Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/2955fd-092a-4ecc-a92f-fbb33a54fade/1/A1oZlJHLJeqCf4SoD20LozVKQuI.roa
File:                     A1oZlJHLJeqCf4SoD20LozVKQuI.roa (raw, json)
Hash identifier:          4oiOJ+5xYMFfAydL6e9todrqD+SoppEpVNre7yMkzVk=
Subject key identifier:   03:5A:19:94:91:CB:25:EA:82:7F:84:A8:0F:6D:0B:A3:35:4A:42:E2
Certificate issuer:       /CN=f6acb269fa8a554f5243a3abd68d5b8d76fe5ebb
Certificate serial:       01856FF04EECD8D28E2D2B8D940AC056929A
Authority key identifier: F6:AC:B2:69:FA:8A:55:4F:52:43:A3:AB:D6:8D:5B:8D:76:FE:5E:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9qyyafqKVU9SQ6Or1o1bjXb-Xrs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/2955fd-092a-4ecc-a92f-fbb33a54fade/1/A1oZlJHLJeqCf4SoD20LozVKQuI.roa
Signing time:             Mon 02 Jan 2023 00:44:57 +0000
ROA not before:           Mon 02 Jan 2023 00:44:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2635
IP address blocks:        185.64.140.0/22 maxlen: 32
                          2a04:fa80::/29 maxlen: 128

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f0:4e:ec:d8:d2:8e:2d:2b:8d:94:0a:c0:56:92:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f6acb269fa8a554f5243a3abd68d5b8d76fe5ebb
        Validity
            Not Before: Jan  2 00:44:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=035a199491cb25ea827f84a80f6d0ba3354a42e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:08:9b:49:6e:5b:ce:b6:91:f3:07:16:2e:b2:
                    60:99:fb:01:ad:27:0e:e2:3b:b8:86:8a:94:c4:83:
                    9e:13:62:05:12:65:56:9d:c6:e6:06:69:39:ba:dc:
                    70:6c:89:13:61:ad:b3:6d:54:d7:48:f3:f7:a2:5c:
                    20:02:fd:a4:00:58:83:ae:de:ab:6f:14:7b:cf:8b:
                    71:7e:d8:38:69:e0:4b:17:a4:04:b5:29:7d:28:cb:
                    6d:33:f2:0c:5a:30:30:5a:d6:7b:3d:72:55:e5:13:
                    1b:ed:93:88:df:e7:c7:2b:8c:e9:fb:e3:95:80:5a:
                    7d:08:11:d9:f9:46:09:9f:76:b0:36:8d:69:da:46:
                    ca:f7:ee:ad:44:87:a0:32:72:67:9d:e9:cb:d5:1c:
                    5c:d4:60:00:9c:60:16:23:75:a0:b2:90:af:12:74:
                    42:1b:b6:12:d8:a8:c8:90:7a:26:c4:26:8a:71:a3:
                    8e:11:22:84:db:6b:7f:d0:28:26:a7:c0:a2:73:da:
                    42:29:92:31:73:ca:74:1f:1f:85:03:0c:ee:6d:05:
                    83:e8:e1:2a:c3:5b:87:4c:5c:1c:91:e6:51:fb:5d:
                    35:d0:2b:97:e2:d6:ed:45:29:75:4f:79:02:22:f1:
                    df:32:c6:07:b2:78:85:c1:cd:02:de:be:82:b8:3f:
                    65:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:5A:19:94:91:CB:25:EA:82:7F:84:A8:0F:6D:0B:A3:35:4A:42:E2
            X509v3 Authority Key Identifier:
                keyid:F6:AC:B2:69:FA:8A:55:4F:52:43:A3:AB:D6:8D:5B:8D:76:FE:5E:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9qyyafqKVU9SQ6Or1o1bjXb-Xrs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2955fd-092a-4ecc-a92f-fbb33a54fade/1/A1oZlJHLJeqCf4SoD20LozVKQuI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2955fd-092a-4ecc-a92f-fbb33a54fade/1/9qyyafqKVU9SQ6Or1o1bjXb-Xrs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.64.140.0/22
                IPv6:
                  2a04:fa80::/29

    Signature Algorithm: sha256WithRSAEncryption
         1f:d6:6d:96:0c:bb:7e:98:aa:33:28:00:b9:e3:47:bc:c8:15:
         80:30:19:4c:69:e8:96:6a:89:25:8e:0f:18:97:42:4b:62:b5:
         65:0a:34:9f:84:45:a1:14:bf:82:e3:0f:94:b2:43:8e:8b:f5:
         af:99:3b:87:db:9c:f7:8b:b0:f4:de:83:72:9d:a9:fa:32:ac:
         81:7f:58:49:2f:a3:1b:53:73:55:37:b2:69:1a:f6:33:e7:f6:
         9c:d9:16:da:d3:82:56:9a:36:ca:5a:08:f9:69:e5:ef:76:f5:
         11:1e:ee:3b:11:2c:45:d1:74:00:8f:57:bc:64:32:ac:3f:30:
         42:b3:8c:da:21:80:3c:4e:2a:57:f5:89:d1:c6:51:5b:f8:a8:
         19:1e:a6:f4:a1:c5:f5:8b:57:e7:fd:5b:db:ab:e2:c0:ab:36:
         05:2f:ed:e1:54:d1:98:14:29:f4:e3:c4:f0:66:91:94:8b:63:
         89:1e:c4:d4:26:63:20:9e:81:ae:82:02:0f:91:e1:fe:dd:1e:
         e6:4e:a5:ba:0d:18:95:3d:61:9d:0d:96:a7:e8:1f:2b:be:9a:
         b8:e8:13:29:2d:bb:45:e4:10:28:a3:0e:b7:33:aa:55:d2:43:
         e3:c7:bf:70:8b:3d:40:9f:d2:7e:08:45:91:d3:1b:ae:f0:e6:
         fc:93:3d:1b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv8E7s2NKOLSuNlArAVpKaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YWNiMjY5ZmE4YTU1NGY1MjQzYTNhYmQ2OGQ1YjhkNzZm
ZTVlYmIwHhcNMjMwMTAyMDA0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzVhMTk5NDkxY2IyNWVhODI3Zjg0YTgwZjZkMGJhMzM1NGE0MmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwibSW5bzraR8wcWLrJgmfsBrScO
4ju4hoqUxIOeE2IFEmVWncbmBmk5utxwbIkTYa2zbVTXSPP3olwgAv2kAFiDrt6r
bxR7z4txftg4aeBLF6QEtSl9KMttM/IMWjAwWtZ7PXJV5RMb7ZOI3+fHK4zp++OV
gFp9CBHZ+UYJn3awNo1p2kbK9+6tRIegMnJnnenL1Rxc1GAAnGAWI3WgspCvEnRC
G7YS2KjIkHomxCaKcaOOESKE22t/0Cgmp8Cic9pCKZIxc8p0Hx+FAwzubQWD6OEq
w1uHTFwckeZR+1010CuX4tbtRSl1T3kCIvHfMsYHsniFwc0C3r6CuD9l8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFANaGZSRyyXqgn+EqA9tC6M1SkLiMB8GA1UdIwQY
MBaAFPassmn6ilVPUkOjq9aNW412/l67MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXF5eWFmcUtWVTlTUTZPcjFvMWJqWGItWHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8yOTU1ZmQtMDkyYS00ZWNjLWE5MmYt
ZmJiMzNhNTRmYWRlLzEvQTFvWmxKSExKZXFDZjRTb0QyMExvelZLUXVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8yOTU1ZmQtMDkyYS00ZWNjLWE5MmYtZmJiMzNhNTRmYWRl
LzEvOXF5eWFmcUtWVTlTUTZPcjFvMWJqWGItWHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUCMMA0E
AgACMAcDBQMqBPqAMA0GCSqGSIb3DQEBCwUAA4IBAQAf1m2WDLt+mKozKAC540e8
yBWAMBlMaeiWaokljg8Yl0JLYrVlCjSfhEWhFL+C4w+UskOOi/WvmTuH25z3i7D0
3oNynan6MqyBf1hJL6MbU3NVN7JpGvYz5/ac2Rba04JWmjbKWgj5aeXvdvURHu47
ESxF0XQAj1e8ZDKsPzBCs4zaIYA8TipX9YnRxlFb+KgZHqb0ocX1i1fn/Vvbq+LA
qzYFL+3hVNGYFCn048TwZpGUi2OJHsTUJmMgnoGuggIPkeH+3R7mTqW6DRiVPWGd
DZan6B8rvpq46BMpLbtF5BAoow63M6pV0kPjx79wiz1An9J+CEWR0xuu8Ob8kz0b
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:47 2024 by rpki-client on console-ams.rpki-client.org