Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/379816-d6b4-42b5-95ad-fe27921e1542/1/x6-kYNwUgnX-7eLhmdlFOWhMwF4.roa
File:                     x6-kYNwUgnX-7eLhmdlFOWhMwF4.roa (raw, json)
Hash identifier:          5jciBLdWEBkngFLF1bybeF7/2j1LtstMgEFJqEwPuI4=
Subject key identifier:   C7:AF:A4:60:DC:14:82:75:FE:ED:E2:E1:99:D9:45:39:68:4C:C0:5E
Certificate issuer:       /CN=7b89385c0002330b096567b21514d8e1bc09689f
Certificate serial:       018CC34961A87EDCAE4E7280E56EFCB29129
Authority key identifier: 7B:89:38:5C:00:02:33:0B:09:65:67:B2:15:14:D8:E1:BC:09:68:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e4k4XAACMwsJZWeyFRTY4bwJaJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/379816-d6b4-42b5-95ad-fe27921e1542/1/x6-kYNwUgnX-7eLhmdlFOWhMwF4.roa
Signing time:             Mon 01 Jan 2024 04:30:15 +0000
ROA not before:           Mon 01 Jan 2024 04:30:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51580
IP address blocks:        185.212.16.0/22 maxlen: 24
                          185.143.152.0/22 maxlen: 24
                          5.172.96.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Fri 01 Mar 2024 13:50:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:61:a8:7e:dc:ae:4e:72:80:e5:6e:fc:b2:91:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b89385c0002330b096567b21514d8e1bc09689f
        Validity
            Not Before: Jan  1 04:30:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c7afa460dc148275feede2e199d94539684cc05e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:a6:06:7c:3e:e1:62:4d:df:94:f4:9e:00:b7:
                    f1:4a:d3:15:02:59:94:6d:d5:6e:5b:e1:5d:68:26:
                    c9:e4:07:3a:b7:04:f0:19:1c:27:fb:34:15:38:03:
                    aa:44:ba:23:c7:87:be:2e:d7:dd:40:62:48:ff:11:
                    45:bb:77:f3:8d:58:44:36:f1:5b:21:82:d1:a3:3e:
                    6c:78:6d:23:38:5f:99:4b:c4:69:24:ef:9e:6b:f2:
                    22:78:4c:86:64:b2:3e:b9:82:c1:43:b3:89:99:6c:
                    dd:63:ee:c7:29:b2:2e:00:a0:de:e5:44:72:bf:e2:
                    e2:71:ff:4f:6c:7a:19:9b:3a:8f:88:b4:0c:0e:87:
                    ee:ff:bb:8d:6d:88:66:f7:07:1a:25:84:ca:fd:4a:
                    43:3e:77:ca:53:13:56:4e:e2:cb:a2:fa:87:3a:8e:
                    3d:59:15:cb:cf:d6:d9:86:da:e6:ab:4d:9e:0c:4c:
                    77:38:d4:d8:56:6a:35:39:a6:13:0c:f7:c1:a1:7a:
                    4d:8e:64:fd:35:34:68:4c:6f:6a:9a:3b:f9:ed:aa:
                    26:55:de:75:65:70:56:d1:80:1a:02:66:52:41:57:
                    85:e8:c1:e8:b9:5d:84:ce:d2:7e:9e:e5:3a:59:c2:
                    ab:94:f1:32:e4:95:85:56:d2:ba:e6:d6:f8:90:28:
                    f5:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:AF:A4:60:DC:14:82:75:FE:ED:E2:E1:99:D9:45:39:68:4C:C0:5E
            X509v3 Authority Key Identifier:
                keyid:7B:89:38:5C:00:02:33:0B:09:65:67:B2:15:14:D8:E1:BC:09:68:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4k4XAACMwsJZWeyFRTY4bwJaJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/379816-d6b4-42b5-95ad-fe27921e1542/1/x6-kYNwUgnX-7eLhmdlFOWhMwF4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/379816-d6b4-42b5-95ad-fe27921e1542/1/e4k4XAACMwsJZWeyFRTY4bwJaJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.172.96.0/23
                  185.143.152.0/22
                  185.212.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         51:eb:40:32:aa:09:8b:8b:32:a0:1d:f8:ed:30:a5:2a:8a:be:
         c6:4a:8c:0a:6e:77:ce:14:a4:5e:8d:29:1b:0b:dc:ef:23:94:
         4f:48:b8:bc:10:24:8c:5b:b0:ec:eb:df:fb:db:3d:76:7c:41:
         cc:55:d3:7f:b4:54:13:65:ad:89:71:a3:dc:35:44:6a:f0:63:
         e1:4c:83:83:95:2f:d8:b6:9d:cb:d7:b8:30:b0:5d:4c:19:8c:
         f7:6b:7a:a0:b9:33:db:90:e7:f2:a5:5d:81:70:d5:71:13:55:
         7f:8a:52:17:d7:10:c6:56:f0:5b:92:25:14:65:60:0c:8b:d9:
         b2:29:28:14:36:e8:3e:47:fa:2e:ad:a8:0f:d9:d9:0a:07:9b:
         2a:c7:eb:60:fe:ba:aa:4b:3d:6f:f2:04:c9:39:48:03:ca:59:
         51:fc:ce:b1:d3:55:ba:ea:66:79:41:04:8a:42:54:dd:99:79:
         04:b0:7f:c1:a4:fd:bd:e5:44:9f:1e:31:fc:3a:d4:30:ba:37:
         53:2c:44:b0:81:77:db:98:23:f4:b4:91:51:f9:a5:67:4f:8c:
         14:f1:1e:15:09:c7:e7:fd:61:36:9a:cb:de:d6:b2:d5:1b:e5:
         ee:53:e5:9e:47:0b:d0:78:ce:a1:47:e1:29:64:30:32:c9:ae:
         ef:a0:32:a2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSWGoftyuTnKA5W78spEpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiODkzODVjMDAwMjMzMGIwOTY1NjdiMjE1MTRkOGUxYmMw
OTY4OWYwHhcNMjQwMTAxMDQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2FmYTQ2MGRjMTQ4Mjc1ZmVlZGUyZTE5OWQ5NDUzOTY4NGNjMDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKYGfD7hYk3flPSeALfxStMVAlmU
bdVuW+FdaCbJ5Ac6twTwGRwn+zQVOAOqRLojx4e+LtfdQGJI/xFFu3fzjVhENvFb
IYLRoz5seG0jOF+ZS8RpJO+ea/IieEyGZLI+uYLBQ7OJmWzdY+7HKbIuAKDe5URy
v+Licf9PbHoZmzqPiLQMDofu/7uNbYhm9wcaJYTK/UpDPnfKUxNWTuLLovqHOo49
WRXLz9bZhtrmq02eDEx3ONTYVmo1OaYTDPfBoXpNjmT9NTRoTG9qmjv57aomVd51
ZXBW0YAaAmZSQVeF6MHouV2EztJ+nuU6WcKrlPEy5JWFVtK65tb4kCj1JwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMevpGDcFIJ1/u3i4ZnZRTloTMBeMB8GA1UdIwQY
MBaAFHuJOFwAAjMLCWVnshUU2OG8CWifMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTRrNFhBQUNNd3NKWldleUZSVFk0YndKYUo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zNzk4MTYtZDZiNC00MmI1LTk1YWQt
ZmUyNzkyMWUxNTQyLzEveDYta1lOd1VnblgtN2VMaG1kbEZPV2hNd0Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zNzk4MTYtZDZiNC00MmI1LTk1YWQtZmUyNzkyMWUxNTQy
LzEvZTRrNFhBQUNNd3NKWldleUZSVFk0YndKYUo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBaxgAwQC
uY+YAwQCudQQMA0GCSqGSIb3DQEBCwUAA4IBAQBR60AyqgmLizKgHfjtMKUqir7G
SowKbnfOFKRejSkbC9zvI5RPSLi8ECSMW7Ds69/72z12fEHMVdN/tFQTZa2JcaPc
NURq8GPhTIODlS/Ytp3L17gwsF1MGYz3a3qguTPbkOfypV2BcNVxE1V/ilIX1xDG
VvBbkiUUZWAMi9myKSgUNug+R/ouragP2dkKB5sqx+tg/rqqSz1v8gTJOUgDyllR
/M6x01W66mZ5QQSKQlTdmXkEsH/BpP295USfHjH8OtQwujdTLESwgXfbmCP0tJFR
+aVnT4wU8R4VCcfn/WE2msve1rLVG+XuU+WeRwvQeM6hR+EpZDAyya7voDKi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:05 2024 by rpki-client on console-fra.rpki-client.org