Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/gObep7ezrX57KrycVcpY4JZLzQ0.roa
File:                     gObep7ezrX57KrycVcpY4JZLzQ0.roa (raw, json)
Hash identifier:          mNCEz++l7/P+lEo50eGRIY9pHybev8t5/+0bPRBHCqw=
Subject key identifier:   80:E6:DE:A7:B7:B3:AD:7E:7B:2A:BC:9C:55:CA:58:E0:96:4B:CD:0D
Certificate issuer:       /CN=2330e26060913c758137488bfd7ab1bfe9e10ae2
Certificate serial:       01856F42CC7800362CFBF6909D400C850AD5
Authority key identifier: 23:30:E2:60:60:91:3C:75:81:37:48:8B:FD:7A:B1:BF:E9:E1:0A:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IzDiYGCRPHWBN0iL_Xqxv-nhCuI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/gObep7ezrX57KrycVcpY4JZLzQ0.roa
Signing time:             Sun 01 Jan 2023 21:35:26 +0000
ROA not before:           Sun 01 Jan 2023 21:35:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3292
IP address blocks:        185.203.232.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:cc:78:00:36:2c:fb:f6:90:9d:40:0c:85:0a:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2330e26060913c758137488bfd7ab1bfe9e10ae2
        Validity
            Not Before: Jan  1 21:35:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=80e6dea7b7b3ad7e7b2abc9c55ca58e0964bcd0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:38:88:26:19:10:34:2f:20:02:fc:2e:d8:c1:
                    29:fa:4d:f1:c3:42:d9:80:8a:23:84:22:be:8d:91:
                    fc:e9:d0:ed:2b:03:90:1b:55:78:c8:71:ba:2e:de:
                    46:6d:af:87:c4:d3:e1:d7:d7:b5:31:1f:f7:49:70:
                    6a:82:56:2a:ec:3f:1a:bc:09:0c:93:34:0a:c0:6e:
                    0c:63:e1:54:af:b5:fe:ed:2b:1b:d6:8a:f8:cc:4b:
                    b3:cf:9c:f5:17:99:d8:be:be:34:23:08:b4:4d:1a:
                    fa:87:cc:0e:02:2a:f0:98:35:6b:4d:a6:c1:b6:f5:
                    00:53:2f:8f:e0:84:82:4a:fd:9b:29:9c:2b:1f:a0:
                    0c:48:1f:08:47:07:0c:0f:25:e7:79:78:5f:6c:e5:
                    d1:f3:ce:32:77:4d:37:e5:13:4a:c3:32:ea:01:ec:
                    66:66:67:f9:0e:45:50:8b:68:fa:81:b5:53:61:6b:
                    21:07:31:9d:0b:3f:9e:d1:60:d4:1c:78:8c:c7:45:
                    67:84:78:7e:65:25:3f:7c:95:2e:f1:2a:cd:5c:9f:
                    20:76:05:21:bb:b8:ea:95:87:98:82:7e:e4:da:d9:
                    ac:09:25:bc:1c:d6:39:a0:48:15:68:1e:0f:38:91:
                    57:b3:aa:d3:d6:4b:6a:ec:d6:c6:d3:c3:c8:da:ab:
                    44:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:E6:DE:A7:B7:B3:AD:7E:7B:2A:BC:9C:55:CA:58:E0:96:4B:CD:0D
            X509v3 Authority Key Identifier:
                keyid:23:30:E2:60:60:91:3C:75:81:37:48:8B:FD:7A:B1:BF:E9:E1:0A:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IzDiYGCRPHWBN0iL_Xqxv-nhCuI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/gObep7ezrX57KrycVcpY4JZLzQ0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4690c0-0b91-4322-94b9-706782cfa03b/1/IzDiYGCRPHWBN0iL_Xqxv-nhCuI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.203.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:d3:14:b5:7b:ef:f6:64:02:08:c9:47:22:08:df:a8:3e:2c:
         36:0b:45:b3:8f:1b:2d:7a:83:01:ce:c2:96:30:9a:fa:df:0c:
         b9:e2:ca:5f:47:a4:cb:79:07:50:67:87:96:a9:97:0c:27:84:
         5c:38:39:7e:86:a9:e7:b0:66:a7:a1:c5:06:5b:5d:a1:64:64:
         18:b5:7a:5a:b4:d5:47:81:cb:dc:58:a3:5a:27:43:22:19:1f:
         ee:79:da:77:8d:f7:ad:60:79:be:61:df:8e:f1:05:a8:bf:a0:
         1c:e4:26:6c:06:87:b1:69:03:e5:f3:c4:45:32:ad:4c:5e:77:
         94:b5:72:ac:17:c6:b9:87:d2:ef:98:96:57:5b:ea:2b:80:3d:
         55:c5:69:28:29:91:2d:d1:8a:5e:c7:ac:cd:8d:d2:4e:ff:57:
         84:37:9c:1b:ee:4a:85:5c:75:38:8f:ef:7f:b4:c6:21:eb:36:
         95:e4:8c:5a:0b:27:2b:8a:fd:0e:8c:7d:fb:e8:9b:28:04:95:
         d8:3e:d4:6e:aa:14:d0:72:81:8f:41:a2:59:13:8b:66:43:84:
         ab:4b:e5:e8:f9:90:e3:94:94:55:fb:eb:02:49:e1:a0:2f:79:
         48:30:c1:c2:03:4e:99:f4:be:24:9f:4e:63:dc:0b:97:42:30:
         45:62:47:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQsx4ADYs+/aQnUAMhQrVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMzBlMjYwNjA5MTNjNzU4MTM3NDg4YmZkN2FiMWJmZTll
MTBhZTIwHhcNMjMwMTAxMjEzNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGU2ZGVhN2I3YjNhZDdlN2IyYWJjOWM1NWNhNThlMDk2NGJjZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDiIJhkQNC8gAvwu2MEp+k3xw0LZ
gIojhCK+jZH86dDtKwOQG1V4yHG6Lt5Gba+HxNPh19e1MR/3SXBqglYq7D8avAkM
kzQKwG4MY+FUr7X+7Ssb1or4zEuzz5z1F5nYvr40Iwi0TRr6h8wOAirwmDVrTabB
tvUAUy+P4ISCSv2bKZwrH6AMSB8IRwcMDyXneXhfbOXR884yd0035RNKwzLqAexm
Zmf5DkVQi2j6gbVTYWshBzGdCz+e0WDUHHiMx0VnhHh+ZSU/fJUu8SrNXJ8gdgUh
u7jqlYeYgn7k2tmsCSW8HNY5oEgVaB4POJFXs6rT1ktq7NbG08PI2qtEHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIDm3qe3s61+eyq8nFXKWOCWS80NMB8GA1UdIwQY
MBaAFCMw4mBgkTx1gTdIi/16sb/p4QriMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXpEaVlHQ1JQSFdCTjBpTF9YcXh2LW5oQ3VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80NjkwYzAtMGI5MS00MzIyLTk0Yjkt
NzA2NzgyY2ZhMDNiLzEvZ09iZXA3ZXpyWDU3S3J5Y1ZjcFk0SlpMelEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80NjkwYzAtMGI5MS00MzIyLTk0YjktNzA2NzgyY2ZhMDNi
LzEvSXpEaVlHQ1JQSFdCTjBpTF9YcXh2LW5oQ3VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucvoMA0G
CSqGSIb3DQEBCwUAA4IBAQBB0xS1e+/2ZAIIyUciCN+oPiw2C0WzjxsteoMBzsKW
MJr63wy54spfR6TLeQdQZ4eWqZcMJ4RcODl+hqnnsGanocUGW12hZGQYtXpatNVH
gcvcWKNaJ0MiGR/uedp3jfetYHm+Yd+O8QWov6Ac5CZsBoexaQPl88RFMq1MXneU
tXKsF8a5h9LvmJZXW+orgD1VxWkoKZEt0Ypex6zNjdJO/1eEN5wb7kqFXHU4j+9/
tMYh6zaV5IxaCycriv0OjH376JsoBJXYPtRuqhTQcoGPQaJZE4tmQ4SrS+Xo+ZDj
lJRV++sCSeGgL3lIMMHCA06Z9L4kn05j3AuXQjBFYkcs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:37 2024 by rpki-client on console-ams.rpki-client.org