Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/56yQWQsPbv9m-vIMGbPpQ9r2alg.roa
File:                     56yQWQsPbv9m-vIMGbPpQ9r2alg.roa (raw, json)
Hash identifier:          HU55etSA5xV6SrmmKrYYDg0zqbbyoHb2XHA+4yZWcJQ=
Subject key identifier:   E7:AC:90:59:0B:0F:6E:FF:66:FA:F2:0C:19:B3:E9:43:DA:F6:6A:58
Certificate issuer:       /CN=6c890ef6a88ab33fa5a206760768dd3251c238af
Certificate serial:       018CC8DF05830095ED442B2B0B116DCD9358
Authority key identifier: 6C:89:0E:F6:A8:8A:B3:3F:A5:A2:06:76:07:68:DD:32:51:C2:38:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bIkO9qiKsz-logZ2B2jdMlHCOK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/56yQWQsPbv9m-vIMGbPpQ9r2alg.roa
Signing time:             Tue 02 Jan 2024 06:31:48 +0000
ROA not before:           Tue 02 Jan 2024 06:31:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     41652
IP address blocks:        185.212.225.0/24 maxlen: 24
                          185.212.226.0/24 maxlen: 24
                          185.212.224.0/22 maxlen: 22
                          185.212.224.0/24 maxlen: 24
                          185.212.227.0/24 maxlen: 24
                          2a0b:7cc0:1::/48 maxlen: 48
                          2a0b:7cc0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Sat 21 Sep 2024 15:08:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:05:83:00:95:ed:44:2b:2b:0b:11:6d:cd:93:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c890ef6a88ab33fa5a206760768dd3251c238af
        Validity
            Not Before: Jan  2 06:31:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e7ac90590b0f6eff66faf20c19b3e943daf66a58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:e2:d3:2b:29:05:46:e3:f3:f8:c5:47:a8:00:
                    ba:ea:28:9f:4d:81:6c:36:9e:3f:a9:ed:ba:21:b9:
                    d4:1f:df:80:7f:0a:ea:03:8e:a0:bc:df:97:61:42:
                    43:55:38:7a:19:ed:be:fb:96:41:61:0f:50:aa:bc:
                    80:61:71:d6:bf:17:9e:3a:a3:8b:ae:c6:c5:ab:74:
                    95:d7:76:5c:e5:31:d8:63:22:72:25:1b:5f:44:4c:
                    dc:8a:15:69:ea:5d:e4:e8:fb:30:72:48:7c:f8:3c:
                    75:8e:5f:11:f8:0c:33:ea:ed:02:78:70:c2:40:63:
                    84:25:e4:8d:26:cc:c0:40:38:78:c9:4b:b9:e2:6e:
                    17:95:04:30:c4:53:51:12:4e:bc:2e:07:d1:0c:96:
                    97:5b:06:b3:fd:d9:c8:53:2e:3c:52:e6:80:24:52:
                    53:08:13:d9:97:16:64:c1:6f:7e:e1:f3:01:0f:81:
                    0d:65:77:f5:e3:4f:b4:c8:72:e9:bd:6a:3b:14:3b:
                    f3:53:43:c5:b1:4c:49:66:ce:e6:6a:10:09:f4:75:
                    2f:d6:15:78:db:3f:20:b7:35:d3:a7:ce:d1:86:10:
                    26:48:e2:e2:6d:cf:9d:1b:bf:24:f7:42:23:3f:b2:
                    52:43:05:b5:69:57:b9:bd:9f:25:ca:60:e1:4a:31:
                    de:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:AC:90:59:0B:0F:6E:FF:66:FA:F2:0C:19:B3:E9:43:DA:F6:6A:58
            X509v3 Authority Key Identifier:
                keyid:6C:89:0E:F6:A8:8A:B3:3F:A5:A2:06:76:07:68:DD:32:51:C2:38:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bIkO9qiKsz-logZ2B2jdMlHCOK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/56yQWQsPbv9m-vIMGbPpQ9r2alg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/bIkO9qiKsz-logZ2B2jdMlHCOK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.212.224.0/22
                IPv6:
                  2a0b:7cc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         54:c8:1e:61:89:9b:f2:97:32:23:30:76:73:a6:8a:f6:93:dd:
         a0:95:d0:c3:25:27:c8:1d:d2:24:b9:f5:36:dc:41:c1:4e:5f:
         4e:a8:b2:66:ad:d3:06:fb:25:53:17:4e:2e:f6:ca:7d:50:07:
         5c:84:58:cd:dc:9f:5b:fc:a0:6d:8c:f8:56:c5:7e:9f:66:da:
         32:01:a0:82:24:a0:94:39:f5:ff:e0:c8:46:b1:82:86:a0:34:
         63:79:e2:3e:a2:4f:81:05:73:5b:02:51:6d:de:3a:1e:e3:f4:
         14:0a:8d:ee:35:74:97:e7:93:3d:2d:1b:c5:9f:04:0c:b1:b1:
         0f:1e:d3:71:40:87:7b:12:21:3d:47:c6:6c:84:ca:b1:21:70:
         9a:57:53:e8:fe:04:6d:78:f5:fd:3a:74:cb:9a:1c:66:e2:e2:
         d3:92:51:0f:44:44:82:8e:da:55:86:72:06:e4:a8:d9:0e:99:
         1f:5f:de:6e:32:4e:c3:b4:60:9e:e4:49:48:0e:c7:49:a1:d5:
         d5:8d:f9:a5:49:5a:70:1c:4a:86:06:27:7e:4e:be:62:e9:90:
         17:8e:03:c0:3f:01:59:6e:22:ee:30:4f:41:ca:f2:02:2a:ee:
         3a:ed:31:ac:78:f5:1e:76:1e:9e:8d:09:7e:9b:b9:da:df:5e:
         10:79:0b:ef
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3wWDAJXtRCsrCxFtzZNYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjODkwZWY2YTg4YWIzM2ZhNWEyMDY3NjA3NjhkZDMyNTFj
MjM4YWYwHhcNMjQwMTAyMDYzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2FjOTA1OTBiMGY2ZWZmNjZmYWYyMGMxOWIzZTk0M2RhZjY2YTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+LTKykFRuPz+MVHqAC66iifTYFs
Np4/qe26IbnUH9+AfwrqA46gvN+XYUJDVTh6Ge2++5ZBYQ9QqryAYXHWvxeeOqOL
rsbFq3SV13Zc5THYYyJyJRtfREzcihVp6l3k6Pswckh8+Dx1jl8R+Awz6u0CeHDC
QGOEJeSNJszAQDh4yUu54m4XlQQwxFNREk68LgfRDJaXWwaz/dnIUy48UuaAJFJT
CBPZlxZkwW9+4fMBD4ENZXf140+0yHLpvWo7FDvzU0PFsUxJZs7mahAJ9HUv1hV4
2z8gtzXTp87RhhAmSOLibc+dG78k90IjP7JSQwW1aVe5vZ8lymDhSjHeFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOeskFkLD27/ZvryDBmz6UPa9mpYMB8GA1UdIwQY
MBaAFGyJDvaoirM/paIGdgdo3TJRwjivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklrTzlxaUtzei1sb2daMkIyamRNbEhDT0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8yYjdjZDEtNDliNi00OTIxLWE1ZTEt
NjFmOTFlZGVkZjBhLzEvNTZ5UVdRc1BidjltLXZJTUdiUHBROXIyYWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8yYjdjZDEtNDliNi00OTIxLWE1ZTEtNjFmOTFlZGVkZjBh
LzEvYklrTzlxaUtzei1sb2daMkIyamRNbEhDT0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudTgMA0E
AgACMAcDBQMqC3zAMA0GCSqGSIb3DQEBCwUAA4IBAQBUyB5hiZvylzIjMHZzpor2
k92gldDDJSfIHdIkufU23EHBTl9OqLJmrdMG+yVTF04u9sp9UAdchFjN3J9b/KBt
jPhWxX6fZtoyAaCCJKCUOfX/4MhGsYKGoDRjeeI+ok+BBXNbAlFt3joe4/QUCo3u
NXSX55M9LRvFnwQMsbEPHtNxQId7EiE9R8ZshMqxIXCaV1Po/gRtePX9OnTLmhxm
4uLTklEPRESCjtpVhnIG5KjZDpkfX95uMk7DtGCe5ElIDsdJodXVjfmlSVpwHEqG
Bid+Tr5i6ZAXjgPAPwFZbiLuME9ByvICKu467TGsePUedh6ejQl+m7na314QeQvv
-----END CERTIFICATE-----
Generated at Sat Sep 21 18:56:12 2024 by rpki-client on console-ams.rpki-client.org