Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/1e8d4d-53bf-4acb-bc0c-52cad6675fc6/1/6qlXuHvaBZgLBrj3TLYw8tk0o74.roa
File:                     6qlXuHvaBZgLBrj3TLYw8tk0o74.roa (raw, json)
Hash identifier:          +zNDBbC7uo6ScRajDf5yHt1nCbA1CZYceowOUsvd6wo=
Subject key identifier:   EA:A9:57:B8:7B:DA:05:98:0B:06:B8:F7:4C:B6:30:F2:D9:34:A3:BE
Certificate issuer:       /CN=9d9a0c84b30720f4d4ce4bdba01dd0544d028ecd
Certificate serial:       018572BA92276D31EB02E9C104173B0C2E51
Authority key identifier: 9D:9A:0C:84:B3:07:20:F4:D4:CE:4B:DB:A0:1D:D0:54:4D:02:8E:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nZoMhLMHIPTUzkvboB3QVE0Cjs0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/1e8d4d-53bf-4acb-bc0c-52cad6675fc6/1/6qlXuHvaBZgLBrj3TLYw8tk0o74.roa
Signing time:             Mon 02 Jan 2023 13:45:07 +0000
ROA not before:           Mon 02 Jan 2023 13:45:07 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205676
IP address blocks:        185.207.32.0/24 maxlen: 24
                          2a0b:1d40::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:ba:92:27:6d:31:eb:02:e9:c1:04:17:3b:0c:2e:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d9a0c84b30720f4d4ce4bdba01dd0544d028ecd
        Validity
            Not Before: Jan  2 13:45:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eaa957b87bda05980b06b8f74cb630f2d934a3be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:f7:ef:da:10:ff:34:28:c7:ca:fb:85:41:8a:
                    2d:ec:6a:12:52:3c:04:08:fb:25:90:2f:ef:25:9c:
                    35:86:ea:6b:84:e9:61:d6:68:05:b3:24:d7:f8:bd:
                    68:bc:ce:27:7f:82:d1:30:3c:7f:fd:1f:7f:aa:77:
                    0b:aa:9e:fb:9d:79:f5:ab:75:a7:f2:dd:7f:55:b4:
                    46:5b:21:00:5f:70:b0:9f:0d:84:f7:09:8e:a6:99:
                    a1:b4:04:23:5d:99:7a:32:0e:21:36:68:2d:40:82:
                    25:e4:b4:2e:4e:fc:61:28:9e:68:f7:99:be:5d:cc:
                    52:74:39:24:70:09:10:27:46:b1:34:f9:86:92:18:
                    72:b6:a2:65:fd:ca:7f:ab:06:32:93:bf:f7:03:62:
                    b0:9e:6e:0b:1e:37:21:56:39:a0:29:25:61:2a:46:
                    9b:a3:4b:61:3c:f9:c6:46:b6:01:b8:29:07:64:c5:
                    4d:de:35:0b:78:5c:2c:66:c4:04:ba:ea:64:dd:ed:
                    51:af:ef:d5:2d:bd:65:a0:95:3a:27:29:01:0b:b1:
                    f6:c6:05:96:c4:40:f8:81:d5:12:0d:12:3d:e6:d3:
                    13:15:9c:c8:8f:92:9f:84:46:53:9c:ce:54:00:78:
                    1e:46:3e:5a:90:f6:ff:e3:ba:05:e0:07:64:54:ae:
                    5f:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:A9:57:B8:7B:DA:05:98:0B:06:B8:F7:4C:B6:30:F2:D9:34:A3:BE
            X509v3 Authority Key Identifier:
                keyid:9D:9A:0C:84:B3:07:20:F4:D4:CE:4B:DB:A0:1D:D0:54:4D:02:8E:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nZoMhLMHIPTUzkvboB3QVE0Cjs0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/1e8d4d-53bf-4acb-bc0c-52cad6675fc6/1/6qlXuHvaBZgLBrj3TLYw8tk0o74.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/1e8d4d-53bf-4acb-bc0c-52cad6675fc6/1/nZoMhLMHIPTUzkvboB3QVE0Cjs0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.207.32.0/24
                IPv6:
                  2a0b:1d40::/32

    Signature Algorithm: sha256WithRSAEncryption
         0a:70:2d:98:35:1e:40:f7:f3:15:3b:ca:d7:83:76:54:7b:87:
         69:cc:90:67:fb:ea:75:2a:5c:c8:ed:6b:c8:68:78:70:27:46:
         a0:07:cb:3f:cd:e1:7a:3c:7c:35:e0:dc:0b:ec:2c:32:62:35:
         29:99:9a:61:4b:74:b5:4b:7f:68:f0:a7:63:a5:fb:fd:53:e0:
         d2:c0:66:b9:4a:8c:76:34:4b:fe:60:ef:11:7a:cb:86:af:71:
         65:3e:ab:d3:c2:5a:64:75:d1:54:25:ab:10:f1:9e:5f:cb:fd:
         21:94:e9:52:f8:1d:32:c4:26:0f:44:85:8f:25:78:9f:dc:59:
         2a:51:3e:d4:c7:2f:14:5b:ce:2a:95:a2:9e:3d:a2:ea:99:73:
         e9:25:c5:1f:41:ef:73:79:06:89:64:ee:e0:65:5d:79:b9:03:
         ad:92:91:4e:07:94:90:2e:28:d7:1e:c5:1a:c4:18:02:42:eb:
         e8:1b:87:76:5a:b5:06:b3:8d:c4:81:f1:0d:b3:8f:34:e5:af:
         b4:5b:36:ae:ff:40:27:cb:66:82:1e:b4:46:84:00:91:b9:b6:
         a2:4d:be:e5:c2:4c:bc:78:a5:1c:fb:8d:be:cf:33:d9:27:8f:
         e6:fe:a9:4e:32:3b:bf:31:5e:1e:3c:03:04:e9:13:69:ee:3a:
         35:0a:20:a7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyupInbTHrAunBBBc7DC5RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkOWEwYzg0YjMwNzIwZjRkNGNlNGJkYmEwMWRkMDU0NGQw
MjhlY2QwHhcNMjMwMTAyMTM0NTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWE5NTdiODdiZGEwNTk4MGIwNmI4Zjc0Y2I2MzBmMmQ5MzRhM2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjffv2hD/NCjHyvuFQYot7GoSUjwE
CPslkC/vJZw1huprhOlh1mgFsyTX+L1ovM4nf4LRMDx//R9/qncLqp77nXn1q3Wn
8t1/VbRGWyEAX3Cwnw2E9wmOppmhtAQjXZl6Mg4hNmgtQIIl5LQuTvxhKJ5o95m+
XcxSdDkkcAkQJ0axNPmGkhhytqJl/cp/qwYyk7/3A2Kwnm4LHjchVjmgKSVhKkab
o0thPPnGRrYBuCkHZMVN3jULeFwsZsQEuupk3e1Rr+/VLb1loJU6JykBC7H2xgWW
xED4gdUSDRI95tMTFZzIj5KfhEZTnM5UAHgeRj5akPb/47oF4AdkVK5fkQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOqpV7h72gWYCwa490y2MPLZNKO+MB8GA1UdIwQY
MBaAFJ2aDISzByD01M5L26Ad0FRNAo7NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblpvTWhMTUhJUFRVemt2Ym9CM1FWRTBDanMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8xZThkNGQtNTNiZi00YWNiLWJjMGMt
NTJjYWQ2Njc1ZmM2LzEvNnFsWHVIdmFCWmdMQnJqM1RMWXc4dGswbzc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8xZThkNGQtNTNiZi00YWNiLWJjMGMtNTJjYWQ2Njc1ZmM2
LzEvblpvTWhMTUhJUFRVemt2Ym9CM1FWRTBDanMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuc8gMA0E
AgACMAcDBQAqCx1AMA0GCSqGSIb3DQEBCwUAA4IBAQAKcC2YNR5A9/MVO8rXg3ZU
e4dpzJBn++p1KlzI7WvIaHhwJ0agB8s/zeF6PHw14NwL7CwyYjUpmZphS3S1S39o
8Kdjpfv9U+DSwGa5Sox2NEv+YO8ResuGr3FlPqvTwlpkddFUJasQ8Z5fy/0hlOlS
+B0yxCYPRIWPJXif3FkqUT7Uxy8UW84qlaKePaLqmXPpJcUfQe9zeQaJZO7gZV15
uQOtkpFOB5SQLijXHsUaxBgCQuvoG4d2WrUGs43EgfENs4805a+0Wzau/0Any2aC
HrRGhACRubaiTb7lwky8eKUc+42+zzPZJ4/m/qlOMju/MV4ePAME6RNp7jo1CiCn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:50 2024 by rpki-client on console-ams.rpki-client.org