Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/3OJFYEyMdb6HuLs84S1qZTaHki0.roa
File:                     3OJFYEyMdb6HuLs84S1qZTaHki0.roa (raw, json)
Hash identifier:          HmW3QD0zpGYLxAoxet23L1cYc+BaDb/ILcaPFD8oQfI=
Subject key identifier:   DC:E2:45:60:4C:8C:75:BE:87:B8:BB:3C:E1:2D:6A:65:36:87:92:2D
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       0187B79C881E4CB27CC405B75846D7C37843
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/3OJFYEyMdb6HuLs84S1qZTaHki0.roa
Signing time:             Tue 25 Apr 2023 08:51:41 +0000
ROA not before:           Tue 25 Apr 2023 08:51:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        185.68.22.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 26 Jul 2023 10:10:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:b7:9c:88:1e:4c:b2:7c:c4:05:b7:58:46:d7:c3:78:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Apr 25 08:51:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dce245604c8c75be87b8bb3ce12d6a653687922d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:de:17:ab:f7:82:d7:01:90:01:ff:e7:28:09:
                    58:61:5d:7c:63:44:15:ac:30:e4:1f:93:16:96:fe:
                    14:8b:c8:9d:90:fc:e2:c6:17:7c:02:e4:16:ac:8b:
                    e6:58:c5:78:6f:cf:3e:da:68:ac:65:03:fd:7a:4e:
                    8a:62:85:90:4a:18:56:64:0f:8f:c0:6b:1f:19:19:
                    fb:c7:9d:1b:ae:54:84:3d:af:ae:f3:67:2d:92:ba:
                    2a:a9:f9:89:09:9f:d1:14:45:82:48:48:1f:22:3e:
                    80:4f:c6:97:a7:ba:6b:b5:7d:b4:e0:16:50:6a:ef:
                    3b:8a:7a:74:b7:12:c3:f5:66:08:f5:95:dd:7e:94:
                    b8:3f:f3:29:5c:6b:72:c8:a0:4d:59:c1:c7:a8:16:
                    9d:5b:37:5c:05:5f:3e:3c:16:d9:bc:0b:9b:dd:e1:
                    a5:bb:cd:db:9c:7c:27:83:64:0c:68:cc:3c:f8:da:
                    0f:73:3a:b1:2d:53:3b:93:71:a7:1e:77:c0:7b:9c:
                    63:99:da:81:ad:7f:34:fc:f1:36:4a:b8:95:e5:10:
                    de:7c:42:a7:ff:8a:8d:86:0d:c4:4c:54:86:63:a4:
                    7d:37:0c:d2:d5:4b:24:54:df:19:c0:3b:e8:3f:0e:
                    e8:f4:9c:f0:3c:ba:d3:97:37:d8:c7:4f:57:59:6c:
                    31:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:E2:45:60:4C:8C:75:BE:87:B8:BB:3C:E1:2D:6A:65:36:87:92:2D
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/3OJFYEyMdb6HuLs84S1qZTaHki0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.68.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b8:b6:fe:a2:4c:df:5b:d1:b2:61:76:92:43:f1:86:c8:49:a1:
         29:b1:81:10:76:a9:41:d5:5b:33:78:f1:c7:e3:5c:71:a5:0f:
         2e:1b:df:0b:42:b6:20:2e:74:71:ec:fb:93:9d:9f:05:b5:f3:
         3b:9c:ec:87:76:94:6a:f0:28:3d:d3:df:22:26:1d:d4:24:c3:
         0c:32:5f:d2:b9:0a:c1:70:8a:97:6d:25:ac:dd:de:cd:af:60:
         8a:d3:3d:6b:44:f7:97:08:97:29:15:fa:35:75:b0:ed:05:bd:
         ee:a6:d3:bd:81:6f:a4:82:ed:11:82:0e:c6:b1:17:9a:37:48:
         6b:d2:d1:47:ec:b1:22:02:0d:47:7f:38:6c:f7:73:fe:42:c5:
         4e:6a:04:d6:0a:0b:68:4c:f9:8d:bb:1b:95:8d:37:95:db:89:
         0f:59:5b:ac:23:7b:3a:ff:91:32:e8:40:a6:19:f6:84:a6:a4:
         c2:1c:b9:13:10:24:dc:4a:fe:93:92:14:b4:1b:14:71:43:2e:
         2d:de:de:53:85:4e:96:cd:99:46:39:da:12:d4:a5:e0:e9:7e:
         fb:49:89:ad:9c:5f:97:25:4b:7f:60:f4:d5:f2:95:3c:15:c5:
         c9:d7:c9:6d:11:8c:a9:a5:2e:40:43:d9:1a:8f:b2:1a:aa:79:
         0b:05:a4:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe3nIgeTLJ8xAW3WEbXw3hDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwNDI1MDg1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2UyNDU2MDRjOGM3NWJlODdiOGJiM2NlMTJkNmE2NTM2ODc5MjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoN4Xq/eC1wGQAf/nKAlYYV18Y0QV
rDDkH5MWlv4Ui8idkPzixhd8AuQWrIvmWMV4b88+2misZQP9ek6KYoWQShhWZA+P
wGsfGRn7x50brlSEPa+u82ctkroqqfmJCZ/RFEWCSEgfIj6AT8aXp7prtX204BZQ
au87inp0txLD9WYI9ZXdfpS4P/MpXGtyyKBNWcHHqBadWzdcBV8+PBbZvAub3eGl
u83bnHwng2QMaMw8+NoPczqxLVM7k3GnHnfAe5xjmdqBrX80/PE2SriV5RDefEKn
/4qNhg3ETFSGY6R9NwzS1UskVN8ZwDvoPw7o9JzwPLrTlzfYx09XWWwxNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNziRWBMjHW+h7i7POEtamU2h5ItMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvM09KRllFeU1kYjZIdUxzODRTMXFaVGFIa2kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUQWMA0G
CSqGSIb3DQEBCwUAA4IBAQC4tv6iTN9b0bJhdpJD8YbISaEpsYEQdqlB1VszePHH
41xxpQ8uG98LQrYgLnRx7PuTnZ8FtfM7nOyHdpRq8Cg9098iJh3UJMMMMl/SuQrB
cIqXbSWs3d7Nr2CK0z1rRPeXCJcpFfo1dbDtBb3uptO9gW+kgu0Rgg7GsReaN0hr
0tFH7LEiAg1Hfzhs93P+QsVOagTWCgtoTPmNuxuVjTeV24kPWVusI3s6/5Ey6ECm
GfaEpqTCHLkTECTcSv6TkhS0GxRxQy4t3t5ThU6WzZlGOdoS1KXg6X77SYmtnF+X
JUt/YPTV8pU8FcXJ18ltEYyppS5AQ9kaj7IaqnkLBaQB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org