Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/28462c-2c23-4f95-8e8d-ade530d7c41b/1/EtdKTYofOE-InzOmq0S8fhDslx0.roa
File:                     EtdKTYofOE-InzOmq0S8fhDslx0.roa (raw, json)
Hash identifier:          CF2F9mE3syAv/VqbX/8mft3p1AlWJAZdynMKKhm+F2M=
Subject key identifier:   12:D7:4A:4D:8A:1F:38:4F:88:9F:33:A6:AB:44:BC:7E:10:EC:97:1D
Certificate issuer:       /CN=c6bfbef279bf9ded6e3651e0628d39ba79294f78
Certificate serial:       018570705EC0FE91BBEA87659D6A7E530588
Authority key identifier: C6:BF:BE:F2:79:BF:9D:ED:6E:36:51:E0:62:8D:39:BA:79:29:4F:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xr--8nm_ne1uNlHgYo05unkpT3g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/28462c-2c23-4f95-8e8d-ade530d7c41b/1/EtdKTYofOE-InzOmq0S8fhDslx0.roa
Signing time:             Mon 02 Jan 2023 03:04:50 +0000
ROA not before:           Mon 02 Jan 2023 03:04:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201188
IP address blocks:        185.63.92.0/24 maxlen: 24
                          185.63.93.0/24 maxlen: 24
                          185.63.94.0/24 maxlen: 24
                          185.16.110.0/24 maxlen: 24
                          2a03:ba6::/64 maxlen: 64
                          2a03:ba0::/29 maxlen: 29
                          2a03:ba2::/64 maxlen: 64
                          2a03:ba3::/64 maxlen: 64
                          2a03:ba7::/64 maxlen: 64
                          2a03:ba4::/64 maxlen: 64
                          2a03:ba0::/64 maxlen: 64
                          2a03:ba0::/32 maxlen: 32
                          2a03:ba5::/64 maxlen: 64

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:70:5e:c0:fe:91:bb:ea:87:65:9d:6a:7e:53:05:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6bfbef279bf9ded6e3651e0628d39ba79294f78
        Validity
            Not Before: Jan  2 03:04:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=12d74a4d8a1f384f889f33a6ab44bc7e10ec971d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:a2:c8:c4:d0:d1:6b:23:52:17:0d:9d:c3:10:
                    2f:34:54:77:1f:cc:bd:db:e5:00:ff:40:e5:60:84:
                    f0:c6:3d:d9:f4:e9:fc:41:79:47:9a:d3:94:d6:fd:
                    b6:67:a6:53:20:80:1a:c3:87:c3:57:2d:b7:e8:7c:
                    21:a3:5b:a5:2e:df:3b:a0:3d:48:61:a6:41:55:db:
                    71:9e:4a:8d:d6:bb:13:98:71:04:39:9a:71:4b:01:
                    de:ce:7f:20:f7:80:d6:28:23:0c:97:e3:0e:8f:6f:
                    24:28:cb:42:58:4a:41:c3:17:37:de:58:db:91:d5:
                    ac:cd:85:7d:0a:03:2e:e7:74:20:26:a0:34:91:1b:
                    5d:d2:92:10:13:b6:a0:15:f3:1d:e6:a1:6b:35:9e:
                    13:98:5f:4c:3b:2e:79:03:a9:7a:f3:26:67:94:4b:
                    40:45:0c:df:bc:fb:6b:c8:2b:45:2a:f4:22:a6:86:
                    f2:c4:19:e7:dc:5e:cd:c8:a1:0b:9b:02:aa:22:47:
                    f7:ad:b8:6c:7c:02:11:10:60:a9:30:c3:06:33:be:
                    da:79:9e:ee:35:cf:de:2a:ab:b5:2c:03:e0:c4:bc:
                    f3:05:43:ca:ef:2e:12:3a:a3:47:82:59:95:12:1e:
                    1f:59:31:85:d8:7f:7d:3d:ab:11:3b:f8:c9:5e:b6:
                    dd:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:D7:4A:4D:8A:1F:38:4F:88:9F:33:A6:AB:44:BC:7E:10:EC:97:1D
            X509v3 Authority Key Identifier:
                keyid:C6:BF:BE:F2:79:BF:9D:ED:6E:36:51:E0:62:8D:39:BA:79:29:4F:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xr--8nm_ne1uNlHgYo05unkpT3g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/28462c-2c23-4f95-8e8d-ade530d7c41b/1/EtdKTYofOE-InzOmq0S8fhDslx0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/28462c-2c23-4f95-8e8d-ade530d7c41b/1/xr--8nm_ne1uNlHgYo05unkpT3g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.16.110.0/24
                  185.63.92.0-185.63.94.255
                IPv6:
                  2a03:ba0::/29

    Signature Algorithm: sha256WithRSAEncryption
         73:a9:a8:0f:fe:04:f8:dc:c7:a6:1d:08:fd:06:f9:fd:0a:42:
         01:1c:a9:9e:c8:ed:19:1d:2b:73:b5:74:a3:cb:27:fe:47:3e:
         36:8d:29:37:1a:fc:25:68:6f:5f:79:60:18:fa:9a:c7:99:78:
         0a:fa:87:69:aa:d8:4d:e2:b6:ef:62:59:d8:d8:67:9d:04:2a:
         80:ab:0e:97:35:ca:1d:a6:98:4d:99:fa:ef:cd:96:e5:b7:66:
         e7:06:58:03:4c:b8:9a:c1:0e:27:3f:20:97:33:5d:54:ff:23:
         15:74:f1:60:ec:db:12:ff:1d:f0:b6:ed:0e:7b:51:2d:53:94:
         60:d9:52:14:fb:4f:2d:8e:d2:8a:26:bc:65:ca:a0:10:55:48:
         0f:67:77:f2:56:09:73:0f:f1:ec:68:ab:96:9b:fb:95:02:75:
         5a:c0:02:01:e6:30:01:03:d5:36:a9:d6:b0:03:1e:3c:07:97:
         22:e2:48:ea:2c:24:aa:94:70:d2:de:72:45:db:25:c9:e7:f4:
         72:7d:be:5f:fc:c4:7c:a2:d1:89:f7:82:d8:ce:22:45:94:3f:
         14:e2:83:82:75:17:bd:80:fb:c4:63:a8:74:82:ac:46:39:af:
         0f:8c:a0:51:a8:d5:fe:d4:25:24:f0:13:16:33:1a:3d:3d:6b:
         cb:3e:01:44
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVwcF7A/pG76odlnWp+UwWIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YmZiZWYyNzliZjlkZWQ2ZTM2NTFlMDYyOGQzOWJhNzky
OTRmNzgwHhcNMjMwMTAyMDMwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmQ3NGE0ZDhhMWYzODRmODg5ZjMzYTZhYjQ0YmM3ZTEwZWM5NzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqLIxNDRayNSFw2dwxAvNFR3H8y9
2+UA/0DlYITwxj3Z9On8QXlHmtOU1v22Z6ZTIIAaw4fDVy236Hwho1ulLt87oD1I
YaZBVdtxnkqN1rsTmHEEOZpxSwHezn8g94DWKCMMl+MOj28kKMtCWEpBwxc33ljb
kdWszYV9CgMu53QgJqA0kRtd0pIQE7agFfMd5qFrNZ4TmF9MOy55A6l68yZnlEtA
RQzfvPtryCtFKvQipobyxBnn3F7NyKELmwKqIkf3rbhsfAIREGCpMMMGM77aeZ7u
Nc/eKqu1LAPgxLzzBUPK7y4SOqNHglmVEh4fWTGF2H99PasRO/jJXrbdiwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFBLXSk2KHzhPiJ8zpqtEvH4Q7JcdMB8GA1UdIwQY
MBaAFMa/vvJ5v53tbjZR4GKNObp5KU94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHItLThubV9uZTF1TmxIZ1lvMDV1bmtwVDNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yODQ2MmMtMmMyMy00Zjk1LThlOGQt
YWRlNTMwZDdjNDFiLzEvRXRkS1RZb2ZPRS1JbnpPbXEwUzhmaERzbHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yODQ2MmMtMmMyMy00Zjk1LThlOGQtYWRlNTMwZDdjNDFi
LzEveHItLThubV9uZTF1TmxIZ1lvMDV1bmtwVDNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQAuRBuMAwD
BAK5P1wDBAC5P14wDQQCAAIwBwMFAyoDC6AwDQYJKoZIhvcNAQELBQADggEBAHOp
qA/+BPjcx6YdCP0G+f0KQgEcqZ7I7RkdK3O1dKPLJ/5HPjaNKTca/CVob195YBj6
mseZeAr6h2mq2E3itu9iWdjYZ50EKoCrDpc1yh2mmE2Z+u/NluW3ZucGWANMuJrB
Dic/IJczXVT/IxV08WDs2xL/HfC27Q57US1TlGDZUhT7Ty2O0oomvGXKoBBVSA9n
d/JWCXMP8exoq5ab+5UCdVrAAgHmMAED1Tap1rADHjwHlyLiSOosJKqUcNLeckXb
Jcnn9HJ9vl/8xHyi0Yn3gtjOIkWUPxTig4J1F72A+8RjqHSCrEY5rw+MoFGo1f7U
JSTwExYzGj09a8s+AUQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:02 2024 by rpki-client on console-fra.rpki-client.org