Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/e8072a-6017-4ed5-bee3-8e65b347f218/1/cwPPsQB8bxmfjtRh2-iWeOxizgE.roa
File:                     cwPPsQB8bxmfjtRh2-iWeOxizgE.roa (raw, json)
Hash identifier:          CfqEFyBNzamHsudwstX1Q3tA56SjypSCsrTim2YsvPc=
Subject key identifier:   73:03:CF:B1:00:7C:6F:19:9F:8E:D4:61:DB:E8:96:78:EC:62:CE:01
Certificate issuer:       /CN=fc35877cc038bffdb97bb3d6ea216ab52b3a0582
Certificate serial:       0185720C7351572A636E97CFD20FA2D6AB6A
Authority key identifier: FC:35:87:7C:C0:38:BF:FD:B9:7B:B3:D6:EA:21:6A:B5:2B:3A:05:82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_DWHfMA4v_25e7PW6iFqtSs6BYI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/e8072a-6017-4ed5-bee3-8e65b347f218/1/cwPPsQB8bxmfjtRh2-iWeOxizgE.roa
Signing time:             Mon 02 Jan 2023 10:34:56 +0000
ROA not before:           Mon 02 Jan 2023 10:34:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50673
IP address blocks:        185.42.59.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:0c:73:51:57:2a:63:6e:97:cf:d2:0f:a2:d6:ab:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc35877cc038bffdb97bb3d6ea216ab52b3a0582
        Validity
            Not Before: Jan  2 10:34:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7303cfb1007c6f199f8ed461dbe89678ec62ce01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:7a:d5:0a:ff:b9:fd:26:f3:8b:e0:2b:27:82:
                    9e:9f:62:f7:e9:a4:9a:f6:a3:6b:6e:95:9a:57:1f:
                    c9:bf:f0:e1:2a:19:a2:51:71:1b:a9:f6:59:99:6d:
                    1f:e8:68:b4:09:67:3b:79:ce:0c:0c:1c:6d:e5:45:
                    5d:21:62:37:ca:df:df:42:57:77:bd:ab:7a:aa:98:
                    8f:26:7b:c7:24:d8:76:b5:6e:b8:b5:b0:7e:5f:bd:
                    35:f6:0a:08:29:a5:0a:e0:f9:d9:80:ce:fc:47:6b:
                    49:a4:42:1a:0e:aa:91:3d:ac:62:d0:6a:d6:fa:52:
                    6f:92:8f:99:ad:18:12:f6:2f:3c:83:af:5b:50:6b:
                    58:ae:95:a2:62:0f:44:f5:d7:48:61:29:3b:73:a9:
                    96:74:1b:19:85:d5:ea:32:9d:cb:2a:eb:8b:d2:40:
                    00:24:61:6c:4f:d3:c6:04:37:c7:c9:45:f0:05:c0:
                    fe:b1:c3:bc:49:e2:4c:05:89:1f:71:e4:50:32:e6:
                    c6:d8:24:6f:d7:fa:67:dc:de:26:9e:4e:7c:86:42:
                    1f:80:ab:17:e9:26:1e:52:34:fe:d8:75:2b:80:86:
                    ea:5d:a3:93:90:f5:07:aa:29:73:0f:ed:8c:57:cf:
                    ab:6d:93:09:86:a6:c0:cd:2b:31:b6:fa:cd:70:b2:
                    c6:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:03:CF:B1:00:7C:6F:19:9F:8E:D4:61:DB:E8:96:78:EC:62:CE:01
            X509v3 Authority Key Identifier:
                keyid:FC:35:87:7C:C0:38:BF:FD:B9:7B:B3:D6:EA:21:6A:B5:2B:3A:05:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_DWHfMA4v_25e7PW6iFqtSs6BYI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/e8072a-6017-4ed5-bee3-8e65b347f218/1/cwPPsQB8bxmfjtRh2-iWeOxizgE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/e8072a-6017-4ed5-bee3-8e65b347f218/1/_DWHfMA4v_25e7PW6iFqtSs6BYI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.42.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:02:06:81:4b:d6:8e:ae:6e:f1:0d:3e:73:38:77:93:3b:3a:
         22:0c:e5:41:36:fe:c5:97:eb:ae:c1:ea:cc:28:45:31:cb:ca:
         60:fa:23:dd:40:0f:19:1b:14:32:4f:33:4b:ff:63:3c:14:97:
         ec:19:d8:09:2c:84:6c:c9:c9:fe:91:ee:b4:dd:dd:4e:53:70:
         60:7d:84:af:c9:36:8a:ae:b2:a4:62:db:34:c7:bc:eb:41:69:
         d2:26:7f:a3:9f:ca:3c:d5:d6:44:21:63:dc:2c:08:e7:04:b0:
         73:35:06:32:b3:bb:cd:b4:75:58:ac:e6:fb:5f:0f:64:7c:e5:
         5d:af:20:7a:c7:4e:43:06:95:a1:86:8d:17:0a:63:ad:ca:31:
         bc:61:77:bd:48:bf:b7:4c:39:1c:ec:bf:d7:e0:4e:02:33:85:
         79:98:dd:4f:cf:5f:05:cb:3b:45:7f:7e:8a:0d:19:95:d5:e2:
         f7:0d:39:b0:30:18:f8:4e:e2:de:7a:80:41:27:f0:cb:2d:0d:
         08:fd:65:0e:f3:36:c1:0f:ea:c4:94:a4:81:fa:d9:fd:c3:41:
         32:56:65:a1:d3:0c:9c:40:ef:4b:95:16:2f:0b:64:94:10:c7:
         9e:eb:6b:da:8a:28:8f:d1:4d:2b:61:6c:9e:95:5d:71:d1:a7:
         55:63:62:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyDHNRVypjbpfP0g+i1qtqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMzU4NzdjYzAzOGJmZmRiOTdiYjNkNmVhMjE2YWI1MmIz
YTA1ODIwHhcNMjMwMTAyMTAzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzAzY2ZiMTAwN2M2ZjE5OWY4ZWQ0NjFkYmU4OTY3OGVjNjJjZTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nrVCv+5/Sbzi+ArJ4Ken2L36aSa
9qNrbpWaVx/Jv/DhKhmiUXEbqfZZmW0f6Gi0CWc7ec4MDBxt5UVdIWI3yt/fQld3
vat6qpiPJnvHJNh2tW64tbB+X7019goIKaUK4PnZgM78R2tJpEIaDqqRPaxi0GrW
+lJvko+ZrRgS9i88g69bUGtYrpWiYg9E9ddIYSk7c6mWdBsZhdXqMp3LKuuL0kAA
JGFsT9PGBDfHyUXwBcD+scO8SeJMBYkfceRQMubG2CRv1/pn3N4mnk58hkIfgKsX
6SYeUjT+2HUrgIbqXaOTkPUHqilzD+2MV8+rbZMJhqbAzSsxtvrNcLLGawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHMDz7EAfG8Zn47UYdvolnjsYs4BMB8GA1UdIwQY
MBaAFPw1h3zAOL/9uXuz1uoharUrOgWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0RXSGZNQTR2XzI1ZTdQVzZpRnF0U3M2QllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lODA3MmEtNjAxNy00ZWQ1LWJlZTMt
OGU2NWIzNDdmMjE4LzEvY3dQUHNRQjhieG1manRSaDItaVdlT3hpemdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lODA3MmEtNjAxNy00ZWQ1LWJlZTMtOGU2NWIzNDdmMjE4
LzEvX0RXSGZNQTR2XzI1ZTdQVzZpRnF0U3M2QllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSo7MA0G
CSqGSIb3DQEBCwUAA4IBAQADAgaBS9aOrm7xDT5zOHeTOzoiDOVBNv7Fl+uuwerM
KEUxy8pg+iPdQA8ZGxQyTzNL/2M8FJfsGdgJLIRsycn+ke603d1OU3BgfYSvyTaK
rrKkYts0x7zrQWnSJn+jn8o81dZEIWPcLAjnBLBzNQYys7vNtHVYrOb7Xw9kfOVd
ryB6x05DBpWhho0XCmOtyjG8YXe9SL+3TDkc7L/X4E4CM4V5mN1Pz18FyztFf36K
DRmV1eL3DTmwMBj4TuLeeoBBJ/DLLQ0I/WUO8zbBD+rElKSB+tn9w0EyVmWh0wyc
QO9LlRYvC2SUEMee62vaiiiP0U0rYWyelV1x0adVY2Lt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:02 2024 by rpki-client on console-fra.rpki-client.org