Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/Yz4VGuy8B0iWm2MQFL4_MAQljhs.roa
File:                     Yz4VGuy8B0iWm2MQFL4_MAQljhs.roa (raw, json)
Hash identifier:          uryA7uFVRB+eJhtFuVhycvT7HKQkl3Vm3QLocoLXivA=
Subject key identifier:   63:3E:15:1A:EC:BC:07:48:96:9B:63:10:14:BE:3F:30:04:25:8E:1B
Certificate issuer:       /CN=3517c9de927fa75beaef7885f0d88f6f4d2a0ed6
Certificate serial:       0186D234AE4F4CCC8EC85D10C781E4B932CD
Authority key identifier: 35:17:C9:DE:92:7F:A7:5B:EA:EF:78:85:F0:D8:8F:6F:4D:2A:0E:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NRfJ3pJ_p1vq73iF8NiPb00qDtY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/Yz4VGuy8B0iWm2MQFL4_MAQljhs.roa
Signing time:             Sat 11 Mar 2023 19:45:13 +0000
ROA not before:           Sat 11 Mar 2023 19:45:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213305
IP address blocks:        185.155.235.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 21 Apr 2023 11:16:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:d2:34:ae:4f:4c:cc:8e:c8:5d:10:c7:81:e4:b9:32:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3517c9de927fa75beaef7885f0d88f6f4d2a0ed6
        Validity
            Not Before: Mar 11 19:45:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=633e151aecbc0748969b631014be3f3004258e1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:6c:e9:54:c1:8d:1f:f5:cd:b1:44:d0:04:cf:
                    de:97:5c:c3:5b:bf:b1:c5:75:9d:87:4a:9f:86:5c:
                    98:5c:db:cd:07:95:56:c7:4a:4d:d3:3d:70:9d:88:
                    b1:17:73:17:05:9d:bc:0e:0a:d6:53:5a:8b:b1:56:
                    71:55:ad:15:70:db:fd:04:8b:af:d5:08:a2:a9:fd:
                    c9:66:f3:d2:45:d1:3a:aa:19:22:be:c9:00:28:87:
                    87:0f:1d:a0:3f:39:1a:fb:e7:1a:63:02:cf:9b:5a:
                    44:e4:7c:e1:ad:ab:a5:6f:ae:6c:ea:d4:7c:07:0d:
                    04:13:32:49:19:ad:05:55:06:38:84:46:48:82:89:
                    2b:28:d0:96:b7:fa:b7:1a:a9:d0:c2:2a:8c:a3:57:
                    8f:cb:8c:07:3c:36:a6:d9:73:b4:14:7b:b1:7f:07:
                    08:93:d4:28:43:19:9c:f8:54:17:a2:98:fb:f0:e8:
                    f5:9b:b8:24:59:b8:2f:7c:38:e4:f9:2d:f2:2f:7b:
                    df:fc:76:db:13:8b:8b:42:f0:c0:ee:82:ae:41:7a:
                    3b:30:d6:cd:2b:be:aa:43:52:ce:ac:d5:2c:f4:16:
                    10:5d:e8:c1:7c:d4:64:72:5a:cb:92:21:2f:9d:d8:
                    b7:b9:bc:35:ef:24:fa:1a:f7:2c:de:2e:b5:90:85:
                    b1:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:3E:15:1A:EC:BC:07:48:96:9B:63:10:14:BE:3F:30:04:25:8E:1B
            X509v3 Authority Key Identifier:
                keyid:35:17:C9:DE:92:7F:A7:5B:EA:EF:78:85:F0:D8:8F:6F:4D:2A:0E:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRfJ3pJ_p1vq73iF8NiPb00qDtY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/Yz4VGuy8B0iWm2MQFL4_MAQljhs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/NRfJ3pJ_p1vq73iF8NiPb00qDtY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.155.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:7e:79:9b:63:87:6e:dd:8b:f1:54:61:6b:95:72:f7:8a:a8:
         c6:29:a8:2b:75:a2:ef:aa:9b:d8:0b:ef:3d:7e:c4:c1:e1:5a:
         62:4f:f5:36:0e:63:62:7f:f8:c2:85:17:94:3d:85:20:63:da:
         a3:77:6d:c0:32:af:8c:b7:59:b5:16:9f:52:2f:2a:0a:e7:83:
         df:77:e0:ae:24:4e:14:e3:29:95:32:6d:4a:77:69:d4:af:20:
         32:21:a3:94:21:bb:1a:0c:22:cd:87:57:fd:1f:00:23:26:79:
         b0:d1:a3:86:8f:60:f1:da:1d:6f:f4:5c:f4:96:44:f9:70:e9:
         4f:1f:84:f2:f5:1a:5c:65:ed:41:22:6e:b9:44:b1:f0:ec:7d:
         25:51:6d:6e:01:7a:20:d9:5e:f4:b5:47:55:15:0e:b5:32:b2:
         55:94:8d:41:1d:80:d7:ec:15:20:f0:23:c5:ef:88:9c:ed:4c:
         38:25:a9:64:8f:ad:ec:70:4d:ec:43:30:d7:89:e5:47:fb:58:
         5b:a3:6d:a8:92:8d:ad:8d:db:da:50:68:14:85:17:93:2f:80:
         4e:f1:7f:2f:ed:91:66:ab:c0:b4:68:31:8a:02:f1:74:82:6b:
         b3:cb:b0:71:bf:67:5b:77:cb:b9:a9:a3:f9:f0:4c:b3:ef:53:
         ee:1c:6b:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbSNK5PTMyOyF0Qx4HkuTLNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTdjOWRlOTI3ZmE3NWJlYWVmNzg4NWYwZDg4ZjZmNGQy
YTBlZDYwHhcNMjMwMzExMTk0NTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzNlMTUxYWVjYmMwNzQ4OTY5YjYzMTAxNGJlM2YzMDA0MjU4ZTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2zpVMGNH/XNsUTQBM/el1zDW7+x
xXWdh0qfhlyYXNvNB5VWx0pN0z1wnYixF3MXBZ28DgrWU1qLsVZxVa0VcNv9BIuv
1Qiiqf3JZvPSRdE6qhkivskAKIeHDx2gPzka++caYwLPm1pE5Hzhraulb65s6tR8
Bw0EEzJJGa0FVQY4hEZIgokrKNCWt/q3GqnQwiqMo1ePy4wHPDam2XO0FHuxfwcI
k9QoQxmc+FQXopj78Oj1m7gkWbgvfDjk+S3yL3vf/HbbE4uLQvDA7oKuQXo7MNbN
K76qQ1LOrNUs9BYQXejBfNRkclrLkiEvndi3ubw17yT6Gvcs3i61kIWxEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGM+FRrsvAdIlptjEBS+PzAEJY4bMB8GA1UdIwQY
MBaAFDUXyd6Sf6db6u94hfDYj29NKg7WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJmSjNwSl9wMXZxNzNpRjhOaVBiMDBxRHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy85NTRhZGUtODRiNy00NDZkLWE2ZTIt
ZmQzYjMwMDJjMGJiLzEvWXo0Vkd1eThCMGlXbTJNUUZMNF9NQVFsamhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy85NTRhZGUtODRiNy00NDZkLWE2ZTItZmQzYjMwMDJjMGJi
LzEvTlJmSjNwSl9wMXZxNzNpRjhOaVBiMDBxRHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZvrMA0G
CSqGSIb3DQEBCwUAA4IBAQALfnmbY4du3YvxVGFrlXL3iqjGKagrdaLvqpvYC+89
fsTB4VpiT/U2DmNif/jChReUPYUgY9qjd23AMq+Mt1m1Fp9SLyoK54Pfd+CuJE4U
4ymVMm1Kd2nUryAyIaOUIbsaDCLNh1f9HwAjJnmw0aOGj2Dx2h1v9Fz0lkT5cOlP
H4Ty9RpcZe1BIm65RLHw7H0lUW1uAXog2V70tUdVFQ61MrJVlI1BHYDX7BUg8CPF
74ic7Uw4Jalkj63scE3sQzDXieVH+1hbo22oko2tjdvaUGgUhReTL4BO8X8v7ZFm
q8C0aDGKAvF0gmuzy7Bxv2dbd8u5qaP58Eyz71PuHGuN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:02 2024 by rpki-client on console-ams.rpki-client.org