Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/htyH5YQAb61dry5lFGpYR2cUGLU.roa
File:                     htyH5YQAb61dry5lFGpYR2cUGLU.roa (raw, json)
Hash identifier:          NYNT76r+54+nt1wjXeps+zEV7PBtWhHQqQ6lkEf9S2M=
Subject key identifier:   86:DC:87:E5:84:00:6F:AD:5D:AF:2E:65:14:6A:58:47:67:14:18:B5
Certificate issuer:       /CN=764928a97be955377013d382c62940e950dd212b
Certificate serial:       0185736856B7D827F3DFC43919AFB77A2A33
Authority key identifier: 76:49:28:A9:7B:E9:55:37:70:13:D3:82:C6:29:40:E9:50:DD:21:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dkkoqXvpVTdwE9OCxilA6VDdISs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/htyH5YQAb61dry5lFGpYR2cUGLU.roa
Signing time:             Mon 02 Jan 2023 16:54:55 +0000
ROA not before:           Mon 02 Jan 2023 16:54:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51131
IP address blocks:        185.205.216.0/22 maxlen: 24
                          2a0b:cc0::/32 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:68:56:b7:d8:27:f3:df:c4:39:19:af:b7:7a:2a:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=764928a97be955377013d382c62940e950dd212b
        Validity
            Not Before: Jan  2 16:54:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=86dc87e584006fad5daf2e65146a5847671418b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:6b:26:93:d4:0c:dd:d2:56:44:4e:fc:45:db:
                    9b:d4:47:ae:fa:88:d4:e8:0c:92:fa:db:82:94:2a:
                    a8:3d:b2:c6:ec:31:4b:39:0e:b0:9e:e4:5c:b1:8f:
                    47:7a:fb:83:86:6e:c4:3f:cb:7c:22:85:9c:58:d0:
                    c7:23:7b:3b:6b:c1:01:27:10:fc:20:c2:46:0d:1a:
                    1d:45:6d:91:55:03:1c:51:0e:7a:29:21:71:e8:8f:
                    28:8a:35:6a:da:2f:2d:52:3d:24:8b:29:02:0d:ac:
                    fb:2c:04:a8:9f:62:af:f9:bd:be:28:49:73:55:6b:
                    07:72:33:81:be:f2:45:01:dc:f5:87:86:04:61:56:
                    6b:e3:5e:4f:29:38:6e:6c:c9:40:71:f2:6e:66:d2:
                    87:e6:e0:d7:eb:59:8f:b9:47:87:8c:f5:b6:7d:b1:
                    40:45:5d:5e:51:a7:22:dc:62:1c:88:80:69:86:c1:
                    d0:38:a9:b8:93:07:56:d9:23:90:5d:62:26:27:dc:
                    2e:ab:e1:41:20:fe:51:70:94:64:6d:72:99:ae:57:
                    36:18:26:bc:02:e3:08:d7:0d:28:7b:c6:d8:29:2d:
                    7a:75:26:ad:0d:fd:31:b9:1c:2c:15:26:41:6a:16:
                    00:38:61:ad:1e:6d:6e:0b:cd:f8:aa:22:c0:96:64:
                    a7:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:DC:87:E5:84:00:6F:AD:5D:AF:2E:65:14:6A:58:47:67:14:18:B5
            X509v3 Authority Key Identifier:
                keyid:76:49:28:A9:7B:E9:55:37:70:13:D3:82:C6:29:40:E9:50:DD:21:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dkkoqXvpVTdwE9OCxilA6VDdISs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/htyH5YQAb61dry5lFGpYR2cUGLU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/dkkoqXvpVTdwE9OCxilA6VDdISs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.205.216.0/22
                IPv6:
                  2a0b:cc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         60:5e:45:1c:61:3e:55:7b:6a:d8:96:8a:9a:6c:0b:e8:c9:66:
         e3:54:36:7c:be:bc:fd:a6:f2:4c:8c:57:38:ff:5d:c6:49:9a:
         52:26:38:fd:c1:0c:dc:c1:40:14:94:4a:bf:f9:f0:a5:e3:43:
         80:8a:55:24:ba:db:dc:4f:7f:d5:62:06:26:7f:65:fe:cb:51:
         4b:b3:7c:ff:b8:3c:5f:22:7b:da:69:7e:66:e6:81:e6:e3:40:
         7b:7a:25:ce:d1:f4:61:5a:a8:dc:d8:15:ad:87:f6:ca:3b:11:
         2e:a5:19:cc:4e:a6:bc:40:49:ec:1d:8e:b9:1c:3e:86:e8:4f:
         5d:9e:46:ee:76:ec:ec:c3:8d:a6:e8:83:7a:7b:31:31:f5:db:
         9d:95:00:82:94:19:0e:73:5f:17:d8:f0:d9:08:4c:2a:81:33:
         69:99:8c:d8:6d:c3:73:7e:6d:5e:6e:74:21:0c:13:d0:a6:4a:
         7f:6e:c8:40:e1:25:b5:65:14:3a:91:98:cd:1e:70:d4:cb:02:
         d9:c2:cf:de:96:a4:78:e2:65:23:77:58:ab:01:b9:ab:87:d8:
         1c:04:79:6d:c8:f1:11:8f:86:e0:da:53:98:18:e1:f8:8c:12:
         dd:2a:8c:a9:97:31:0c:51:6f:9c:90:c6:96:be:f5:f0:15:95:
         60:14:8a:9b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzaFa32Cfz38Q5Ga+3eiozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NDkyOGE5N2JlOTU1Mzc3MDEzZDM4MmM2Mjk0MGU5NTBk
ZDIxMmIwHhcNMjMwMTAyMTY1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmRjODdlNTg0MDA2ZmFkNWRhZjJlNjUxNDZhNTg0NzY3MTQxOGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Gsmk9QM3dJWRE78Rdub1Eeu+ojU
6AyS+tuClCqoPbLG7DFLOQ6wnuRcsY9HevuDhm7EP8t8IoWcWNDHI3s7a8EBJxD8
IMJGDRodRW2RVQMcUQ56KSFx6I8oijVq2i8tUj0kiykCDaz7LASon2Kv+b2+KElz
VWsHcjOBvvJFAdz1h4YEYVZr415PKThubMlAcfJuZtKH5uDX61mPuUeHjPW2fbFA
RV1eUaci3GIciIBphsHQOKm4kwdW2SOQXWImJ9wuq+FBIP5RcJRkbXKZrlc2GCa8
AuMI1w0oe8bYKS16dSatDf0xuRwsFSZBahYAOGGtHm1uC834qiLAlmSnpwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIbch+WEAG+tXa8uZRRqWEdnFBi1MB8GA1UdIwQY
MBaAFHZJKKl76VU3cBPTgsYpQOlQ3SErMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGtrb3FYdnBWVGR3RTlPQ3hpbEE2VkRkSVNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My85NTM2ZjUtZjU2Ni00YzgwLWE3ZDkt
YmMxNTIyNzg5ZDNiLzEvaHR5SDVZUUFiNjFkcnk1bEZHcFlSMmNVR0xVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My85NTM2ZjUtZjU2Ni00YzgwLWE3ZDktYmMxNTIyNzg5ZDNi
LzEvZGtrb3FYdnBWVGR3RTlPQ3hpbEE2VkRkSVNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuc3YMA0E
AgACMAcDBQAqCwzAMA0GCSqGSIb3DQEBCwUAA4IBAQBgXkUcYT5Ve2rYloqabAvo
yWbjVDZ8vrz9pvJMjFc4/13GSZpSJjj9wQzcwUAUlEq/+fCl40OAilUkutvcT3/V
YgYmf2X+y1FLs3z/uDxfInvaaX5m5oHm40B7eiXO0fRhWqjc2BWth/bKOxEupRnM
Tqa8QEnsHY65HD6G6E9dnkbuduzsw42m6IN6ezEx9dudlQCClBkOc18X2PDZCEwq
gTNpmYzYbcNzfm1ebnQhDBPQpkp/bshA4SW1ZRQ6kZjNHnDUywLZws/elqR44mUj
d1irAbmrh9gcBHltyPERj4bg2lOYGOH4jBLdKoyplzEMUW+ckMaWvvXwFZVgFIqb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:41 2024 by rpki-client on console-fra.rpki-client.org