Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a2c386-d5e9-4ad9-938a-0d1d174c4351/1/RKixa0mEcPe_cHL4xwPSH-gh5wM.roa
File:                     RKixa0mEcPe_cHL4xwPSH-gh5wM.roa (raw, json)
Hash identifier:          gV/f2359EHykn/kBnBxjp2IJ3dxmI/7TphjVwnEFrgg=
Subject key identifier:   44:A8:B1:6B:49:84:70:F7:BF:70:72:F8:C7:03:D2:1F:E8:21:E7:03
Certificate issuer:       /CN=6c1a761795f0f66bff2478b468cde0d851ed1887
Certificate serial:       018572BA4D594C2B675349F2147D89C75E1C
Authority key identifier: 6C:1A:76:17:95:F0:F6:6B:FF:24:78:B4:68:CD:E0:D8:51:ED:18:87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bBp2F5Xw9mv_JHi0aM3g2FHtGIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/a2c386-d5e9-4ad9-938a-0d1d174c4351/1/RKixa0mEcPe_cHL4xwPSH-gh5wM.roa
Signing time:             Mon 02 Jan 2023 13:44:50 +0000
ROA not before:           Mon 02 Jan 2023 13:44:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51704
IP address blocks:        46.60.128.0/17 maxlen: 24
                          185.224.12.0/22 maxlen: 24
                          2a03:c500::/32 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:34:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:ba:4d:59:4c:2b:67:53:49:f2:14:7d:89:c7:5e:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c1a761795f0f66bff2478b468cde0d851ed1887
        Validity
            Not Before: Jan  2 13:44:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=44a8b16b498470f7bf7072f8c703d21fe821e703
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:33:8d:38:8e:f6:9e:6c:36:21:61:c7:43:e6:
                    55:fa:2c:94:2c:dd:5a:12:8d:bb:a3:76:64:25:39:
                    87:f7:df:6c:f6:c3:6d:11:51:f4:ca:5f:f4:54:47:
                    b4:b6:99:9a:f5:c6:4e:44:90:aa:9e:97:3f:34:b0:
                    ed:ca:48:74:8f:81:5f:dc:9f:e4:b2:d9:ce:f7:ca:
                    70:a3:6c:74:5c:9e:da:f3:be:2b:1b:e6:5a:6e:cc:
                    a9:57:82:05:b6:95:39:72:60:70:be:b0:03:9e:b8:
                    9a:10:56:8b:a3:5c:40:1b:2c:a9:63:b2:c1:69:a2:
                    00:e8:2b:92:63:57:94:02:b0:05:42:69:0d:81:c4:
                    d4:43:95:94:c1:5b:30:49:b2:2d:b8:7b:70:34:f2:
                    a8:a1:8b:bf:36:d0:80:ae:fa:12:7f:f9:10:c8:bf:
                    8c:91:f9:62:6c:8b:bb:c9:62:c3:ea:cf:90:4f:77:
                    24:17:3a:aa:b1:1a:60:9e:b0:00:ee:f2:bb:d3:ac:
                    e6:0f:00:91:39:72:b2:58:99:62:0a:ec:71:15:f3:
                    ea:84:41:7b:16:89:d5:f1:bf:4b:a6:df:30:a5:fa:
                    41:d7:97:94:74:07:31:bc:45:44:3e:98:40:7c:93:
                    64:31:75:7d:87:60:c2:30:04:c6:da:ef:95:83:e2:
                    1c:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:A8:B1:6B:49:84:70:F7:BF:70:72:F8:C7:03:D2:1F:E8:21:E7:03
            X509v3 Authority Key Identifier:
                keyid:6C:1A:76:17:95:F0:F6:6B:FF:24:78:B4:68:CD:E0:D8:51:ED:18:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bBp2F5Xw9mv_JHi0aM3g2FHtGIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a2c386-d5e9-4ad9-938a-0d1d174c4351/1/RKixa0mEcPe_cHL4xwPSH-gh5wM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a2c386-d5e9-4ad9-938a-0d1d174c4351/1/bBp2F5Xw9mv_JHi0aM3g2FHtGIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.60.128.0/17
                  185.224.12.0/22
                IPv6:
                  2a03:c500::/32

    Signature Algorithm: sha256WithRSAEncryption
         2f:70:5a:3a:60:7e:ae:d7:af:8f:72:52:5c:fd:7e:75:42:76:
         3d:c0:7e:65:d4:07:ca:b6:25:9e:f7:91:f1:80:1a:8a:55:ae:
         98:ad:b1:2f:54:88:5d:c1:f5:0f:fc:4c:bf:fa:43:19:2a:52:
         e5:99:95:8e:9c:b1:ba:d2:cd:97:3a:05:53:2b:ee:18:50:3f:
         18:22:06:3c:a3:4f:3b:c5:58:c8:c9:5e:d7:bd:19:76:55:6d:
         b4:1d:c6:f5:e8:0d:0a:93:3b:24:f6:77:2c:d6:5c:cf:c6:d2:
         86:ad:94:b1:2c:64:92:53:57:44:29:2a:cb:50:82:7a:88:e0:
         8f:49:57:46:ef:84:a7:95:36:2e:f7:fc:84:b0:6b:17:fa:62:
         41:c1:f0:1f:a8:91:c4:47:8e:56:51:04:af:1c:cb:5b:ea:12:
         17:30:d2:d8:d6:71:78:bc:b1:af:cb:23:b4:8e:e0:3a:eb:64:
         db:b1:44:60:a9:04:67:7c:d8:ff:4f:c7:cd:8c:63:e6:e0:d5:
         db:02:74:a7:39:24:5e:07:90:4d:49:6b:59:fd:29:06:79:aa:
         5e:79:64:c2:8b:a6:d9:15:7b:55:20:f3:55:74:aa:4f:8c:b7:
         1a:f4:6c:ad:89:15:3e:c6:b2:f4:86:2f:e7:a1:57:97:cb:fc:
         c0:7a:b4:aa
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyuk1ZTCtnU0nyFH2Jx14cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMWE3NjE3OTVmMGY2NmJmZjI0NzhiNDY4Y2RlMGQ4NTFl
ZDE4ODcwHhcNMjMwMTAyMTM0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGE4YjE2YjQ5ODQ3MGY3YmY3MDcyZjhjNzAzZDIxZmU4MjFlNzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTONOI72nmw2IWHHQ+ZV+iyULN1a
Eo27o3ZkJTmH999s9sNtEVH0yl/0VEe0tpma9cZORJCqnpc/NLDtykh0j4Ff3J/k
stnO98pwo2x0XJ7a874rG+ZabsypV4IFtpU5cmBwvrADnriaEFaLo1xAGyypY7LB
aaIA6CuSY1eUArAFQmkNgcTUQ5WUwVswSbItuHtwNPKooYu/NtCArvoSf/kQyL+M
kflibIu7yWLD6s+QT3ckFzqqsRpgnrAA7vK706zmDwCROXKyWJliCuxxFfPqhEF7
FonV8b9Lpt8wpfpB15eUdAcxvEVEPphAfJNkMXV9h2DCMATG2u+Vg+Ic6wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFESosWtJhHD3v3By+McD0h/oIecDMB8GA1UdIwQY
MBaAFGwadheV8PZr/yR4tGjN4NhR7RiHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkJwMkY1WHc5bXZfSkhpMGFNM2cyRkh0R0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMmMzODYtZDVlOS00YWQ5LTkzOGEt
MGQxZDE3NGM0MzUxLzEvUktpeGEwbUVjUGVfY0hMNHh3UFNILWdoNXdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMmMzODYtZDVlOS00YWQ5LTkzOGEtMGQxZDE3NGM0MzUx
LzEvYkJwMkY1WHc5bXZfSkhpMGFNM2cyRkh0R0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHLjyAAwQC
ueAMMA0EAgACMAcDBQAqA8UAMA0GCSqGSIb3DQEBCwUAA4IBAQAvcFo6YH6u16+P
clJc/X51QnY9wH5l1AfKtiWe95HxgBqKVa6YrbEvVIhdwfUP/Ey/+kMZKlLlmZWO
nLG60s2XOgVTK+4YUD8YIgY8o087xVjIyV7XvRl2VW20Hcb16A0Kkzsk9ncs1lzP
xtKGrZSxLGSSU1dEKSrLUIJ6iOCPSVdG74SnlTYu9/yEsGsX+mJBwfAfqJHER45W
UQSvHMtb6hIXMNLY1nF4vLGvyyO0juA662TbsURgqQRnfNj/T8fNjGPm4NXbAnSn
OSReB5BNSWtZ/SkGeapeeWTCi6bZFXtVIPNVdKpPjLca9GytiRU+xrL0hi/noVeX
y/zAerSq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:38 2024 by rpki-client on console-fra.rpki-client.org