Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/3UFMSUfbUkt4xUPAsZ81ymBGS1U.roa
File:                     3UFMSUfbUkt4xUPAsZ81ymBGS1U.roa (raw, json)
Hash identifier:          p2Vwnukgbup7yaYf3IxKeus5G/q1ovjxWqDV2cs9hws=
Subject key identifier:   DD:41:4C:49:47:DB:52:4B:78:C5:43:C0:B1:9F:35:CA:60:46:4B:55
Certificate issuer:       /CN=11eecd71c193e4ac30ed03d0b9f05da101c603d2
Certificate serial:       0185715E5A9FE1FBBCEAD151270E38F3E4FB
Authority key identifier: 11:EE:CD:71:C1:93:E4:AC:30:ED:03:D0:B9:F0:5D:A1:01:C6:03:D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ee7NccGT5Kww7QPQufBdoQHGA9I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/3UFMSUfbUkt4xUPAsZ81ymBGS1U.roa
Signing time:             Mon 02 Jan 2023 07:24:47 +0000
ROA not before:           Mon 02 Jan 2023 07:24:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210876
IP address blocks:        185.236.24.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:5e:5a:9f:e1:fb:bc:ea:d1:51:27:0e:38:f3:e4:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11eecd71c193e4ac30ed03d0b9f05da101c603d2
        Validity
            Not Before: Jan  2 07:24:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dd414c4947db524b78c543c0b19f35ca60464b55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:87:06:5a:97:a8:1e:1a:2b:79:1b:a3:f4:4e:
                    e9:7b:19:f0:88:e9:f4:76:55:6a:cf:53:a7:e1:1c:
                    4e:e2:65:ee:ec:87:54:31:36:27:5c:aa:b1:d9:2d:
                    a9:40:e1:38:13:88:66:ce:05:2a:cf:58:2e:b0:7f:
                    79:5f:00:d1:83:c8:d4:b4:5f:30:27:21:d8:30:5a:
                    40:9b:7a:a0:f0:ee:dc:79:28:63:2d:e7:60:fe:80:
                    0b:e5:4b:ff:3b:12:bf:5b:40:dc:e6:19:26:7c:87:
                    56:d5:45:99:61:01:ec:ad:9d:9a:20:b9:d9:bd:f4:
                    dc:fa:0f:38:6f:11:52:36:2c:1e:13:6b:68:15:a7:
                    26:71:5e:74:57:3c:95:d0:fe:35:8a:12:94:8e:95:
                    23:ba:1c:f6:34:14:39:56:29:95:8e:76:ac:c3:7f:
                    24:04:ed:69:40:87:64:31:e5:82:90:9f:3d:3d:d8:
                    b2:cf:10:0f:09:6b:01:c8:73:ac:a7:b5:9b:55:25:
                    90:53:a4:78:13:77:94:80:e8:50:16:ab:56:5a:08:
                    c7:88:ca:67:84:d5:e8:11:69:99:c7:bb:fa:16:3a:
                    9f:ea:d2:44:b8:ec:b3:02:52:84:f5:76:b7:af:d4:
                    57:ae:59:23:7d:a3:49:76:8a:e2:44:55:90:8a:da:
                    f7:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:41:4C:49:47:DB:52:4B:78:C5:43:C0:B1:9F:35:CA:60:46:4B:55
            X509v3 Authority Key Identifier:
                keyid:11:EE:CD:71:C1:93:E4:AC:30:ED:03:D0:B9:F0:5D:A1:01:C6:03:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ee7NccGT5Kww7QPQufBdoQHGA9I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/3UFMSUfbUkt4xUPAsZ81ymBGS1U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/Ee7NccGT5Kww7QPQufBdoQHGA9I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.236.24.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c0:27:06:37:f8:d7:84:91:68:40:78:1b:d1:69:9e:85:0d:25:
         d4:fe:4b:cb:5a:8e:62:76:b5:cb:40:e6:bc:fb:a1:1a:d0:8f:
         4f:b4:df:5a:a1:b3:fc:58:a9:d4:04:e3:ab:a2:5e:ca:2a:58:
         7f:e0:7e:ea:2a:8d:65:e1:6e:b7:db:98:39:17:93:34:93:43:
         f2:87:d8:8b:81:73:be:47:62:cb:01:5e:c2:5c:98:ee:01:54:
         4e:93:8b:84:17:9b:1e:79:c2:36:b8:9b:46:1f:28:1d:50:7c:
         d7:32:b8:3d:cd:3f:04:2a:98:92:4b:f4:05:00:b3:e5:e3:a1:
         2a:46:1c:f1:a5:00:9b:1d:93:a4:71:f9:8c:fa:cd:fb:37:3a:
         b1:07:e8:1a:bd:ee:93:86:e9:a5:17:cb:c9:64:87:f2:fb:61:
         9d:65:9d:b8:3c:2e:08:1d:67:7a:7b:b8:b6:6b:68:8e:83:ac:
         db:b5:40:6c:bd:7f:71:42:7c:72:3d:df:c9:1d:ed:0b:ca:79:
         0a:fe:7c:ca:45:27:11:fa:21:82:b1:ba:ad:12:7f:b8:5c:bc:
         b4:fd:83:b7:44:db:f0:a1:08:f7:2a:8d:01:74:1f:8b:4f:ec:
         bd:c2:4b:f9:97:ce:e7:bc:fa:10:39:34:45:f7:13:89:4b:21:
         2e:4d:f1:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxXlqf4fu86tFRJw448+T7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZWVjZDcxYzE5M2U0YWMzMGVkMDNkMGI5ZjA1ZGExMDFj
NjAzZDIwHhcNMjMwMTAyMDcyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDQxNGM0OTQ3ZGI1MjRiNzhjNTQzYzBiMTlmMzVjYTYwNDY0YjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYcGWpeoHhoreRuj9E7pexnwiOn0
dlVqz1On4RxO4mXu7IdUMTYnXKqx2S2pQOE4E4hmzgUqz1gusH95XwDRg8jUtF8w
JyHYMFpAm3qg8O7ceShjLedg/oAL5Uv/OxK/W0Dc5hkmfIdW1UWZYQHsrZ2aILnZ
vfTc+g84bxFSNiweE2toFacmcV50VzyV0P41ihKUjpUjuhz2NBQ5VimVjnasw38k
BO1pQIdkMeWCkJ89PdiyzxAPCWsByHOsp7WbVSWQU6R4E3eUgOhQFqtWWgjHiMpn
hNXoEWmZx7v6Fjqf6tJEuOyzAlKE9Xa3r9RXrlkjfaNJdoriRFWQitr3BQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN1BTElH21JLeMVDwLGfNcpgRktVMB8GA1UdIwQY
MBaAFBHuzXHBk+SsMO0D0LnwXaEBxgPSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWU3TmNjR1Q1S3d3N1FQUXVmQmRvUUhHQTlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi80ZmQ5NWEtNTE1Ny00YTFiLWI4Njgt
MTM4OTk1Yzk5Yjk3LzEvM1VGTVNVZmJVa3Q0eFVQQXNaODF5bUJHUzFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi80ZmQ5NWEtNTE1Ny00YTFiLWI4NjgtMTM4OTk1Yzk5Yjk3
LzEvRWU3TmNjR1Q1S3d3N1FQUXVmQmRvUUhHQTlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuewYMA0G
CSqGSIb3DQEBCwUAA4IBAQDAJwY3+NeEkWhAeBvRaZ6FDSXU/kvLWo5idrXLQOa8
+6Ea0I9PtN9aobP8WKnUBOOrol7KKlh/4H7qKo1l4W6325g5F5M0k0Pyh9iLgXO+
R2LLAV7CXJjuAVROk4uEF5seecI2uJtGHygdUHzXMrg9zT8EKpiSS/QFALPl46Eq
RhzxpQCbHZOkcfmM+s37NzqxB+gave6ThumlF8vJZIfy+2GdZZ24PC4IHWd6e7i2
a2iOg6zbtUBsvX9xQnxyPd/JHe0LynkK/nzKRScR+iGCsbqtEn+4XLy0/YO3RNvw
oQj3Ko0BdB+LT+y9wkv5l87nvPoQOTRF9xOJSyEuTfHU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:57 2024 by rpki-client on console-ams.rpki-client.org