Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/ccc7de-47de-4287-a0b2-1df40145b0be/1/2mR5mMmFZgJa0qfS8FYeNYVwaWE.roa
File:                     2mR5mMmFZgJa0qfS8FYeNYVwaWE.roa (raw, json)
Hash identifier:          AP50geCKf9xdM5MBHMXIdqy9/gi0VOx29ThCD8e1npE=
Subject key identifier:   DA:64:79:98:C9:85:66:02:5A:D2:A7:D2:F0:56:1E:35:85:70:69:61
Certificate issuer:       /CN=b1d596fb1a3f2f4b127fb7cec19fd90bb94c73a4
Certificate serial:       01856E01C0CD61C9EDD2EF9D5F86C4659BFC
Authority key identifier: B1:D5:96:FB:1A:3F:2F:4B:12:7F:B7:CE:C1:9F:D9:0B:B9:4C:73:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sdWW-xo_L0sSf7fOwZ_ZC7lMc6Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/ccc7de-47de-4287-a0b2-1df40145b0be/1/2mR5mMmFZgJa0qfS8FYeNYVwaWE.roa
Signing time:             Sun 01 Jan 2023 15:44:46 +0000
ROA not before:           Sun 01 Jan 2023 15:44:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48685
IP address blocks:        185.118.32.0/22 maxlen: 22
                          2a03:5cc0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:01:c0:cd:61:c9:ed:d2:ef:9d:5f:86:c4:65:9b:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1d596fb1a3f2f4b127fb7cec19fd90bb94c73a4
        Validity
            Not Before: Jan  1 15:44:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=da647998c98566025ad2a7d2f0561e3585706961
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:8b:f6:d8:ac:13:37:64:68:bd:5f:13:70:5d:
                    4c:1a:56:d1:de:f4:2e:38:a8:5c:ec:cc:47:e6:85:
                    30:b8:2c:a6:53:88:78:51:d2:72:bd:07:eb:4c:e5:
                    aa:44:9d:6b:e3:a0:db:10:ca:e0:52:60:fc:6e:6e:
                    f7:e7:57:d2:4a:85:41:43:2d:93:7d:36:ce:ea:64:
                    e9:0c:78:1a:ae:a3:60:ef:f4:a0:f7:27:01:7f:82:
                    61:08:62:5d:e9:2f:00:05:09:65:9b:f8:09:df:e0:
                    3c:c0:a8:71:aa:85:a8:9c:45:72:ce:5c:71:b4:81:
                    47:eb:43:14:8c:ca:c9:3a:31:f1:b7:cf:9d:c6:50:
                    70:27:bf:50:d1:f1:51:3c:b0:30:2a:eb:0c:69:f9:
                    67:ef:88:46:b7:1f:b7:57:1e:7c:ed:96:81:38:ad:
                    78:31:00:5c:b4:b9:ea:c8:41:f5:3c:2f:64:13:9c:
                    24:85:a6:68:07:c0:b8:46:d0:2b:1d:75:02:c7:4c:
                    91:51:6e:79:08:04:c3:e7:c7:59:e3:37:b9:34:34:
                    42:6c:7c:49:0f:e5:0a:2d:dc:2c:b7:9c:02:67:6d:
                    6c:9c:da:aa:38:b1:1d:5c:54:e5:cd:54:e4:04:15:
                    64:9b:e2:b8:f3:7a:7d:da:cb:d5:75:ff:db:f0:7b:
                    35:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:64:79:98:C9:85:66:02:5A:D2:A7:D2:F0:56:1E:35:85:70:69:61
            X509v3 Authority Key Identifier:
                keyid:B1:D5:96:FB:1A:3F:2F:4B:12:7F:B7:CE:C1:9F:D9:0B:B9:4C:73:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sdWW-xo_L0sSf7fOwZ_ZC7lMc6Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/ccc7de-47de-4287-a0b2-1df40145b0be/1/2mR5mMmFZgJa0qfS8FYeNYVwaWE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/ccc7de-47de-4287-a0b2-1df40145b0be/1/sdWW-xo_L0sSf7fOwZ_ZC7lMc6Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.118.32.0/22
                IPv6:
                  2a03:5cc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         95:05:de:a6:9f:7e:86:7f:a8:d8:9d:34:bf:5f:e6:39:f1:0c:
         38:55:79:cf:d8:f3:7f:8e:ed:21:1c:3d:84:c0:41:ee:b5:d3:
         35:47:bf:a1:da:28:ff:3c:33:ae:04:d9:8c:9c:56:52:ef:30:
         f5:9e:5c:5e:60:9d:b0:24:5e:db:a7:a2:aa:4e:6d:14:6f:fa:
         20:68:6e:a5:f4:3f:7f:21:12:fa:a4:a6:16:e5:f6:23:c8:b5:
         25:e4:48:44:c5:ec:00:d2:9a:2f:67:b1:c8:fe:1d:d3:5f:10:
         ae:b4:4a:1b:ed:78:07:5a:1c:27:46:68:3a:3a:ce:d9:f0:6b:
         92:1d:47:5a:4d:13:72:82:77:10:69:11:43:9d:fc:be:c8:c3:
         17:6f:a1:a1:a6:64:d6:f5:28:9b:84:22:10:5e:0a:14:db:bd:
         bc:aa:8c:af:87:56:3b:a7:60:c0:29:2a:9e:e3:81:50:c2:24:
         d7:e4:ee:83:8d:9d:96:f4:80:66:05:5f:71:13:37:52:5f:16:
         8f:1a:6a:e5:08:25:ce:16:91:5d:de:96:17:77:52:c1:f6:45:
         4c:c4:64:d9:20:08:17:3b:25:68:2d:db:f7:82:a1:88:f3:8f:
         cb:0b:be:7c:35:5a:4f:28:bc:66:81:ed:98:f1:eb:f0:ed:f2:
         d3:00:6d:1e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuAcDNYcnt0u+dX4bEZZv8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZDU5NmZiMWEzZjJmNGIxMjdmYjdjZWMxOWZkOTBiYjk0
YzczYTQwHhcNMjMwMTAxMTU0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTY0Nzk5OGM5ODU2NjAyNWFkMmE3ZDJmMDU2MWUzNTg1NzA2OTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvov22KwTN2RovV8TcF1MGlbR3vQu
OKhc7MxH5oUwuCymU4h4UdJyvQfrTOWqRJ1r46DbEMrgUmD8bm7351fSSoVBQy2T
fTbO6mTpDHgarqNg7/Sg9ycBf4JhCGJd6S8ABQllm/gJ3+A8wKhxqoWonEVyzlxx
tIFH60MUjMrJOjHxt8+dxlBwJ79Q0fFRPLAwKusMafln74hGtx+3Vx587ZaBOK14
MQBctLnqyEH1PC9kE5wkhaZoB8C4RtArHXUCx0yRUW55CATD58dZ4ze5NDRCbHxJ
D+UKLdwst5wCZ21snNqqOLEdXFTlzVTkBBVkm+K483p92svVdf/b8Hs1EwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNpkeZjJhWYCWtKn0vBWHjWFcGlhMB8GA1UdIwQY
MBaAFLHVlvsaPy9LEn+3zsGf2Qu5THOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2RXVy14b19MMHNTZjdmT3daX1pDN2xNYzZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9jY2M3ZGUtNDdkZS00Mjg3LWEwYjIt
MWRmNDAxNDViMGJlLzEvMm1SNW1NbUZaZ0phMHFmUzhGWWVOWVZ3YVdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9jY2M3ZGUtNDdkZS00Mjg3LWEwYjItMWRmNDAxNDViMGJl
LzEvc2RXVy14b19MMHNTZjdmT3daX1pDN2xNYzZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXYgMA0E
AgACMAcDBQAqA1zAMA0GCSqGSIb3DQEBCwUAA4IBAQCVBd6mn36Gf6jYnTS/X+Y5
8Qw4VXnP2PN/ju0hHD2EwEHutdM1R7+h2ij/PDOuBNmMnFZS7zD1nlxeYJ2wJF7b
p6KqTm0Ub/ogaG6l9D9/IRL6pKYW5fYjyLUl5EhExewA0povZ7HI/h3TXxCutEob
7XgHWhwnRmg6Os7Z8GuSHUdaTRNygncQaRFDnfy+yMMXb6GhpmTW9SibhCIQXgoU
2728qoyvh1Y7p2DAKSqe44FQwiTX5O6DjZ2W9IBmBV9xEzdSXxaPGmrlCCXOFpFd
3pYXd1LB9kVMxGTZIAgXOyVoLdv3gqGI84/LC758NVpPKLxmge2Y8evw7fLTAG0e
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:55 2024 by rpki-client on console-ams.rpki-client.org