Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/79c0a9-e5e4-47c3-823f-0b8b075e86db/1/X6vYr1o2Yhv21V1GKmQErKAvqLc.roa
File:                     X6vYr1o2Yhv21V1GKmQErKAvqLc.roa (raw, json)
Hash identifier:          dJ9OVv6FcI692Q6n4YL7erTXafiD/HuWqWKscFE+wao=
Subject key identifier:   5F:AB:D8:AF:5A:36:62:1B:F6:D5:5D:46:2A:64:04:AC:A0:2F:A8:B7
Certificate issuer:       /CN=02ab010cf5c11c1b30693d11417b60cf45fb1209
Certificate serial:       01856DC1A3D48AB682863109504E02A091D0
Authority key identifier: 02:AB:01:0C:F5:C1:1C:1B:30:69:3D:11:41:7B:60:CF:45:FB:12:09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AqsBDPXBHBswaT0RQXtgz0X7Egk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/79c0a9-e5e4-47c3-823f-0b8b075e86db/1/X6vYr1o2Yhv21V1GKmQErKAvqLc.roa
Signing time:             Sun 01 Jan 2023 14:34:45 +0000
ROA not before:           Sun 01 Jan 2023 14:34:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57852
IP address blocks:        185.217.185.0/24 maxlen: 24
                          185.217.186.0/24 maxlen: 24
                          185.217.184.0/24 maxlen: 24
                          185.217.187.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:c1:a3:d4:8a:b6:82:86:31:09:50:4e:02:a0:91:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02ab010cf5c11c1b30693d11417b60cf45fb1209
        Validity
            Not Before: Jan  1 14:34:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5fabd8af5a36621bf6d55d462a6404aca02fa8b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:13:ba:ee:70:51:36:af:ef:7d:02:c6:d9:7a:
                    f4:e8:c3:94:78:80:8b:b2:92:4f:ad:93:e7:70:1d:
                    47:7c:17:5d:c1:11:ec:66:f5:ee:65:3e:3b:b7:f9:
                    3d:3d:40:26:76:ef:29:2d:ee:22:fe:e0:23:49:a9:
                    c5:69:91:56:c2:58:59:40:1c:cb:6c:41:3f:6b:ba:
                    d9:9b:b2:53:c2:66:06:e7:a4:57:0c:14:32:cf:21:
                    7c:1b:09:a9:bc:3a:24:19:72:e9:d8:39:2e:b3:45:
                    0b:59:53:50:e3:4d:0e:1f:76:96:9a:47:f5:35:d9:
                    72:9b:0e:86:a9:ce:1c:e2:1d:84:5a:2b:3b:5d:2a:
                    8a:c2:c8:83:5b:83:1a:93:54:3a:c1:94:36:12:8f:
                    a8:c1:95:47:af:99:60:19:8f:1c:20:c1:48:82:8a:
                    40:6e:00:70:f8:d2:1c:a4:d8:73:cc:d2:07:bb:bf:
                    c1:ce:fa:59:14:64:78:af:5d:60:cf:ec:cd:27:de:
                    90:ca:2c:5f:95:0f:52:b6:58:4d:59:25:e8:06:4b:
                    34:09:c7:98:8e:2c:e3:95:f8:88:80:ec:cd:f1:a6:
                    8e:07:14:92:ae:33:76:eb:b3:78:7e:a7:f8:f7:d8:
                    b0:00:fc:64:db:de:92:ed:74:89:87:6b:48:c1:09:
                    c9:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:AB:D8:AF:5A:36:62:1B:F6:D5:5D:46:2A:64:04:AC:A0:2F:A8:B7
            X509v3 Authority Key Identifier:
                keyid:02:AB:01:0C:F5:C1:1C:1B:30:69:3D:11:41:7B:60:CF:45:FB:12:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AqsBDPXBHBswaT0RQXtgz0X7Egk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/79c0a9-e5e4-47c3-823f-0b8b075e86db/1/X6vYr1o2Yhv21V1GKmQErKAvqLc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/79c0a9-e5e4-47c3-823f-0b8b075e86db/1/AqsBDPXBHBswaT0RQXtgz0X7Egk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.217.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         27:c3:04:3f:f1:b7:f0:b0:79:d1:53:b1:f6:e8:e4:2e:2f:d7:
         57:be:be:c5:2a:00:88:a2:e2:cb:72:b1:03:45:b8:19:bb:af:
         3e:03:58:04:76:ea:de:9c:67:7e:17:9f:e9:97:ae:8e:04:f1:
         85:e5:23:e6:24:d4:1b:68:44:ca:3b:7d:4e:33:7e:30:55:25:
         52:9c:b1:e1:9c:83:b2:f5:03:ba:0f:80:c5:73:47:fa:35:f0:
         a3:05:4b:cb:f5:a0:82:35:0a:e9:fe:0f:1e:42:cd:ba:21:fc:
         d2:bc:9a:da:06:43:bd:0e:37:70:e3:d3:e1:a1:7b:0b:a3:ad:
         7a:ce:03:15:22:ac:c3:40:7e:4b:24:1e:50:9c:b0:0e:b7:f0:
         3c:c5:e5:9b:37:28:ac:4b:0e:f0:0e:28:2e:2d:b5:e9:30:95:
         e0:01:62:a1:7a:fc:48:5d:7b:cc:00:57:a9:f1:6b:a7:7c:89:
         74:a5:b4:be:6a:e1:18:22:8a:89:e0:79:8f:d5:71:f9:f5:f9:
         d0:f5:4b:68:29:53:7c:a2:34:eb:ed:ef:5c:f0:4b:0f:2e:70:
         6d:eb:75:6f:d2:e1:ae:b6:18:ad:c6:be:45:7a:a1:a5:56:04:
         32:8f:c3:4a:b8:25:4a:05:b4:bd:16:a3:e3:2b:d3:60:9e:48:
         88:91:ff:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtwaPUiraChjEJUE4CoJHQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYWIwMTBjZjVjMTFjMWIzMDY5M2QxMTQxN2I2MGNmNDVm
YjEyMDkwHhcNMjMwMTAxMTQzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmFiZDhhZjVhMzY2MjFiZjZkNTVkNDYyYTY0MDRhY2EwMmZhOGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRO67nBRNq/vfQLG2Xr06MOUeICL
spJPrZPncB1HfBddwRHsZvXuZT47t/k9PUAmdu8pLe4i/uAjSanFaZFWwlhZQBzL
bEE/a7rZm7JTwmYG56RXDBQyzyF8GwmpvDokGXLp2Dkus0ULWVNQ400OH3aWmkf1
Ndlymw6Gqc4c4h2EWis7XSqKwsiDW4Mak1Q6wZQ2Eo+owZVHr5lgGY8cIMFIgopA
bgBw+NIcpNhzzNIHu7/BzvpZFGR4r11gz+zNJ96QyixflQ9StlhNWSXoBks0CceY
jizjlfiIgOzN8aaOBxSSrjN267N4fqf499iwAPxk296S7XSJh2tIwQnJRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF+r2K9aNmIb9tVdRipkBKygL6i3MB8GA1UdIwQY
MBaAFAKrAQz1wRwbMGk9EUF7YM9F+xIJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXFzQkRQWEJIQnN3YVQwUlFYdGd6MFg3RWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS83OWMwYTktZTVlNC00N2MzLTgyM2Yt
MGI4YjA3NWU4NmRiLzEvWDZ2WXIxbzJZaHYyMVYxR0ttUUVyS0F2cUxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS83OWMwYTktZTVlNC00N2MzLTgyM2YtMGI4YjA3NWU4NmRi
LzEvQXFzQkRQWEJIQnN3YVQwUlFYdGd6MFg3RWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudm4MA0G
CSqGSIb3DQEBCwUAA4IBAQAnwwQ/8bfwsHnRU7H26OQuL9dXvr7FKgCIouLLcrED
RbgZu68+A1gEdurenGd+F5/pl66OBPGF5SPmJNQbaETKO31OM34wVSVSnLHhnIOy
9QO6D4DFc0f6NfCjBUvL9aCCNQrp/g8eQs26IfzSvJraBkO9Djdw49PhoXsLo616
zgMVIqzDQH5LJB5QnLAOt/A8xeWbNyisSw7wDiguLbXpMJXgAWKhevxIXXvMAFep
8WunfIl0pbS+auEYIoqJ4HmP1XH59fnQ9UtoKVN8ojTr7e9c8EsPLnBt63Vv0uGu
thitxr5FeqGlVgQyj8NKuCVKBbS9FqPjK9NgnkiIkf/X
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:05 2024 by rpki-client on console-ams.rpki-client.org