Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/6g-ShDUy5v3xIwsW7PB2qnzAPIo.roa
File:                     6g-ShDUy5v3xIwsW7PB2qnzAPIo.roa (raw, json)
Hash identifier:          8/up58HTxWiCOsT3Je1cZ6LWJmWSr09i0XGaXtHdsXc=
Subject key identifier:   EA:0F:92:84:35:32:E6:FD:F1:23:0B:16:EC:F0:76:AA:7C:C0:3C:8A
Certificate issuer:       /CN=caf44942a29fac612cd44f83ad317a1c0f5b8eea
Certificate serial:       018C398175F447355C47BF06E7D7C8638EE5
Authority key identifier: CA:F4:49:42:A2:9F:AC:61:2C:D4:4F:83:AD:31:7A:1C:0F:5B:8E:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yvRJQqKfrGEs1E-DrTF6HA9bjuo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/6g-ShDUy5v3xIwsW7PB2qnzAPIo.roa
Signing time:             Tue 05 Dec 2023 10:23:54 +0000
ROA not before:           Tue 05 Dec 2023 10:23:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204203
IP address blocks:        185.136.135.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:39:81:75:f4:47:35:5c:47:bf:06:e7:d7:c8:63:8e:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=caf44942a29fac612cd44f83ad317a1c0f5b8eea
        Validity
            Not Before: Dec  5 10:23:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ea0f92843532e6fdf1230b16ecf076aa7cc03c8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:f2:25:f6:e5:59:48:bb:67:da:ca:9f:d7:ad:
                    41:35:38:c8:42:3b:3b:19:97:ec:cd:2e:74:2f:54:
                    b7:fd:87:73:07:62:94:e7:ec:08:d1:d7:f7:f7:cd:
                    e6:d1:e5:6d:ae:87:d0:25:32:60:09:d0:e8:29:65:
                    bb:5b:83:22:f9:2a:4c:25:62:c8:48:a6:02:dd:cc:
                    96:56:bb:f4:2e:cb:d8:c5:2b:28:3f:f1:e9:c3:6e:
                    c5:a5:91:4f:fb:dc:89:8a:ca:9c:d5:f5:ee:91:12:
                    2e:b9:73:a4:a7:f6:db:63:ca:df:1b:ca:8a:cb:a5:
                    58:72:f5:f7:50:ed:88:ab:44:d4:67:16:f1:3e:7a:
                    c0:8c:c6:7a:1b:d2:59:59:86:a1:3b:df:a0:54:2d:
                    b6:88:92:fc:af:38:22:69:15:63:fc:43:3f:46:a0:
                    85:3a:3a:f3:61:0c:ea:88:24:93:8c:a6:d8:76:d9:
                    5c:61:e5:bb:c3:e7:46:97:27:70:25:f6:e1:f2:88:
                    55:ce:b2:33:f7:25:d4:f1:9b:a1:ef:d2:91:79:65:
                    21:86:30:8f:db:e2:4b:1d:ed:05:a7:bf:f6:ce:f3:
                    7e:25:65:c0:d4:d9:f2:19:07:23:7c:10:90:62:65:
                    d6:01:ac:d2:95:89:8e:e5:c0:5a:67:c7:c1:cf:db:
                    98:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:0F:92:84:35:32:E6:FD:F1:23:0B:16:EC:F0:76:AA:7C:C0:3C:8A
            X509v3 Authority Key Identifier:
                keyid:CA:F4:49:42:A2:9F:AC:61:2C:D4:4F:83:AD:31:7A:1C:0F:5B:8E:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yvRJQqKfrGEs1E-DrTF6HA9bjuo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/6g-ShDUy5v3xIwsW7PB2qnzAPIo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/yvRJQqKfrGEs1E-DrTF6HA9bjuo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.136.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:19:d2:b2:42:3e:b6:50:a1:dc:55:72:d2:dd:9b:6d:98:8e:
         2d:ef:19:53:13:68:b0:17:65:b9:ee:fa:aa:79:bf:a0:11:32:
         4a:79:96:40:9c:d9:bc:b8:55:6e:61:53:57:76:96:ed:49:62:
         c0:12:64:31:02:6c:6c:8e:a4:b9:3f:93:ae:b5:18:20:0e:37:
         5e:55:6d:93:a9:e7:9a:68:5f:c7:d7:95:96:43:6b:8c:69:91:
         98:52:63:b5:f2:b8:ba:64:f4:b8:05:20:6f:2c:81:74:57:24:
         6b:a2:50:95:a2:43:bc:e4:ce:52:2e:ff:c3:84:6a:d4:bc:ca:
         50:2f:08:9d:11:5b:3d:4e:5d:40:c2:d9:d0:51:7a:61:a7:14:
         c7:4a:c6:ac:3c:8f:b3:75:55:b2:ef:97:8c:72:83:d2:5f:f6:
         02:f8:5f:82:a7:ff:1f:bc:e2:d4:44:88:ed:cb:18:21:49:c3:
         41:7a:1e:27:04:48:49:fa:a2:46:e3:d4:92:4e:b7:de:10:16:
         3a:89:20:b8:82:28:9c:44:2c:9b:82:f0:64:45:13:02:10:26:
         ef:b5:40:f5:44:92:f5:75:54:e3:9b:3b:1f:d3:20:e8:62:3e:
         49:46:27:eb:57:d6:b8:b5:04:26:71:c1:97:85:61:92:07:82:
         43:17:b0:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw5gXX0RzVcR78G59fIY47lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZjQ0OTQyYTI5ZmFjNjEyY2Q0NGY4M2FkMzE3YTFjMGY1
YjhlZWEwHhcNMjMxMjA1MTAyMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTBmOTI4NDM1MzJlNmZkZjEyMzBiMTZlY2YwNzZhYTdjYzAzYzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfIl9uVZSLtn2sqf161BNTjIQjs7
GZfszS50L1S3/YdzB2KU5+wI0df3983m0eVtrofQJTJgCdDoKWW7W4Mi+SpMJWLI
SKYC3cyWVrv0LsvYxSsoP/Hpw27FpZFP+9yJisqc1fXukRIuuXOkp/bbY8rfG8qK
y6VYcvX3UO2Iq0TUZxbxPnrAjMZ6G9JZWYahO9+gVC22iJL8rzgiaRVj/EM/RqCF
OjrzYQzqiCSTjKbYdtlcYeW7w+dGlydwJfbh8ohVzrIz9yXU8Zuh79KReWUhhjCP
2+JLHe0Fp7/2zvN+JWXA1NnyGQcjfBCQYmXWAazSlYmO5cBaZ8fBz9uYKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOoPkoQ1Mub98SMLFuzwdqp8wDyKMB8GA1UdIwQY
MBaAFMr0SUKin6xhLNRPg60xehwPW47qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXZSSlFxS2ZyR0VzMUUtRHJURjZIQTlianVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8wMmNiNWYtYzY2OS00ZmIwLTkyZTUt
NDgzNmJhZDYxYmEyLzEvNmctU2hEVXk1djN4SXdzVzdQQjJxbnpBUElvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8wMmNiNWYtYzY2OS00ZmIwLTkyZTUtNDgzNmJhZDYxYmEy
LzEveXZSSlFxS2ZyR0VzMUUtRHJURjZIQTlianVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYiHMA0G
CSqGSIb3DQEBCwUAA4IBAQBoGdKyQj62UKHcVXLS3ZttmI4t7xlTE2iwF2W57vqq
eb+gETJKeZZAnNm8uFVuYVNXdpbtSWLAEmQxAmxsjqS5P5OutRggDjdeVW2Tqeea
aF/H15WWQ2uMaZGYUmO18ri6ZPS4BSBvLIF0VyRrolCVokO85M5SLv/DhGrUvMpQ
LwidEVs9Tl1AwtnQUXphpxTHSsasPI+zdVWy75eMcoPSX/YC+F+Cp/8fvOLURIjt
yxghScNBeh4nBEhJ+qJG49SSTrfeEBY6iSC4giicRCybgvBkRRMCECbvtUD1RJL1
dVTjmzsf0yDoYj5JRifrV9a4tQQmccGXhWGSB4JDF7AK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:00 2024 by rpki-client on console-ams.rpki-client.org