Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/0_I1EUOEIeDVsZPNqwMv4H8HlGk.roa
File:                     0_I1EUOEIeDVsZPNqwMv4H8HlGk.roa (raw, json)
Hash identifier:          xpNNJT1MDVWpd+EPSYc7Qbv4HwJmrDO29MrwHd0VDDM=
Subject key identifier:   D3:F2:35:11:43:84:21:E0:D5:B1:93:CD:AB:03:2F:E0:7F:07:94:69
Certificate issuer:       /CN=6c890ef6a88ab33fa5a206760768dd3251c238af
Certificate serial:       01857079B4311D8B2131D88C4F05B5093C45
Authority key identifier: 6C:89:0E:F6:A8:8A:B3:3F:A5:A2:06:76:07:68:DD:32:51:C2:38:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bIkO9qiKsz-logZ2B2jdMlHCOK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/0_I1EUOEIeDVsZPNqwMv4H8HlGk.roa
Signing time:             Mon 02 Jan 2023 03:15:02 +0000
ROA not before:           Mon 02 Jan 2023 03:15:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41652
IP address blocks:        185.212.225.0/24 maxlen: 24
                          185.212.226.0/24 maxlen: 24
                          185.212.224.0/22 maxlen: 22
                          185.212.224.0/24 maxlen: 24
                          185.212.227.0/24 maxlen: 24
                          2a0b:7cc0:1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 06 Apr 2023 13:52:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:79:b4:31:1d:8b:21:31:d8:8c:4f:05:b5:09:3c:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c890ef6a88ab33fa5a206760768dd3251c238af
        Validity
            Not Before: Jan  2 03:15:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d3f23511438421e0d5b193cdab032fe07f079469
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:80:27:6d:87:51:4c:42:ca:c9:b8:d4:0f:1a:
                    ec:da:b3:49:41:29:2e:a4:d7:b4:b4:d3:65:56:56:
                    5b:89:0d:1c:dc:5f:d3:44:85:1b:38:9a:e6:50:6c:
                    6f:68:6b:65:1f:9e:65:8a:94:91:09:cf:a4:34:87:
                    a1:50:f7:1f:0e:4e:6f:e6:28:df:7d:bf:c3:68:ff:
                    e7:c4:82:a5:98:5a:f9:3b:f4:f0:93:9d:12:fb:80:
                    a6:5f:d1:9c:65:a3:7b:33:f4:fa:9a:0d:12:c6:56:
                    27:ee:9b:4a:1d:f9:d3:52:0b:6a:ee:03:6e:c1:0f:
                    5a:06:1c:8a:89:15:2f:f5:57:44:8e:96:41:8e:6e:
                    e8:4d:6a:5c:c7:47:c7:10:f8:32:e9:cc:cd:96:f9:
                    ea:8d:32:0e:f7:57:73:78:07:7e:97:93:57:d6:ec:
                    ac:c3:52:53:dc:86:ce:52:c2:30:bc:20:01:55:1e:
                    54:23:8f:fd:6c:00:8d:2f:60:d5:cf:a5:c7:e2:4c:
                    00:7c:bc:3b:c2:2f:19:45:8a:37:17:ca:fb:2e:39:
                    0c:06:c7:e9:c2:c0:b3:96:7e:0b:6e:31:ef:f9:87:
                    bc:5b:c4:dd:8a:98:79:32:cb:65:48:dc:46:9f:48:
                    78:72:02:1c:df:f9:72:5d:a9:93:c6:f0:c4:92:49:
                    4b:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:F2:35:11:43:84:21:E0:D5:B1:93:CD:AB:03:2F:E0:7F:07:94:69
            X509v3 Authority Key Identifier:
                keyid:6C:89:0E:F6:A8:8A:B3:3F:A5:A2:06:76:07:68:DD:32:51:C2:38:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bIkO9qiKsz-logZ2B2jdMlHCOK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/0_I1EUOEIeDVsZPNqwMv4H8HlGk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/bIkO9qiKsz-logZ2B2jdMlHCOK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.212.224.0/22
                IPv6:
                  2a0b:7cc0:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         1b:ea:00:48:12:f1:3c:08:84:62:99:5d:5c:6f:0d:80:49:69:
         41:96:d6:4c:94:8e:58:58:53:ce:81:3d:64:d3:1c:b4:85:12:
         c2:90:92:e9:4b:fc:b1:09:cd:1f:fa:57:e7:a7:c7:4d:f2:9d:
         3f:e1:38:3a:14:d7:fd:6a:62:8e:9a:9b:a0:43:7a:24:0d:0b:
         66:f4:3f:80:0e:f7:82:34:4c:04:5e:e3:32:61:5f:be:fd:3f:
         c8:6d:b8:91:6a:d5:48:5c:85:58:6a:1e:94:a8:11:19:f0:ca:
         9d:34:a0:05:03:87:9b:13:32:c4:e1:b4:0e:ca:53:81:d3:16:
         49:b9:82:0d:24:e6:4c:2d:08:3e:ef:14:7c:81:50:fd:07:1d:
         7f:5f:b8:67:26:83:ca:11:5e:6b:9b:f2:c1:e0:e9:08:57:60:
         fd:3a:cf:f1:68:60:23:dc:ef:b5:5b:62:3a:8a:ca:90:e6:80:
         99:f4:d1:5a:8e:85:6a:99:24:40:e9:a6:97:19:0a:82:17:f7:
         fc:cc:77:82:d8:85:38:6a:5c:cb:df:e5:64:28:c0:fa:fd:c7:
         14:80:2d:30:ac:4d:0c:70:0f:60:7f:69:6a:ae:65:a8:3b:35:
         22:fc:20:d7:23:7e:f0:18:ac:10:38:1a:1c:9c:52:cb:34:da:
         e9:af:cb:9b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwebQxHYshMdiMTwW1CTxFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjODkwZWY2YTg4YWIzM2ZhNWEyMDY3NjA3NjhkZDMyNTFj
MjM4YWYwHhcNMjMwMTAyMDMxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2YyMzUxMTQzODQyMWUwZDViMTkzY2RhYjAzMmZlMDdmMDc5NDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4AnbYdRTELKybjUDxrs2rNJQSku
pNe0tNNlVlZbiQ0c3F/TRIUbOJrmUGxvaGtlH55lipSRCc+kNIehUPcfDk5v5ijf
fb/DaP/nxIKlmFr5O/Twk50S+4CmX9GcZaN7M/T6mg0SxlYn7ptKHfnTUgtq7gNu
wQ9aBhyKiRUv9VdEjpZBjm7oTWpcx0fHEPgy6czNlvnqjTIO91dzeAd+l5NX1uys
w1JT3IbOUsIwvCABVR5UI4/9bACNL2DVz6XH4kwAfLw7wi8ZRYo3F8r7LjkMBsfp
wsCzln4LbjHv+Ye8W8Tdiph5MstlSNxGn0h4cgIc3/lyXamTxvDEkklLOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNPyNRFDhCHg1bGTzasDL+B/B5RpMB8GA1UdIwQY
MBaAFGyJDvaoirM/paIGdgdo3TJRwjivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklrTzlxaUtzei1sb2daMkIyamRNbEhDT0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8yYjdjZDEtNDliNi00OTIxLWE1ZTEt
NjFmOTFlZGVkZjBhLzEvMF9JMUVVT0VJZURWc1pQTnF3TXY0SDhIbEdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8yYjdjZDEtNDliNi00OTIxLWE1ZTEtNjFmOTFlZGVkZjBh
LzEvYklrTzlxaUtzei1sb2daMkIyamRNbEhDT0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCudTgMA8E
AgACMAkDBwAqC3zAAAEwDQYJKoZIhvcNAQELBQADggEBABvqAEgS8TwIhGKZXVxv
DYBJaUGW1kyUjlhYU86BPWTTHLSFEsKQkulL/LEJzR/6V+enx03ynT/hODoU1/1q
Yo6am6BDeiQNC2b0P4AO94I0TARe4zJhX779P8htuJFq1UhchVhqHpSoERnwyp00
oAUDh5sTMsThtA7KU4HTFkm5gg0k5kwtCD7vFHyBUP0HHX9fuGcmg8oRXmub8sHg
6QhXYP06z/FoYCPc77VbYjqKypDmgJn00VqOhWqZJEDpppcZCoIX9/zMd4LYhThq
XMvf5WQowPr9xxSALTCsTQxwD2B/aWquZag7NSL8INcjfvAYrBA4GhycUss02umv
y5s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:52 2024 by rpki-client on console-fra.rpki-client.org