Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/VMb7gR7hO9CmSM4HdiHe6Xq9U5M.roa
File:                     VMb7gR7hO9CmSM4HdiHe6Xq9U5M.roa (raw, json)
Hash identifier:          jRc63S31I0mpViu0+aOhGI2xNq0kseZP4DBAc6/kds8=
Subject key identifier:   54:C6:FB:81:1E:E1:3B:D0:A6:48:CE:07:76:21:DE:E9:7A:BD:53:93
Certificate issuer:       /CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc
Certificate serial:       018570798DBFA6A0234AD5A36D3AF7A75EC3
Authority key identifier: 7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/VMb7gR7hO9CmSM4HdiHe6Xq9U5M.roa
Signing time:             Mon 02 Jan 2023 03:14:52 +0000
ROA not before:           Mon 02 Jan 2023 03:14:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60800
IP address blocks:        185.181.116.0/22 maxlen: 24
                          91.197.228.0/22 maxlen: 24
                          2a0a:cb80::/32 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:35:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:79:8d:bf:a6:a0:23:4a:d5:a3:6d:3a:f7:a7:5e:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc
        Validity
            Not Before: Jan  2 03:14:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=54c6fb811ee13bd0a648ce077621dee97abd5393
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:59:b9:94:1c:b2:d6:38:ca:b0:17:8b:f5:91:
                    5a:33:42:12:0b:89:43:bc:41:c7:df:46:df:b5:a4:
                    6f:b2:34:68:e4:e9:47:2b:c4:f7:15:39:21:e4:1c:
                    09:65:54:ae:5c:7d:fe:31:c0:17:73:03:39:35:6b:
                    6b:56:3d:64:32:80:76:1c:4b:db:04:76:5a:25:d1:
                    0d:d5:8a:99:a0:7a:89:30:81:6e:8a:37:6d:47:99:
                    2f:3d:41:93:5d:c5:9a:38:e7:7b:76:19:1b:09:91:
                    d6:38:06:af:bb:20:7c:df:04:c2:07:df:07:76:f9:
                    12:c3:6e:a5:91:f4:74:7f:44:f0:b1:b2:ca:d0:c2:
                    43:2d:5e:39:f4:3d:60:47:6f:b9:4f:bd:8f:c9:22:
                    29:3f:18:99:ce:7d:fd:79:5a:fb:bb:41:51:fd:1b:
                    ae:cf:75:3b:bb:7b:b1:a1:42:d5:94:13:33:99:96:
                    b5:ea:aa:06:1a:50:96:d7:a6:a0:00:0b:69:59:5f:
                    9b:d1:5d:d8:c8:8a:9d:a3:47:f4:bf:a5:d2:7d:63:
                    bf:cf:ec:10:19:e5:a7:16:f2:ab:30:78:f8:70:47:
                    16:84:ae:08:74:aa:2d:0e:ef:57:44:b3:e3:49:25:
                    e3:11:af:8c:63:61:f4:c1:ab:2b:2b:84:a2:a7:67:
                    42:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:C6:FB:81:1E:E1:3B:D0:A6:48:CE:07:76:21:DE:E9:7A:BD:53:93
            X509v3 Authority Key Identifier:
                keyid:7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/VMb7gR7hO9CmSM4HdiHe6Xq9U5M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.197.228.0/22
                  185.181.116.0/22
                IPv6:
                  2a0a:cb80::/32

    Signature Algorithm: sha256WithRSAEncryption
         32:5d:b0:da:a2:cc:22:92:e7:02:11:34:9b:79:06:58:c3:2b:
         c0:81:ee:e3:aa:55:fa:29:f5:67:d3:a4:6d:03:7e:6b:62:d0:
         8c:d1:4f:b1:15:4c:d2:95:ab:18:d6:8b:ad:ad:5e:07:60:b9:
         84:f8:17:09:be:4a:f6:b1:58:e6:5d:f8:cb:36:2d:44:5e:8f:
         78:ef:02:af:67:4d:d3:68:db:11:20:de:a8:0e:36:98:ed:aa:
         42:d8:f9:ae:fb:a3:a9:9f:e6:b1:77:34:74:4d:92:65:e0:f6:
         b9:60:c6:a9:b1:9b:a4:4c:f5:cc:4a:40:1a:89:c5:4e:d4:2d:
         a6:9b:3d:91:4a:c7:24:ae:2e:39:16:26:8f:23:f8:57:91:33:
         b8:97:de:38:a7:c0:05:6f:34:64:75:fb:5e:a0:83:99:ea:78:
         be:0a:38:a9:80:cf:43:72:35:b6:14:14:a1:d2:cc:7f:bf:38:
         26:4d:86:c4:ca:0c:51:5d:d2:11:ad:ee:04:90:a7:c4:8a:ab:
         ee:53:56:1c:8d:d8:82:c5:df:24:91:1c:11:b8:5f:3a:56:f0:
         67:2a:49:0d:a5:90:ed:8a:a3:cb:ae:4f:14:1c:b2:e4:a3:7c:
         d4:bb:83:cb:66:6f:0e:90:99:3c:5e:d7:0a:b3:5a:88:aa:74:
         95:0c:ee:97
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVweY2/pqAjStWjbTr3p17DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYTI4OWViZTkzMzUxMjM2YTU1ODBlYjViNzAxMDJjZjNm
MTFkZmMwHhcNMjMwMTAyMDMxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGM2ZmI4MTFlZTEzYmQwYTY0OGNlMDc3NjIxZGVlOTdhYmQ1MzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFm5lByy1jjKsBeL9ZFaM0ISC4lD
vEHH30bftaRvsjRo5OlHK8T3FTkh5BwJZVSuXH3+McAXcwM5NWtrVj1kMoB2HEvb
BHZaJdEN1YqZoHqJMIFuijdtR5kvPUGTXcWaOOd7dhkbCZHWOAavuyB83wTCB98H
dvkSw26lkfR0f0TwsbLK0MJDLV459D1gR2+5T72PySIpPxiZzn39eVr7u0FR/Ruu
z3U7u3uxoULVlBMzmZa16qoGGlCW16agAAtpWV+b0V3YyIqdo0f0v6XSfWO/z+wQ
GeWnFvKrMHj4cEcWhK4IdKotDu9XRLPjSSXjEa+MY2H0wasrK4Sip2dCMQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFTG+4Ee4TvQpkjOB3Yh3ul6vVOTMB8GA1UdIwQY
MBaAFHuiievpM1EjalWA61twECzz8R38MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMt
ZDE2M2I1NDk5ZTY4LzEvVk1iN2dSN2hPOUNtU000SGRpSGU2WHE5VTVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMtZDE2M2I1NDk5ZTY4
LzEvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8XkAwQC
ubV0MA0EAgACMAcDBQAqCsuAMA0GCSqGSIb3DQEBCwUAA4IBAQAyXbDaoswikucC
ETSbeQZYwyvAge7jqlX6KfVn06RtA35rYtCM0U+xFUzSlasY1outrV4HYLmE+BcJ
vkr2sVjmXfjLNi1EXo947wKvZ03TaNsRIN6oDjaY7apC2Pmu+6Opn+axdzR0TZJl
4Pa5YMapsZukTPXMSkAaicVO1C2mmz2RSsckri45FiaPI/hXkTO4l944p8AFbzRk
dfteoIOZ6ni+CjipgM9DcjW2FBSh0sx/vzgmTYbEygxRXdIRre4EkKfEiqvuU1Yc
jdiCxd8kkRwRuF86VvBnKkkNpZDtiqPLrk8UHLLko3zUu4PLZm8OkJk8XtcKs1qI
qnSVDO6X
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:24 2024 by rpki-client on console-ams.rpki-client.org