Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/6RHMb_dYC9zP2vxrEds641Z0cE8.roa
File:                     6RHMb_dYC9zP2vxrEds641Z0cE8.roa (raw, json)
Hash identifier:          fQJmovkKp4CCbPecNM9bTz1USd5OFOU5rUjYThH9WyA=
Subject key identifier:   E9:11:CC:6F:F7:58:0B:DC:CF:DA:FC:6B:11:DB:3A:E3:56:74:70:4F
Certificate issuer:       /CN=7a350d024af01f8eaf125717caa03aafad184e1d
Certificate serial:       01856FF964CF7055ACC8D9720F18452A9F91
Authority key identifier: 7A:35:0D:02:4A:F0:1F:8E:AF:12:57:17:CA:A0:3A:AF:AD:18:4E:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/6RHMb_dYC9zP2vxrEds641Z0cE8.roa
Signing time:             Mon 02 Jan 2023 00:54:53 +0000
ROA not before:           Mon 02 Jan 2023 00:54:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56974
IP address blocks:        109.104.248.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f9:64:cf:70:55:ac:c8:d9:72:0f:18:45:2a:9f:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a350d024af01f8eaf125717caa03aafad184e1d
        Validity
            Not Before: Jan  2 00:54:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e911cc6ff7580bdccfdafc6b11db3ae35674704f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:a2:f7:6d:07:af:23:a5:58:16:4d:35:14:59:
                    6b:f7:dd:06:72:10:02:51:07:5f:62:89:38:42:5b:
                    df:cb:e0:1e:78:a0:5e:8c:92:20:61:31:ac:70:91:
                    c2:7a:73:48:6f:f1:c2:0c:1d:ab:64:93:2e:9d:e2:
                    e3:27:cc:37:59:27:cb:2c:04:ad:ee:8c:b4:a9:a2:
                    f1:77:59:1c:f8:a0:d7:4f:70:a6:d0:9e:6e:a1:17:
                    61:91:15:ee:bf:a3:51:cf:a2:d7:9d:53:95:37:db:
                    8f:29:d8:b9:9c:a8:c2:3f:7d:63:75:e7:91:ff:c1:
                    5c:b8:99:f1:80:35:e0:3d:f2:19:f1:20:ce:86:ba:
                    e9:da:99:4e:fa:bf:a9:48:40:19:5c:ac:99:41:28:
                    31:65:3a:26:61:b6:dc:50:65:f3:1e:82:18:d9:7b:
                    07:1c:3d:35:c3:7b:29:69:90:01:61:10:e8:f0:31:
                    df:8d:26:82:4e:a6:6d:d9:3d:d3:a8:7f:c9:1e:d4:
                    51:09:2d:2d:e6:90:9c:61:8a:e6:25:50:a8:b1:5b:
                    5b:0f:ca:20:a3:02:f7:d4:91:82:6c:8a:44:25:d9:
                    70:51:1b:92:3e:e9:d1:bb:51:88:fc:d1:10:2c:65:
                    0b:ba:77:4d:86:8e:4d:8f:22:b4:36:59:e9:a8:8a:
                    a5:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:11:CC:6F:F7:58:0B:DC:CF:DA:FC:6B:11:DB:3A:E3:56:74:70:4F
            X509v3 Authority Key Identifier:
                keyid:7A:35:0D:02:4A:F0:1F:8E:AF:12:57:17:CA:A0:3A:AF:AD:18:4E:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/6RHMb_dYC9zP2vxrEds641Z0cE8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/ejUNAkrwH46vElcXyqA6r60YTh0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.104.248.0/22

    Signature Algorithm: sha256WithRSAEncryption
         02:46:42:b1:c9:36:9c:25:a3:91:bd:b6:6f:ed:2c:e8:f1:4c:
         2c:84:ea:61:18:25:79:4b:4e:4c:c0:b7:0b:57:aa:c3:49:18:
         fb:a7:82:bb:87:1a:b2:73:09:41:84:e3:a1:ca:28:6b:ed:83:
         2c:6c:90:f2:ea:9d:c8:59:4c:8b:23:d6:d3:56:12:f0:82:98:
         af:a2:3a:d6:e2:24:90:0e:71:f5:b1:fc:d4:6f:bb:97:cf:18:
         97:49:4b:a7:26:a4:ca:7e:51:6b:00:e2:85:60:8b:58:d5:1c:
         5e:57:e6:e5:33:3d:55:c5:96:0d:e8:14:94:7b:7d:64:de:07:
         83:ba:8d:76:38:9e:91:dd:50:bb:e4:c7:d4:86:ae:3b:90:65:
         e2:4d:a3:16:5e:36:23:ca:75:72:13:b5:94:9d:b7:3b:32:6e:
         e0:46:3f:ee:8d:d0:d2:7d:37:84:47:11:ca:4d:61:cb:1e:9d:
         21:16:70:ab:2d:b1:6d:d2:a7:98:3b:a8:28:0e:fd:36:90:3c:
         12:9f:4f:be:72:3a:21:9e:17:74:c0:2d:5d:79:a0:ac:67:d3:
         6b:42:74:2e:01:b8:e4:58:bc:d7:b1:6d:f3:1f:26:99:d4:b0:
         f6:31:23:06:da:09:56:f2:6f:b3:0b:ff:99:ed:6b:60:95:38:
         25:c9:8c:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+WTPcFWsyNlyDxhFKp+RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMzUwZDAyNGFmMDFmOGVhZjEyNTcxN2NhYTAzYWFmYWQx
ODRlMWQwHhcNMjMwMTAyMDA1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTExY2M2ZmY3NTgwYmRjY2ZkYWZjNmIxMWRiM2FlMzU2NzQ3MDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKL3bQevI6VYFk01FFlr990GchAC
UQdfYok4Qlvfy+AeeKBejJIgYTGscJHCenNIb/HCDB2rZJMuneLjJ8w3WSfLLASt
7oy0qaLxd1kc+KDXT3Cm0J5uoRdhkRXuv6NRz6LXnVOVN9uPKdi5nKjCP31jdeeR
/8FcuJnxgDXgPfIZ8SDOhrrp2plO+r+pSEAZXKyZQSgxZTomYbbcUGXzHoIY2XsH
HD01w3spaZABYRDo8DHfjSaCTqZt2T3TqH/JHtRRCS0t5pCcYYrmJVCosVtbD8og
owL31JGCbIpEJdlwURuSPunRu1GI/NEQLGULundNho5NjyK0NlnpqIqlEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOkRzG/3WAvcz9r8axHbOuNWdHBPMB8GA1UdIwQY
MBaAFHo1DQJK8B+OrxJXF8qgOq+tGE4dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWpVTkFrcndINDZ2RWxjWHlxQTZyNjBZVGgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi83OTY2YWUtOWM4OC00M2U5LWI4OTkt
ZDAwM2U1NmZlNzUzLzEvNlJITWJfZFlDOXpQMnZ4ckVkczY0MVowY0U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi83OTY2YWUtOWM4OC00M2U5LWI4OTktZDAwM2U1NmZlNzUz
LzEvZWpVTkFrcndINDZ2RWxjWHlxQTZyNjBZVGgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbWj4MA0G
CSqGSIb3DQEBCwUAA4IBAQACRkKxyTacJaORvbZv7Szo8UwshOphGCV5S05MwLcL
V6rDSRj7p4K7hxqycwlBhOOhyihr7YMsbJDy6p3IWUyLI9bTVhLwgpivojrW4iSQ
DnH1sfzUb7uXzxiXSUunJqTKflFrAOKFYItY1RxeV+blMz1VxZYN6BSUe31k3geD
uo12OJ6R3VC75MfUhq47kGXiTaMWXjYjynVyE7WUnbc7Mm7gRj/ujdDSfTeERxHK
TWHLHp0hFnCrLbFt0qeYO6goDv02kDwSn0++cjohnhd0wC1deaCsZ9NrQnQuAbjk
WLzXsW3zHyaZ1LD2MSMG2glW8m+zC/+Z7WtglTglyYwI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org