Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/7868a5-d500-4ae1-b3b7-809851a06b6a/1/e20HjYTdW5s-BYmI5ad6zRbNGBw.roa
File:                     e20HjYTdW5s-BYmI5ad6zRbNGBw.roa (raw, json)
Hash identifier:          +qeZN9n7PWXbcXprSWJ/Nx65fX6Q1r2u/tKF31Gn4Mo=
Subject key identifier:   7B:6D:07:8D:84:DD:5B:9B:3E:05:89:88:E5:A7:7A:CD:16:CD:18:1C
Certificate issuer:       /CN=8f375bc6c8110f1ad733df77acfbb1d6ec465cb8
Certificate serial:       01856FA71479718D7C515C52C0318ECFE9AC
Authority key identifier: 8F:37:5B:C6:C8:11:0F:1A:D7:33:DF:77:AC:FB:B1:D6:EC:46:5C:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jzdbxsgRDxrXM993rPux1uxGXLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/7868a5-d500-4ae1-b3b7-809851a06b6a/1/e20HjYTdW5s-BYmI5ad6zRbNGBw.roa
Signing time:             Sun 01 Jan 2023 23:24:58 +0000
ROA not before:           Sun 01 Jan 2023 23:24:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201590
IP address blocks:        185.68.32.0/22 maxlen: 22
                          185.68.32.0/23 maxlen: 23
                          185.68.34.0/23 maxlen: 23
                          2a03:2960:ffff::/48 maxlen: 48
                          2a03:2960::/40 maxlen: 40
                          2a03:2960:100::/40 maxlen: 40
                          2a03:2960::/32 maxlen: 32
                          2a03:2960:fffe::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:a7:14:79:71:8d:7c:51:5c:52:c0:31:8e:cf:e9:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f375bc6c8110f1ad733df77acfbb1d6ec465cb8
        Validity
            Not Before: Jan  1 23:24:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7b6d078d84dd5b9b3e058988e5a77acd16cd181c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:95:34:a6:47:9a:61:c3:b2:0f:6c:76:25:c0:
                    18:72:87:c0:48:ad:16:c8:14:50:ad:23:36:12:80:
                    92:dc:92:72:38:99:46:ab:56:63:da:eb:d7:67:b4:
                    dd:52:8a:dd:c6:4b:0e:21:11:20:5a:07:89:25:21:
                    50:ef:c1:1a:9d:64:52:66:10:42:8f:b1:57:4f:67:
                    af:05:59:d3:e8:e9:c6:a8:0a:4f:7a:37:9f:96:cb:
                    40:b0:2e:7a:44:86:14:9e:a5:c4:a9:ca:ad:5a:a5:
                    89:81:c8:8e:e1:29:aa:69:c9:6f:89:0b:55:07:ea:
                    0e:72:fa:3c:78:00:86:0f:02:9b:7f:ce:bf:9e:eb:
                    90:7f:ba:ad:b0:a0:70:18:b9:af:e5:b7:5a:cd:69:
                    fc:0d:8f:ee:e1:9b:6f:2c:4b:e8:6b:e2:37:c3:0d:
                    86:b1:7b:de:9e:38:75:3a:88:22:81:07:77:ac:74:
                    1d:f0:6f:7f:54:5a:9c:d7:80:84:23:75:ba:28:45:
                    91:44:e1:6c:0b:70:28:5c:8b:d9:05:1d:5d:8f:14:
                    7f:04:dc:de:57:2e:24:d9:be:5c:a3:eb:c7:3e:e4:
                    d5:ad:54:7c:50:6f:6f:8d:87:e1:c1:3e:a3:ea:22:
                    4b:fc:54:78:28:c1:75:58:fc:9f:62:62:b0:78:aa:
                    50:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:6D:07:8D:84:DD:5B:9B:3E:05:89:88:E5:A7:7A:CD:16:CD:18:1C
            X509v3 Authority Key Identifier:
                keyid:8F:37:5B:C6:C8:11:0F:1A:D7:33:DF:77:AC:FB:B1:D6:EC:46:5C:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzdbxsgRDxrXM993rPux1uxGXLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/7868a5-d500-4ae1-b3b7-809851a06b6a/1/e20HjYTdW5s-BYmI5ad6zRbNGBw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/7868a5-d500-4ae1-b3b7-809851a06b6a/1/jzdbxsgRDxrXM993rPux1uxGXLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.68.32.0/22
                IPv6:
                  2a03:2960::/32

    Signature Algorithm: sha256WithRSAEncryption
         50:4e:ae:9e:43:74:ec:64:8f:42:2e:6c:7b:d7:cd:53:c6:85:
         23:13:87:92:b3:4a:3e:2d:a8:13:54:4a:97:d2:26:df:47:ff:
         b9:ef:9e:a8:d4:f3:e1:d4:63:99:b7:f5:25:8c:30:12:f2:6b:
         67:56:90:37:48:d4:a6:90:ef:6a:34:7a:9f:9f:43:8c:c5:0a:
         9a:41:f1:78:1a:5a:e8:3b:4c:13:9f:cf:27:44:7b:75:88:51:
         11:76:ef:55:e4:6e:8a:e1:3c:71:ae:55:6a:7e:6c:5f:88:85:
         07:ad:e0:66:65:f9:7d:8a:f5:d6:3a:8d:99:a5:ac:7f:3c:ff:
         48:40:d1:8d:60:0d:c8:a2:ab:77:88:fb:c1:06:6b:1f:fb:69:
         fe:4c:de:8b:79:33:91:bf:a3:55:cd:11:f6:0f:6c:4e:d6:1a:
         b3:44:b9:fb:7c:15:66:a9:28:2d:f0:7e:ff:8b:0f:4c:7d:a9:
         21:1d:9e:90:ee:4d:7f:cd:fb:dc:48:52:1b:4f:2d:8a:7a:da:
         22:4a:20:4b:19:42:a4:36:cf:6c:42:11:10:52:84:e0:a9:c1:
         61:eb:30:9c:87:e8:5e:0e:de:1a:b4:e2:05:3a:5d:09:b7:82:
         b9:f9:6b:92:f5:42:f2:c8:14:e2:90:de:17:7d:72:a4:de:d2:
         6d:42:15:54
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvpxR5cY18UVxSwDGOz+msMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzc1YmM2YzgxMTBmMWFkNzMzZGY3N2FjZmJiMWQ2ZWM0
NjVjYjgwHhcNMjMwMTAxMjMyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjZkMDc4ZDg0ZGQ1YjliM2UwNTg5ODhlNWE3N2FjZDE2Y2QxODFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5U0pkeaYcOyD2x2JcAYcofASK0W
yBRQrSM2EoCS3JJyOJlGq1Zj2uvXZ7TdUordxksOIREgWgeJJSFQ78EanWRSZhBC
j7FXT2evBVnT6OnGqApPejeflstAsC56RIYUnqXEqcqtWqWJgciO4SmqaclviQtV
B+oOcvo8eACGDwKbf86/nuuQf7qtsKBwGLmv5bdazWn8DY/u4ZtvLEvoa+I3ww2G
sXvenjh1OogigQd3rHQd8G9/VFqc14CEI3W6KEWRROFsC3AoXIvZBR1djxR/BNze
Vy4k2b5co+vHPuTVrVR8UG9vjYfhwT6j6iJL/FR4KMF1WPyfYmKweKpQmQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHttB42E3VubPgWJiOWnes0WzRgcMB8GA1UdIwQY
MBaAFI83W8bIEQ8a1zPfd6z7sdbsRly4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpkYnhzZ1JEeHJYTTk5M3JQdXgxdXhHWExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My83ODY4YTUtZDUwMC00YWUxLWIzYjct
ODA5ODUxYTA2YjZhLzEvZTIwSGpZVGRXNXMtQlltSTVhZDZ6UmJOR0J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My83ODY4YTUtZDUwMC00YWUxLWIzYjctODA5ODUxYTA2YjZh
LzEvanpkYnhzZ1JEeHJYTTk5M3JQdXgxdXhHWExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUQgMA0E
AgACMAcDBQAqAylgMA0GCSqGSIb3DQEBCwUAA4IBAQBQTq6eQ3TsZI9CLmx7181T
xoUjE4eSs0o+LagTVEqX0ibfR/+5756o1PPh1GOZt/UljDAS8mtnVpA3SNSmkO9q
NHqfn0OMxQqaQfF4GlroO0wTn88nRHt1iFERdu9V5G6K4TxxrlVqfmxfiIUHreBm
Zfl9ivXWOo2Zpax/PP9IQNGNYA3Ioqt3iPvBBmsf+2n+TN6LeTORv6NVzRH2D2xO
1hqzRLn7fBVmqSgt8H7/iw9MfakhHZ6Q7k1/zfvcSFIbTy2KetoiSiBLGUKkNs9s
QhEQUoTgqcFh6zCch+heDt4atOIFOl0Jt4K5+WuS9ULyyBTikN4XfXKk3tJtQhVU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:35 2024 by rpki-client on console-ams.rpki-client.org