Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/067630-306e-4c37-8bcc-4f021c73ef74/1/6FyPfJpBWZYnG6Bb_4_1OORrAt4.roa
File:                     6FyPfJpBWZYnG6Bb_4_1OORrAt4.roa (raw, json)
Hash identifier:          qq9vp21DEkQbVb2oht7u622AwXZUm5qDMoA5vyO0fj0=
Subject key identifier:   E8:5C:8F:7C:9A:41:59:96:27:1B:A0:5B:FF:8F:F5:38:E4:6B:02:DE
Certificate issuer:       /CN=344fdad10ee55b3282a64246a41dc61a8922d25d
Certificate serial:       018E135DD7D8DF5666C400368C896C7B3FDB
Authority key identifier: 34:4F:DA:D1:0E:E5:5B:32:82:A6:42:46:A4:1D:C6:1A:89:22:D2:5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NE_a0Q7lWzKCpkJGpB3GGoki0l0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/067630-306e-4c37-8bcc-4f021c73ef74/1/6FyPfJpBWZYnG6Bb_4_1OORrAt4.roa
Signing time:             Wed 06 Mar 2024 10:45:00 +0000
ROA not before:           Wed 06 Mar 2024 10:45:00 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43395
IP address blocks:        185.186.48.0/24 maxlen: 24
                          185.186.49.0/24 maxlen: 24
                          185.186.50.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 24 Apr 2024 12:10:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:13:5d:d7:d8:df:56:66:c4:00:36:8c:89:6c:7b:3f:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=344fdad10ee55b3282a64246a41dc61a8922d25d
        Validity
            Not Before: Mar  6 10:45:00 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e85c8f7c9a415996271ba05bff8ff538e46b02de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:b4:84:c0:85:59:cd:41:e2:18:77:8d:14:75:
                    a8:02:95:7a:2a:16:47:eb:09:2b:82:86:67:da:65:
                    ef:6e:69:ec:a7:bb:47:bc:f1:98:ae:09:48:4e:34:
                    3f:57:71:ae:30:a1:7b:01:1e:4a:77:28:aa:fa:b1:
                    b6:25:ae:74:1a:2e:be:3f:35:93:b7:40:1d:7d:c0:
                    4f:05:06:ac:99:53:b8:42:ed:14:50:e5:4a:85:ef:
                    d7:56:d7:3c:1c:05:3a:3f:d1:b7:4c:98:ca:15:f3:
                    d8:c0:06:4a:ec:09:23:92:7b:57:60:3b:61:57:77:
                    cd:13:5d:aa:44:2e:2a:55:a4:36:93:f8:0d:ed:10:
                    a5:9f:f9:91:7e:f4:16:75:37:88:f6:9a:e8:51:cb:
                    aa:b2:d3:7f:7f:db:d7:c7:9f:93:13:ce:4f:87:0d:
                    82:a7:f5:40:50:d1:de:52:00:e9:dc:25:29:e1:e1:
                    17:30:7a:ee:19:b7:ab:6a:d9:7c:bf:fd:45:9d:73:
                    1b:5f:bc:98:4e:5d:75:87:0d:ed:50:f6:e8:e2:7a:
                    11:d7:be:82:99:87:9d:95:4d:1b:53:52:fe:7d:41:
                    d3:0a:ea:f2:90:30:8a:d7:dc:b7:a7:2b:0c:35:6b:
                    a4:e0:bf:21:7c:c9:f4:ed:a7:89:f8:b3:67:a1:f9:
                    c7:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:5C:8F:7C:9A:41:59:96:27:1B:A0:5B:FF:8F:F5:38:E4:6B:02:DE
            X509v3 Authority Key Identifier:
                keyid:34:4F:DA:D1:0E:E5:5B:32:82:A6:42:46:A4:1D:C6:1A:89:22:D2:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NE_a0Q7lWzKCpkJGpB3GGoki0l0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/067630-306e-4c37-8bcc-4f021c73ef74/1/6FyPfJpBWZYnG6Bb_4_1OORrAt4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/067630-306e-4c37-8bcc-4f021c73ef74/1/NE_a0Q7lWzKCpkJGpB3GGoki0l0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.186.48.0-185.186.50.255

    Signature Algorithm: sha256WithRSAEncryption
         2f:db:3d:00:01:3a:49:78:3b:62:92:74:21:e4:dd:63:03:33:
         dd:5e:f3:e0:80:a9:15:bd:f3:0b:08:6f:65:fb:d6:ff:18:ab:
         71:c6:c7:b1:c2:42:c1:5f:d0:fc:de:55:43:bb:c8:9c:68:d1:
         4d:38:e5:1d:3f:fc:b8:08:aa:d7:8c:64:ad:a9:49:fb:e4:f1:
         4a:5c:49:c1:9a:50:f4:ba:5c:53:6a:2c:0a:e8:63:f9:f0:29:
         f8:db:86:8b:d1:c9:e1:22:78:fa:58:da:2f:5d:e4:53:41:a2:
         b9:8d:9b:0f:20:fb:bc:18:93:f8:46:2a:bb:b7:48:83:1e:5d:
         e4:87:72:77:2f:ea:37:47:6d:da:51:9c:eb:e2:20:08:3f:c5:
         0e:bd:49:3b:bc:ca:92:cf:1c:48:df:1e:64:ac:6a:c0:73:37:
         c8:a3:f2:7f:7f:49:8f:ee:ae:4e:e8:f9:b6:99:c3:e7:9e:28:
         bc:4a:f9:7c:6d:eb:8d:0d:a0:21:5b:fb:1f:5f:89:b6:30:41:
         25:96:73:fa:cc:87:f5:14:4f:9d:2d:d3:35:54:56:4d:3a:64:
         96:bb:0a:f7:5e:6f:30:78:71:a2:e5:da:43:bf:59:74:ad:64:
         4c:ed:56:66:8a:2b:82:6e:e2:29:bc:f9:9c:9d:a1:61:65:4a:
         ca:fe:ac:89
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY4TXdfY31ZmxAA2jIlsez/bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NGZkYWQxMGVlNTViMzI4MmE2NDI0NmE0MWRjNjFhODky
MmQyNWQwHhcNMjQwMzA2MTA0NTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODVjOGY3YzlhNDE1OTk2MjcxYmEwNWJmZjhmZjUzOGU0NmIwMmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrSEwIVZzUHiGHeNFHWoApV6KhZH
6wkrgoZn2mXvbmnsp7tHvPGYrglITjQ/V3GuMKF7AR5Kdyiq+rG2Ja50Gi6+PzWT
t0AdfcBPBQasmVO4Qu0UUOVKhe/XVtc8HAU6P9G3TJjKFfPYwAZK7AkjkntXYDth
V3fNE12qRC4qVaQ2k/gN7RCln/mRfvQWdTeI9proUcuqstN/f9vXx5+TE85Phw2C
p/VAUNHeUgDp3CUp4eEXMHruGberatl8v/1FnXMbX7yYTl11hw3tUPbo4noR176C
mYedlU0bU1L+fUHTCurykDCK19y3pysMNWuk4L8hfMn07aeJ+LNnofnHIwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOhcj3yaQVmWJxugW/+P9TjkawLeMB8GA1UdIwQY
MBaAFDRP2tEO5VsygqZCRqQdxhqJItJdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkVfYTBRN2xXektDcGtKR3BCM0dHb2tpMGwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS8wNjc2MzAtMzA2ZS00YzM3LThiY2Mt
NGYwMjFjNzNlZjc0LzEvNkZ5UGZKcEJXWlluRzZCYl80XzFPT1JyQXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS8wNjc2MzAtMzA2ZS00YzM3LThiY2MtNGYwMjFjNzNlZjc0
LzEvTkVfYTBRN2xXektDcGtKR3BCM0dHb2tpMGwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAS5ujAD
BAC5ujIwDQYJKoZIhvcNAQELBQADggEBAC/bPQABOkl4O2KSdCHk3WMDM91e8+CA
qRW98wsIb2X71v8Yq3HGx7HCQsFf0PzeVUO7yJxo0U045R0//LgIqteMZK2pSfvk
8UpcScGaUPS6XFNqLAroY/nwKfjbhovRyeEiePpY2i9d5FNBormNmw8g+7wYk/hG
Kru3SIMeXeSHcncv6jdHbdpRnOviIAg/xQ69STu8ypLPHEjfHmSsasBzN8ij8n9/
SY/urk7o+baZw+eeKLxK+Xxt640NoCFb+x9fibYwQSWWc/rMh/UUT50t0zVUVk06
ZJa7CvdebzB4caLl2kO/WXStZEztVmaKK4Ju4im8+ZydoWFlSsr+rIk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:12 2024 by rpki-client on console-ams.rpki-client.org