Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/6XxhY9otH3f3ZxCDmbF2lS4ygzs.roa
File:                     6XxhY9otH3f3ZxCDmbF2lS4ygzs.roa (raw, json)
Hash identifier:          hRYwDEqUZp9Xt3XbhA8VV4UqTusbhp2BNluxIg/rpY4=
Subject key identifier:   E9:7C:61:63:DA:2D:1F:77:F7:67:10:83:99:B1:76:95:2E:32:83:3B
Certificate issuer:       /CN=b4ec6c0a5ebec5817d91b91e79a6bc6132eb9d2c
Certificate serial:       01856E14500E4305A96E4BEF7F25F31CFB8C
Authority key identifier: B4:EC:6C:0A:5E:BE:C5:81:7D:91:B9:1E:79:A6:BC:61:32:EB:9D:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tOxsCl6-xYF9kbkeeaa8YTLrnSw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/6XxhY9otH3f3ZxCDmbF2lS4ygzs.roa
Signing time:             Sun 01 Jan 2023 16:05:03 +0000
ROA not before:           Sun 01 Jan 2023 16:05:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201364
IP address blocks:        185.77.1.0/24 maxlen: 24
                          185.77.2.0/24 maxlen: 24
                          2a05:5ec5::/32 maxlen: 32
                          2a05:5ec0:1::/48 maxlen: 48
                          2a05:5ec7::/32 maxlen: 32
                          2a05:5ec0::/29 maxlen: 29
                          2a05:5ec1::/32 maxlen: 32
                          2a05:5ec6::/32 maxlen: 32
                          2a05:5ec4::/32 maxlen: 32
                          2a05:5ec2::/32 maxlen: 32
                          2a05:5ec3::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:14:50:0e:43:05:a9:6e:4b:ef:7f:25:f3:1c:fb:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4ec6c0a5ebec5817d91b91e79a6bc6132eb9d2c
        Validity
            Not Before: Jan  1 16:05:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e97c6163da2d1f77f767108399b176952e32833b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:b5:02:d3:6a:2d:35:8a:7c:22:23:9b:61:63:
                    e8:ab:21:eb:99:e3:7b:4c:94:4c:c9:19:fb:f1:65:
                    16:d0:c3:24:1a:1c:c4:39:02:01:5a:86:92:83:52:
                    fe:a2:ec:c0:fb:b6:ff:52:85:a2:4d:4c:15:1b:33:
                    c4:48:e7:6d:0c:6e:8e:0c:88:38:76:77:c5:43:68:
                    f0:a5:ef:68:2c:60:22:8b:95:f5:c8:b5:8f:31:2b:
                    f5:83:4f:5c:35:fc:a5:65:15:70:34:87:3e:cd:7e:
                    b2:bc:91:5c:81:bc:e8:9c:f3:0a:d8:73:2e:11:82:
                    07:7b:24:d7:dd:78:8e:4a:55:74:7d:30:ab:4b:ed:
                    59:2e:85:8e:bc:bd:ad:19:59:6f:7e:57:6f:66:10:
                    29:86:cf:cb:51:b1:48:a9:9a:ce:1c:44:75:d2:32:
                    86:7a:70:0e:31:fb:0f:83:1b:85:74:75:e1:9e:12:
                    0a:90:95:56:5a:7d:18:d5:18:78:1a:c2:22:75:35:
                    5c:56:9c:45:07:71:02:a7:74:18:ff:2e:5f:af:cd:
                    19:0f:0c:c6:c5:9d:66:60:39:f0:ae:27:18:b3:28:
                    94:ff:33:7b:55:61:b6:c3:d7:07:d9:f1:91:84:1f:
                    9b:2c:78:18:60:b6:99:07:32:fc:5e:df:2b:0a:6c:
                    4b:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:7C:61:63:DA:2D:1F:77:F7:67:10:83:99:B1:76:95:2E:32:83:3B
            X509v3 Authority Key Identifier:
                keyid:B4:EC:6C:0A:5E:BE:C5:81:7D:91:B9:1E:79:A6:BC:61:32:EB:9D:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOxsCl6-xYF9kbkeeaa8YTLrnSw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/6XxhY9otH3f3ZxCDmbF2lS4ygzs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/tOxsCl6-xYF9kbkeeaa8YTLrnSw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.77.1.0-185.77.2.255
                IPv6:
                  2a05:5ec0::/29

    Signature Algorithm: sha256WithRSAEncryption
         1d:77:4a:8d:db:8b:68:c2:1d:7f:b1:76:37:98:b9:d4:67:27:
         26:4b:1e:41:1c:3b:f2:ac:28:9f:3a:7f:9c:2d:41:a8:7a:bf:
         41:30:f6:20:62:a0:12:86:bd:52:01:b2:4f:88:17:99:36:d7:
         4a:4e:c7:ae:6b:37:20:45:c8:4d:28:d1:c7:17:4e:81:ba:e0:
         94:17:1b:e1:e4:8c:de:c3:d6:4a:61:3d:3a:65:89:f0:cd:42:
         fb:18:45:c5:5d:63:7d:73:c5:b1:cc:fa:88:40:4b:77:f5:f6:
         e2:fe:34:0e:58:aa:9a:f5:7a:33:ec:d1:cc:ed:8a:58:f2:a3:
         6e:2e:a0:24:29:da:39:3e:ff:48:d8:6e:77:9c:22:81:4b:f1:
         9e:2c:94:89:33:c3:60:45:22:24:cd:65:ce:c4:3c:54:8f:1a:
         57:cc:b7:71:d5:9e:28:b5:65:6e:00:fe:17:4f:3f:92:d7:53:
         52:ef:7e:fe:4b:63:fc:3a:ff:53:6a:de:f9:33:20:58:17:56:
         10:6c:eb:32:65:02:16:11:64:ed:ae:e4:19:45:d2:52:f8:bc:
         d3:f6:ce:d3:86:10:e7:14:2a:16:2b:53:2a:50:5e:f2:44:4a:
         48:95:4d:87:32:b9:91:20:f1:28:9d:ae:47:10:24:aa:0a:49:
         fb:d8:0e:70
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVuFFAOQwWpbkvvfyXzHPuMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZWM2YzBhNWViZWM1ODE3ZDkxYjkxZTc5YTZiYzYxMzJl
YjlkMmMwHhcNMjMwMTAxMTYwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTdjNjE2M2RhMmQxZjc3Zjc2NzEwODM5OWIxNzY5NTJlMzI4MzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLUC02otNYp8IiObYWPoqyHrmeN7
TJRMyRn78WUW0MMkGhzEOQIBWoaSg1L+ouzA+7b/UoWiTUwVGzPESOdtDG6ODIg4
dnfFQ2jwpe9oLGAii5X1yLWPMSv1g09cNfylZRVwNIc+zX6yvJFcgbzonPMK2HMu
EYIHeyTX3XiOSlV0fTCrS+1ZLoWOvL2tGVlvfldvZhAphs/LUbFIqZrOHER10jKG
enAOMfsPgxuFdHXhnhIKkJVWWn0Y1Rh4GsIidTVcVpxFB3ECp3QY/y5fr80ZDwzG
xZ1mYDnwricYsyiU/zN7VWG2w9cH2fGRhB+bLHgYYLaZBzL8Xt8rCmxLxQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOl8YWPaLR9392cQg5mxdpUuMoM7MB8GA1UdIwQY
MBaAFLTsbApevsWBfZG5HnmmvGEy650sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE94c0NsNi14WUY5a2JrZWVhYThZVExyblN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8yMDk3NGQtNjQwMy00MTA3LWE3NWIt
MTNmYjdhNTEzMGNhLzEvNlh4aFk5b3RIM2YzWnhDRG1iRjJsUzR5Z3pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8yMDk3NGQtNjQwMy00MTA3LWE3NWItMTNmYjdhNTEzMGNh
LzEvdE94c0NsNi14WUY5a2JrZWVhYThZVExyblN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAC5TQED
BAC5TQIwDQQCAAIwBwMFAyoFXsAwDQYJKoZIhvcNAQELBQADggEBAB13So3bi2jC
HX+xdjeYudRnJyZLHkEcO/KsKJ86f5wtQah6v0Ew9iBioBKGvVIBsk+IF5k210pO
x65rNyBFyE0o0ccXToG64JQXG+HkjN7D1kphPTplifDNQvsYRcVdY31zxbHM+ohA
S3f19uL+NA5Yqpr1ejPs0cztiljyo24uoCQp2jk+/0jYbnecIoFL8Z4slIkzw2BF
IiTNZc7EPFSPGlfMt3HVnii1ZW4A/hdPP5LXU1Lvfv5LY/w6/1Nq3vkzIFgXVhBs
6zJlAhYRZO2u5BlF0lL4vNP2ztOGEOcUKhYrUypQXvJESkiVTYcyuZEg8SidrkcQ
JKoKSfvYDnA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:42 2024 by rpki-client on console-ams.rpki-client.org