Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/XZXjMGJYhXyc2uhUJmWsNkADmqA.roa
File:                     XZXjMGJYhXyc2uhUJmWsNkADmqA.roa (raw, json)
Hash identifier:          jZwdjihLfiw6YIOZpS3R3m+wDwlWPfIcIeFU5RpgGAc=
Subject key identifier:   5D:95:E3:30:62:58:85:7C:9C:DA:E8:54:26:65:AC:36:40:03:9A:A0
Certificate issuer:       /CN=3517c9de927fa75beaef7885f0d88f6f4d2a0ed6
Certificate serial:       018A65BEF4E3ECA28DF8D7D52164EAF84748
Authority key identifier: 35:17:C9:DE:92:7F:A7:5B:EA:EF:78:85:F0:D8:8F:6F:4D:2A:0E:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NRfJ3pJ_p1vq73iF8NiPb00qDtY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/XZXjMGJYhXyc2uhUJmWsNkADmqA.roa
Signing time:             Tue 05 Sep 2023 14:28:47 +0000
ROA not before:           Tue 05 Sep 2023 14:28:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.155.235.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 12 Sep 2023 15:10:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:65:be:f4:e3:ec:a2:8d:f8:d7:d5:21:64:ea:f8:47:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3517c9de927fa75beaef7885f0d88f6f4d2a0ed6
        Validity
            Not Before: Sep  5 14:28:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5d95e3306258857c9cdae8542665ac3640039aa0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:32:32:40:4c:ba:e4:f5:e9:f9:59:71:ab:f8:
                    ad:e5:cd:bd:b7:e4:1f:5a:5e:f4:8e:65:64:48:64:
                    6e:0b:4e:8b:75:bc:73:2a:84:90:d1:36:f8:f2:2d:
                    9e:ee:5a:ed:8c:09:d6:0c:fc:c0:5c:ed:89:6d:96:
                    c3:49:d3:e9:42:f6:e7:7c:ef:af:2b:bd:f3:61:cc:
                    35:6c:85:ef:46:56:69:b5:81:27:04:f1:82:51:46:
                    de:c3:7b:88:3e:3d:5b:2c:b7:4a:7f:ff:0d:97:6b:
                    26:3a:16:b3:b1:7e:16:ee:2b:65:c2:15:3f:b8:e3:
                    32:06:c6:9c:88:aa:2a:fb:d6:e1:cd:c4:dd:c3:ab:
                    2a:6c:9c:45:ed:59:5b:0d:94:b1:d7:f4:52:20:a7:
                    63:8b:eb:87:be:c9:c7:fe:44:4d:2f:27:c9:0d:b2:
                    00:f2:e5:10:a3:e1:1b:45:70:d0:32:27:c5:08:66:
                    cd:9d:cf:4f:da:10:ee:c2:69:0c:ab:f0:2f:ce:1b:
                    dd:fa:74:8e:1d:2a:d1:fb:1c:fe:d0:ef:50:e2:6f:
                    1a:70:b0:06:03:d4:47:32:2f:3b:c9:ec:7d:46:72:
                    c0:fb:41:44:4d:44:89:4a:46:d2:51:9d:39:9d:56:
                    58:09:96:12:f6:ea:bf:1c:97:9e:6a:79:bb:c0:c8:
                    ad:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:95:E3:30:62:58:85:7C:9C:DA:E8:54:26:65:AC:36:40:03:9A:A0
            X509v3 Authority Key Identifier:
                keyid:35:17:C9:DE:92:7F:A7:5B:EA:EF:78:85:F0:D8:8F:6F:4D:2A:0E:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRfJ3pJ_p1vq73iF8NiPb00qDtY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/XZXjMGJYhXyc2uhUJmWsNkADmqA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/NRfJ3pJ_p1vq73iF8NiPb00qDtY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.155.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:82:41:44:9d:26:b1:a2:6a:c8:d8:57:c3:ca:18:7d:0a:0d:
         9a:3d:05:b3:ab:26:31:ff:31:56:e1:5e:34:f0:d7:88:72:81:
         ec:d3:74:d2:a5:01:e0:e1:48:b4:a8:a3:30:64:37:d7:57:da:
         e9:50:58:ec:39:c2:97:09:cd:ee:f9:6c:5d:9b:4c:07:07:51:
         0b:dc:a9:1f:52:d3:91:0f:d6:c3:45:f2:f6:26:7c:b7:a5:15:
         31:7a:bf:ff:c7:c3:9d:28:e6:f3:f3:79:f8:8d:74:85:f4:18:
         fb:9f:e8:28:bd:8e:94:e7:b1:28:b5:52:ce:30:3c:b3:5a:a1:
         43:18:6e:e1:5a:2b:4e:d2:ba:df:79:3b:e3:f2:f2:05:48:1d:
         35:de:36:16:9e:72:42:43:48:ac:6d:15:c6:95:23:bb:c4:85:
         6c:89:30:e1:07:bc:07:69:b9:03:de:c4:b8:6e:9c:b0:2f:72:
         8c:08:0c:ce:f5:76:7c:ab:29:da:b6:7d:3a:56:24:a5:06:63:
         14:3f:0b:95:a7:c3:98:3e:ba:7d:73:cf:37:90:c3:95:9f:05:
         2f:e7:0f:9b:a2:a9:0c:89:e1:7b:4b:e7:d4:3c:35:43:c5:21:
         3c:22:de:68:ed:a8:56:ef:ee:8c:cb:b1:11:c5:ee:1c:d1:e1:
         ed:50:39:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYplvvTj7KKN+NfVIWTq+EdIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTdjOWRlOTI3ZmE3NWJlYWVmNzg4NWYwZDg4ZjZmNGQy
YTBlZDYwHhcNMjMwOTA1MTQyODQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDk1ZTMzMDYyNTg4NTdjOWNkYWU4NTQyNjY1YWMzNjQwMDM5YWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3jIyQEy65PXp+Vlxq/it5c29t+Qf
Wl70jmVkSGRuC06LdbxzKoSQ0Tb48i2e7lrtjAnWDPzAXO2JbZbDSdPpQvbnfO+v
K73zYcw1bIXvRlZptYEnBPGCUUbew3uIPj1bLLdKf/8Nl2smOhazsX4W7itlwhU/
uOMyBsaciKoq+9bhzcTdw6sqbJxF7VlbDZSx1/RSIKdji+uHvsnH/kRNLyfJDbIA
8uUQo+EbRXDQMifFCGbNnc9P2hDuwmkMq/Avzhvd+nSOHSrR+xz+0O9Q4m8acLAG
A9RHMi87yex9RnLA+0FETUSJSkbSUZ05nVZYCZYS9uq/HJeeanm7wMit+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF2V4zBiWIV8nNroVCZlrDZAA5qgMB8GA1UdIwQY
MBaAFDUXyd6Sf6db6u94hfDYj29NKg7WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJmSjNwSl9wMXZxNzNpRjhOaVBiMDBxRHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy85NTRhZGUtODRiNy00NDZkLWE2ZTIt
ZmQzYjMwMDJjMGJiLzEvWFpYak1HSlloWHljMnVoVUptV3NOa0FEbXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy85NTRhZGUtODRiNy00NDZkLWE2ZTItZmQzYjMwMDJjMGJi
LzEvTlJmSjNwSl9wMXZxNzNpRjhOaVBiMDBxRHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZvrMA0G
CSqGSIb3DQEBCwUAA4IBAQAagkFEnSaxomrI2FfDyhh9Cg2aPQWzqyYx/zFW4V40
8NeIcoHs03TSpQHg4Ui0qKMwZDfXV9rpUFjsOcKXCc3u+Wxdm0wHB1EL3KkfUtOR
D9bDRfL2Jny3pRUxer//x8OdKObz83n4jXSF9Bj7n+govY6U57EotVLOMDyzWqFD
GG7hWitO0rrfeTvj8vIFSB013jYWnnJCQ0isbRXGlSO7xIVsiTDhB7wHabkD3sS4
bpywL3KMCAzO9XZ8qynatn06ViSlBmMUPwuVp8OYPrp9c883kMOVnwUv5w+boqkM
ieF7S+fUPDVDxSE8It5o7ahW7+6My7ERxe4c0eHtUDlq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:02 2024 by rpki-client on console-ams.rpki-client.org