Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/M-62rwsUBJ3Shhy1VoQojTIKPe8.roa
File:                     M-62rwsUBJ3Shhy1VoQojTIKPe8.roa (raw, json)
Hash identifier:          k2viwzwL6MWkNRt4e8d8GcX6asV443clfJfCm/shOm8=
Subject key identifier:   33:EE:B6:AF:0B:14:04:9D:D2:86:1C:B5:56:84:28:8D:32:0A:3D:EF
Certificate issuer:       /CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Certificate serial:       018D36883183BD1FE8B2DFD5E42335B51556
Authority key identifier: 66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/M-62rwsUBJ3Shhy1VoQojTIKPe8.roa
Signing time:             Tue 23 Jan 2024 13:35:11 +0000
ROA not before:           Tue 23 Jan 2024 13:35:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215733
IP address blocks:        185.97.236.0/22 maxlen: 22
                          185.152.72.0/22 maxlen: 22
                          185.206.192.0/22 maxlen: 22
                          2a01:ac::/32 maxlen: 32
                          2a01:ad::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 24 Jan 2024 17:32:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:36:88:31:83:bd:1f:e8:b2:df:d5:e4:23:35:b5:15:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
        Validity
            Not Before: Jan 23 13:35:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=33eeb6af0b14049dd2861cb55684288d320a3def
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:97:8f:5e:61:3d:c4:13:95:44:a5:46:0e:c1:
                    e4:db:f3:72:56:1a:af:2e:68:dd:a3:28:40:87:eb:
                    9c:ab:12:74:20:f2:04:44:32:f5:62:3c:49:53:09:
                    68:f9:b3:4f:12:f5:3d:55:ab:3d:ba:b6:7c:ef:69:
                    54:95:1e:89:35:7c:0e:ff:37:b0:ad:07:99:84:35:
                    71:61:92:07:12:30:e0:b6:7c:e7:c2:ea:4b:5e:f5:
                    95:b3:ac:a2:03:aa:02:c3:0d:f4:95:3c:ee:4a:35:
                    d9:70:c8:33:be:ba:e1:d6:3f:81:e6:60:39:0c:cd:
                    e8:cc:45:83:d8:1d:36:b7:d6:47:9c:81:39:3e:69:
                    1e:0e:17:ea:83:48:cd:4d:d7:bd:bc:85:4a:49:51:
                    29:a7:fb:b4:d2:ad:fd:73:3b:27:a5:30:e4:4c:2a:
                    cc:07:1e:d0:98:f1:a3:1e:52:cd:c2:cc:d2:72:66:
                    2d:3a:7f:08:1d:98:c5:e3:0a:ca:75:1a:2e:13:bc:
                    66:c0:f6:7b:95:5e:9e:21:b0:d5:0a:f2:81:5e:e3:
                    98:cf:ba:34:2b:b9:15:9b:d7:d3:78:38:87:c4:63:
                    43:6e:fa:8f:01:08:cb:99:5d:39:6b:01:56:cb:8b:
                    62:f0:53:27:78:ed:15:6a:51:8b:05:f0:7d:5a:2f:
                    1f:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:EE:B6:AF:0B:14:04:9D:D2:86:1C:B5:56:84:28:8D:32:0A:3D:EF
            X509v3 Authority Key Identifier:
                keyid:66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/M-62rwsUBJ3Shhy1VoQojTIKPe8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/Zpauprq3nEj13e5KRr9Ktk2GMWA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.97.236.0/22
                  185.152.72.0/22
                  185.206.192.0/22
                IPv6:
                  2a01:ac::/31

    Signature Algorithm: sha256WithRSAEncryption
         87:6d:4a:2b:2b:4e:f6:7a:53:e2:56:7f:39:e5:bc:dc:05:a2:
         b0:63:ec:3e:9c:35:e4:f1:b9:f5:f4:42:2e:9b:ac:14:ed:dd:
         fc:c9:0c:dc:4a:bf:f0:e1:41:17:3c:26:51:d3:c6:68:f6:f2:
         86:d9:c7:dc:dc:a9:d6:74:be:d2:4c:9f:8e:e2:2f:9c:85:22:
         5d:5e:a8:df:fd:f2:67:13:f4:1f:4d:67:bb:c1:c0:00:0e:1a:
         2a:b0:87:6c:29:9d:3f:7f:a8:75:a5:41:7d:77:d6:f1:16:01:
         94:de:54:f8:69:67:82:00:14:b8:48:98:42:d0:a7:06:e8:e1:
         69:c3:1a:e4:54:7e:85:c7:70:a4:9e:e5:0f:2a:7d:25:a0:2d:
         90:34:cc:18:f2:5c:fb:7c:0a:a0:1d:a2:92:31:e7:6f:c7:12:
         4c:2e:69:67:f2:4c:74:aa:8e:e3:91:75:e7:0d:20:51:c4:9c:
         8f:9a:c6:c2:f0:c7:93:d7:0b:8a:70:6d:a2:ec:5a:31:24:66:
         ce:aa:ab:b0:6b:eb:9b:bf:25:2e:64:8a:ce:a9:cd:c0:df:43:
         f7:69:46:20:51:5c:45:fb:e6:a4:bc:7b:1b:44:18:63:c0:bb:
         0c:7a:97:7a:d1:93:bb:05:52:1e:bc:d7:31:40:e2:5f:49:e7:
         2d:10:76:c5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY02iDGDvR/ost/V5CM1tRVWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OTZhZWE2YmFiNzljNDhmNWRkZWU0YTQ2YmY0YWI2NGQ4
NjMxNjAwHhcNMjQwMTIzMTMzNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2VlYjZhZjBiMTQwNDlkZDI4NjFjYjU1Njg0Mjg4ZDMyMGEzZGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZePXmE9xBOVRKVGDsHk2/NyVhqv
LmjdoyhAh+ucqxJ0IPIERDL1YjxJUwlo+bNPEvU9Vas9urZ872lUlR6JNXwO/zew
rQeZhDVxYZIHEjDgtnznwupLXvWVs6yiA6oCww30lTzuSjXZcMgzvrrh1j+B5mA5
DM3ozEWD2B02t9ZHnIE5PmkeDhfqg0jNTde9vIVKSVEpp/u00q39czsnpTDkTCrM
Bx7QmPGjHlLNwszScmYtOn8IHZjF4wrKdRouE7xmwPZ7lV6eIbDVCvKBXuOYz7o0
K7kVm9fTeDiHxGNDbvqPAQjLmV05awFWy4ti8FMneO0ValGLBfB9Wi8f2QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDPutq8LFASd0oYctVaEKI0yCj3vMB8GA1UdIwQY
MBaAFGaWrqa6t5xI9d3uSka/SrZNhjFgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnBhdXBycTNuRWoxM2U1S1JyOUt0azJHTVdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My80NTJjMmItZjJjZi00YTkyLWExY2Qt
ZjAxOThjNmMyNDc0LzEvTS02MnJ3c1VCSjNTaGh5MVZvUW9qVElLUGU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My80NTJjMmItZjJjZi00YTkyLWExY2QtZjAxOThjNmMyNDc0
LzEvWnBhdXBycTNuRWoxM2U1S1JyOUt0azJHTVdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuWHsAwQC
uZhIAwQCuc7AMA0EAgACMAcDBQEqAQCsMA0GCSqGSIb3DQEBCwUAA4IBAQCHbUor
K072elPiVn855bzcBaKwY+w+nDXk8bn19EIum6wU7d38yQzcSr/w4UEXPCZR08Zo
9vKG2cfc3KnWdL7STJ+O4i+chSJdXqjf/fJnE/QfTWe7wcAADhoqsIdsKZ0/f6h1
pUF9d9bxFgGU3lT4aWeCABS4SJhC0KcG6OFpwxrkVH6Fx3CknuUPKn0loC2QNMwY
8lz7fAqgHaKSMedvxxJMLmln8kx0qo7jkXXnDSBRxJyPmsbC8MeT1wuKcG2i7Fox
JGbOqquwa+ubvyUuZIrOqc3A30P3aUYgUVxF++akvHsbRBhjwLsMepd60ZO7BVIe
vNcxQOJfSectEHbF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:39 2024 by rpki-client on console-fra.rpki-client.org