Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/gk1WPYyo0cfPBLs0u9a1748VL90.roa
File:                     gk1WPYyo0cfPBLs0u9a1748VL90.roa (raw, json)
Hash identifier:          ejXUzYEDmabevH9MMA0k0MFGtkjNtSypw545QbMGZAA=
Subject key identifier:   82:4D:56:3D:8C:A8:D1:C7:CF:04:BB:34:BB:D6:B5:EF:8F:15:2F:DD
Certificate issuer:       /CN=a5c6373eab19cf43dd2f43111398383ee2bad030
Certificate serial:       01856FD530F0634593448DA31553F9B745A8
Authority key identifier: A5:C6:37:3E:AB:19:CF:43:DD:2F:43:11:13:98:38:3E:E2:BA:D0:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pcY3PqsZz0PdL0MRE5g4PuK60DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/gk1WPYyo0cfPBLs0u9a1748VL90.roa
Signing time:             Mon 02 Jan 2023 00:15:20 +0000
ROA not before:           Mon 02 Jan 2023 00:15:20 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400040
IP address blocks:        185.228.0.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:d5:30:f0:63:45:93:44:8d:a3:15:53:f9:b7:45:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5c6373eab19cf43dd2f43111398383ee2bad030
        Validity
            Not Before: Jan  2 00:15:20 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=824d563d8ca8d1c7cf04bb34bbd6b5ef8f152fdd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:d7:51:8f:68:c7:85:4e:3a:79:d6:34:20:30:
                    db:4f:87:11:b7:15:37:89:a1:7c:f3:98:77:a1:77:
                    c8:95:83:da:4f:84:50:39:63:28:3b:3a:19:70:e6:
                    f3:33:d8:ca:23:11:db:3b:96:91:8b:67:97:c5:fd:
                    5f:90:cc:63:c0:33:48:29:f8:de:a0:04:f0:d6:e2:
                    da:1f:ea:4c:63:24:db:10:57:7e:a4:0f:fa:75:56:
                    47:76:d4:c1:77:7c:0c:79:58:d5:7a:e5:60:7c:24:
                    d0:15:4d:49:6d:55:dc:e2:74:ad:4a:40:ce:3e:7d:
                    2f:14:c9:21:fe:91:e0:32:34:b4:e7:ac:91:1f:d1:
                    f9:da:c2:e0:1c:c3:90:f8:45:60:1c:f4:43:20:98:
                    b9:9a:00:89:2e:0e:46:a8:13:34:a2:71:5d:8f:57:
                    67:96:03:a5:f0:5d:5e:47:db:d6:58:cd:d2:2d:32:
                    f4:0a:16:ff:c8:89:be:cd:86:79:46:85:61:53:66:
                    ae:a0:36:fa:f6:33:bc:b2:78:c9:7e:0b:ac:df:29:
                    e3:53:96:72:64:49:b7:4a:d2:7e:f0:25:76:e4:04:
                    1d:97:1e:93:3d:62:f7:ce:c7:bc:1a:c4:34:d7:32:
                    af:3b:7b:0e:21:60:01:18:3e:4e:11:0d:c0:68:86:
                    d0:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:4D:56:3D:8C:A8:D1:C7:CF:04:BB:34:BB:D6:B5:EF:8F:15:2F:DD
            X509v3 Authority Key Identifier:
                keyid:A5:C6:37:3E:AB:19:CF:43:DD:2F:43:11:13:98:38:3E:E2:BA:D0:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pcY3PqsZz0PdL0MRE5g4PuK60DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/gk1WPYyo0cfPBLs0u9a1748VL90.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/pcY3PqsZz0PdL0MRE5g4PuK60DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.228.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:18:e9:44:ba:c3:b5:93:2d:39:61:35:a7:8c:03:3c:de:71:
         79:1e:3a:46:8f:cb:20:c2:0a:05:60:39:b1:94:87:50:5b:4e:
         db:d5:02:b6:fc:b7:75:8d:21:f3:f4:29:f9:2d:5b:89:9b:2f:
         6c:7c:34:d4:9d:9b:e0:f7:10:3e:37:29:8b:c4:26:d0:5f:84:
         06:a8:54:73:2c:e0:c6:a9:10:57:33:38:cc:41:93:f2:2a:27:
         38:02:cf:b6:c8:bb:15:b8:de:37:72:29:4f:db:d2:69:e3:d8:
         88:a9:5b:da:fc:dd:f5:66:25:ad:95:20:69:e4:7a:d4:cf:f5:
         e9:35:86:9b:18:b9:ef:7c:8e:d0:8c:d4:6d:fb:26:ca:38:41:
         95:1d:dc:6a:5f:a6:63:b2:a1:aa:a3:34:bb:8a:2a:1c:6b:c6:
         8d:37:5b:38:91:95:da:cf:53:a7:a3:bc:d2:c9:6a:5b:a6:74:
         b6:11:4f:db:f9:b2:94:57:f7:86:71:ad:d3:fc:48:96:4e:61:
         28:73:9f:58:53:a0:09:87:56:39:30:9a:ec:99:24:96:d5:2e:
         62:bb:cb:f6:76:12:de:f2:43:1d:ae:2b:0e:53:6e:f2:46:ba:
         0d:d3:64:47:94:4d:0c:f4:4f:73:23:20:1f:fd:e5:bb:1a:ae:
         a8:0c:49:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1TDwY0WTRI2jFVP5t0WoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YzYzNzNlYWIxOWNmNDNkZDJmNDMxMTEzOTgzODNlZTJi
YWQwMzAwHhcNMjMwMTAyMDAxNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjRkNTYzZDhjYThkMWM3Y2YwNGJiMzRiYmQ2YjVlZjhmMTUyZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtdRj2jHhU46edY0IDDbT4cRtxU3
iaF885h3oXfIlYPaT4RQOWMoOzoZcObzM9jKIxHbO5aRi2eXxf1fkMxjwDNIKfje
oATw1uLaH+pMYyTbEFd+pA/6dVZHdtTBd3wMeVjVeuVgfCTQFU1JbVXc4nStSkDO
Pn0vFMkh/pHgMjS056yRH9H52sLgHMOQ+EVgHPRDIJi5mgCJLg5GqBM0onFdj1dn
lgOl8F1eR9vWWM3SLTL0Chb/yIm+zYZ5RoVhU2auoDb69jO8snjJfgus3ynjU5Zy
ZEm3StJ+8CV25AQdlx6TPWL3zse8GsQ01zKvO3sOIWABGD5OEQ3AaIbQNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIJNVj2MqNHHzwS7NLvWte+PFS/dMB8GA1UdIwQY
MBaAFKXGNz6rGc9D3S9DEROYOD7iutAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGNZM1Bxc1p6MFBkTDBNUkU1ZzRQdUs2MERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9mMGY1ZTMtNjA1MC00ZTJkLWE0ZWEt
YTRlYTBhNjNmNzY2LzEvZ2sxV1BZeW8wY2ZQQkxzMHU5YTE3NDhWTDkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9mMGY1ZTMtNjA1MC00ZTJkLWE0ZWEtYTRlYTBhNjNmNzY2
LzEvcGNZM1Bxc1p6MFBkTDBNUkU1ZzRQdUs2MERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueQAMA0G
CSqGSIb3DQEBCwUAA4IBAQBYGOlEusO1ky05YTWnjAM83nF5HjpGj8sgwgoFYDmx
lIdQW07b1QK2/Ld1jSHz9Cn5LVuJmy9sfDTUnZvg9xA+NymLxCbQX4QGqFRzLODG
qRBXMzjMQZPyKic4As+2yLsVuN43cilP29Jp49iIqVva/N31ZiWtlSBp5HrUz/Xp
NYabGLnvfI7QjNRt+ybKOEGVHdxqX6ZjsqGqozS7iioca8aNN1s4kZXaz1Ono7zS
yWpbpnS2EU/b+bKUV/eGca3T/EiWTmEoc59YU6AJh1Y5MJrsmSSW1S5iu8v2dhLe
8kMdrisOU27yRroN02RHlE0M9E9zIyAf/eW7Gq6oDEk3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:12 2024 by rpki-client on console-ams.rpki-client.org