Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/b1e012-12d0-44a3-a6af-b25a67b2eb4a/1/AJlwrBnRooA340V9-79CNb2R8sY.roa
File:                     AJlwrBnRooA340V9-79CNb2R8sY.roa (raw, json)
Hash identifier:          H7SguU71k0rEsXZd5sBuMrooWuzQ1qt7oSVuGUCAjzI=
Subject key identifier:   00:99:70:AC:19:D1:A2:80:37:E3:45:7D:FB:BF:42:35:BD:91:F2:C6
Certificate issuer:       /CN=06a757442e47f82608bef423dac344c25358dbf9
Certificate serial:       01856DAF5B7C2B0FCEDEA35ADD35F28713E2
Authority key identifier: 06:A7:57:44:2E:47:F8:26:08:BE:F4:23:DA:C3:44:C2:53:58:DB:F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BqdXRC5H-CYIvvQj2sNEwlNY2_k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6b/b1e012-12d0-44a3-a6af-b25a67b2eb4a/1/AJlwrBnRooA340V9-79CNb2R8sY.roa
Signing time:             Sun 01 Jan 2023 14:14:46 +0000
ROA not before:           Sun 01 Jan 2023 14:14:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56694
IP address blocks:        185.217.128.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:af:5b:7c:2b:0f:ce:de:a3:5a:dd:35:f2:87:13:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06a757442e47f82608bef423dac344c25358dbf9
        Validity
            Not Before: Jan  1 14:14:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=009970ac19d1a28037e3457dfbbf4235bd91f2c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:ad:f6:d4:bd:e9:70:df:10:5f:9b:82:1d:dd:
                    07:8b:44:b8:19:83:af:24:bd:45:52:95:6a:37:f3:
                    7f:29:eb:dc:74:1c:ec:8f:89:55:62:dd:84:b0:4b:
                    9d:11:9a:8a:29:16:f8:85:78:ee:c1:bf:ae:7d:78:
                    61:be:bf:b4:cb:dd:e2:9c:d1:14:78:98:db:6c:38:
                    0b:78:86:ea:6e:0e:dd:0d:0d:37:be:e7:cd:af:02:
                    61:7c:2e:a2:4e:98:3f:b2:af:31:a7:f2:ee:eb:d2:
                    78:92:80:f7:11:c0:2c:e7:b3:dd:77:1a:95:ac:55:
                    ae:cf:97:30:6c:5e:6e:eb:84:60:78:2f:92:8f:6c:
                    3e:ac:1a:2f:24:ff:15:d4:25:71:37:8f:62:4e:fd:
                    e6:66:18:e9:59:30:58:78:98:f3:e9:cf:1c:3f:62:
                    dc:9b:7e:31:80:e4:39:8e:13:fd:83:e6:42:a9:d5:
                    76:fa:1d:63:12:8a:55:c0:31:08:8a:e9:c4:fd:36:
                    ad:fc:77:d9:3c:cf:e2:b9:22:e0:c5:32:96:86:81:
                    24:e7:72:a1:3e:a4:19:07:b4:8b:a0:be:b0:d2:0a:
                    dc:13:37:74:a6:c2:75:a5:b3:4f:d6:2c:cb:2c:d8:
                    1e:b1:e4:38:1d:1d:5f:51:c6:0c:db:da:d7:ed:69:
                    d9:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:99:70:AC:19:D1:A2:80:37:E3:45:7D:FB:BF:42:35:BD:91:F2:C6
            X509v3 Authority Key Identifier:
                keyid:06:A7:57:44:2E:47:F8:26:08:BE:F4:23:DA:C3:44:C2:53:58:DB:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BqdXRC5H-CYIvvQj2sNEwlNY2_k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/b1e012-12d0-44a3-a6af-b25a67b2eb4a/1/AJlwrBnRooA340V9-79CNb2R8sY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/b1e012-12d0-44a3-a6af-b25a67b2eb4a/1/BqdXRC5H-CYIvvQj2sNEwlNY2_k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.217.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:f9:77:53:1d:35:4c:e7:b9:5b:8e:08:db:b9:13:2a:77:ca:
         fe:b8:42:8d:c2:b9:7f:d0:ab:22:2a:bb:59:32:62:d1:f6:98:
         82:68:38:cf:fa:62:73:e7:f6:c2:a1:02:18:de:ff:53:22:b0:
         fa:ed:5c:25:84:39:46:48:bb:b9:1c:6b:10:d6:48:e5:e9:9a:
         ad:1b:e7:9b:d4:95:ac:1f:5f:e0:d0:6d:48:65:6e:8a:ff:57:
         3b:9c:d2:8c:ce:ad:da:66:a8:a4:d5:3f:63:d5:c3:11:eb:4f:
         11:3c:cd:64:8d:3d:f5:c1:cc:ab:59:07:de:ad:2b:67:81:ac:
         b4:96:29:ff:92:20:83:d6:b6:3a:d0:3d:0e:6f:d0:0b:e8:87:
         84:cb:44:f1:ec:be:d7:f3:cc:75:29:e8:f2:d6:b1:61:dd:3c:
         e0:09:3f:29:74:dd:2b:c9:54:b7:8b:2a:7e:e9:c1:17:ce:de:
         c0:c5:3d:42:17:49:62:eb:60:f2:95:33:34:8a:11:46:72:e2:
         1b:54:67:f0:eb:d4:4f:f0:46:3c:2f:11:0d:99:15:52:9d:1c:
         f6:d5:08:bc:b0:14:df:e3:37:8c:6d:96:db:1f:cb:63:76:25:
         2c:6d:ab:45:4a:30:ef:c1:0f:7f:a8:c7:bc:68:7e:34:08:83:
         d2:10:03:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtr1t8Kw/O3qNa3TXyhxPiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2YTc1NzQ0MmU0N2Y4MjYwOGJlZjQyM2RhYzM0NGMyNTM1
OGRiZjkwHhcNMjMwMTAxMTQxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDk5NzBhYzE5ZDFhMjgwMzdlMzQ1N2RmYmJmNDIzNWJkOTFmMmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkK321L3pcN8QX5uCHd0Hi0S4GYOv
JL1FUpVqN/N/KevcdBzsj4lVYt2EsEudEZqKKRb4hXjuwb+ufXhhvr+0y93inNEU
eJjbbDgLeIbqbg7dDQ03vufNrwJhfC6iTpg/sq8xp/Lu69J4koD3EcAs57PddxqV
rFWuz5cwbF5u64RgeC+Sj2w+rBovJP8V1CVxN49iTv3mZhjpWTBYeJjz6c8cP2Lc
m34xgOQ5jhP9g+ZCqdV2+h1jEopVwDEIiunE/Tat/HfZPM/iuSLgxTKWhoEk53Kh
PqQZB7SLoL6w0grcEzd0psJ1pbNP1izLLNgeseQ4HR1fUcYM29rX7WnZ3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFACZcKwZ0aKAN+NFffu/QjW9kfLGMB8GA1UdIwQY
MBaAFAanV0QuR/gmCL70I9rDRMJTWNv5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnFkWFJDNUgtQ1lJdnZRajJzTkV3bE5ZMl9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9iMWUwMTItMTJkMC00NGEzLWE2YWYt
YjI1YTY3YjJlYjRhLzEvQUpsd3JCblJvb0EzNDBWOS03OUNOYjJSOHNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9iMWUwMTItMTJkMC00NGEzLWE2YWYtYjI1YTY3YjJlYjRh
LzEvQnFkWFJDNUgtQ1lJdnZRajJzTkV3bE5ZMl9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudmAMA0G
CSqGSIb3DQEBCwUAA4IBAQBC+XdTHTVM57lbjgjbuRMqd8r+uEKNwrl/0KsiKrtZ
MmLR9piCaDjP+mJz5/bCoQIY3v9TIrD67VwlhDlGSLu5HGsQ1kjl6ZqtG+eb1JWs
H1/g0G1IZW6K/1c7nNKMzq3aZqik1T9j1cMR608RPM1kjT31wcyrWQferStngay0
lin/kiCD1rY60D0Ob9AL6IeEy0Tx7L7X88x1Kejy1rFh3TzgCT8pdN0ryVS3iyp+
6cEXzt7AxT1CF0li62DylTM0ihFGcuIbVGfw69RP8EY8LxENmRVSnRz21Qi8sBTf
4zeMbZbbH8tjdiUsbatFSjDvwQ9/qMe8aH40CIPSEANi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:23 2024 by rpki-client on console-ams.rpki-client.org