Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/1GRHb0k1k6vEEsjFYBYGx9WVONQ.roa
File:                     1GRHb0k1k6vEEsjFYBYGx9WVONQ.roa (raw, json)
Hash identifier:          pbOdLlIqwFUxMb1c5KTIiMSgAJFIYsE03JkpqqGG6ZQ=
Subject key identifier:   D4:64:47:6F:49:35:93:AB:C4:12:C8:C5:60:16:06:C7:D5:95:38:D4
Certificate issuer:       /CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Certificate serial:       0185710C2DE45F4FBB6BC1AC7EDC98B975BE
Authority key identifier: 85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/1GRHb0k1k6vEEsjFYBYGx9WVONQ.roa
Signing time:             Mon 02 Jan 2023 05:55:01 +0000
ROA not before:           Mon 02 Jan 2023 05:55:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213354
IP address blocks:        194.15.112.0/24 maxlen: 24
                          194.15.113.0/24 maxlen: 24
                          91.228.68.0/22 maxlen: 22
                          2a11:9c00::/40 maxlen: 40

Validation:               Failed, certificate revoked on Fri 06 Jan 2023 23:31:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0c:2d:e4:5f:4f:bb:6b:c1:ac:7e:dc:98:b9:75:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85dc9c55e1597e88564daf567e5a4665978c7b85
        Validity
            Not Before: Jan  2 05:55:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d464476f493593abc412c8c5601606c7d59538d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:d2:b7:71:07:d1:f6:48:03:43:65:da:5f:8d:
                    e9:1b:bb:9e:5a:59:e9:df:a4:a3:57:55:a7:f8:fd:
                    82:de:7e:b4:76:af:61:7a:0c:7b:d1:88:20:d1:62:
                    f1:89:90:4a:f7:0d:47:6f:60:84:54:3b:ca:62:38:
                    bc:ba:92:b1:9b:1a:df:88:53:c6:6c:6d:5c:1f:4f:
                    f4:70:5a:6a:d0:38:b3:03:ca:38:06:82:fc:37:e8:
                    36:f7:51:15:e5:fd:fd:02:0f:f7:2e:2b:8a:59:3f:
                    bb:70:2f:a3:4f:62:69:d6:ec:68:cf:b9:43:22:e5:
                    1e:4d:69:b5:69:00:9c:98:d4:9b:19:65:37:8d:a6:
                    25:f7:c1:ee:15:ba:b6:b9:6c:0f:dc:5b:34:69:54:
                    17:83:28:4d:83:c1:f7:c4:87:6f:78:08:5b:a6:04:
                    17:4b:b2:19:85:28:4d:ce:87:78:05:8f:a4:cb:ad:
                    b3:f4:a4:2f:4b:0e:79:4f:12:8b:cc:f5:0c:2a:16:
                    df:28:70:f0:19:d5:f5:72:2a:94:d5:75:53:64:8f:
                    08:41:0d:a6:bd:02:09:03:2b:bd:e2:1a:2f:7e:5b:
                    94:fd:df:a8:1d:4f:2f:01:84:ea:95:31:98:cf:d4:
                    76:84:3c:06:c5:98:8b:7f:b9:fd:58:89:45:2d:7f:
                    e2:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:64:47:6F:49:35:93:AB:C4:12:C8:C5:60:16:06:C7:D5:95:38:D4
            X509v3 Authority Key Identifier:
                keyid:85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/1GRHb0k1k6vEEsjFYBYGx9WVONQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/hdycVeFZfohWTa9WflpGZZeMe4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.228.68.0/22
                  194.15.112.0/23
                IPv6:
                  2a11:9c00::/40

    Signature Algorithm: sha256WithRSAEncryption
         da:eb:1a:a9:74:e3:78:75:c5:48:e5:14:3d:a4:04:d5:51:4f:
         e2:d1:a6:2b:bb:dc:36:db:af:7d:21:26:5f:f9:da:a7:01:c2:
         43:ee:43:c0:68:62:0d:d7:2d:1b:b8:db:0a:e8:8a:7f:92:7a:
         02:dd:f8:d2:a7:53:f9:8a:db:05:5c:3b:65:bd:35:c4:97:b5:
         91:72:02:90:33:24:8e:40:6d:9f:3a:94:9d:48:d1:43:a0:54:
         f5:18:68:14:a1:42:e3:9e:3c:c9:72:dd:db:d6:7a:3e:c3:77:
         1e:f8:2d:f1:52:d7:35:52:ad:d1:50:da:17:00:00:b6:6b:37:
         cc:5d:72:f8:bf:be:fd:ac:12:ef:4f:0f:99:19:36:4b:96:61:
         c0:8a:33:26:82:2c:8c:f8:7b:fe:70:51:93:19:98:50:fb:46:
         ca:71:4e:73:35:f3:c3:6a:0d:e3:4a:2a:76:85:e9:78:32:fa:
         bc:cb:14:5b:92:89:fa:7c:0e:ae:7b:64:d4:2d:ce:93:2e:2e:
         b2:be:4c:b2:52:1c:56:c3:c1:35:80:e4:c1:f6:4d:f6:df:2f:
         19:d2:44:6a:17:32:71:54:8f:21:e0:7c:6b:97:b7:e0:09:14:
         c2:29:a0:28:8c:ec:e6:a0:9e:87:24:2c:9e:cf:e8:d7:00:54:
         9e:59:c4:1b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVxDC3kX0+7a8GsftyYuXW+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZGM5YzU1ZTE1OTdlODg1NjRkYWY1NjdlNWE0NjY1OTc4
YzdiODUwHhcNMjMwMTAyMDU1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDY0NDc2ZjQ5MzU5M2FiYzQxMmM4YzU2MDE2MDZjN2Q1OTUzOGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNK3cQfR9kgDQ2XaX43pG7ueWlnp
36SjV1Wn+P2C3n60dq9hegx70Ygg0WLxiZBK9w1Hb2CEVDvKYji8upKxmxrfiFPG
bG1cH0/0cFpq0DizA8o4BoL8N+g291EV5f39Ag/3LiuKWT+7cC+jT2Jp1uxoz7lD
IuUeTWm1aQCcmNSbGWU3jaYl98HuFbq2uWwP3Fs0aVQXgyhNg8H3xIdveAhbpgQX
S7IZhShNzod4BY+ky62z9KQvSw55TxKLzPUMKhbfKHDwGdX1ciqU1XVTZI8IQQ2m
vQIJAyu94hovfluU/d+oHU8vAYTqlTGYz9R2hDwGxZiLf7n9WIlFLX/iNQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFNRkR29JNZOrxBLIxWAWBsfVlTjUMB8GA1UdIwQY
MBaAFIXcnFXhWX6IVk2vVn5aRmWXjHuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0Mjkt
ODZlYTE5ZDI5MTYzLzEvMUdSSGIwazFrNnZFRXNqRllCWUd4OVdWT05RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0MjktODZlYTE5ZDI5MTYz
LzEvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCW+REAwQB
wg9wMA4EAgACMAgDBgAqEZwAADANBgkqhkiG9w0BAQsFAAOCAQEA2usaqXTjeHXF
SOUUPaQE1VFP4tGmK7vcNtuvfSEmX/napwHCQ+5DwGhiDdctG7jbCuiKf5J6At34
0qdT+YrbBVw7Zb01xJe1kXICkDMkjkBtnzqUnUjRQ6BU9RhoFKFC4548yXLd29Z6
PsN3Hvgt8VLXNVKt0VDaFwAAtms3zF1y+L++/awS708PmRk2S5ZhwIozJoIsjPh7
/nBRkxmYUPtGynFOczXzw2oN40oqdoXpeDL6vMsUW5KJ+nwOrntk1C3Oky4usr5M
slIcVsPBNYDkwfZN9t8vGdJEahcycVSPIeB8a5e34AkUwimgKIzs5qCehyQsns/o
1wBUnlnEGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:30 2024 by rpki-client on console-ams.rpki-client.org