Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/6gdMVm6nKpxBMSDWjO455IheEKY.roa
File:                     6gdMVm6nKpxBMSDWjO455IheEKY.roa (raw, json)
Hash identifier:          +3Qpu9kVAdeKOaHvOjTrZt3Iy/4iDT606XZIH1S9qwg=
Subject key identifier:   EA:07:4C:56:6E:A7:2A:9C:41:31:20:D6:8C:EE:39:E4:88:5E:10:A6
Certificate issuer:       /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial:       018570796E98473DAD0B1705409F5C1F7105
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/6gdMVm6nKpxBMSDWjO455IheEKY.roa
Signing time:             Mon 02 Jan 2023 03:14:44 +0000
ROA not before:           Mon 02 Jan 2023 03:14:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39855
IP address blocks:        62.100.220.0/22 maxlen: 22
                          185.71.220.0/22 maxlen: 22
                          157.97.145.0/24 maxlen: 24
                          185.92.27.0/24 maxlen: 24
                          93.188.68.0/22 maxlen: 22
                          62.100.192.0/22 maxlen: 22
                          62.100.196.0/22 maxlen: 24
                          62.100.200.0/22 maxlen: 24
                          62.100.212.0/22 maxlen: 22

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:79:6e:98:47:3d:ad:0b:17:05:40:9f:5c:1f:71:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
        Validity
            Not Before: Jan  2 03:14:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ea074c566ea72a9c413120d68cee39e4885e10a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:d2:e2:d9:af:b7:f2:3d:18:51:e8:c6:3f:0e:
                    fe:00:89:f2:8c:a5:6d:13:5d:a7:43:f8:a2:19:cb:
                    6a:84:3a:e9:ba:81:02:b1:ec:bd:17:a3:ce:86:23:
                    0a:28:af:f4:c1:fe:d6:3f:f9:c7:59:d9:e2:50:56:
                    6a:13:e4:2d:98:16:67:29:a2:0f:b6:af:5b:a4:05:
                    1c:16:38:ae:13:32:ea:78:17:7b:be:a9:d3:38:30:
                    d9:e9:f7:3d:8c:a3:50:45:eb:74:a5:14:15:d7:ea:
                    aa:6a:77:eb:ee:e8:ed:9b:fc:d0:9a:55:28:48:d1:
                    de:df:5a:44:8b:22:15:24:ec:bc:11:dc:e2:3f:c3:
                    e2:01:e3:33:93:e7:30:43:ba:71:19:81:5d:86:87:
                    ed:20:d1:88:4d:79:22:be:29:fe:88:39:9c:53:06:
                    ea:ae:fe:a6:d3:3e:92:02:dd:3d:08:5b:18:27:34:
                    02:85:e9:f0:e0:ac:0f:bf:c3:86:df:bd:1f:35:cd:
                    ed:1a:06:52:a8:aa:39:a3:ff:1b:bc:cc:e1:01:ab:
                    e3:ef:f7:84:c2:f0:c2:55:35:40:7d:5a:8f:a8:51:
                    a6:f1:be:d8:64:20:76:1e:51:27:ff:2e:71:25:0d:
                    0b:60:fc:4e:30:d1:cf:38:ad:ad:f7:dd:a4:52:6b:
                    2a:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:07:4C:56:6E:A7:2A:9C:41:31:20:D6:8C:EE:39:E4:88:5E:10:A6
            X509v3 Authority Key Identifier:
                keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/6gdMVm6nKpxBMSDWjO455IheEKY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.100.192.0-62.100.203.255
                  62.100.212.0/22
                  62.100.220.0/22
                  93.188.68.0/22
                  157.97.145.0/24
                  185.71.220.0/22
                  185.92.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:03:56:13:11:e6:b3:25:2c:38:94:4f:c9:e5:4b:f0:83:4a:
         d3:00:cc:2d:b3:c1:63:c3:60:b2:91:d1:dd:0d:62:03:5b:30:
         13:4c:50:e5:bb:ad:ec:b3:08:8d:61:e6:54:d6:0b:72:3d:1c:
         fa:73:c1:ad:d7:26:73:b1:8e:c1:94:44:3d:99:d7:b1:b4:77:
         17:58:4a:ac:7b:e2:fb:f0:29:13:35:7f:cf:8e:0d:70:31:c2:
         5d:81:58:80:97:e4:00:7f:dd:f1:00:72:3c:75:ee:03:63:ce:
         6f:6c:5d:77:8f:a2:3d:f6:11:17:87:71:ae:37:2a:9f:7b:03:
         9a:c3:bb:08:58:22:a6:b9:7f:8e:7c:e9:41:38:a2:d0:08:1e:
         ab:61:4b:e3:9a:ca:db:7b:b3:b3:e6:2d:96:5a:68:86:a9:a4:
         19:b8:f2:aa:c3:f4:4e:5e:b9:bd:88:d1:ae:d6:c2:b9:75:5f:
         d0:93:f7:79:10:ae:64:bf:0b:dc:5a:8b:34:9f:02:75:ec:0b:
         3f:22:5b:e5:57:32:fa:e2:cc:d3:6e:ae:7e:26:f3:79:50:3d:
         ec:b0:76:23:53:c7:77:32:38:2e:01:c0:7c:ba:f5:1b:1d:03:
         b9:19:c6:5a:43:28:79:46:f8:d4:ee:af:f1:76:7d:0c:fb:65:
         37:11:0f:e8
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVweW6YRz2tCxcFQJ9cH3EFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy
NzFlMTAwHhcNMjMwMTAyMDMxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTA3NGM1NjZlYTcyYTljNDEzMTIwZDY4Y2VlMzllNDg4NWUxMGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tLi2a+38j0YUejGPw7+AInyjKVt
E12nQ/iiGctqhDrpuoECsey9F6POhiMKKK/0wf7WP/nHWdniUFZqE+QtmBZnKaIP
tq9bpAUcFjiuEzLqeBd7vqnTODDZ6fc9jKNQRet0pRQV1+qqanfr7ujtm/zQmlUo
SNHe31pEiyIVJOy8EdziP8PiAeMzk+cwQ7pxGYFdhoftINGITXkivin+iDmcUwbq
rv6m0z6SAt09CFsYJzQChenw4KwPv8OG370fNc3tGgZSqKo5o/8bvMzhAavj7/eE
wvDCVTVAfVqPqFGm8b7YZCB2HlEn/y5xJQ0LYPxOMNHPOK2t992kUmsqdwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFOoHTFZupyqcQTEg1ozuOeSIXhCmMB8GA1UdIwQY
MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt
NjM0MTEzNjdkOTBhLzEvNmdkTVZtNm5LcHhCTVNEV2pPNDU1SWhlRUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh
LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAY+ZMAD
BAI+ZMgDBAI+ZNQDBAI+ZNwDBAJdvEQDBACdYZEDBAK5R9wDBAC5XBswDQYJKoZI
hvcNAQELBQADggEBAFQDVhMR5rMlLDiUT8nlS/CDStMAzC2zwWPDYLKR0d0NYgNb
MBNMUOW7reyzCI1h5lTWC3I9HPpzwa3XJnOxjsGURD2Z17G0dxdYSqx74vvwKRM1
f8+ODXAxwl2BWICX5AB/3fEAcjx17gNjzm9sXXePoj32EReHca43Kp97A5rDuwhY
Iqa5f4586UE4otAIHqthS+Oaytt7s7PmLZZaaIappBm48qrD9E5eub2I0a7Wwrl1
X9CT93kQrmS/C9xaizSfAnXsCz8iW+VXMvrizNNurn4m83lQPeywdiNTx3cyOC4B
wHy69RsdA7kZxlpDKHlG+NTur/F2fQz7ZTcRD+g=
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:31 2024 by rpki-client on console-fra.rpki-client.org