Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/74228e-110c-46aa-8dea-0d145255fbb0/1/R1R-Mjf4K3dUgEI5KoVZxSo8yOk.roa
File:                     R1R-Mjf4K3dUgEI5KoVZxSo8yOk.roa (raw, json)
Hash identifier:          +vNYok2LHJVAOpSCSPPJJ0N4vpfmj2r9idVs6WENCQM=
Subject key identifier:   47:54:7E:32:37:F8:2B:77:54:80:42:39:2A:85:59:C5:2A:3C:C8:E9
Certificate issuer:       /CN=877367fef9a2f86e45c642697230fc0ebad9b7a8
Certificate serial:       01856E8B02D0EE0DA6407D021182C16C1633
Authority key identifier: 87:73:67:FE:F9:A2:F8:6E:45:C6:42:69:72:30:FC:0E:BA:D9:B7:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h3Nn_vmi-G5FxkJpcjD8DrrZt6g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/74228e-110c-46aa-8dea-0d145255fbb0/1/R1R-Mjf4K3dUgEI5KoVZxSo8yOk.roa
Signing time:             Sun 01 Jan 2023 18:14:42 +0000
ROA not before:           Sun 01 Jan 2023 18:14:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     24904
IP address blocks:        185.229.160.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:8b:02:d0:ee:0d:a6:40:7d:02:11:82:c1:6c:16:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=877367fef9a2f86e45c642697230fc0ebad9b7a8
        Validity
            Not Before: Jan  1 18:14:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=47547e3237f82b77548042392a8559c52a3cc8e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:70:cd:57:a8:98:a4:91:dc:af:e4:05:98:9b:
                    5c:d1:b8:26:88:df:57:c9:ad:69:91:f7:d3:7d:6c:
                    77:67:39:81:97:b0:bc:70:7f:18:f7:0c:fc:74:9a:
                    ed:7a:a9:81:1b:94:95:ec:1d:9f:92:41:71:4b:73:
                    2c:d3:54:b2:17:e6:b8:b6:00:1f:39:3c:64:4e:32:
                    05:55:4f:15:fe:68:1d:1f:9b:07:da:bf:41:77:d9:
                    17:b2:50:ea:92:e8:8f:ee:ab:88:8f:45:0a:1f:aa:
                    05:f2:a4:31:fd:fc:96:20:90:f9:23:14:4c:aa:8c:
                    27:c6:5e:bc:19:f9:77:0c:09:c6:ce:cb:c1:0b:b3:
                    96:e8:94:6a:9a:f5:87:ce:3a:77:57:02:00:d9:1b:
                    0e:24:c3:8b:69:75:d2:1c:b0:af:04:62:95:eb:89:
                    3f:41:f4:5d:18:93:d9:1b:a9:72:79:6e:ce:da:33:
                    0c:67:23:df:22:dd:93:32:6b:dd:e8:2c:ab:d8:89:
                    c7:6b:f2:e5:1c:62:18:26:b9:a3:0a:8f:96:dd:54:
                    2c:3d:d0:0a:17:33:a0:c6:6d:9f:87:3c:86:4d:d3:
                    97:c8:23:dc:7c:13:38:27:d0:3d:16:a3:fa:3a:b0:
                    13:41:e2:b4:5b:cd:cc:b9:a5:93:22:16:9d:5e:c1:
                    d2:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:54:7E:32:37:F8:2B:77:54:80:42:39:2A:85:59:C5:2A:3C:C8:E9
            X509v3 Authority Key Identifier:
                keyid:87:73:67:FE:F9:A2:F8:6E:45:C6:42:69:72:30:FC:0E:BA:D9:B7:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3Nn_vmi-G5FxkJpcjD8DrrZt6g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/74228e-110c-46aa-8dea-0d145255fbb0/1/R1R-Mjf4K3dUgEI5KoVZxSo8yOk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/74228e-110c-46aa-8dea-0d145255fbb0/1/h3Nn_vmi-G5FxkJpcjD8DrrZt6g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.229.160.0/22

    Signature Algorithm: sha256WithRSAEncryption
         52:6b:ce:d0:e4:ae:60:8a:f8:d5:f5:9f:d1:e5:c0:8c:e0:bc:
         8c:b9:37:8c:3a:3d:44:58:28:d3:19:ae:7f:61:6a:19:b2:2d:
         36:ea:fc:ab:f1:06:c4:92:28:b4:08:c6:87:25:5c:7d:c0:88:
         60:7a:a6:f2:7f:04:24:d8:f1:a3:3d:21:29:39:c1:8d:0d:3c:
         3c:90:f5:c5:20:97:30:c5:c9:15:1e:59:71:e5:d5:7e:96:71:
         84:14:e7:6e:c7:d6:0c:8d:9c:4b:5c:10:76:fd:ee:1b:44:56:
         f6:84:c7:5f:01:60:d2:11:ee:3c:45:7e:66:92:a0:ce:3d:21:
         b7:18:11:f2:3d:30:7b:6c:b1:fd:60:3e:a0:c9:9c:d9:90:d9:
         6c:c6:01:87:e3:9c:db:00:2f:ad:35:cf:f0:c1:bc:af:5b:ed:
         cf:b9:22:96:b9:05:21:4f:3a:a6:47:41:0a:61:d8:7b:8a:8b:
         a3:29:7b:8c:40:fd:2f:75:74:86:c0:1f:86:43:4d:21:ff:55:
         38:1f:67:f6:fc:e9:dc:df:08:d4:db:8d:e6:08:f4:5c:70:bc:
         ad:41:b4:e3:9e:db:8c:eb:2f:5d:75:20:b3:c7:3a:17:36:d2:
         95:ad:fb:b6:96:52:f0:08:d4:dd:8f:c3:e9:d0:a2:f6:e6:d4:
         e3:49:e9:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuiwLQ7g2mQH0CEYLBbBYzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzM2N2ZlZjlhMmY4NmU0NWM2NDI2OTcyMzBmYzBlYmFk
OWI3YTgwHhcNMjMwMTAxMTgxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzU0N2UzMjM3ZjgyYjc3NTQ4MDQyMzkyYTg1NTljNTJhM2NjOGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXDNV6iYpJHcr+QFmJtc0bgmiN9X
ya1pkffTfWx3ZzmBl7C8cH8Y9wz8dJrteqmBG5SV7B2fkkFxS3Ms01SyF+a4tgAf
OTxkTjIFVU8V/mgdH5sH2r9Bd9kXslDqkuiP7quIj0UKH6oF8qQx/fyWIJD5IxRM
qownxl68Gfl3DAnGzsvBC7OW6JRqmvWHzjp3VwIA2RsOJMOLaXXSHLCvBGKV64k/
QfRdGJPZG6lyeW7O2jMMZyPfIt2TMmvd6Cyr2InHa/LlHGIYJrmjCo+W3VQsPdAK
FzOgxm2fhzyGTdOXyCPcfBM4J9A9FqP6OrATQeK0W83MuaWTIhadXsHSBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEdUfjI3+Ct3VIBCOSqFWcUqPMjpMB8GA1UdIwQY
MBaAFIdzZ/75ovhuRcZCaXIw/A662beoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNObl92bWktRzVGeGtKcGNqRDhEcnJadDZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy83NDIyOGUtMTEwYy00NmFhLThkZWEt
MGQxNDUyNTVmYmIwLzEvUjFSLU1qZjRLM2RVZ0VJNUtvVlp4U284eU9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy83NDIyOGUtMTEwYy00NmFhLThkZWEtMGQxNDUyNTVmYmIw
LzEvaDNObl92bWktRzVGeGtKcGNqRDhEcnJadDZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueWgMA0G
CSqGSIb3DQEBCwUAA4IBAQBSa87Q5K5givjV9Z/R5cCM4LyMuTeMOj1EWCjTGa5/
YWoZsi026vyr8QbEkii0CMaHJVx9wIhgeqbyfwQk2PGjPSEpOcGNDTw8kPXFIJcw
xckVHllx5dV+lnGEFOdux9YMjZxLXBB2/e4bRFb2hMdfAWDSEe48RX5mkqDOPSG3
GBHyPTB7bLH9YD6gyZzZkNlsxgGH45zbAC+tNc/wwbyvW+3PuSKWuQUhTzqmR0EK
Ydh7ioujKXuMQP0vdXSGwB+GQ00h/1U4H2f2/Onc3wjU243mCPRccLytQbTjntuM
6y9ddSCzxzoXNtKVrfu2llLwCNTdj8Pp0KL25tTjSeks
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:30 2024 by rpki-client on console-fra.rpki-client.org