Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/321R61_LT0Tf-ecCbJHaNzH6Mbc.roa
File:                     321R61_LT0Tf-ecCbJHaNzH6Mbc.roa (raw, json)
Hash identifier:          ixiBdYRqFwHuWs8DzXBtuFu+vpUNG1esLACo4zl8cMM=
Subject key identifier:   DF:6D:51:EB:5F:CB:4F:44:DF:F9:E7:02:6C:91:DA:37:31:FA:31:B7
Certificate issuer:       /CN=a5c6373eab19cf43dd2f43111398383ee2bad030
Certificate serial:       0188481794AE963CBB9810F2AB546727FD89
Authority key identifier: A5:C6:37:3E:AB:19:CF:43:DD:2F:43:11:13:98:38:3E:E2:BA:D0:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pcY3PqsZz0PdL0MRE5g4PuK60DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/321R61_LT0Tf-ecCbJHaNzH6Mbc.roa
Signing time:             Tue 23 May 2023 10:11:24 +0000
ROA not before:           Tue 23 May 2023 10:11:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202002
IP address blocks:        185.228.1.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 16 Jun 2023 16:40:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:48:17:94:ae:96:3c:bb:98:10:f2:ab:54:67:27:fd:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5c6373eab19cf43dd2f43111398383ee2bad030
        Validity
            Not Before: May 23 10:11:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=df6d51eb5fcb4f44dff9e7026c91da3731fa31b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:6d:67:d8:27:a1:38:52:ae:9d:a4:88:a5:de:
                    20:bd:52:70:ca:8f:e1:38:5d:18:0f:f6:3f:27:00:
                    62:ef:fa:e7:5b:49:8a:6b:cc:4a:c2:a8:02:d2:50:
                    73:aa:3e:e9:ba:04:30:fe:99:e0:f5:87:a1:1e:60:
                    cc:25:97:b1:82:98:5d:8f:50:c5:3f:39:51:e5:e7:
                    1a:ba:36:11:7e:ab:48:70:6a:d2:bd:c2:99:8f:a5:
                    a8:6f:3a:61:4a:77:a7:e3:da:35:61:a8:44:63:e0:
                    91:d1:61:1d:71:3d:e1:bc:d6:be:f7:45:8f:fd:b0:
                    4c:bd:d2:72:8e:4c:77:f4:31:e7:9a:e0:c8:17:49:
                    b0:5d:72:42:8e:fa:52:53:38:3e:26:4e:f0:b6:01:
                    45:9e:6c:55:73:5d:65:10:54:f8:4a:9a:af:eb:34:
                    31:85:c6:4a:4d:b4:66:d0:c1:f3:83:4a:3c:be:eb:
                    ba:ce:50:db:e5:30:3a:83:77:2a:1b:38:1f:2e:1f:
                    b5:b6:c2:bb:69:48:af:e8:6c:e6:d7:74:72:b9:bb:
                    cc:c4:35:7f:ee:92:79:7b:6a:27:f5:c4:62:3b:29:
                    2a:1b:1e:29:37:7f:fe:83:c3:3b:df:a2:79:f0:32:
                    15:fc:c8:f5:e9:d6:59:77:b9:37:3c:29:23:d8:f0:
                    58:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:6D:51:EB:5F:CB:4F:44:DF:F9:E7:02:6C:91:DA:37:31:FA:31:B7
            X509v3 Authority Key Identifier:
                keyid:A5:C6:37:3E:AB:19:CF:43:DD:2F:43:11:13:98:38:3E:E2:BA:D0:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pcY3PqsZz0PdL0MRE5g4PuK60DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/321R61_LT0Tf-ecCbJHaNzH6Mbc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/pcY3PqsZz0PdL0MRE5g4PuK60DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.228.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:ea:1b:43:66:ad:db:85:17:90:17:dd:54:64:6c:ec:b7:61:
         27:59:cd:5a:8f:b2:f9:86:7b:ce:0d:5e:d9:9e:7c:65:cb:78:
         ce:34:0c:39:85:9e:85:a7:11:09:91:97:54:d7:ca:c6:f2:d0:
         9f:04:94:74:07:ed:54:50:6d:9c:ca:bf:c2:1b:38:60:ff:c5:
         43:74:27:f0:58:e5:05:b8:30:e6:1a:89:89:4a:c5:35:74:14:
         ac:7e:32:6d:a4:21:58:4b:76:79:e6:54:d3:a2:61:81:a8:59:
         0b:2f:43:86:e3:d1:8c:7a:8b:61:94:9e:62:4b:2e:d6:2a:96:
         f2:6f:fb:dd:9e:b8:e2:23:a3:a5:4c:a9:e3:0e:67:63:3c:43:
         22:a9:da:22:44:2c:8c:67:c7:71:51:ec:b6:ca:2f:7f:01:d5:
         4d:5d:b6:3d:5d:a6:4c:6d:6d:e4:f5:f9:a1:20:d9:9c:f4:16:
         e7:67:92:fb:67:9b:29:ad:f3:4a:d8:82:01:f2:3f:cc:e8:03:
         21:f4:12:16:d9:5a:81:87:b0:65:c9:42:72:74:11:ba:f5:94:
         74:16:f6:5b:87:50:dd:66:6e:32:8c:79:59:ff:35:1c:b9:5d:
         14:c4:d3:4b:68:cc:f9:6a:76:0a:de:ef:6e:2b:59:2e:35:f9:
         fe:7f:73:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhIF5Suljy7mBDyq1RnJ/2JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YzYzNzNlYWIxOWNmNDNkZDJmNDMxMTEzOTgzODNlZTJi
YWQwMzAwHhcNMjMwNTIzMTAxMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjZkNTFlYjVmY2I0ZjQ0ZGZmOWU3MDI2YzkxZGEzNzMxZmEzMWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo21n2CehOFKunaSIpd4gvVJwyo/h
OF0YD/Y/JwBi7/rnW0mKa8xKwqgC0lBzqj7pugQw/png9YehHmDMJZexgphdj1DF
PzlR5ecaujYRfqtIcGrSvcKZj6WobzphSnen49o1YahEY+CR0WEdcT3hvNa+90WP
/bBMvdJyjkx39DHnmuDIF0mwXXJCjvpSUzg+Jk7wtgFFnmxVc11lEFT4Spqv6zQx
hcZKTbRm0MHzg0o8vuu6zlDb5TA6g3cqGzgfLh+1tsK7aUiv6Gzm13RyubvMxDV/
7pJ5e2on9cRiOykqGx4pN3/+g8M736J58DIV/Mj16dZZd7k3PCkj2PBYYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN9tUetfy09E3/nnAmyR2jcx+jG3MB8GA1UdIwQY
MBaAFKXGNz6rGc9D3S9DEROYOD7iutAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGNZM1Bxc1p6MFBkTDBNUkU1ZzRQdUs2MERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9mMGY1ZTMtNjA1MC00ZTJkLWE0ZWEt
YTRlYTBhNjNmNzY2LzEvMzIxUjYxX0xUMFRmLWVjQ2JKSGFOekg2TWJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9mMGY1ZTMtNjA1MC00ZTJkLWE0ZWEtYTRlYTBhNjNmNzY2
LzEvcGNZM1Bxc1p6MFBkTDBNUkU1ZzRQdUs2MERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueQBMA0G
CSqGSIb3DQEBCwUAA4IBAQA06htDZq3bhReQF91UZGzst2EnWc1aj7L5hnvODV7Z
nnxly3jONAw5hZ6FpxEJkZdU18rG8tCfBJR0B+1UUG2cyr/CGzhg/8VDdCfwWOUF
uDDmGomJSsU1dBSsfjJtpCFYS3Z55lTTomGBqFkLL0OG49GMeothlJ5iSy7WKpby
b/vdnrjiI6OlTKnjDmdjPEMiqdoiRCyMZ8dxUey2yi9/AdVNXbY9XaZMbW3k9fmh
INmc9BbnZ5L7Z5sprfNK2IIB8j/M6AMh9BIW2VqBh7BlyUJydBG69ZR0FvZbh1Dd
Zm4yjHlZ/zUcuV0UxNNLaMz5anYK3u9uK1kuNfn+f3Me
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:11 2024 by rpki-client on console-ams.rpki-client.org