Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/Wrj-ncMd3IsyF3GpAcs4b9RJqjw.roa
File:                     Wrj-ncMd3IsyF3GpAcs4b9RJqjw.roa (raw, json)
Hash identifier:          nknesEbchKj2gVujIKZllunbWDIcRrp/DLPEx2l+m6I=
Subject key identifier:   5A:B8:FE:9D:C3:1D:DC:8B:32:17:71:A9:01:CB:38:6F:D4:49:AA:3C
Certificate issuer:       /CN=3517c9de927fa75beaef7885f0d88f6f4d2a0ed6
Certificate serial:       018B2808EDA5B78212D9C744159F94EE4153
Authority key identifier: 35:17:C9:DE:92:7F:A7:5B:EA:EF:78:85:F0:D8:8F:6F:4D:2A:0E:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NRfJ3pJ_p1vq73iF8NiPb00qDtY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/Wrj-ncMd3IsyF3GpAcs4b9RJqjw.roa
Signing time:             Fri 13 Oct 2023 07:55:55 +0000
ROA not before:           Fri 13 Oct 2023 07:55:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.155.234.0/24 maxlen: 24
                          185.155.235.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 14 Oct 2023 19:43:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:28:08:ed:a5:b7:82:12:d9:c7:44:15:9f:94:ee:41:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3517c9de927fa75beaef7885f0d88f6f4d2a0ed6
        Validity
            Not Before: Oct 13 07:55:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5ab8fe9dc31ddc8b321771a901cb386fd449aa3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:8c:d6:75:20:45:9c:7a:41:22:f9:f8:1f:d7:
                    32:5b:b8:a6:f6:b4:b4:42:ed:78:64:58:64:e5:6b:
                    ba:13:f4:70:ed:14:12:6a:a7:2d:c6:52:fd:61:e0:
                    cd:eb:86:8e:b4:b3:3d:92:40:10:e8:6f:c5:db:6e:
                    f4:73:39:b0:65:99:65:0c:a9:59:c8:d9:a4:57:db:
                    a5:74:2e:31:3d:0b:70:7f:18:4f:f5:c5:23:98:b1:
                    73:cf:34:c0:bb:01:65:50:d8:ed:82:19:69:0f:df:
                    19:94:0e:07:3c:67:44:4a:6f:51:de:d6:f6:e2:db:
                    c3:80:bd:2d:40:38:97:17:6b:f5:36:ff:50:f6:97:
                    e0:01:f4:77:6b:6b:b4:ad:43:5a:2c:1e:31:53:09:
                    97:10:65:8c:81:1b:27:03:15:b2:93:06:7c:18:a0:
                    7a:8e:f6:4e:2d:21:06:75:7b:e3:57:d5:dd:49:15:
                    9a:a4:85:41:f2:60:5a:92:e9:09:76:a3:be:77:5b:
                    bc:f2:15:9a:4e:51:bd:19:79:30:21:c2:f4:5f:08:
                    21:5a:2c:bc:45:0f:1e:3b:20:9a:20:e2:4a:c4:34:
                    28:83:b1:cf:c5:e5:06:9f:41:35:cd:be:2a:0e:ed:
                    e9:56:18:47:c9:b7:75:fb:69:ff:ff:e6:f0:c5:89:
                    7f:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:B8:FE:9D:C3:1D:DC:8B:32:17:71:A9:01:CB:38:6F:D4:49:AA:3C
            X509v3 Authority Key Identifier:
                keyid:35:17:C9:DE:92:7F:A7:5B:EA:EF:78:85:F0:D8:8F:6F:4D:2A:0E:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRfJ3pJ_p1vq73iF8NiPb00qDtY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/Wrj-ncMd3IsyF3GpAcs4b9RJqjw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/NRfJ3pJ_p1vq73iF8NiPb00qDtY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.155.234.0/23

    Signature Algorithm: sha256WithRSAEncryption
         62:72:1f:32:82:a1:ba:61:21:91:92:e3:d6:81:fc:26:e3:19:
         0a:28:1d:3c:82:14:de:16:b5:03:1a:44:98:4e:9b:f5:31:8d:
         c8:b4:bb:d9:05:da:54:52:37:c1:c7:40:f6:b1:60:5b:e5:36:
         25:e4:7c:da:5b:ec:be:62:c6:c8:f6:13:16:ed:58:56:3c:7a:
         bb:52:23:dd:63:31:a3:ee:6a:94:a6:34:50:2e:34:39:47:a5:
         fe:db:a4:cb:27:42:e4:6f:21:96:60:e5:31:2e:14:a4:9d:01:
         a1:55:41:3d:53:64:28:e9:6d:94:60:9d:8c:68:8a:1d:16:30:
         18:70:e1:81:f9:85:ec:e9:41:23:0b:e7:a6:4e:4b:90:3e:fb:
         d0:60:1f:8c:36:74:fa:e7:ab:12:76:0e:22:ca:5d:a6:e1:d7:
         74:10:d7:14:39:8e:c8:c7:3b:b4:4e:0f:85:ed:dd:9b:b0:58:
         65:5d:83:65:ea:d1:8f:13:2f:d9:fb:09:94:ec:47:2b:6f:1a:
         ff:6e:c0:0d:ea:b2:a6:93:60:00:75:ef:6b:3a:06:be:c1:54:
         de:9e:b0:fa:60:d8:c4:90:9c:67:49:06:29:71:0e:cc:2e:a8:
         41:ae:f8:e9:bd:57:fa:b0:cc:55:f2:66:7c:8b:49:6b:1f:03:
         10:92:98:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsoCO2lt4IS2cdEFZ+U7kFTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTdjOWRlOTI3ZmE3NWJlYWVmNzg4NWYwZDg4ZjZmNGQy
YTBlZDYwHhcNMjMxMDEzMDc1NTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWI4ZmU5ZGMzMWRkYzhiMzIxNzcxYTkwMWNiMzg2ZmQ0NDlhYTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkozWdSBFnHpBIvn4H9cyW7im9rS0
Qu14ZFhk5Wu6E/Rw7RQSaqctxlL9YeDN64aOtLM9kkAQ6G/F2270czmwZZllDKlZ
yNmkV9uldC4xPQtwfxhP9cUjmLFzzzTAuwFlUNjtghlpD98ZlA4HPGdESm9R3tb2
4tvDgL0tQDiXF2v1Nv9Q9pfgAfR3a2u0rUNaLB4xUwmXEGWMgRsnAxWykwZ8GKB6
jvZOLSEGdXvjV9XdSRWapIVB8mBakukJdqO+d1u88hWaTlG9GXkwIcL0XwghWiy8
RQ8eOyCaIOJKxDQog7HPxeUGn0E1zb4qDu3pVhhHybd1+2n//+bwxYl/ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFq4/p3DHdyLMhdxqQHLOG/USao8MB8GA1UdIwQY
MBaAFDUXyd6Sf6db6u94hfDYj29NKg7WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJmSjNwSl9wMXZxNzNpRjhOaVBiMDBxRHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy85NTRhZGUtODRiNy00NDZkLWE2ZTIt
ZmQzYjMwMDJjMGJiLzEvV3JqLW5jTWQzSXN5RjNHcEFjczRiOVJKcWp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy85NTRhZGUtODRiNy00NDZkLWE2ZTItZmQzYjMwMDJjMGJi
LzEvTlJmSjNwSl9wMXZxNzNpRjhOaVBiMDBxRHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuZvqMA0G
CSqGSIb3DQEBCwUAA4IBAQBich8ygqG6YSGRkuPWgfwm4xkKKB08ghTeFrUDGkSY
Tpv1MY3ItLvZBdpUUjfBx0D2sWBb5TYl5HzaW+y+YsbI9hMW7VhWPHq7UiPdYzGj
7mqUpjRQLjQ5R6X+26TLJ0LkbyGWYOUxLhSknQGhVUE9U2Qo6W2UYJ2MaIodFjAY
cOGB+YXs6UEjC+emTkuQPvvQYB+MNnT656sSdg4iyl2m4dd0ENcUOY7Ixzu0Tg+F
7d2bsFhlXYNl6tGPEy/Z+wmU7Ecrbxr/bsAN6rKmk2AAde9rOga+wVTenrD6YNjE
kJxnSQYpcQ7MLqhBrvjpvVf6sMxV8mZ8i0lrHwMQkpg+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:02 2024 by rpki-client on console-ams.rpki-client.org