Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/537191-1179-48ec-ad9f-ffe43a52d3f6/1/6yWhayEQj13epf7T-5mJspJxmE4.roa
File:                     6yWhayEQj13epf7T-5mJspJxmE4.roa (raw, json)
Hash identifier:          gpQLARxbBRbeLV0Mhdzxi/J+vhPy7toCUGqChWFy+Sw=
Subject key identifier:   EB:25:A1:6B:21:10:8F:5D:DE:A5:FE:D3:FB:99:89:B2:92:71:98:4E
Certificate issuer:       /CN=b9ac49d1ccdcaedd9a13f4803df1aedce6dc1112
Certificate serial:       01858750DBDAE430032965D4F4DB52683C06
Authority key identifier: B9:AC:49:D1:CC:DC:AE:DD:9A:13:F4:80:3D:F1:AE:DC:E6:DC:11:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uaxJ0czcrt2aE_SAPfGu3ObcERI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/537191-1179-48ec-ad9f-ffe43a52d3f6/1/6yWhayEQj13epf7T-5mJspJxmE4.roa
Signing time:             Fri 06 Jan 2023 13:41:41 +0000
ROA not before:           Fri 06 Jan 2023 13:41:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61275
IP address blocks:        188.93.184.0/21 maxlen: 21
                          185.24.188.0/22 maxlen: 22
                          85.93.224.0/19 maxlen: 19
                          178.248.96.0/21 maxlen: 21
                          91.135.48.0/21 maxlen: 21
                          91.135.58.0/24 maxlen: 24
                          5.100.176.0/21 maxlen: 21
                          91.135.56.0/23 maxlen: 23
                          77.223.164.0/22 maxlen: 22
                          77.223.161.0/24 maxlen: 24
                          77.223.162.0/23 maxlen: 23
                          185.3.0.0/22 maxlen: 22
                          77.223.172.0/22 maxlen: 22
                          5.100.184.0/22 maxlen: 22
                          91.135.60.0/22 maxlen: 22
                          77.223.168.0/22 maxlen: 22
                          91.135.59.0/24 maxlen: 24
                          77.223.176.0/20 maxlen: 20
                          2a03:ba00::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 13 Mar 2023 07:51:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:87:50:db:da:e4:30:03:29:65:d4:f4:db:52:68:3c:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9ac49d1ccdcaedd9a13f4803df1aedce6dc1112
        Validity
            Not Before: Jan  6 13:41:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eb25a16b21108f5ddea5fed3fb9989b29271984e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:22:2b:f6:08:c0:d8:d4:ed:48:ab:f1:57:08:
                    71:f2:8b:f2:b6:69:d7:7d:08:cf:7b:08:52:2b:e1:
                    0b:2b:e8:66:72:bf:cc:43:b6:4a:ef:48:60:e0:1d:
                    28:0e:40:a3:ae:24:b5:c2:5a:97:dc:22:7b:a0:34:
                    9d:53:26:4e:97:42:10:cb:b1:ac:e6:c2:2b:60:ef:
                    5f:73:38:d9:f5:2d:84:95:b1:04:da:ef:f3:4a:52:
                    58:42:21:7a:0c:1c:bd:a1:46:74:b5:ad:21:36:d0:
                    fc:2f:8d:0f:cb:c8:50:ab:5f:a4:4e:c7:19:09:a9:
                    24:b9:91:aa:b7:7e:1e:c9:3d:33:b3:7b:72:e1:db:
                    38:d4:bf:c0:13:9d:f7:83:b7:34:0d:aa:11:3e:52:
                    fb:4f:e7:76:ea:5f:88:97:e8:84:9a:44:bd:6e:13:
                    0c:89:0a:f5:bc:ef:48:a2:1c:54:45:35:a9:7b:c7:
                    c1:c9:e3:1e:dc:bf:6b:78:1a:22:77:58:93:b8:fb:
                    22:ba:7c:61:d3:b1:a7:df:02:bd:10:cc:bd:87:7c:
                    bb:a4:6b:67:99:10:9c:35:9d:fc:5b:a1:21:51:91:
                    97:cb:32:30:75:b2:51:ab:e9:f2:1c:39:63:2e:ee:
                    f6:bc:9d:86:bb:27:ec:53:5c:77:da:0b:3c:d5:c9:
                    c6:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:25:A1:6B:21:10:8F:5D:DE:A5:FE:D3:FB:99:89:B2:92:71:98:4E
            X509v3 Authority Key Identifier:
                keyid:B9:AC:49:D1:CC:DC:AE:DD:9A:13:F4:80:3D:F1:AE:DC:E6:DC:11:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uaxJ0czcrt2aE_SAPfGu3ObcERI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/537191-1179-48ec-ad9f-ffe43a52d3f6/1/6yWhayEQj13epf7T-5mJspJxmE4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/537191-1179-48ec-ad9f-ffe43a52d3f6/1/uaxJ0czcrt2aE_SAPfGu3ObcERI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.100.176.0-5.100.187.255
                  77.223.161.0-77.223.191.255
                  85.93.224.0/19
                  91.135.48.0/20
                  178.248.96.0/21
                  185.3.0.0/22
                  185.24.188.0/22
                  188.93.184.0/21
                IPv6:
                  2a03:ba00::/32

    Signature Algorithm: sha256WithRSAEncryption
         71:4f:be:4d:dc:b8:18:9e:dd:b6:35:9d:d5:e5:8a:b8:87:80:
         b1:cd:40:8e:e2:8f:ef:15:1e:a1:3c:49:8c:d0:9c:74:df:f5:
         1f:7f:e5:b7:3a:8a:85:d4:0f:e5:07:c2:55:2d:6e:af:3f:61:
         2e:e7:8a:94:11:6d:46:d8:fe:5c:6f:94:06:b2:5d:5b:0c:6a:
         66:dc:7f:57:69:b0:65:9b:ab:55:d9:94:46:f4:75:d3:22:71:
         5e:33:31:05:53:98:63:0f:92:df:b1:bc:37:50:4c:cc:4b:c9:
         31:f5:c4:fe:98:01:8a:69:35:96:34:9b:d1:24:41:c5:e4:c5:
         da:91:c2:9c:0e:5a:16:fa:ae:df:1d:d9:2a:07:62:d6:c1:ed:
         4f:4a:81:4f:59:48:3a:4f:bd:fb:99:fd:8a:b5:f1:a2:9a:47:
         c3:47:b3:10:01:00:6e:77:ee:0d:8b:0b:ba:12:1f:44:94:08:
         35:c4:9e:ea:1f:d4:23:fa:d9:cc:42:b5:0e:f0:5b:32:24:03:
         75:b2:4a:8e:aa:bc:70:94:57:c7:83:d2:7e:6a:67:68:cf:e5:
         87:f4:91:58:aa:9b:48:42:50:8c:ac:d8:ed:5b:e6:35:cf:4c:
         fe:f5:67:be:5e:a1:dd:14:fc:ea:0a:c5:c0:63:ce:37:31:22:
         23:d8:ef:79
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYWHUNva5DADKWXU9NtSaDwGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YWM0OWQxY2NkY2FlZGQ5YTEzZjQ4MDNkZjFhZWRjZTZk
YzExMTIwHhcNMjMwMTA2MTM0MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjI1YTE2YjIxMTA4ZjVkZGVhNWZlZDNmYjk5ODliMjkyNzE5ODRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCIr9gjA2NTtSKvxVwhx8ovytmnX
fQjPewhSK+ELK+hmcr/MQ7ZK70hg4B0oDkCjriS1wlqX3CJ7oDSdUyZOl0IQy7Gs
5sIrYO9fczjZ9S2ElbEE2u/zSlJYQiF6DBy9oUZ0ta0hNtD8L40Py8hQq1+kTscZ
CakkuZGqt34eyT0zs3ty4ds41L/AE533g7c0DaoRPlL7T+d26l+Il+iEmkS9bhMM
iQr1vO9IohxURTWpe8fByeMe3L9reBoid1iTuPsiunxh07Gn3wK9EMy9h3y7pGtn
mRCcNZ38W6EhUZGXyzIwdbJRq+nyHDljLu72vJ2GuyfsU1x32gs81cnGZQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFOsloWshEI9d3qX+0/uZibKScZhOMB8GA1UdIwQY
MBaAFLmsSdHM3K7dmhP0gD3xrtzm3BESMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWF4SjBjemNydDJhRV9TQVBmR3UzT2JjRVJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC81MzcxOTEtMTE3OS00OGVjLWFkOWYt
ZmZlNDNhNTJkM2Y2LzEvNnlXaGF5RVFqMTNlcGY3VC01bUpzcEp4bUU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC81MzcxOTEtMTE3OS00OGVjLWFkOWYtZmZlNDNhNTJkM2Y2
LzEvdWF4SjBjemNydDJhRV9TQVBmR3UzT2JjRVJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBGBAIAATBAMAwDBAQFZLAD
BAIFZLgwDAMEAE3foQMEBk3fgAMEBVVd4AMEBFuHMAMEA7L4YAMEArkDAAMEArkY
vAMEA7xduDANBAIAAjAHAwUAKgO6ADANBgkqhkiG9w0BAQsFAAOCAQEAcU++Tdy4
GJ7dtjWd1eWKuIeAsc1AjuKP7xUeoTxJjNCcdN/1H3/ltzqKhdQP5QfCVS1urz9h
LueKlBFtRtj+XG+UBrJdWwxqZtx/V2mwZZurVdmURvR10yJxXjMxBVOYYw+S37G8
N1BMzEvJMfXE/pgBimk1ljSb0SRBxeTF2pHCnA5aFvqu3x3ZKgdi1sHtT0qBT1lI
Ok+9+5n9irXxoppHw0ezEAEAbnfuDYsLuhIfRJQINcSe6h/UI/rZzEK1DvBbMiQD
dbJKjqq8cJRXx4PSfmpnaM/lh/SRWKqbSEJQjKzY7VvmNc9M/vVnvl6h3RT86grF
wGPONzEiI9jveQ==
-----END CERTIFICATE-----