Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/7aedad-b4cf-469c-aebf-cae6a709d14a/1/iX9amstIYoTCAmYSYkqggiSLd_s.roa
File:                     iX9amstIYoTCAmYSYkqggiSLd_s.roa (raw, json)
Hash identifier:          qGTPMiQgKVST0fp36eZ4kZi+7/nbbbOWVwZYajS6RFA=
Subject key identifier:   89:7F:5A:9A:CB:48:62:84:C2:02:66:12:62:4A:A0:82:24:8B:77:FB
Certificate issuer:       /CN=18e937c103db046f22553ef99438fa2959240da5
Certificate serial:       01856FC27F7F3D2FC98CE66E471B9FD37820
Authority key identifier: 18:E9:37:C1:03:DB:04:6F:22:55:3E:F9:94:38:FA:29:59:24:0D:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GOk3wQPbBG8iVT75lDj6KVkkDaU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/7aedad-b4cf-469c-aebf-cae6a709d14a/1/iX9amstIYoTCAmYSYkqggiSLd_s.roa
Signing time:             Sun 01 Jan 2023 23:54:55 +0000
ROA not before:           Sun 01 Jan 2023 23:54:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     46489
IP address blocks:        185.42.204.0/22 maxlen: 24
                          2a01:62e0::/32 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:c2:7f:7f:3d:2f:c9:8c:e6:6e:47:1b:9f:d3:78:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18e937c103db046f22553ef99438fa2959240da5
        Validity
            Not Before: Jan  1 23:54:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=897f5a9acb486284c2026612624aa082248b77fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:a5:6f:8e:69:2b:81:ad:4b:cc:a1:a2:5f:1b:
                    b1:57:b3:b8:52:56:16:3f:b8:29:e1:e4:ac:17:d9:
                    46:5c:2e:1d:0c:49:f2:bd:0d:17:b8:f8:2a:77:67:
                    46:d5:22:d6:f4:9d:cf:90:f6:f3:ff:4f:c8:59:9a:
                    ee:f5:77:ea:f6:c6:62:3f:7e:9c:fb:63:2b:87:a7:
                    dc:fd:b1:c1:ef:8a:d2:53:c5:b5:d2:e3:a8:9a:ec:
                    d9:8c:1a:6c:60:ba:8c:33:43:95:f4:81:a4:86:e7:
                    ee:34:a9:82:e9:60:7c:e4:93:da:6b:61:6a:4d:a2:
                    f8:77:37:ad:d0:1c:05:20:18:0d:3c:5f:e7:33:0b:
                    fe:96:ce:ce:71:6b:ef:a9:e1:f4:58:bc:db:d3:12:
                    f7:26:77:90:67:9d:96:f4:2b:4b:4d:35:99:c4:f8:
                    36:c2:98:c4:3e:b2:38:0e:d4:f6:4f:8c:81:8a:39:
                    35:84:33:b4:72:58:c2:be:68:97:57:91:86:a1:ad:
                    8b:dc:3d:04:d3:aa:6a:19:d3:af:80:75:e6:0f:40:
                    99:64:ed:fa:8c:43:64:50:97:d5:b5:62:ac:cf:0f:
                    73:94:b8:73:d0:bd:5c:77:07:7e:66:ec:73:d4:a2:
                    a7:d5:ad:6d:c6:fb:f3:6c:5d:67:4c:b2:34:e3:e5:
                    ce:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:7F:5A:9A:CB:48:62:84:C2:02:66:12:62:4A:A0:82:24:8B:77:FB
            X509v3 Authority Key Identifier:
                keyid:18:E9:37:C1:03:DB:04:6F:22:55:3E:F9:94:38:FA:29:59:24:0D:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GOk3wQPbBG8iVT75lDj6KVkkDaU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/7aedad-b4cf-469c-aebf-cae6a709d14a/1/iX9amstIYoTCAmYSYkqggiSLd_s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/7aedad-b4cf-469c-aebf-cae6a709d14a/1/GOk3wQPbBG8iVT75lDj6KVkkDaU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.42.204.0/22
                IPv6:
                  2a01:62e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         4b:45:91:fc:07:89:c1:d5:9e:fe:f4:de:ec:46:77:fc:c3:aa:
         db:37:ab:70:08:21:22:ab:0c:de:cf:8b:58:76:4c:c8:f3:29:
         f8:69:7c:d4:08:2d:68:60:94:99:12:37:b9:7e:cd:3c:83:d2:
         bb:a0:6d:a5:01:a3:b5:27:45:58:a4:dc:3d:c5:6d:bb:77:ce:
         b5:a0:c2:64:fb:87:a2:0b:db:fd:58:77:23:26:38:92:34:19:
         1b:45:6f:f4:b3:88:82:fe:28:c5:37:33:46:b5:94:37:5e:ac:
         f3:d5:db:10:b9:a0:34:a9:90:3d:67:6a:fd:f8:e0:fb:64:d4:
         c6:f1:ae:11:34:96:a5:58:9b:26:a9:29:bf:11:2d:61:69:37:
         62:d5:ed:35:14:4f:75:dc:36:3f:7c:d3:c9:e6:3a:bf:bd:53:
         b5:f7:fe:56:93:18:c8:29:16:0b:57:cf:72:8e:5d:05:65:ea:
         d4:c3:16:0c:06:59:cf:1c:ba:b1:83:a7:d6:85:a9:d2:f7:d2:
         10:38:45:5f:55:3c:e5:00:63:fd:d9:4b:06:9e:2f:69:32:c8:
         92:19:a0:1b:f8:4f:3d:0e:3d:27:e7:19:1a:bf:e6:36:9d:46:
         8c:89:c2:c1:96:93:b5:d8:5e:05:40:fc:da:4a:86:8e:8f:7f:
         e8:1b:44:90
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvwn9/PS/JjOZuRxuf03ggMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZTkzN2MxMDNkYjA0NmYyMjU1M2VmOTk0MzhmYTI5NTky
NDBkYTUwHhcNMjMwMTAxMjM1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTdmNWE5YWNiNDg2Mjg0YzIwMjY2MTI2MjRhYTA4MjI0OGI3N2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKVvjmkrga1LzKGiXxuxV7O4UlYW
P7gp4eSsF9lGXC4dDEnyvQ0XuPgqd2dG1SLW9J3PkPbz/0/IWZru9Xfq9sZiP36c
+2Mrh6fc/bHB74rSU8W10uOomuzZjBpsYLqMM0OV9IGkhufuNKmC6WB85JPaa2Fq
TaL4dzet0BwFIBgNPF/nMwv+ls7OcWvvqeH0WLzb0xL3JneQZ52W9CtLTTWZxPg2
wpjEPrI4DtT2T4yBijk1hDO0cljCvmiXV5GGoa2L3D0E06pqGdOvgHXmD0CZZO36
jENkUJfVtWKszw9zlLhz0L1cdwd+Zuxz1KKn1a1txvvzbF1nTLI04+XOxwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIl/WprLSGKEwgJmEmJKoIIki3f7MB8GA1UdIwQY
MBaAFBjpN8ED2wRvIlU++ZQ4+ilZJA2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR09rM3dRUGJCRzhpVlQ3NWxEajZLVmtrRGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83YWVkYWQtYjRjZi00NjljLWFlYmYt
Y2FlNmE3MDlkMTRhLzEvaVg5YW1zdElZb1RDQW1ZU1lrcWdnaVNMZF9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83YWVkYWQtYjRjZi00NjljLWFlYmYtY2FlNmE3MDlkMTRh
LzEvR09rM3dRUGJCRzhpVlQ3NWxEajZLVmtrRGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSrMMA0E
AgACMAcDBQAqAWLgMA0GCSqGSIb3DQEBCwUAA4IBAQBLRZH8B4nB1Z7+9N7sRnf8
w6rbN6twCCEiqwzez4tYdkzI8yn4aXzUCC1oYJSZEje5fs08g9K7oG2lAaO1J0VY
pNw9xW27d861oMJk+4eiC9v9WHcjJjiSNBkbRW/0s4iC/ijFNzNGtZQ3Xqzz1dsQ
uaA0qZA9Z2r9+OD7ZNTG8a4RNJalWJsmqSm/ES1haTdi1e01FE913DY/fNPJ5jq/
vVO19/5WkxjIKRYLV89yjl0FZerUwxYMBlnPHLqxg6fWhanS99IQOEVfVTzlAGP9
2UsGni9pMsiSGaAb+E89Dj0n5xkav+Y2nUaMicLBlpO12F4FQPzaSoaOj3/oG0SQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:28 2024 by rpki-client on console-ams.rpki-client.org