Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/3wAyouOc6XgNe2LIU7TquCHMIr4.roa
File:                     3wAyouOc6XgNe2LIU7TquCHMIr4.roa (raw, json)
Hash identifier:          +6pQK4XGYKqTXDvu5UL9UPUjWPoFOngNEz77+FpG5IQ=
Subject key identifier:   DF:00:32:A2:E3:9C:E9:78:0D:7B:62:C8:53:B4:EA:B8:21:CC:22:BE
Certificate issuer:       /CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Certificate serial:       018675C606E75B40273CC33E588FF339D9F8
Authority key identifier: 85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/3wAyouOc6XgNe2LIU7TquCHMIr4.roa
Signing time:             Tue 21 Feb 2023 20:59:17 +0000
ROA not before:           Tue 21 Feb 2023 20:59:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48031
IP address blocks:        194.15.114.0/24 maxlen: 24
                          194.26.18.0/24 maxlen: 24
                          91.213.8.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 27 Feb 2023 12:12:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:75:c6:06:e7:5b:40:27:3c:c3:3e:58:8f:f3:39:d9:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85dc9c55e1597e88564daf567e5a4665978c7b85
        Validity
            Not Before: Feb 21 20:59:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=df0032a2e39ce9780d7b62c853b4eab821cc22be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:56:77:2c:ca:ca:ce:3b:f7:51:29:da:f8:12:
                    7e:40:e0:ce:c3:8c:de:9e:0c:9b:59:09:d9:1b:26:
                    95:16:ef:9e:6a:ef:c3:3d:c0:d9:be:7c:eb:d1:d3:
                    5e:ed:ea:93:24:58:9d:fc:e5:22:80:44:6c:be:7d:
                    69:cf:49:72:84:92:9d:5e:8a:78:91:a9:01:26:5f:
                    57:ce:e0:8f:31:21:c9:3b:d7:51:ae:08:6b:9e:0a:
                    c1:08:b3:fe:4b:26:9e:a7:27:3c:9e:0d:c3:c0:45:
                    fb:ca:9d:59:9a:87:5a:03:69:bd:d6:6d:63:ec:4c:
                    5c:ee:78:4e:d3:8d:be:28:8e:41:a5:c3:1a:59:2c:
                    d3:2b:63:48:c0:eb:f2:4b:f6:c5:64:82:ba:a6:cf:
                    3d:67:de:74:be:80:89:5a:b7:b1:8e:de:8e:44:7e:
                    26:85:6f:30:d7:14:f6:3a:2f:17:9a:f7:f4:0c:75:
                    80:18:2a:9c:6c:f4:0e:0a:b2:40:4a:a1:67:f7:ad:
                    e0:ca:bd:11:fa:51:4d:23:5b:3d:1b:0f:9d:69:1c:
                    2f:ba:3c:f4:20:20:18:3d:c7:a0:1c:29:a7:40:3b:
                    4e:67:63:62:e2:4a:1c:d0:89:48:a5:f7:55:5b:9c:
                    1f:a9:0a:cd:86:ff:27:d5:90:6f:6f:da:36:66:4f:
                    0a:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:00:32:A2:E3:9C:E9:78:0D:7B:62:C8:53:B4:EA:B8:21:CC:22:BE
            X509v3 Authority Key Identifier:
                keyid:85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/3wAyouOc6XgNe2LIU7TquCHMIr4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/hdycVeFZfohWTa9WflpGZZeMe4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.213.8.0/24
                  194.15.114.0/24
                  194.26.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:1e:33:a0:bb:e0:12:90:71:70:18:12:67:47:ad:9d:74:b3:
         2d:16:ec:2e:2d:7d:d5:6b:d5:46:7d:5e:8c:51:4e:e8:35:5e:
         cd:3e:a0:ef:24:03:a3:ee:e2:6f:e0:78:54:16:99:71:63:f2:
         d5:09:e9:18:42:10:62:e0:78:bb:d5:82:ed:77:ec:81:19:82:
         8f:3d:d2:e1:ee:95:a5:ab:fb:5b:16:de:5a:24:64:6d:eb:32:
         52:a6:45:c1:95:c3:d3:97:7d:62:ae:4e:fc:ad:47:21:7d:78:
         c5:ae:e0:2b:9d:4f:df:4d:38:2e:fd:1b:62:28:20:5a:3f:1c:
         f5:80:27:c6:a7:45:58:b7:82:cf:ff:a0:ac:6b:49:d9:cb:cc:
         4f:ec:92:94:ae:e8:3a:ba:12:e0:2a:75:bd:e3:25:ff:43:68:
         90:03:1b:30:82:3a:56:d7:f0:62:57:c6:7a:2b:8e:c8:16:15:
         c9:bd:a7:53:1e:48:23:02:fa:2e:42:e3:f5:fd:9e:ae:d6:ef:
         3d:5f:46:28:11:0f:c5:79:ca:d4:31:d5:ba:ae:3d:a0:8a:91:
         84:8d:6b:f0:bd:e1:f2:ad:d6:62:e4:a9:e3:50:46:ae:9e:40:
         00:e0:6c:e0:98:ed:75:56:ad:7a:ab:d1:9f:11:ee:e3:6e:b9:
         12:34:33:3c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZ1xgbnW0AnPMM+WI/zOdn4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZGM5YzU1ZTE1OTdlODg1NjRkYWY1NjdlNWE0NjY1OTc4
YzdiODUwHhcNMjMwMjIxMjA1OTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjAwMzJhMmUzOWNlOTc4MGQ3YjYyYzg1M2I0ZWFiODIxY2MyMmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1Z3LMrKzjv3USna+BJ+QODOw4ze
ngybWQnZGyaVFu+eau/DPcDZvnzr0dNe7eqTJFid/OUigERsvn1pz0lyhJKdXop4
kakBJl9XzuCPMSHJO9dRrghrngrBCLP+Syaepyc8ng3DwEX7yp1ZmodaA2m91m1j
7Exc7nhO042+KI5BpcMaWSzTK2NIwOvyS/bFZIK6ps89Z950voCJWrexjt6ORH4m
hW8w1xT2Oi8Xmvf0DHWAGCqcbPQOCrJASqFn963gyr0R+lFNI1s9Gw+daRwvujz0
ICAYPcegHCmnQDtOZ2Ni4koc0IlIpfdVW5wfqQrNhv8n1ZBvb9o2Zk8KZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN8AMqLjnOl4DXtiyFO06rghzCK+MB8GA1UdIwQY
MBaAFIXcnFXhWX6IVk2vVn5aRmWXjHuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0Mjkt
ODZlYTE5ZDI5MTYzLzEvM3dBeW91T2M2WGdOZTJMSVU3VHF1Q0hNSXI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0MjktODZlYTE5ZDI5MTYz
LzEvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9UIAwQA
wg9yAwQAwhoSMA0GCSqGSIb3DQEBCwUAA4IBAQAyHjOgu+ASkHFwGBJnR62ddLMt
FuwuLX3Va9VGfV6MUU7oNV7NPqDvJAOj7uJv4HhUFplxY/LVCekYQhBi4Hi71YLt
d+yBGYKPPdLh7pWlq/tbFt5aJGRt6zJSpkXBlcPTl31irk78rUchfXjFruArnU/f
TTgu/RtiKCBaPxz1gCfGp0VYt4LP/6Csa0nZy8xP7JKUrug6uhLgKnW94yX/Q2iQ
AxswgjpW1/BiV8Z6K47IFhXJvadTHkgjAvouQuP1/Z6u1u89X0YoEQ/FecrUMdW6
rj2gipGEjWvwveHyrdZi5KnjUEaunkAA4GzgmO11Vq16q9GfEe7jbrkSNDM8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:30 2024 by rpki-client on console-ams.rpki-client.org