Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/1znl1e8WEZLGaBUDIeXOt-YAvxo.roa
File:                     1znl1e8WEZLGaBUDIeXOt-YAvxo.roa (raw, json)
Hash identifier:          0mr3UB6upcvOdktlFi/f/FCLOsXi2s4YQQMKwCiCnRs=
Subject key identifier:   D7:39:E5:D5:EF:16:11:92:C6:68:15:03:21:E5:CE:B7:E6:00:BF:1A
Certificate issuer:       /CN=3517c9de927fa75beaef7885f0d88f6f4d2a0ed6
Certificate serial:       01856C812B3070E2B2A3E5E499F1D30E223D
Authority key identifier: 35:17:C9:DE:92:7F:A7:5B:EA:EF:78:85:F0:D8:8F:6F:4D:2A:0E:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NRfJ3pJ_p1vq73iF8NiPb00qDtY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/1znl1e8WEZLGaBUDIeXOt-YAvxo.roa
Signing time:             Sun 01 Jan 2023 08:44:42 +0000
ROA not before:           Sun 01 Jan 2023 08:44:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51765
IP address blocks:        185.155.235.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 17 Jan 2023 17:57:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:81:2b:30:70:e2:b2:a3:e5:e4:99:f1:d3:0e:22:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3517c9de927fa75beaef7885f0d88f6f4d2a0ed6
        Validity
            Not Before: Jan  1 08:44:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d739e5d5ef161192c668150321e5ceb7e600bf1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:2c:b2:c5:3a:df:5d:49:c7:6a:91:d4:59:e5:
                    c0:fc:0a:bd:9e:0e:de:87:73:7e:76:1d:06:df:39:
                    45:bc:5c:f5:01:ee:b1:4e:e3:8f:d6:a4:fb:4a:fa:
                    8e:ff:a4:45:08:b8:d4:2d:f9:dd:dc:d9:d7:0d:87:
                    2a:21:f7:aa:89:6a:59:c3:f2:a6:31:c6:56:ec:5b:
                    6a:ec:91:84:59:ff:ba:09:e6:5f:ac:30:eb:af:2a:
                    e6:b7:4a:92:e0:74:c0:1e:d7:a3:b6:95:8c:0a:df:
                    c3:07:d7:8f:c3:a3:3e:a5:48:e6:c6:76:e6:06:5d:
                    2c:b5:a7:00:51:09:77:de:32:13:86:f2:47:58:9a:
                    18:d9:9c:50:39:21:15:1e:6a:ab:9c:fc:a4:ed:d1:
                    85:6b:ad:cb:d0:83:44:22:43:6c:0f:19:38:41:1d:
                    a4:6c:ba:34:ba:11:1c:58:cc:a6:28:3b:08:2c:61:
                    1d:04:cd:49:68:0a:23:15:74:b3:06:7f:70:48:f4:
                    35:fe:e1:3b:e7:e5:37:ab:62:35:a7:82:4c:f4:8d:
                    5b:28:77:34:35:92:bb:c5:e6:20:b6:79:db:fd:c6:
                    be:f7:99:ee:73:47:b6:1d:09:55:25:7c:d0:30:cd:
                    24:16:dc:0e:95:b0:16:36:7e:74:79:41:2d:25:b4:
                    b0:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:39:E5:D5:EF:16:11:92:C6:68:15:03:21:E5:CE:B7:E6:00:BF:1A
            X509v3 Authority Key Identifier:
                keyid:35:17:C9:DE:92:7F:A7:5B:EA:EF:78:85:F0:D8:8F:6F:4D:2A:0E:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRfJ3pJ_p1vq73iF8NiPb00qDtY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/1znl1e8WEZLGaBUDIeXOt-YAvxo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/NRfJ3pJ_p1vq73iF8NiPb00qDtY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.155.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:27:1a:5b:35:1b:45:a6:77:f7:41:5a:01:6d:8b:3b:ff:bb:
         4a:9d:94:fb:37:cc:d4:06:8f:f4:29:39:87:fd:bb:2f:40:55:
         91:18:dd:23:69:0c:92:b3:f9:0f:ec:88:3a:eb:d1:7e:64:b7:
         b3:38:2d:bc:f3:cf:67:84:ac:f0:5e:41:48:02:6d:d0:8d:53:
         7a:83:59:e8:37:d4:02:90:60:26:3e:42:a8:ca:03:4d:72:f5:
         d0:fa:a6:83:ae:54:f8:50:d7:d0:80:01:dc:34:95:10:02:0b:
         26:c9:45:9d:42:ef:1b:66:f7:58:c4:54:4f:57:5c:7d:6f:52:
         2d:f8:a8:74:46:e6:96:cf:f8:63:eb:90:f4:73:bf:b4:09:b9:
         eb:26:12:cb:aa:a1:e8:c3:21:34:05:a3:7f:5e:83:95:9d:9c:
         b5:17:0c:db:fd:84:8d:d7:cc:27:e5:bf:92:8f:df:8f:01:d9:
         b9:00:f8:21:bd:ce:56:c4:c9:fd:17:a1:de:f6:6a:32:15:7d:
         2e:bc:c9:75:e1:2f:30:f3:e0:ba:7d:d0:57:50:89:cb:5a:22:
         20:0e:3f:a2:b5:b3:71:44:66:f7:8d:69:03:56:6e:6e:c4:e4:
         11:43:02:48:28:92:c2:43:8d:f7:07:29:f8:d1:95:75:d5:f9:
         7a:2a:57:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsgSswcOKyo+XkmfHTDiI9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTdjOWRlOTI3ZmE3NWJlYWVmNzg4NWYwZDg4ZjZmNGQy
YTBlZDYwHhcNMjMwMTAxMDg0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzM5ZTVkNWVmMTYxMTkyYzY2ODE1MDMyMWU1Y2ViN2U2MDBiZjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryyyxTrfXUnHapHUWeXA/Aq9ng7e
h3N+dh0G3zlFvFz1Ae6xTuOP1qT7SvqO/6RFCLjULfnd3NnXDYcqIfeqiWpZw/Km
McZW7Ftq7JGEWf+6CeZfrDDrryrmt0qS4HTAHtejtpWMCt/DB9ePw6M+pUjmxnbm
Bl0stacAUQl33jIThvJHWJoY2ZxQOSEVHmqrnPyk7dGFa63L0INEIkNsDxk4QR2k
bLo0uhEcWMymKDsILGEdBM1JaAojFXSzBn9wSPQ1/uE75+U3q2I1p4JM9I1bKHc0
NZK7xeYgtnnb/ca+95nuc0e2HQlVJXzQMM0kFtwOlbAWNn50eUEtJbSwGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNc55dXvFhGSxmgVAyHlzrfmAL8aMB8GA1UdIwQY
MBaAFDUXyd6Sf6db6u94hfDYj29NKg7WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJmSjNwSl9wMXZxNzNpRjhOaVBiMDBxRHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy85NTRhZGUtODRiNy00NDZkLWE2ZTIt
ZmQzYjMwMDJjMGJiLzEvMXpubDFlOFdFWkxHYUJVREllWE90LVlBdnhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy85NTRhZGUtODRiNy00NDZkLWE2ZTItZmQzYjMwMDJjMGJi
LzEvTlJmSjNwSl9wMXZxNzNpRjhOaVBiMDBxRHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZvrMA0G
CSqGSIb3DQEBCwUAA4IBAQCNJxpbNRtFpnf3QVoBbYs7/7tKnZT7N8zUBo/0KTmH
/bsvQFWRGN0jaQySs/kP7Ig669F+ZLezOC28889nhKzwXkFIAm3QjVN6g1noN9QC
kGAmPkKoygNNcvXQ+qaDrlT4UNfQgAHcNJUQAgsmyUWdQu8bZvdYxFRPV1x9b1It
+Kh0RuaWz/hj65D0c7+0CbnrJhLLqqHowyE0BaN/XoOVnZy1Fwzb/YSN18wn5b+S
j9+PAdm5APghvc5WxMn9F6He9moyFX0uvMl14S8w8+C6fdBXUInLWiIgDj+itbNx
RGb3jWkDVm5uxOQRQwJIKJLCQ433Byn40ZV11fl6KlcW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:02 2024 by rpki-client on console-ams.rpki-client.org