Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/d6ae54-ed67-401a-88f3-7f8c983f14a4/1/tsmYdmG0dJlaGEVCA-8kq7jrYFE.roa
File:                     tsmYdmG0dJlaGEVCA-8kq7jrYFE.roa (raw, json)
Hash identifier:          58Ng5QAFqXdonfAKfizPNxPqd/KlGZzF8TGhzMFYc74=
Subject key identifier:   B6:C9:98:76:61:B4:74:99:5A:18:45:42:03:EF:24:AB:B8:EB:60:51
Certificate issuer:       /CN=eb5da1da1fa1d425cf1dc9e826d65edaed6cd898
Certificate serial:       018570674952E86B234AF4F487D7EA23B596
Authority key identifier: EB:5D:A1:DA:1F:A1:D4:25:CF:1D:C9:E8:26:D6:5E:DA:ED:6C:D8:98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/612h2h-h1CXPHcnoJtZe2u1s2Jg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/d6ae54-ed67-401a-88f3-7f8c983f14a4/1/tsmYdmG0dJlaGEVCA-8kq7jrYFE.roa
Signing time:             Mon 02 Jan 2023 02:54:55 +0000
ROA not before:           Mon 02 Jan 2023 02:54:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197869
IP address blocks:        185.194.92.0/22 maxlen: 22
                          2a00:5980::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:67:49:52:e8:6b:23:4a:f4:f4:87:d7:ea:23:b5:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb5da1da1fa1d425cf1dc9e826d65edaed6cd898
        Validity
            Not Before: Jan  2 02:54:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b6c9987661b474995a18454203ef24abb8eb6051
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:08:20:f3:1b:51:27:60:57:f6:c7:3e:ef:37:
                    86:bd:3d:aa:14:8a:73:fd:a4:0c:fe:77:0d:2f:e4:
                    a4:5d:7c:2b:5e:60:1a:c0:73:ea:d2:c4:31:37:87:
                    db:20:42:ee:83:b6:ed:b2:b9:c3:7a:bc:68:1f:73:
                    6b:8f:31:72:e0:0b:e9:f7:3b:99:ab:f3:3a:b2:4c:
                    fa:5f:c2:6b:80:a8:a9:39:29:1c:20:60:33:f0:0b:
                    e1:f9:e4:80:f3:02:f4:96:a7:09:9d:32:80:ad:d7:
                    a1:52:4d:13:fd:08:6e:5a:ce:da:40:9d:b6:e2:78:
                    67:32:32:80:1b:cb:4c:b0:07:f2:31:0b:f3:fa:58:
                    ad:0f:04:e6:f0:9f:78:28:18:59:b3:72:e0:df:70:
                    ed:bf:42:f0:ae:a3:13:ff:d9:a4:f2:ef:26:e4:e3:
                    53:59:3d:22:c8:c5:e2:e5:12:e2:dd:a7:45:e7:db:
                    30:10:28:b5:59:91:9b:6f:f8:97:05:0d:33:8d:a3:
                    52:31:3a:8d:7f:e6:8a:a6:fa:04:b2:16:a2:31:f9:
                    bd:80:fb:c0:5b:64:07:20:67:60:75:96:94:12:7e:
                    26:61:59:94:95:c7:45:83:54:7d:81:60:a1:e9:15:
                    b3:0f:a4:a7:63:36:91:26:00:36:99:79:7e:51:a3:
                    ea:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:C9:98:76:61:B4:74:99:5A:18:45:42:03:EF:24:AB:B8:EB:60:51
            X509v3 Authority Key Identifier:
                keyid:EB:5D:A1:DA:1F:A1:D4:25:CF:1D:C9:E8:26:D6:5E:DA:ED:6C:D8:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/612h2h-h1CXPHcnoJtZe2u1s2Jg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d6ae54-ed67-401a-88f3-7f8c983f14a4/1/tsmYdmG0dJlaGEVCA-8kq7jrYFE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d6ae54-ed67-401a-88f3-7f8c983f14a4/1/612h2h-h1CXPHcnoJtZe2u1s2Jg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.194.92.0/22
                IPv6:
                  2a00:5980::/32

    Signature Algorithm: sha256WithRSAEncryption
         1c:5f:0b:c5:28:24:14:44:b4:a0:6b:11:d0:6f:28:c7:da:d5:
         5b:ee:14:f7:08:d0:46:47:31:1e:df:4a:42:df:65:fd:0d:58:
         5b:55:46:fa:0d:2a:6e:6a:f5:98:7f:6f:47:82:f8:df:66:6a:
         83:65:bb:20:3f:0f:38:84:f3:b3:6d:64:bc:88:47:38:26:49:
         30:c8:a5:39:32:e0:38:f9:63:cb:cf:a8:23:f6:1f:19:99:6f:
         35:ba:c3:68:88:e1:ac:00:87:3a:0a:ca:a2:c2:97:a7:8b:d0:
         f8:be:d3:47:41:c1:fb:85:5e:c2:29:c6:d6:05:80:1a:fb:ec:
         6a:e4:f0:ed:97:ed:3c:24:63:a5:8c:83:66:49:4b:54:cd:2b:
         ae:ed:52:9b:43:5a:aa:0c:af:31:e6:76:2d:99:cc:b0:76:de:
         c5:de:d1:1d:4d:4d:c0:64:de:3e:e0:1a:39:f8:3d:1b:28:ec:
         33:7c:3e:4f:85:b9:88:b9:a0:bc:02:ef:36:b9:81:63:ab:e1:
         9c:ec:a1:cf:22:59:6d:ca:06:e0:24:d4:28:1f:a2:7d:9e:8b:
         aa:cd:a4:62:88:db:c2:3f:e0:20:45:30:d1:24:b9:c2:cc:43:
         25:82:d6:a4:66:48:de:28:24:44:98:65:a8:90:27:c3:bb:35:
         5e:4a:e3:73
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwZ0lS6GsjSvT0h9fqI7WWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViNWRhMWRhMWZhMWQ0MjVjZjFkYzllODI2ZDY1ZWRhZWQ2
Y2Q4OTgwHhcNMjMwMTAyMDI1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmM5OTg3NjYxYjQ3NDk5NWExODQ1NDIwM2VmMjRhYmI4ZWI2MDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQgg8xtRJ2BX9sc+7zeGvT2qFIpz
/aQM/ncNL+SkXXwrXmAawHPq0sQxN4fbIELug7btsrnDerxoH3NrjzFy4Avp9zuZ
q/M6skz6X8JrgKipOSkcIGAz8Avh+eSA8wL0lqcJnTKArdehUk0T/QhuWs7aQJ22
4nhnMjKAG8tMsAfyMQvz+litDwTm8J94KBhZs3Lg33Dtv0LwrqMT/9mk8u8m5ONT
WT0iyMXi5RLi3adF59swECi1WZGbb/iXBQ0zjaNSMTqNf+aKpvoEshaiMfm9gPvA
W2QHIGdgdZaUEn4mYVmUlcdFg1R9gWCh6RWzD6SnYzaRJgA2mXl+UaPq8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLbJmHZhtHSZWhhFQgPvJKu462BRMB8GA1UdIwQY
MBaAFOtdodofodQlzx3J6CbWXtrtbNiYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjEyaDJoLWgxQ1hQSGNub0p0WmUydTFzMkpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9kNmFlNTQtZWQ2Ny00MDFhLTg4ZjMt
N2Y4Yzk4M2YxNGE0LzEvdHNtWWRtRzBkSmxhR0VWQ0EtOGtxN2pyWUZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9kNmFlNTQtZWQ2Ny00MDFhLTg4ZjMtN2Y4Yzk4M2YxNGE0
LzEvNjEyaDJoLWgxQ1hQSGNub0p0WmUydTFzMkpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucJcMA0E
AgACMAcDBQAqAFmAMA0GCSqGSIb3DQEBCwUAA4IBAQAcXwvFKCQURLSgaxHQbyjH
2tVb7hT3CNBGRzEe30pC32X9DVhbVUb6DSpuavWYf29HgvjfZmqDZbsgPw84hPOz
bWS8iEc4JkkwyKU5MuA4+WPLz6gj9h8ZmW81usNoiOGsAIc6Csqiwpeni9D4vtNH
QcH7hV7CKcbWBYAa++xq5PDtl+08JGOljINmSUtUzSuu7VKbQ1qqDK8x5nYtmcyw
dt7F3tEdTU3AZN4+4Bo5+D0bKOwzfD5PhbmIuaC8Au82uYFjq+Gc7KHPIlltygbg
JNQoH6J9nouqzaRiiNvCP+AgRTDRJLnCzEMlgtakZkjeKCREmGWokCfDuzVeSuNz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:02 2024 by rpki-client on console-fra.rpki-client.org