Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/9dac9c-85c6-4572-ad60-14512e7e59ef/1/fS_KOsTDMWkTfKuzXkW4x7n4OwY.roa
File:                     fS_KOsTDMWkTfKuzXkW4x7n4OwY.roa (raw, json)
Hash identifier:          mLFcU0ZIEN2Ggqz1MfraQxBgj4/NBohfSksntrODjaI=
Subject key identifier:   7D:2F:CA:3A:C4:C3:31:69:13:7C:AB:B3:5E:45:B8:C7:B9:F8:3B:06
Certificate issuer:       /CN=6e3ec972f9760b855f1d4390bc375b3fa3d411b6
Certificate serial:       01856B93521EE95F5F36D5E87A558C83D05D
Authority key identifier: 6E:3E:C9:72:F9:76:0B:85:5F:1D:43:90:BC:37:5B:3F:A3:D4:11:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bj7Jcvl2C4VfHUOQvDdbP6PUEbY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/9dac9c-85c6-4572-ad60-14512e7e59ef/1/fS_KOsTDMWkTfKuzXkW4x7n4OwY.roa
Signing time:             Sun 01 Jan 2023 04:24:54 +0000
ROA not before:           Sun 01 Jan 2023 04:24:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201367
IP address blocks:        185.76.58.0/24 maxlen: 24
                          185.76.57.0/24 maxlen: 24
                          185.76.56.0/24 maxlen: 24
                          185.76.59.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:93:52:1e:e9:5f:5f:36:d5:e8:7a:55:8c:83:d0:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e3ec972f9760b855f1d4390bc375b3fa3d411b6
        Validity
            Not Before: Jan  1 04:24:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7d2fca3ac4c33169137cabb35e45b8c7b9f83b06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:98:a9:6d:4a:aa:51:6f:aa:01:28:45:1f:7a:
                    42:4d:12:66:49:fe:42:25:4b:e2:aa:0d:33:b4:9f:
                    e0:7a:b3:12:8c:82:7e:ad:03:fc:36:6a:ed:11:61:
                    69:8a:f2:ed:e1:88:26:6d:71:42:a1:28:a7:c0:26:
                    85:49:9a:03:04:33:2c:0f:23:e1:c6:bf:ad:2f:22:
                    fe:07:3a:0e:08:2f:25:63:9d:c4:ad:9e:aa:1e:1b:
                    b4:83:a8:05:92:cb:8a:e6:61:ae:10:80:02:f3:65:
                    3e:60:65:e1:ac:76:eb:c3:7c:9d:25:b0:29:1a:aa:
                    86:30:39:c6:d1:1d:d3:7e:c1:71:47:c1:cc:05:c7:
                    25:34:05:fe:58:88:ba:cc:ff:cf:35:57:ba:62:57:
                    43:a0:32:a2:ed:59:49:7d:4b:d0:c2:b6:4f:6b:65:
                    25:e1:fc:53:33:b9:51:9d:3a:4a:e7:9c:94:27:8f:
                    ec:a6:e3:2d:d2:1e:ac:0e:46:20:a5:f8:c9:0b:35:
                    d3:8d:07:a8:e1:6c:c5:1b:7c:c9:08:2f:33:8b:f1:
                    1c:59:26:08:71:c1:20:65:84:8d:69:54:69:0e:2f:
                    fd:da:d7:c5:0f:b2:c0:7f:8e:ce:f3:a6:e2:30:bc:
                    5c:74:02:69:9e:ca:a5:d8:99:38:57:bf:b7:41:6f:
                    cd:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:2F:CA:3A:C4:C3:31:69:13:7C:AB:B3:5E:45:B8:C7:B9:F8:3B:06
            X509v3 Authority Key Identifier:
                keyid:6E:3E:C9:72:F9:76:0B:85:5F:1D:43:90:BC:37:5B:3F:A3:D4:11:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bj7Jcvl2C4VfHUOQvDdbP6PUEbY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/9dac9c-85c6-4572-ad60-14512e7e59ef/1/fS_KOsTDMWkTfKuzXkW4x7n4OwY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/9dac9c-85c6-4572-ad60-14512e7e59ef/1/bj7Jcvl2C4VfHUOQvDdbP6PUEbY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.76.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a2:3c:bd:95:d8:0b:dd:3a:4b:e9:a2:fc:f3:89:0b:c2:cc:cf:
         06:65:4a:b8:b4:39:79:7e:b1:00:d7:0f:d8:d4:06:c4:4e:38:
         ef:72:a1:11:1b:c0:28:8d:77:9e:d0:fd:08:04:02:da:98:cf:
         cf:71:b7:91:d9:3d:79:f8:05:9c:8d:ab:91:d8:0d:b2:9d:9c:
         c4:3c:1c:ac:95:72:22:3b:b2:88:34:05:1c:ee:d0:45:a4:2c:
         49:68:49:ef:51:45:ef:c5:0a:9a:e5:83:44:1d:30:59:68:3d:
         f8:37:62:1a:0c:c1:e0:0e:63:25:f4:b1:c0:a9:2e:92:cd:22:
         95:00:39:6c:91:19:01:10:fc:e4:4e:22:24:af:a3:4d:64:b5:
         22:e6:ec:8f:4a:25:18:67:2b:b5:2e:ab:9b:9e:97:a1:02:70:
         50:0a:9a:6d:5a:96:13:9c:77:0f:81:cc:f9:c3:59:6c:08:ac:
         0e:a1:f2:77:5e:9d:76:5c:72:c7:ac:a3:20:14:9c:44:c3:cd:
         97:2d:c1:eb:9e:44:48:59:7a:3a:0c:cd:a7:3b:ef:a2:99:82:
         e8:9e:40:80:40:e4:c3:15:c7:a5:73:de:56:b8:0a:85:29:db:
         f0:61:91:ff:9c:fe:92:9e:26:97:51:3c:45:b1:75:84:fa:02:
         cd:3e:99:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrk1Ie6V9fNtXoelWMg9BdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlM2VjOTcyZjk3NjBiODU1ZjFkNDM5MGJjMzc1YjNmYTNk
NDExYjYwHhcNMjMwMTAxMDQyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDJmY2EzYWM0YzMzMTY5MTM3Y2FiYjM1ZTQ1YjhjN2I5ZjgzYjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZipbUqqUW+qAShFH3pCTRJmSf5C
JUviqg0ztJ/gerMSjIJ+rQP8NmrtEWFpivLt4YgmbXFCoSinwCaFSZoDBDMsDyPh
xr+tLyL+BzoOCC8lY53ErZ6qHhu0g6gFksuK5mGuEIAC82U+YGXhrHbrw3ydJbAp
GqqGMDnG0R3TfsFxR8HMBcclNAX+WIi6zP/PNVe6YldDoDKi7VlJfUvQwrZPa2Ul
4fxTM7lRnTpK55yUJ4/spuMt0h6sDkYgpfjJCzXTjQeo4WzFG3zJCC8zi/EcWSYI
ccEgZYSNaVRpDi/92tfFD7LAf47O86biMLxcdAJpnsql2Jk4V7+3QW/NpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH0vyjrEwzFpE3yrs15FuMe5+DsGMB8GA1UdIwQY
MBaAFG4+yXL5dguFXx1DkLw3Wz+j1BG2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmo3SmN2bDJDNFZmSFVPUXZEZGJQNlBVRWJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS85ZGFjOWMtODVjNi00NTcyLWFkNjAt
MTQ1MTJlN2U1OWVmLzEvZlNfS09zVERNV2tUZkt1elhrVzR4N240T3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS85ZGFjOWMtODVjNi00NTcyLWFkNjAtMTQ1MTJlN2U1OWVm
LzEvYmo3SmN2bDJDNFZmSFVPUXZEZGJQNlBVRWJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUw4MA0G
CSqGSIb3DQEBCwUAA4IBAQCiPL2V2AvdOkvpovzziQvCzM8GZUq4tDl5frEA1w/Y
1AbETjjvcqERG8AojXee0P0IBALamM/PcbeR2T15+AWcjauR2A2ynZzEPByslXIi
O7KINAUc7tBFpCxJaEnvUUXvxQqa5YNEHTBZaD34N2IaDMHgDmMl9LHAqS6SzSKV
ADlskRkBEPzkTiIkr6NNZLUi5uyPSiUYZyu1LqubnpehAnBQCpptWpYTnHcPgcz5
w1lsCKwOofJ3Xp12XHLHrKMgFJxEw82XLcHrnkRIWXo6DM2nO++imYLonkCAQOTD
Fcelc95WuAqFKdvwYZH/nP6SniaXUTxFsXWE+gLNPplt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:36 2024 by rpki-client on console-fra.rpki-client.org