Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/7b7bd6-b538-4960-8559-dd49ecc26095/1/StVsmutQ5RsgRM9jGF6EpeBNZBs.roa
File:                     StVsmutQ5RsgRM9jGF6EpeBNZBs.roa (raw, json)
Hash identifier:          9scT85RYGg6l+4nK78BTK5xYWdMclRk0tvPPgOJNetA=
Subject key identifier:   4A:D5:6C:9A:EB:50:E5:1B:20:44:CF:63:18:5E:84:A5:E0:4D:64:1B
Certificate issuer:       /CN=ca1df2bbccc02e4e7f464d69faaf3d6c3723495e
Certificate serial:       0185710C17451A6515DAA1332A224F487082
Authority key identifier: CA:1D:F2:BB:CC:C0:2E:4E:7F:46:4D:69:FA:AF:3D:6C:37:23:49:5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yh3yu8zALk5_Rk1p-q89bDcjSV4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/7b7bd6-b538-4960-8559-dd49ecc26095/1/StVsmutQ5RsgRM9jGF6EpeBNZBs.roa
Signing time:             Mon 02 Jan 2023 05:54:55 +0000
ROA not before:           Mon 02 Jan 2023 05:54:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206912
IP address blocks:        185.166.64.0/22 maxlen: 22
                          185.170.232.0/22 maxlen: 22
                          185.105.172.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0c:17:45:1a:65:15:da:a1:33:2a:22:4f:48:70:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca1df2bbccc02e4e7f464d69faaf3d6c3723495e
        Validity
            Not Before: Jan  2 05:54:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4ad56c9aeb50e51b2044cf63185e84a5e04d641b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:85:0d:8d:46:ce:9a:c8:33:7f:9b:8c:28:d5:
                    db:b3:a4:be:d9:53:af:ee:3e:c9:a1:19:93:de:e2:
                    7b:d3:8b:ae:3e:5f:c4:68:e7:e9:fc:ba:0e:72:d8:
                    ce:af:da:f6:e8:12:c8:31:9e:b7:62:09:db:ce:33:
                    28:d5:e5:f5:07:44:60:ad:8a:28:91:11:d1:f1:aa:
                    1b:35:0a:8a:2c:ad:47:91:ed:66:0b:0b:2d:31:fe:
                    34:fd:9f:5d:f8:48:55:6e:09:df:a8:45:32:c9:79:
                    9b:66:fd:57:93:4a:f2:02:d9:05:3c:ea:0f:8f:4a:
                    55:13:77:8a:f0:43:03:19:d3:81:ef:7e:9b:c7:ff:
                    6d:03:4b:c9:d9:9b:b7:47:7e:88:f9:88:e8:80:ae:
                    92:2f:e9:73:f7:85:30:b8:04:ae:f9:d6:65:6f:a8:
                    7b:93:2e:cc:0c:d3:32:dd:2d:23:7f:42:1b:d2:c4:
                    46:47:38:1b:cb:f3:80:92:7b:65:65:40:a9:41:f7:
                    e8:57:f4:57:93:d5:5a:60:50:b8:ae:95:5a:40:8a:
                    92:bf:8c:1f:a7:13:eb:fc:3d:fc:e9:a9:90:15:1a:
                    60:d5:71:c2:17:81:1f:ea:df:d5:cd:88:bd:be:d3:
                    13:f6:11:16:7e:d8:b8:3c:b4:60:62:6a:f1:39:4d:
                    ca:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:D5:6C:9A:EB:50:E5:1B:20:44:CF:63:18:5E:84:A5:E0:4D:64:1B
            X509v3 Authority Key Identifier:
                keyid:CA:1D:F2:BB:CC:C0:2E:4E:7F:46:4D:69:FA:AF:3D:6C:37:23:49:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yh3yu8zALk5_Rk1p-q89bDcjSV4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/7b7bd6-b538-4960-8559-dd49ecc26095/1/StVsmutQ5RsgRM9jGF6EpeBNZBs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/7b7bd6-b538-4960-8559-dd49ecc26095/1/yh3yu8zALk5_Rk1p-q89bDcjSV4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.105.172.0/22
                  185.166.64.0/22
                  185.170.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         69:9e:ed:6f:7a:a0:5d:e5:93:6d:be:c3:a4:a2:8b:f0:76:51:
         f0:fa:39:12:cd:40:11:d7:67:d8:a9:e6:d6:8c:e9:cb:76:7f:
         5e:b9:b9:15:04:e9:32:7f:5d:f8:b9:2b:84:f3:a2:11:a8:44:
         33:5d:9a:b6:ad:23:f4:4a:f8:6f:5b:08:a2:f2:1b:d1:01:f0:
         20:79:49:c9:0f:00:fa:c1:78:9a:69:42:0a:87:5c:1e:e2:87:
         f2:a8:04:65:ab:3b:ba:e6:a8:00:96:23:94:47:78:6c:f2:cb:
         bd:f3:f1:ed:47:1b:80:43:dc:5b:74:d8:63:c4:17:d3:ac:d3:
         5d:e6:f5:98:68:99:d7:f9:86:b4:e2:d7:e3:fd:98:6f:59:83:
         50:b9:2a:fb:21:6d:3d:c5:53:db:ae:a2:81:a7:c0:7b:06:0f:
         37:76:36:14:d2:9b:c8:8b:d1:61:35:1a:20:fd:00:44:f5:cc:
         cd:db:b1:a1:77:cb:52:71:88:72:10:ad:1a:66:e8:25:1e:95:
         58:83:30:a5:ec:6e:df:74:e2:0c:5a:37:0a:58:41:e5:40:ed:
         18:fe:8c:ed:b7:90:0a:42:90:7b:c4:e0:97:7e:63:4d:65:20:
         60:b6:3c:8a:1e:45:e8:91:ab:ab:c8:13:23:18:57:03:6c:25:
         6d:5e:2a:f9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxDBdFGmUV2qEzKiJPSHCCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWRmMmJiY2NjMDJlNGU3ZjQ2NGQ2OWZhYWYzZDZjMzcy
MzQ5NWUwHhcNMjMwMTAyMDU1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWQ1NmM5YWViNTBlNTFiMjA0NGNmNjMxODVlODRhNWUwNGQ2NDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIUNjUbOmsgzf5uMKNXbs6S+2VOv
7j7JoRmT3uJ704uuPl/EaOfp/LoOctjOr9r26BLIMZ63YgnbzjMo1eX1B0RgrYoo
kRHR8aobNQqKLK1Hke1mCwstMf40/Z9d+EhVbgnfqEUyyXmbZv1Xk0ryAtkFPOoP
j0pVE3eK8EMDGdOB736bx/9tA0vJ2Zu3R36I+YjogK6SL+lz94UwuASu+dZlb6h7
ky7MDNMy3S0jf0Ib0sRGRzgby/OAkntlZUCpQffoV/RXk9VaYFC4rpVaQIqSv4wf
pxPr/D386amQFRpg1XHCF4Ef6t/VzYi9vtMT9hEWfti4PLRgYmrxOU3KaQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFErVbJrrUOUbIETPYxhehKXgTWQbMB8GA1UdIwQY
MBaAFMod8rvMwC5Of0ZNafqvPWw3I0leMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWgzeXU4ekFMazVfUmsxcC1xODliRGNqU1Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni83YjdiZDYtYjUzOC00OTYwLTg1NTkt
ZGQ0OWVjYzI2MDk1LzEvU3RWc211dFE1UnNnUk05akdGNkVwZUJOWkJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni83YjdiZDYtYjUzOC00OTYwLTg1NTktZGQ0OWVjYzI2MDk1
LzEveWgzeXU4ekFMazVfUmsxcC1xODliRGNqU1Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuWmsAwQC
uaZAAwQCuaroMA0GCSqGSIb3DQEBCwUAA4IBAQBpnu1veqBd5ZNtvsOkoovwdlHw
+jkSzUAR12fYqebWjOnLdn9eubkVBOkyf134uSuE86IRqEQzXZq2rSP0SvhvWwii
8hvRAfAgeUnJDwD6wXiaaUIKh1we4ofyqARlqzu65qgAliOUR3hs8su98/HtRxuA
Q9xbdNhjxBfTrNNd5vWYaJnX+Ya04tfj/ZhvWYNQuSr7IW09xVPbrqKBp8B7Bg83
djYU0pvIi9FhNRog/QBE9czN27Ghd8tScYhyEK0aZuglHpVYgzCl7G7fdOIMWjcK
WEHlQO0Y/oztt5AKQpB7xOCXfmNNZSBgtjyKHkXokauryBMjGFcDbCVtXir5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:21 2024 by rpki-client on console-fra.rpki-client.org