Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/6x2aTBjof1MwNJ-SnI-hBKHu4H4.roa
File:                     6x2aTBjof1MwNJ-SnI-hBKHu4H4.roa (raw, json)
Hash identifier:          35JoTXyfL4ycRgG2HO3veqNd2sBzZAY/g3lWFKhA5ZA=
Subject key identifier:   EB:1D:9A:4C:18:E8:7F:53:30:34:9F:92:9C:8F:A1:04:A1:EE:E0:7E
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       0189D1A6366C4DB8455A24D61DC6D3B2F241
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/6x2aTBjof1MwNJ-SnI-hBKHu4H4.roa
Signing time:             Mon 07 Aug 2023 20:17:58 +0000
ROA not before:           Mon 07 Aug 2023 20:17:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41957
IP address blocks:        185.191.213.0/24 maxlen: 24
                          194.147.89.0/24 maxlen: 24
                          185.21.141.0/24 maxlen: 24
                          194.93.59.0/24 maxlen: 24
                          85.209.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:d1:a6:36:6c:4d:b8:45:5a:24:d6:1d:c6:d3:b2:f2:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Aug  7 20:17:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eb1d9a4c18e87f5330349f929c8fa104a1eee07e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:96:07:ec:b5:6b:12:ba:01:ce:5b:60:e6:3b:
                    5a:be:44:c9:c0:23:2e:2b:bf:6f:3d:1c:8f:2f:b6:
                    78:78:60:73:ad:02:9d:dc:1f:f3:35:74:67:e3:a1:
                    81:0e:ae:6e:89:0b:cc:fe:cc:7c:68:5e:8f:25:36:
                    72:cc:0a:c9:e5:33:5c:42:f6:c3:d2:74:a0:c2:6b:
                    c8:69:60:15:78:62:a1:c8:cd:41:22:e2:65:92:18:
                    23:c8:c8:f2:8b:0b:b1:fd:28:5f:b8:34:91:4c:25:
                    1a:32:2b:04:c3:18:f4:8a:e1:c1:c9:bd:86:71:e9:
                    0e:23:ff:a9:a9:7e:6d:f2:6d:96:92:4a:25:b3:32:
                    4b:15:8a:99:c6:7b:44:88:e8:8c:14:50:39:9a:1d:
                    5f:46:63:ad:5d:b0:a9:2e:39:f8:0c:32:09:0f:6a:
                    dc:27:29:76:98:67:b3:74:a0:93:ea:67:0a:8c:d1:
                    54:f3:9d:78:06:08:d0:71:64:e2:d2:c2:78:cc:de:
                    12:80:df:c9:1c:e9:8b:7a:63:90:62:5e:76:7f:3d:
                    51:90:e4:bb:b2:3b:3c:cb:18:ea:d7:7d:ce:78:91:
                    d0:9d:02:3c:a6:8d:d7:57:8a:34:d5:b3:87:62:df:
                    e3:a6:98:99:a3:2b:3c:34:91:7a:dc:e9:4b:64:06:
                    25:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:1D:9A:4C:18:E8:7F:53:30:34:9F:92:9C:8F:A1:04:A1:EE:E0:7E
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/6x2aTBjof1MwNJ-SnI-hBKHu4H4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.209.10.0/24
                  185.21.141.0/24
                  185.191.213.0/24
                  194.93.59.0/24
                  194.147.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:2c:15:6e:8c:77:32:54:3f:19:c9:51:26:c4:38:95:43:28:
         c7:fc:91:de:a6:3f:a9:d7:f1:8a:e5:c7:af:e6:f3:bc:e3:72:
         9a:ea:b2:96:69:aa:7a:1d:9b:46:a5:bf:ad:26:ec:db:36:64:
         3b:04:91:60:20:86:68:27:7d:9d:31:04:54:59:55:3f:8c:ba:
         b4:d4:03:ab:f5:fa:3c:3c:12:5c:cc:f3:c0:38:7b:34:09:2c:
         6c:49:ff:58:85:20:2a:5d:91:28:a0:79:70:ff:d0:4a:5d:c5:
         f5:d6:09:00:b5:ee:85:53:d6:93:ee:8c:b6:31:79:25:81:36:
         69:50:ae:3d:4d:3f:8b:fd:42:38:aa:fd:28:12:ca:76:d0:54:
         2b:5b:d6:d7:ca:a1:4d:99:b3:08:bc:67:19:52:73:90:51:4b:
         02:21:62:4b:17:64:3f:6a:33:c5:52:ff:76:56:38:0f:a3:c9:
         c0:e8:b7:b4:3c:56:ac:b7:c7:2b:d0:8e:a9:51:4f:cc:4b:88:
         a0:5a:8a:fd:72:b9:f3:76:2e:cc:db:38:bd:46:3f:4a:03:41:
         0e:a8:84:e6:2b:54:ab:6f:12:74:61:f5:55:38:3c:b6:6a:3a:
         93:e9:4b:61:23:53:09:bb:ed:02:44:5f:f5:3c:a6:c6:61:74:
         a4:bd:22:6f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYnRpjZsTbhFWiTWHcbTsvJBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwODA3MjAxNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjFkOWE0YzE4ZTg3ZjUzMzAzNDlmOTI5YzhmYTEwNGExZWVlMDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZYH7LVrEroBzltg5jtavkTJwCMu
K79vPRyPL7Z4eGBzrQKd3B/zNXRn46GBDq5uiQvM/sx8aF6PJTZyzArJ5TNcQvbD
0nSgwmvIaWAVeGKhyM1BIuJlkhgjyMjyiwux/ShfuDSRTCUaMisEwxj0iuHByb2G
cekOI/+pqX5t8m2WkkolszJLFYqZxntEiOiMFFA5mh1fRmOtXbCpLjn4DDIJD2rc
Jyl2mGezdKCT6mcKjNFU8514BgjQcWTi0sJ4zN4SgN/JHOmLemOQYl52fz1RkOS7
sjs8yxjq133OeJHQnQI8po3XV4o01bOHYt/jppiZoys8NJF63OlLZAYl9QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOsdmkwY6H9TMDSfkpyPoQSh7uB+MB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvNngyYVRCam9mMU13TkotU25JLWhCS0h1NEg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVdEKAwQA
uRWNAwQAub/VAwQAwl07AwQAwpNZMA0GCSqGSIb3DQEBCwUAA4IBAQBrLBVujHcy
VD8ZyVEmxDiVQyjH/JHepj+p1/GK5cev5vO843Ka6rKWaap6HZtGpb+tJuzbNmQ7
BJFgIIZoJ32dMQRUWVU/jLq01AOr9fo8PBJczPPAOHs0CSxsSf9YhSAqXZEooHlw
/9BKXcX11gkAte6FU9aT7oy2MXklgTZpUK49TT+L/UI4qv0oEsp20FQrW9bXyqFN
mbMIvGcZUnOQUUsCIWJLF2Q/ajPFUv92VjgPo8nA6Le0PFast8cr0I6pUU/MS4ig
Wor9crnzdi7M2zi9Rj9KA0EOqITmK1SrbxJ0YfVVODy2ajqT6UthI1MJu+0CRF/1
PKbGYXSkvSJv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org