Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b7a249-1552-4f10-b008-1f66faab4ab5/1/bQSRWG2MwtwO0byKpwlK7NHLIzg.roa
File:                     bQSRWG2MwtwO0byKpwlK7NHLIzg.roa (raw, json)
Hash identifier:          BmUrLFwOl0mWS352IFrGdf/NusxxiNP0Sv0nNNJW5rY=
Subject key identifier:   6D:04:91:58:6D:8C:C2:DC:0E:D1:BC:8A:A7:09:4A:EC:D1:CB:23:38
Certificate issuer:       /CN=30d8a64903cfa217379749f18b7fdcea1dab6db4
Certificate serial:       018572C37996CB94A35DC917A457B73F200E
Authority key identifier: 30:D8:A6:49:03:CF:A2:17:37:97:49:F1:8B:7F:DC:EA:1D:AB:6D:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MNimSQPPohc3l0nxi3_c6h2rbbQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/b7a249-1552-4f10-b008-1f66faab4ab5/1/bQSRWG2MwtwO0byKpwlK7NHLIzg.roa
Signing time:             Mon 02 Jan 2023 13:54:51 +0000
ROA not before:           Mon 02 Jan 2023 13:54:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202032
IP address blocks:        185.54.80.0/22 maxlen: 24
                          2a02:4460::/32 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:c3:79:96:cb:94:a3:5d:c9:17:a4:57:b7:3f:20:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30d8a64903cfa217379749f18b7fdcea1dab6db4
        Validity
            Not Before: Jan  2 13:54:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6d0491586d8cc2dc0ed1bc8aa7094aecd1cb2338
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:ff:f2:81:aa:35:f1:ae:7f:49:0f:5b:61:4b:
                    db:3f:92:b2:e2:de:f0:2c:14:29:1a:f8:50:03:83:
                    a8:c5:d8:d7:81:d6:a2:73:87:92:e8:c8:ff:c2:30:
                    a5:03:70:60:9a:5c:08:8b:37:96:38:cf:77:45:b8:
                    b3:03:02:d0:7e:f1:f3:a8:35:75:8d:e9:af:58:f7:
                    6a:4d:97:3e:a2:67:ac:5d:59:82:5b:c7:ef:2e:d2:
                    36:eb:2d:df:dc:76:31:f9:af:84:5f:b2:ee:fe:42:
                    59:77:7a:c0:b4:dd:67:cc:42:c2:ea:68:93:2d:2a:
                    b7:4a:85:4f:43:a1:9d:f2:41:0e:70:2b:9d:36:5b:
                    61:01:85:49:e7:b5:d4:4f:3b:a7:7f:72:8d:90:42:
                    49:85:34:11:fd:fa:42:50:ef:2d:2a:cd:f5:b6:47:
                    6f:e0:7e:8a:7d:b8:e3:0b:c7:72:4f:44:5f:1a:e4:
                    35:b4:41:e6:e0:05:7a:28:a6:31:c1:05:a3:a8:b3:
                    6a:99:fa:99:72:40:4b:a2:9a:a1:9d:c9:fb:20:e4:
                    e2:e1:70:03:25:83:01:6f:cc:ad:cf:41:2d:54:ff:
                    7c:db:14:23:d0:23:c7:75:2b:42:c1:3a:fe:33:06:
                    67:72:82:7f:ff:2a:5a:bf:41:d6:f4:fb:20:79:32:
                    59:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:04:91:58:6D:8C:C2:DC:0E:D1:BC:8A:A7:09:4A:EC:D1:CB:23:38
            X509v3 Authority Key Identifier:
                keyid:30:D8:A6:49:03:CF:A2:17:37:97:49:F1:8B:7F:DC:EA:1D:AB:6D:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MNimSQPPohc3l0nxi3_c6h2rbbQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b7a249-1552-4f10-b008-1f66faab4ab5/1/bQSRWG2MwtwO0byKpwlK7NHLIzg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b7a249-1552-4f10-b008-1f66faab4ab5/1/MNimSQPPohc3l0nxi3_c6h2rbbQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.54.80.0/22
                IPv6:
                  2a02:4460::/32

    Signature Algorithm: sha256WithRSAEncryption
         9c:b1:f5:0b:fd:41:32:02:ba:14:24:96:17:34:e8:f0:f9:54:
         e4:09:e4:d6:a0:64:b0:da:09:ed:ce:81:cc:f4:29:9d:f0:a1:
         0b:6b:4d:9a:00:f7:fa:6b:90:c1:4c:72:dc:56:0c:6d:dd:b6:
         8f:9b:57:0a:7c:96:45:11:e6:6f:5b:9c:96:18:36:ba:a3:3f:
         47:c8:53:30:3e:30:e8:87:f3:03:2c:9e:15:bd:00:df:11:6c:
         e9:2a:67:31:a1:14:f4:9a:8b:41:d8:25:2f:f3:d9:b5:b8:62:
         91:78:c7:1d:fc:a0:f1:74:df:49:c3:c2:06:23:96:e0:d9:a1:
         73:f0:46:09:e0:b6:f1:90:78:be:f3:13:c7:1b:29:75:19:22:
         93:8c:35:10:2c:2f:6e:b7:52:dc:9e:5b:be:f3:85:2f:b8:5c:
         b3:dd:8e:52:b7:de:54:c4:c4:40:2f:cb:2e:3a:8a:35:4b:c2:
         a6:b8:7f:83:37:3e:8d:26:75:36:9e:02:14:58:71:dc:aa:71:
         69:2e:e0:40:bd:93:e9:da:4c:19:20:5a:a9:fd:56:9c:74:86:
         52:78:7b:cb:15:15:29:e3:47:94:27:ad:04:c3:31:be:86:62:
         fb:17:46:20:d3:d6:23:a6:09:e8:c1:4c:28:23:73:f9:cf:c9:
         7c:c7:2a:85
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyw3mWy5SjXckXpFe3PyAOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZDhhNjQ5MDNjZmEyMTczNzk3NDlmMThiN2ZkY2VhMWRh
YjZkYjQwHhcNMjMwMTAyMTM1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDA0OTE1ODZkOGNjMmRjMGVkMWJjOGFhNzA5NGFlY2QxY2IyMzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhv/ygao18a5/SQ9bYUvbP5Ky4t7w
LBQpGvhQA4OoxdjXgdaic4eS6Mj/wjClA3BgmlwIizeWOM93RbizAwLQfvHzqDV1
jemvWPdqTZc+omesXVmCW8fvLtI26y3f3HYx+a+EX7Lu/kJZd3rAtN1nzELC6miT
LSq3SoVPQ6Gd8kEOcCudNlthAYVJ57XUTzunf3KNkEJJhTQR/fpCUO8tKs31tkdv
4H6KfbjjC8dyT0RfGuQ1tEHm4AV6KKYxwQWjqLNqmfqZckBLopqhncn7IOTi4XAD
JYMBb8ytz0EtVP982xQj0CPHdStCwTr+MwZncoJ//ypav0HW9PsgeTJZbwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG0EkVhtjMLcDtG8iqcJSuzRyyM4MB8GA1UdIwQY
MBaAFDDYpkkDz6IXN5dJ8Yt/3Oodq220MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU5pbVNRUFBvaGMzbDBueGkzX2M2aDJyYmJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iN2EyNDktMTU1Mi00ZjEwLWIwMDgt
MWY2NmZhYWI0YWI1LzEvYlFTUldHMk13dHdPMGJ5S3B3bEs3TkhMSXpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iN2EyNDktMTU1Mi00ZjEwLWIwMDgtMWY2NmZhYWI0YWI1
LzEvTU5pbVNRUFBvaGMzbDBueGkzX2M2aDJyYmJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTZQMA0E
AgACMAcDBQAqAkRgMA0GCSqGSIb3DQEBCwUAA4IBAQCcsfUL/UEyAroUJJYXNOjw
+VTkCeTWoGSw2gntzoHM9Cmd8KELa02aAPf6a5DBTHLcVgxt3baPm1cKfJZFEeZv
W5yWGDa6oz9HyFMwPjDoh/MDLJ4VvQDfEWzpKmcxoRT0motB2CUv89m1uGKReMcd
/KDxdN9Jw8IGI5bg2aFz8EYJ4LbxkHi+8xPHGyl1GSKTjDUQLC9ut1Lcnlu+84Uv
uFyz3Y5St95UxMRAL8suOoo1S8KmuH+DNz6NJnU2ngIUWHHcqnFpLuBAvZPp2kwZ
IFqp/VacdIZSeHvLFRUp40eUJ60EwzG+hmL7F0Yg09YjpgnowUwoI3P5z8l8xyqF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:56 2024 by rpki-client on console-fra.rpki-client.org