Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/XhU10lob5SgaxRJyBQQBsjiuinA.roa
File:                     XhU10lob5SgaxRJyBQQBsjiuinA.roa (raw, json)
Hash identifier:          7XjjUw4Zrij89jP4u+hie09QLCA398Gsgfjo/wKZbTI=
Subject key identifier:   5E:15:35:D2:5A:1B:E5:28:1A:C5:12:72:05:04:01:B2:38:AE:8A:70
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018991ACCA1F8C9191F492D65C8A75CA6031
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/XhU10lob5SgaxRJyBQQBsjiuinA.roa
Signing time:             Wed 26 Jul 2023 10:09:27 +0000
ROA not before:           Wed 26 Jul 2023 10:09:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49392
IP address blocks:        185.68.22.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 02 Aug 2023 11:29:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:91:ac:ca:1f:8c:91:91:f4:92:d6:5c:8a:75:ca:60:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jul 26 10:09:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5e1535d25a1be5281ac51272050401b238ae8a70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:5b:82:ed:3f:84:6c:e3:49:22:d7:92:67:52:
                    08:44:e8:9e:3c:ae:5d:10:d1:11:6b:aa:94:82:c9:
                    d9:ac:b5:08:fd:64:78:3a:4d:78:a3:ad:60:45:39:
                    8a:ab:0d:b7:ae:36:6d:6f:2d:b7:fa:cf:f0:c0:c3:
                    6a:8d:3a:8e:b2:be:e4:6e:fc:ea:0d:22:55:f3:25:
                    2c:e2:2d:c5:09:3d:b8:88:20:5c:90:91:9c:e3:36:
                    41:4b:b1:1c:5d:6f:30:21:a2:1c:e0:c3:d8:9c:65:
                    e1:b0:69:1e:58:37:7e:02:39:75:be:11:02:2a:56:
                    5b:62:e7:c6:a6:a0:02:f5:7b:dc:46:23:bc:45:20:
                    ce:bb:ac:30:38:42:85:83:3a:93:7a:65:45:85:1d:
                    79:4a:c1:86:73:86:c3:4b:56:c2:f8:68:8f:50:d7:
                    c3:32:fa:2e:be:6d:de:cc:9c:ee:c1:87:d0:fc:3c:
                    c4:35:59:b0:8a:5d:20:57:65:1a:44:5d:b0:3f:ea:
                    6e:4f:d4:0a:44:9f:b5:12:86:2b:12:fb:0b:4c:e8:
                    a1:57:a6:08:a1:a8:06:ff:7f:1e:fe:8a:31:53:f6:
                    81:11:97:a0:de:4f:bd:2f:8f:c7:15:ad:f8:c0:56:
                    7f:33:11:f8:27:98:65:ed:2f:81:19:69:25:fc:4e:
                    4a:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:15:35:D2:5A:1B:E5:28:1A:C5:12:72:05:04:01:B2:38:AE:8A:70
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/XhU10lob5SgaxRJyBQQBsjiuinA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.68.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bf:44:4f:ae:fd:b3:ad:9a:de:3e:7d:cb:2a:64:03:62:3a:9e:
         56:b8:93:5e:99:95:fd:fa:7e:8b:8f:32:8a:b0:e7:74:30:a4:
         9a:2e:0a:12:38:df:f5:af:b5:26:dc:0b:7e:83:dc:90:2f:1d:
         69:b4:34:ef:a0:8e:9f:d1:1c:bc:dd:14:97:f3:94:6c:38:29:
         49:7a:2a:69:2a:1c:3e:22:b3:df:97:16:f8:44:dd:b2:ce:fc:
         41:c8:00:59:9d:47:f5:ab:66:e9:51:9b:bd:e6:07:d9:4a:d1:
         db:2b:08:d3:f7:2f:6f:17:64:55:c9:c5:01:9b:28:67:92:32:
         d5:d2:26:39:4b:74:98:75:cb:58:ea:86:fd:f8:26:79:cc:6f:
         9b:ec:a9:61:77:42:c7:6f:3b:9b:af:72:9f:87:2c:92:46:83:
         74:19:e1:21:ff:26:bf:34:85:d5:c2:bc:9f:6a:30:ca:4e:90:
         8b:85:6b:5b:75:02:2d:95:08:63:11:67:30:f3:a3:cd:34:52:
         a5:ad:c5:b2:3a:a2:5c:07:5a:91:02:2b:54:d0:08:85:02:b4:
         d6:69:2d:ee:5b:93:a7:8d:0e:60:03:3b:a3:54:5e:5a:4e:f3:
         59:41:0b:66:93:b7:18:c2:59:ef:75:f2:27:50:04:b0:a3:c0:
         88:4a:17:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmRrMofjJGR9JLWXIp1ymAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwNzI2MTAwOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTE1MzVkMjVhMWJlNTI4MWFjNTEyNzIwNTA0MDFiMjM4YWU4YTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVuC7T+EbONJIteSZ1IIROiePK5d
ENERa6qUgsnZrLUI/WR4Ok14o61gRTmKqw23rjZtby23+s/wwMNqjTqOsr7kbvzq
DSJV8yUs4i3FCT24iCBckJGc4zZBS7EcXW8wIaIc4MPYnGXhsGkeWDd+Ajl1vhEC
KlZbYufGpqAC9XvcRiO8RSDOu6wwOEKFgzqTemVFhR15SsGGc4bDS1bC+GiPUNfD
Mvouvm3ezJzuwYfQ/DzENVmwil0gV2UaRF2wP+puT9QKRJ+1EoYrEvsLTOihV6YI
oagG/38e/ooxU/aBEZeg3k+9L4/HFa34wFZ/MxH4J5hl7S+BGWkl/E5KUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF4VNdJaG+UoGsUScgUEAbI4ropwMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvWGhVMTBsb2I1U2dheFJKeUJRUUJzaml1aW5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUQWMA0G
CSqGSIb3DQEBCwUAA4IBAQC/RE+u/bOtmt4+fcsqZANiOp5WuJNemZX9+n6LjzKK
sOd0MKSaLgoSON/1r7Um3At+g9yQLx1ptDTvoI6f0Ry83RSX85RsOClJeippKhw+
IrPflxb4RN2yzvxByABZnUf1q2bpUZu95gfZStHbKwjT9y9vF2RVycUBmyhnkjLV
0iY5S3SYdctY6ob9+CZ5zG+b7Klhd0LHbzubr3KfhyySRoN0GeEh/ya/NIXVwryf
ajDKTpCLhWtbdQItlQhjEWcw86PNNFKlrcWyOqJcB1qRAitU0AiFArTWaS3uW5On
jQ5gAzujVF5aTvNZQQtmk7cYwlnvdfInUASwo8CIShdE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org