Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66214b-01df-4b01-ba76-f4cbd6ba6c0f/1/7TdVvGr0BuQ_aCVyMOpQP-TrTPQ.roa
File:                     7TdVvGr0BuQ_aCVyMOpQP-TrTPQ.roa (raw, json)
Hash identifier:          Gtfhyl4YcND0Fof5jKQvymhmG/B9NTillFW59fecZPo=
Subject key identifier:   ED:37:55:BC:6A:F4:06:E4:3F:68:25:72:30:EA:50:3F:E4:EB:4C:F4
Certificate issuer:       /CN=61e565562d3e3f565e9c0a41946ea53d45d5d657
Certificate serial:       01856CF8591047999EC52D3F03AA1DDA033C
Authority key identifier: 61:E5:65:56:2D:3E:3F:56:5E:9C:0A:41:94:6E:A5:3D:45:D5:D6:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YeVlVi0-P1ZenApBlG6lPUXV1lc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/66214b-01df-4b01-ba76-f4cbd6ba6c0f/1/7TdVvGr0BuQ_aCVyMOpQP-TrTPQ.roa
Signing time:             Sun 01 Jan 2023 10:54:53 +0000
ROA not before:           Sun 01 Jan 2023 10:54:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211186
IP address blocks:        185.14.96.0/24 maxlen: 24
                          2a0c:2580::/36 maxlen: 36
                          2a0c:2580:1000::/36 maxlen: 36
                          2a0c:2580::/30 maxlen: 30

Validation:               Failed, certificate revoked on Sat 29 Apr 2023 17:40:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:f8:59:10:47:99:9e:c5:2d:3f:03:aa:1d:da:03:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61e565562d3e3f565e9c0a41946ea53d45d5d657
        Validity
            Not Before: Jan  1 10:54:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ed3755bc6af406e43f68257230ea503fe4eb4cf4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:b8:0f:30:9f:6a:62:34:67:c5:05:0e:e0:b8:
                    20:b2:6f:bd:38:7c:f5:cc:78:81:fb:ad:58:d7:c2:
                    20:6d:69:ae:20:13:c9:6d:41:eb:dd:f5:20:f8:01:
                    f7:05:91:35:09:ec:59:9a:ee:c6:e6:67:d7:0e:b9:
                    42:9d:6b:98:27:c8:64:d6:22:58:89:39:5a:61:c1:
                    66:5a:c2:c6:28:6d:b1:6c:85:c8:a2:09:64:6b:41:
                    01:b5:5b:19:6b:45:31:83:23:b7:02:6d:4d:93:ae:
                    12:b3:45:ec:cd:88:92:32:cc:fd:1a:86:e9:a1:75:
                    58:42:74:ec:6d:b3:9e:54:51:1d:95:5c:0f:4c:c9:
                    4a:80:6e:28:c9:52:f2:1f:41:86:fb:19:24:1e:40:
                    15:db:d8:38:29:ee:de:90:41:2e:77:55:60:22:61:
                    39:e9:e7:3f:77:bc:19:ff:90:c6:02:f0:f8:dc:06:
                    08:f8:44:06:01:30:e3:8d:c0:56:f8:f3:0b:5b:aa:
                    0e:7d:05:24:1c:93:0a:da:eb:92:0b:1d:97:3a:72:
                    f2:9b:35:3f:8e:5c:2f:d3:eb:ff:44:0f:ed:90:cd:
                    1a:61:5e:25:e5:72:0d:d1:c3:a4:48:f7:a8:22:8d:
                    30:c9:a2:2c:29:fd:a2:2d:6b:74:33:6d:cb:da:32:
                    ce:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:37:55:BC:6A:F4:06:E4:3F:68:25:72:30:EA:50:3F:E4:EB:4C:F4
            X509v3 Authority Key Identifier:
                keyid:61:E5:65:56:2D:3E:3F:56:5E:9C:0A:41:94:6E:A5:3D:45:D5:D6:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YeVlVi0-P1ZenApBlG6lPUXV1lc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66214b-01df-4b01-ba76-f4cbd6ba6c0f/1/7TdVvGr0BuQ_aCVyMOpQP-TrTPQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66214b-01df-4b01-ba76-f4cbd6ba6c0f/1/YeVlVi0-P1ZenApBlG6lPUXV1lc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.14.96.0/24
                IPv6:
                  2a0c:2580::/30

    Signature Algorithm: sha256WithRSAEncryption
         3f:fe:b2:b2:ca:c7:69:9e:3f:e8:70:d7:17:9a:ac:e8:f2:33:
         0f:0d:a2:b1:5d:92:4c:79:19:bf:c8:f5:f0:2b:9a:20:21:5d:
         ef:ba:53:74:0b:ae:e5:26:a9:b8:9f:b7:32:ac:fb:c5:8d:2f:
         c1:7f:5e:7b:26:68:32:2c:e6:75:50:6a:07:f0:8c:5e:dd:0f:
         b7:dc:9b:3f:0b:d5:b0:c8:47:d4:22:d8:a8:4d:8e:f6:5d:d6:
         ef:24:02:00:c3:19:c5:08:6d:46:00:0c:9c:8e:bf:3f:95:3d:
         10:b6:89:27:ec:b3:21:06:68:03:1f:0c:3c:62:a6:5d:90:0d:
         a8:05:1b:b9:3b:55:dc:92:8b:93:33:83:86:3d:97:53:13:2b:
         a5:19:6b:e1:0f:f3:90:37:63:ec:5b:b9:c9:e5:5d:3a:b6:4c:
         9f:62:09:98:7c:3e:39:6b:47:b4:bd:bf:35:3f:5a:68:95:86:
         4b:f2:52:e3:8c:db:6f:8a:72:09:ff:51:03:cb:3b:1f:b1:70:
         9a:fd:70:8b:49:49:5a:05:52:da:20:9e:2a:4c:ca:1c:48:fb:
         d7:da:a7:9c:4a:36:02:c2:0f:1f:48:ff:4f:81:7b:0b:04:17:
         10:18:b8:95:46:c2:3d:0f:67:8f:fe:fe:88:b7:50:4b:09:4a:
         01:98:af:7d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVs+FkQR5mexS0/A6od2gM8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxZTU2NTU2MmQzZTNmNTY1ZTljMGE0MTk0NmVhNTNkNDVk
NWQ2NTcwHhcNMjMwMTAxMTA1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDM3NTViYzZhZjQwNmU0M2Y2ODI1NzIzMGVhNTAzZmU0ZWI0Y2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrgPMJ9qYjRnxQUO4Lggsm+9OHz1
zHiB+61Y18IgbWmuIBPJbUHr3fUg+AH3BZE1CexZmu7G5mfXDrlCnWuYJ8hk1iJY
iTlaYcFmWsLGKG2xbIXIoglka0EBtVsZa0UxgyO3Am1Nk64Ss0XszYiSMsz9Gobp
oXVYQnTsbbOeVFEdlVwPTMlKgG4oyVLyH0GG+xkkHkAV29g4Ke7ekEEud1VgImE5
6ec/d7wZ/5DGAvD43AYI+EQGATDjjcBW+PMLW6oOfQUkHJMK2uuSCx2XOnLymzU/
jlwv0+v/RA/tkM0aYV4l5XIN0cOkSPeoIo0wyaIsKf2iLWt0M23L2jLObQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO03Vbxq9AbkP2glcjDqUD/k60z0MB8GA1UdIwQY
MBaAFGHlZVYtPj9WXpwKQZRupT1F1dZXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWVWbFZpMC1QMVplbkFwQmxHNmxQVVhWMWxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NjIxNGItMDFkZi00YjAxLWJhNzYt
ZjRjYmQ2YmE2YzBmLzEvN1RkVnZHcjBCdVFfYUNWeU1PcFFQLVRyVFBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NjIxNGItMDFkZi00YjAxLWJhNzYtZjRjYmQ2YmE2YzBm
LzEvWWVWbFZpMC1QMVplbkFwQmxHNmxQVVhWMWxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuQ5gMA0E
AgACMAcDBQIqDCWAMA0GCSqGSIb3DQEBCwUAA4IBAQA//rKyysdpnj/ocNcXmqzo
8jMPDaKxXZJMeRm/yPXwK5ogIV3vulN0C67lJqm4n7cyrPvFjS/Bf157JmgyLOZ1
UGoH8Ixe3Q+33Js/C9WwyEfUItioTY72XdbvJAIAwxnFCG1GAAycjr8/lT0Qtokn
7LMhBmgDHww8YqZdkA2oBRu5O1XckouTM4OGPZdTEyulGWvhD/OQN2PsW7nJ5V06
tkyfYgmYfD45a0e0vb81P1polYZL8lLjjNtvinIJ/1EDyzsfsXCa/XCLSUlaBVLa
IJ4qTMocSPvX2qecSjYCwg8fSP9PgXsLBBcQGLiVRsI9D2eP/v6It1BLCUoBmK99
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:46 2024 by rpki-client on console-ams.rpki-client.org