Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/1f9ced-6bc2-486b-a4b6-09bdeb6afabd/1/S02yhljFY0YP3cWsXPmGQrxlAlg.roa
File:                     S02yhljFY0YP3cWsXPmGQrxlAlg.roa (raw, json)
Hash identifier:          En7h6pCnLO27QAaqoWo1/Y2LqvkE+Knks3a0Bu0IBv8=
Subject key identifier:   4B:4D:B2:86:58:C5:63:46:0F:DD:C5:AC:5C:F9:86:42:BC:65:02:58
Certificate issuer:       /CN=1a001d77025f052af7d0e62e1701016b9e22e002
Certificate serial:       01856E6FBEB051DDFE573AD95F3125D8A416
Authority key identifier: 1A:00:1D:77:02:5F:05:2A:F7:D0:E6:2E:17:01:01:6B:9E:22:E0:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GgAddwJfBSr30OYuFwEBa54i4AI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/1f9ced-6bc2-486b-a4b6-09bdeb6afabd/1/S02yhljFY0YP3cWsXPmGQrxlAlg.roa
Signing time:             Sun 01 Jan 2023 17:44:55 +0000
ROA not before:           Sun 01 Jan 2023 17:44:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31043
IP address blocks:        185.218.44.0/22 maxlen: 22
                          2a0c:8b00::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:6f:be:b0:51:dd:fe:57:3a:d9:5f:31:25:d8:a4:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a001d77025f052af7d0e62e1701016b9e22e002
        Validity
            Not Before: Jan  1 17:44:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4b4db28658c563460fddc5ac5cf98642bc650258
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:8a:c4:43:35:93:12:05:16:50:c1:0e:1b:7d:
                    e0:2e:59:77:42:2b:f8:8f:ae:c5:9e:dc:8f:23:5b:
                    91:a0:35:bc:de:65:bf:d7:9d:0e:b7:f1:1e:b1:13:
                    09:11:79:89:1b:6b:4f:c1:1e:7d:aa:86:09:e4:fc:
                    c1:51:3b:f7:cc:27:b3:36:0e:8e:b7:08:30:69:01:
                    c1:70:66:55:02:e5:ed:c0:d8:43:62:7d:d9:e8:44:
                    39:6c:d5:c8:d1:46:76:3e:bd:21:17:5a:2d:4a:86:
                    76:fd:7a:23:ab:fc:74:58:72:e4:6e:a4:a3:ec:05:
                    47:21:68:e4:be:1a:88:b6:a5:25:bc:fd:96:31:40:
                    01:07:1f:44:a0:14:d3:3d:70:67:46:87:77:f0:90:
                    66:8e:4b:09:ab:2c:f4:b9:e5:2b:df:f5:b2:19:34:
                    4a:55:dc:ea:1a:88:1a:97:b9:70:ef:ca:33:fd:ae:
                    f1:d0:18:60:3c:bd:bf:61:71:1a:01:69:18:8a:77:
                    73:24:ee:54:17:e6:a7:c0:ff:79:e0:6e:d2:85:b0:
                    61:ac:98:33:b6:b8:8b:a6:ae:e4:95:c2:de:65:d4:
                    b2:a5:dd:d9:fe:09:cb:fe:af:29:5d:7e:46:6e:5c:
                    88:87:45:d4:8b:c6:01:1b:6d:27:fb:8f:49:73:30:
                    a6:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:4D:B2:86:58:C5:63:46:0F:DD:C5:AC:5C:F9:86:42:BC:65:02:58
            X509v3 Authority Key Identifier:
                keyid:1A:00:1D:77:02:5F:05:2A:F7:D0:E6:2E:17:01:01:6B:9E:22:E0:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GgAddwJfBSr30OYuFwEBa54i4AI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/1f9ced-6bc2-486b-a4b6-09bdeb6afabd/1/S02yhljFY0YP3cWsXPmGQrxlAlg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/1f9ced-6bc2-486b-a4b6-09bdeb6afabd/1/GgAddwJfBSr30OYuFwEBa54i4AI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.218.44.0/22
                IPv6:
                  2a0c:8b00::/32

    Signature Algorithm: sha256WithRSAEncryption
         0d:00:47:ba:8e:e6:d0:5d:ca:d9:d1:7c:ec:e7:8e:74:2e:16:
         2e:07:62:d9:3e:84:43:4d:05:27:0c:c2:ed:db:ab:d7:07:8a:
         62:63:b6:03:9c:b3:e3:5f:31:52:4d:2f:88:f4:95:a5:42:16:
         10:56:ab:8c:04:a8:05:1d:fe:9b:c4:72:6e:b1:7a:6b:4b:7b:
         00:a3:c2:de:ac:9e:f1:e1:a1:5b:ab:5c:4f:c0:3f:e8:f1:47:
         91:2b:8a:a3:bf:da:c0:8c:aa:c1:da:12:6a:68:b3:e8:0d:95:
         8f:9c:2b:00:6e:33:07:fd:f1:27:2a:99:9d:61:0e:f2:71:92:
         05:69:89:9e:aa:69:25:f9:31:f2:84:d3:5f:3d:9f:10:81:05:
         f5:17:46:d7:df:2f:da:58:f0:01:29:19:6a:33:cf:76:13:de:
         8d:7d:4d:50:ea:39:7f:16:35:a5:80:37:78:36:b6:a5:dc:b1:
         97:ab:71:6f:61:54:ca:0b:f0:1a:0f:51:7b:c6:58:b9:26:8d:
         1d:3e:85:47:22:c1:04:c6:85:08:2a:eb:ac:15:bf:73:3e:0c:
         3d:9c:ab:44:e7:52:2b:c8:8f:d1:d8:bc:88:0f:d9:d2:d3:56:
         a7:e5:31:c3:39:78:44:0f:4c:9d:8e:4f:c3:23:4a:a2:0d:ff:
         4e:f1:26:b5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVub76wUd3+VzrZXzEl2KQWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMDAxZDc3MDI1ZjA1MmFmN2QwZTYyZTE3MDEwMTZiOWUy
MmUwMDIwHhcNMjMwMTAxMTc0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjRkYjI4NjU4YzU2MzQ2MGZkZGM1YWM1Y2Y5ODY0MmJjNjUwMjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlorEQzWTEgUWUMEOG33gLll3Qiv4
j67FntyPI1uRoDW83mW/150Ot/EesRMJEXmJG2tPwR59qoYJ5PzBUTv3zCezNg6O
twgwaQHBcGZVAuXtwNhDYn3Z6EQ5bNXI0UZ2Pr0hF1otSoZ2/Xojq/x0WHLkbqSj
7AVHIWjkvhqItqUlvP2WMUABBx9EoBTTPXBnRod38JBmjksJqyz0ueUr3/WyGTRK
VdzqGogal7lw78oz/a7x0BhgPL2/YXEaAWkYindzJO5UF+anwP954G7ShbBhrJgz
triLpq7klcLeZdSypd3Z/gnL/q8pXX5GblyIh0XUi8YBG20n+49JczCmjQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEtNsoZYxWNGD93FrFz5hkK8ZQJYMB8GA1UdIwQY
MBaAFBoAHXcCXwUq99DmLhcBAWueIuACMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2dBZGR3SmZCU3IzME9ZdUZ3RUJhNTRpNEFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8xZjljZWQtNmJjMi00ODZiLWE0YjYt
MDliZGViNmFmYWJkLzEvUzAyeWhsakZZMFlQM2NXc1hQbUdRcnhsQWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8xZjljZWQtNmJjMi00ODZiLWE0YjYtMDliZGViNmFmYWJk
LzEvR2dBZGR3SmZCU3IzME9ZdUZ3RUJhNTRpNEFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudosMA0E
AgACMAcDBQAqDIsAMA0GCSqGSIb3DQEBCwUAA4IBAQANAEe6jubQXcrZ0Xzs5450
LhYuB2LZPoRDTQUnDMLt26vXB4piY7YDnLPjXzFSTS+I9JWlQhYQVquMBKgFHf6b
xHJusXprS3sAo8LerJ7x4aFbq1xPwD/o8UeRK4qjv9rAjKrB2hJqaLPoDZWPnCsA
bjMH/fEnKpmdYQ7ycZIFaYmeqmkl+THyhNNfPZ8QgQX1F0bX3y/aWPABKRlqM892
E96NfU1Q6jl/FjWlgDd4Nral3LGXq3FvYVTKC/AaD1F7xli5Jo0dPoVHIsEExoUI
KuusFb9zPgw9nKtE51IryI/R2LyID9nS01an5THDOXhED0ydjk/DI0qiDf9O8Sa1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:07 2024 by rpki-client on console-ams.rpki-client.org