Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/hTQdc7tkgALbk6mxIdI99nMQ2Zk.roa
File:                     hTQdc7tkgALbk6mxIdI99nMQ2Zk.roa (raw, json)
Hash identifier:          qNfCzl/s+4xD1k5q/6oMfR+tAQpE/5g+rVoepu2deuw=
Subject key identifier:   85:34:1D:73:BB:64:80:02:DB:93:A9:B1:21:D2:3D:F6:73:10:D9:99
Certificate issuer:       /CN=6a4623f76bd5bb2df0af66f360ff74ff1c00db02
Certificate serial:       01856D9D43F4AB04CD9E7DCCF6A0062E1A51
Authority key identifier: 6A:46:23:F7:6B:D5:BB:2D:F0:AF:66:F3:60:FF:74:FF:1C:00:DB:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/akYj92vVuy3wr2bzYP90_xwA2wI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/hTQdc7tkgALbk6mxIdI99nMQ2Zk.roa
Signing time:             Sun 01 Jan 2023 13:55:01 +0000
ROA not before:           Sun 01 Jan 2023 13:55:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3223
IP address blocks:        185.4.132.0/22 maxlen: 24
                          185.138.40.0/22 maxlen: 24
                          2a02:c500::/29 maxlen: 29
                          2a07:8c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:9d:43:f4:ab:04:cd:9e:7d:cc:f6:a0:06:2e:1a:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a4623f76bd5bb2df0af66f360ff74ff1c00db02
        Validity
            Not Before: Jan  1 13:55:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=85341d73bb648002db93a9b121d23df67310d999
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:15:4a:78:e1:8b:3b:88:b0:44:4f:ad:c3:30:
                    2a:28:b0:d3:57:60:16:92:cb:26:fd:3d:ee:df:1d:
                    61:55:8e:70:30:eb:5b:9e:18:38:e5:50:f0:9b:02:
                    17:c2:3f:16:58:e3:8a:a3:e5:c4:a2:5b:54:2a:60:
                    c9:2b:b2:b3:c7:7a:d7:13:2a:07:90:b7:d5:a6:70:
                    b1:09:22:a6:e1:1c:f6:1b:d8:49:87:cf:d6:3d:8b:
                    e0:fc:8d:5d:1e:fd:f0:ac:b1:8b:91:b5:d8:60:dd:
                    c3:d0:25:fb:be:20:92:64:1c:4b:49:81:b4:3d:82:
                    dc:a9:48:00:62:55:f3:d2:9c:6d:e2:06:92:de:d6:
                    a9:47:a5:d0:3c:21:6b:b8:26:3c:f6:ab:2e:33:cc:
                    c7:42:30:ea:06:0a:90:3b:a9:a5:a8:74:67:8a:51:
                    14:23:f8:14:e4:1f:eb:8b:89:4e:65:a8:fd:9f:be:
                    d2:b2:39:c2:bc:95:5e:d3:8a:11:88:48:81:b0:85:
                    67:7d:f9:d6:db:9d:c2:e9:6a:18:4b:01:f5:57:5d:
                    a0:1e:29:37:fc:c3:11:bd:7b:c2:af:ee:ef:9b:9c:
                    b0:43:1f:30:7f:f6:b0:7f:3f:cd:72:9b:87:f3:d0:
                    3c:ae:eb:57:07:ef:f7:ba:8d:38:6f:87:2f:7c:bf:
                    dc:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:34:1D:73:BB:64:80:02:DB:93:A9:B1:21:D2:3D:F6:73:10:D9:99
            X509v3 Authority Key Identifier:
                keyid:6A:46:23:F7:6B:D5:BB:2D:F0:AF:66:F3:60:FF:74:FF:1C:00:DB:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/akYj92vVuy3wr2bzYP90_xwA2wI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/hTQdc7tkgALbk6mxIdI99nMQ2Zk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/akYj92vVuy3wr2bzYP90_xwA2wI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.4.132.0/22
                  185.138.40.0/22
                IPv6:
                  2a02:c500::/29
                  2a07:8c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         c0:d7:c0:9e:67:af:76:7d:d3:d8:74:ee:a1:01:35:27:5b:03:
         54:c0:5c:04:34:76:96:66:ef:c7:13:ca:c7:35:2d:3c:78:f1:
         5a:f8:96:df:a3:7c:aa:f2:22:ac:5d:7e:e7:5a:0f:0f:6c:52:
         00:da:7f:0c:67:35:c1:58:dc:fa:53:bf:2d:cd:38:d6:e8:97:
         df:71:ed:03:97:14:81:b7:ee:b3:a2:aa:08:65:75:8e:e0:42:
         7f:81:37:ce:20:d1:f0:cc:f1:b1:c7:d2:2d:1d:fc:3f:66:b6:
         ab:65:43:f9:94:b2:c5:18:b7:54:7f:a0:77:cc:56:56:6d:97:
         7d:7d:82:88:dd:ed:66:83:07:53:82:7c:13:f9:20:a7:bb:08:
         66:6c:1e:8a:d0:d0:be:a1:c6:4a:68:0a:2e:95:3f:40:eb:51:
         45:ad:6a:48:40:de:90:12:db:f7:f2:91:cc:91:15:a1:c1:c2:
         9b:a4:e9:9a:be:a2:8b:29:33:6f:8e:cd:8d:59:b1:ce:79:51:
         09:71:ae:53:9c:3a:9a:8d:3c:e7:30:b8:75:fb:c3:a1:88:80:
         cc:89:ac:43:86:80:b8:9b:91:35:c6:d2:aa:77:f1:00:50:1a:
         dc:d3:db:ee:c5:5c:7e:dd:bf:fd:6e:e2:7b:3d:45:6f:c9:e0:
         53:d1:ca:ea
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVtnUP0qwTNnn3M9qAGLhpRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNDYyM2Y3NmJkNWJiMmRmMGFmNjZmMzYwZmY3NGZmMWMw
MGRiMDIwHhcNMjMwMTAxMTM1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTM0MWQ3M2JiNjQ4MDAyZGI5M2E5YjEyMWQyM2RmNjczMTBkOTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixVKeOGLO4iwRE+twzAqKLDTV2AW
kssm/T3u3x1hVY5wMOtbnhg45VDwmwIXwj8WWOOKo+XEoltUKmDJK7Kzx3rXEyoH
kLfVpnCxCSKm4Rz2G9hJh8/WPYvg/I1dHv3wrLGLkbXYYN3D0CX7viCSZBxLSYG0
PYLcqUgAYlXz0pxt4gaS3tapR6XQPCFruCY89qsuM8zHQjDqBgqQO6mlqHRnilEU
I/gU5B/ri4lOZaj9n77SsjnCvJVe04oRiEiBsIVnffnW253C6WoYSwH1V12gHik3
/MMRvXvCr+7vm5ywQx8wf/awfz/NcpuH89A8rutXB+/3uo04b4cvfL/cbwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIU0HXO7ZIAC25OpsSHSPfZzENmZMB8GA1UdIwQY
MBaAFGpGI/dr1bst8K9m82D/dP8cANsCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWtZajkydlZ1eTN3cjJiellQOTBfeHdBMndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OTk1MjgtYjg5ZC00NDAyLWE4MDgt
NmM4MzIwNTBlNzdhLzEvaFRRZGM3dGtnQUxiazZteElkSTk5bk1RMlprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OTk1MjgtYjg5ZC00NDAyLWE4MDgtNmM4MzIwNTBlNzdh
LzEvYWtZajkydlZ1eTN3cjJiellQOTBfeHdBMndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuQSEAwQC
uYooMBQEAgACMA4DBQMqAsUAAwUDKgcIwDANBgkqhkiG9w0BAQsFAAOCAQEAwNfA
nmevdn3T2HTuoQE1J1sDVMBcBDR2lmbvxxPKxzUtPHjxWviW36N8qvIirF1+51oP
D2xSANp/DGc1wVjc+lO/Lc041uiX33HtA5cUgbfus6KqCGV1juBCf4E3ziDR8Mzx
scfSLR38P2a2q2VD+ZSyxRi3VH+gd8xWVm2XfX2CiN3tZoMHU4J8E/kgp7sIZmwe
itDQvqHGSmgKLpU/QOtRRa1qSEDekBLb9/KRzJEVocHCm6Tpmr6iiykzb47NjVmx
znlRCXGuU5w6mo085zC4dfvDoYiAzImsQ4aAuJuRNcbSqnfxAFAa3NPb7sVcft2/
/W7iez1Fb8ngU9HK6g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:36 2024 by rpki-client on console-ams.rpki-client.org