t610R08JgiCo/n
GKw2pLuoYwaYj1ye0I6T/6JYfDRKvoGDNVNDfpemqsJ8FDVZiMclTMBHGouqfBQm
sOKsaxB13+RW8O3+A9InvzorZxrTtm0jfbRvhTDul5n6unMClEqbqWPDLPXf2WPs
Htk3tzcmkZh12ZzHpaiclMgX2s1T/86RYhDuGF/slNTA0IaKycRa5US7urXKxp+L
WvJxgU/y1h1A4al+y6/6bYFsE/fzpNWGhaDTFWIWO2TS8+4shqigAMJShfAVKREf
YboLYvmQlPeMxElYhfuT0Yy9wpJw698csMrgOPOXunH3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:39 2024 by rpki-client on console-ams.rpki-client.org