Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/06d683-5a55-42ad-91d9-5f2ee5ce4581/1/xMo7DpKB2awOOEdT4RigqfYPndw.roa
File:                     xMo7DpKB2awOOEdT4RigqfYPndw.roa (raw, json)
Hash identifier:          flDFtVHSFLLgyk0nWC3r2uWbxqDZ1rVBffb5/Xgmzow=
Subject key identifier:   C4:CA:3B:0E:92:81:D9:AC:0E:38:47:53:E1:18:A0:A9:F6:0F:9D:DC
Certificate issuer:       /CN=11535f8fa4b5f51533d724eaf90dba99715fc6fc
Certificate serial:       018572BA8E4AF6C35DBA377465ED44C6EF3A
Authority key identifier: 11:53:5F:8F:A4:B5:F5:15:33:D7:24:EA:F9:0D:BA:99:71:5F:C6:FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EVNfj6S19RUz1yTq-Q26mXFfxvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/06d683-5a55-42ad-91d9-5f2ee5ce4581/1/xMo7DpKB2awOOEdT4RigqfYPndw.roa
Signing time:             Mon 02 Jan 2023 13:45:06 +0000
ROA not before:           Mon 02 Jan 2023 13:45:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204195
IP address blocks:        185.115.236.0/22 maxlen: 22
                          2a06:2780::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:ba:8e:4a:f6:c3:5d:ba:37:74:65:ed:44:c6:ef:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11535f8fa4b5f51533d724eaf90dba99715fc6fc
        Validity
            Not Before: Jan  2 13:45:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c4ca3b0e9281d9ac0e384753e118a0a9f60f9ddc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:1d:8e:36:0b:32:e1:cb:b0:57:03:12:37:28:
                    7b:52:fd:6f:b8:a1:a2:67:57:a0:c0:30:97:8d:50:
                    68:00:19:8f:17:9f:fe:96:e0:f9:1c:d5:11:5a:e7:
                    49:32:16:f2:46:ab:07:fc:e8:68:6b:6a:73:5e:91:
                    7c:37:82:c5:14:33:70:38:4c:d2:c7:79:e7:83:14:
                    99:2e:14:4e:9f:6a:49:de:62:da:73:d2:fe:ca:d8:
                    75:ed:01:dd:1a:e5:8f:4f:b6:77:c5:be:70:10:ab:
                    53:15:78:79:3e:b5:97:8d:9e:10:7f:95:9f:cc:ab:
                    40:2d:8f:d0:1a:c8:87:a7:21:e0:2b:f7:3f:96:94:
                    fc:6f:c0:20:7a:dd:c7:58:b9:d9:19:b4:5c:21:29:
                    a9:be:78:c0:bf:0d:cf:de:49:34:55:f1:90:ce:8f:
                    eb:eb:fd:2f:fe:d7:36:dc:cf:dc:c9:a7:41:31:b6:
                    63:b1:23:81:9d:09:2f:0c:2b:2d:09:9c:b8:cd:57:
                    41:32:f3:e5:9b:54:db:b0:c5:8d:03:4d:86:d5:9c:
                    f2:15:08:e5:0a:57:2e:95:97:fe:bc:b7:1c:f9:9f:
                    55:04:fb:10:bb:ad:1f:e5:f6:01:86:89:f4:00:80:
                    9b:70:b8:ae:2a:e8:12:0e:c9:ae:d9:0e:c6:10:35:
                    51:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:CA:3B:0E:92:81:D9:AC:0E:38:47:53:E1:18:A0:A9:F6:0F:9D:DC
            X509v3 Authority Key Identifier:
                keyid:11:53:5F:8F:A4:B5:F5:15:33:D7:24:EA:F9:0D:BA:99:71:5F:C6:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EVNfj6S19RUz1yTq-Q26mXFfxvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/06d683-5a55-42ad-91d9-5f2ee5ce4581/1/xMo7DpKB2awOOEdT4RigqfYPndw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/06d683-5a55-42ad-91d9-5f2ee5ce4581/1/EVNfj6S19RUz1yTq-Q26mXFfxvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.115.236.0/22
                IPv6:
                  2a06:2780::/29

    Signature Algorithm: sha256WithRSAEncryption
         62:c6:43:6a:20:02:55:55:da:16:09:bc:61:7a:d5:e4:c3:b7:
         9e:a1:22:49:17:78:18:53:31:24:ca:19:a8:79:01:9f:8e:20:
         51:3c:90:7b:5f:14:c3:c9:f8:5d:35:5c:d6:0d:21:cb:9c:d8:
         d9:39:17:96:3f:63:4c:1f:c1:69:33:68:97:4c:fb:e6:8b:cc:
         51:52:19:2d:e7:1b:1f:81:9c:1c:9d:47:23:8e:e9:76:0f:7a:
         74:d8:e7:0b:9c:2b:60:8f:3c:f3:03:2a:96:96:e3:51:af:5e:
         f8:52:de:53:95:e7:c1:ba:d1:39:8d:ef:9b:57:24:78:5f:92:
         e5:39:23:c8:60:7b:51:d0:fd:d2:7e:d2:c1:d2:1b:b3:e7:d2:
         c0:f0:f2:71:98:60:42:3e:01:39:19:65:4d:c7:d1:03:ae:69:
         80:16:96:b6:dd:00:f6:f8:ae:83:9e:8d:8f:1e:7f:a3:80:e5:
         49:61:fb:d2:44:0a:60:dd:63:f9:eb:36:4b:78:c5:76:86:36:
         ab:90:b7:c2:06:eb:17:ee:6c:4b:85:c2:8b:22:83:4d:d1:bf:
         93:8b:33:a8:99:c9:c5:cd:41:ca:8d:32:9d:91:c7:ec:25:c3:
         dd:0d:22:14:71:07:ac:6e:4d:70:db:2b:a2:06:dc:df:bc:da:
         bd:25:07:d2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyuo5K9sNdujd0Ze1Exu86MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExNTM1ZjhmYTRiNWY1MTUzM2Q3MjRlYWY5MGRiYTk5NzE1
ZmM2ZmMwHhcNMjMwMTAyMTM0NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGNhM2IwZTkyODFkOWFjMGUzODQ3NTNlMTE4YTBhOWY2MGY5ZGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAux2ONgsy4cuwVwMSNyh7Uv1vuKGi
Z1egwDCXjVBoABmPF5/+luD5HNURWudJMhbyRqsH/Ohoa2pzXpF8N4LFFDNwOEzS
x3nngxSZLhROn2pJ3mLac9L+yth17QHdGuWPT7Z3xb5wEKtTFXh5PrWXjZ4Qf5Wf
zKtALY/QGsiHpyHgK/c/lpT8b8Aget3HWLnZGbRcISmpvnjAvw3P3kk0VfGQzo/r
6/0v/tc23M/cyadBMbZjsSOBnQkvDCstCZy4zVdBMvPlm1TbsMWNA02G1ZzyFQjl
ClculZf+vLcc+Z9VBPsQu60f5fYBhon0AICbcLiuKugSDsmu2Q7GEDVRCQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMTKOw6SgdmsDjhHU+EYoKn2D53cMB8GA1UdIwQY
MBaAFBFTX4+ktfUVM9ck6vkNuplxX8b8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVZOZmo2UzE5UlV6MXlUcS1RMjZtWEZmeHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8wNmQ2ODMtNWE1NS00MmFkLTkxZDkt
NWYyZWU1Y2U0NTgxLzEveE1vN0RwS0IyYXdPT0VkVDRSaWdxZllQbmR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8wNmQ2ODMtNWE1NS00MmFkLTkxZDktNWYyZWU1Y2U0NTgx
LzEvRVZOZmo2UzE5UlV6MXlUcS1RMjZtWEZmeHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXPsMA0E
AgACMAcDBQMqBieAMA0GCSqGSIb3DQEBCwUAA4IBAQBixkNqIAJVVdoWCbxhetXk
w7eeoSJJF3gYUzEkyhmoeQGfjiBRPJB7XxTDyfhdNVzWDSHLnNjZOReWP2NMH8Fp
M2iXTPvmi8xRUhkt5xsfgZwcnUcjjul2D3p02OcLnCtgjzzzAyqWluNRr174Ut5T
lefButE5je+bVyR4X5LlOSPIYHtR0P3SftLB0huz59LA8PJxmGBCPgE5GWVNx9ED
rmmAFpa23QD2+K6Dno2PHn+jgOVJYfvSRApg3WP56zZLeMV2hjarkLfCBusX7mxL
hcKLIoNN0b+TizOomcnFzUHKjTKdkcfsJcPdDSIUcQesbk1w2yuiBtzfvNq9JQfS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:16 2024 by rpki-client on console-fra.rpki-client.org