Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/0ba7e2-63a2-4c41-86b5-a370f4ba2d2b/1/PWszRe2BK-F45ReKLuokaeKnYyM.roa
File:                     PWszRe2BK-F45ReKLuokaeKnYyM.roa (raw, json)
Hash identifier:          HPy6LYN0AJcWS3bsCfF08W4ls6uUVimYWvUF0vx1NYc=
Subject key identifier:   3D:6B:33:45:ED:81:2B:E1:78:E5:17:8A:2E:EA:24:69:E2:A7:63:23
Certificate issuer:       /CN=6ecb3fb3bea8cc8e36e3da7d9c47049bfc6ffb14
Certificate serial:       01856F26E03A4617CA02FF84EFADFCAF868F
Authority key identifier: 6E:CB:3F:B3:BE:A8:CC:8E:36:E3:DA:7D:9C:47:04:9B:FC:6F:FB:14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bss_s76ozI4249p9nEcEm_xv-xQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/0ba7e2-63a2-4c41-86b5-a370f4ba2d2b/1/PWszRe2BK-F45ReKLuokaeKnYyM.roa
Signing time:             Sun 01 Jan 2023 21:04:56 +0000
ROA not before:           Sun 01 Jan 2023 21:04:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201533
IP address blocks:        185.71.232.0/22 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:26:e0:3a:46:17:ca:02:ff:84:ef:ad:fc:af:86:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ecb3fb3bea8cc8e36e3da7d9c47049bfc6ffb14
        Validity
            Not Before: Jan  1 21:04:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3d6b3345ed812be178e5178a2eea2469e2a76323
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:d1:47:d4:81:24:12:6a:b7:48:5b:e8:11:3a:
                    e8:cd:2c:4a:34:0a:ed:18:d3:cd:59:51:54:c4:3f:
                    89:de:c8:7e:a9:39:52:40:db:d8:07:88:23:d2:36:
                    00:84:09:18:a7:75:50:e2:4f:77:0e:b2:80:12:b0:
                    66:75:62:88:29:14:b8:26:30:b7:fe:46:33:8a:49:
                    08:48:71:85:05:29:3a:ec:f2:2b:f2:26:2e:33:2e:
                    89:5e:61:07:e8:ad:3c:cb:e3:6d:f6:cc:76:5b:7b:
                    fe:29:5b:31:0f:72:b4:83:f9:2c:e9:6b:74:a8:9f:
                    ac:ee:df:1f:0e:7a:c3:54:b6:d8:36:35:7a:f3:bb:
                    7b:81:98:37:b7:dd:ef:79:5a:86:b1:15:78:f7:81:
                    87:15:cd:30:4f:df:58:ef:df:b4:32:f1:03:7c:b3:
                    6f:bc:28:87:27:d5:b4:4b:ed:6a:c6:92:fc:34:1f:
                    82:c8:20:d9:4f:8d:7d:c9:80:d1:54:f8:fb:8b:7a:
                    a7:d4:eb:de:a9:aa:96:96:ed:cc:5e:0c:88:de:1d:
                    25:a4:bf:84:4e:93:ad:43:27:7e:b4:f7:da:08:80:
                    9f:a3:08:fb:47:66:7b:cc:a4:3a:c3:a4:ef:bc:ad:
                    0b:6b:e4:3e:3f:c7:46:eb:4e:bb:0b:3a:14:6d:2f:
                    41:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:6B:33:45:ED:81:2B:E1:78:E5:17:8A:2E:EA:24:69:E2:A7:63:23
            X509v3 Authority Key Identifier:
                keyid:6E:CB:3F:B3:BE:A8:CC:8E:36:E3:DA:7D:9C:47:04:9B:FC:6F:FB:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bss_s76ozI4249p9nEcEm_xv-xQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/0ba7e2-63a2-4c41-86b5-a370f4ba2d2b/1/PWszRe2BK-F45ReKLuokaeKnYyM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/0ba7e2-63a2-4c41-86b5-a370f4ba2d2b/1/bss_s76ozI4249p9nEcEm_xv-xQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.71.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2a:d7:15:5c:8a:41:f4:4e:f3:bd:ea:3a:47:e7:a7:0c:81:0c:
         61:e7:a4:21:83:29:e3:b6:c0:14:c4:aa:90:3a:e0:a4:25:ce:
         06:b3:6c:df:2f:37:56:c3:b2:c3:3f:48:db:31:06:f5:f6:c3:
         bf:87:82:1b:c8:68:13:3e:42:bd:d6:35:97:5a:58:4d:59:ea:
         9d:42:9d:5e:5f:1d:73:35:2a:be:06:d8:b0:f3:47:7a:82:c4:
         11:e0:46:3b:e3:0c:42:92:04:97:e4:d1:77:e0:06:57:6f:44:
         5e:79:21:7b:29:68:94:09:f5:62:5b:a2:b1:c3:61:75:a5:96:
         1d:50:bd:74:19:89:d8:a5:42:df:40:68:61:a2:e1:66:29:b5:
         cc:1b:a0:20:ce:f5:29:2c:71:1c:69:96:c1:9b:82:61:a7:53:
         cf:5c:38:15:9b:58:52:54:53:f4:fe:7d:de:9c:bc:e7:3d:e6:
         70:f8:bf:28:cd:8b:8c:3b:f1:1d:6c:c3:d1:83:8c:ad:1c:11:
         7a:2a:03:0b:2a:76:29:29:5c:70:ca:8e:ec:d5:27:eb:af:a9:
         3e:88:4d:8f:97:29:a2:f6:8f:19:f4:ee:18:74:2a:42:48:a2:
         87:f3:5f:30:f0:f6:3c:03:ae:31:4f:09:73:8c:20:0f:ed:79:
         2a:c2:76:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvJuA6RhfKAv+E7638r4aPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlY2IzZmIzYmVhOGNjOGUzNmUzZGE3ZDljNDcwNDliZmM2
ZmZiMTQwHhcNMjMwMTAxMjEwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDZiMzM0NWVkODEyYmUxNzhlNTE3OGEyZWVhMjQ2OWUyYTc2MzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdFH1IEkEmq3SFvoETrozSxKNArt
GNPNWVFUxD+J3sh+qTlSQNvYB4gj0jYAhAkYp3VQ4k93DrKAErBmdWKIKRS4JjC3
/kYzikkISHGFBSk67PIr8iYuMy6JXmEH6K08y+Nt9sx2W3v+KVsxD3K0g/ks6Wt0
qJ+s7t8fDnrDVLbYNjV687t7gZg3t93veVqGsRV494GHFc0wT99Y79+0MvEDfLNv
vCiHJ9W0S+1qxpL8NB+CyCDZT419yYDRVPj7i3qn1OveqaqWlu3MXgyI3h0lpL+E
TpOtQyd+tPfaCICfowj7R2Z7zKQ6w6TvvK0La+Q+P8dG6067CzoUbS9BdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD1rM0XtgSvheOUXii7qJGnip2MjMB8GA1UdIwQY
MBaAFG7LP7O+qMyONuPafZxHBJv8b/sUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnNzX3M3Nm96STQyNDlwOW5FY0VtX3h2LXhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8wYmE3ZTItNjNhMi00YzQxLTg2YjUt
YTM3MGY0YmEyZDJiLzEvUFdzelJlMkJLLUY0NVJlS0x1b2thZUtuWXlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8wYmE3ZTItNjNhMi00YzQxLTg2YjUtYTM3MGY0YmEyZDJi
LzEvYnNzX3M3Nm96STQyNDlwOW5FY0VtX3h2LXhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUfoMA0G
CSqGSIb3DQEBCwUAA4IBAQAq1xVcikH0TvO96jpH56cMgQxh56QhgynjtsAUxKqQ
OuCkJc4Gs2zfLzdWw7LDP0jbMQb19sO/h4IbyGgTPkK91jWXWlhNWeqdQp1eXx1z
NSq+Btiw80d6gsQR4EY74wxCkgSX5NF34AZXb0ReeSF7KWiUCfViW6Kxw2F1pZYd
UL10GYnYpULfQGhhouFmKbXMG6AgzvUpLHEcaZbBm4Jhp1PPXDgVm1hSVFP0/n3e
nLznPeZw+L8ozYuMO/EdbMPRg4ytHBF6KgMLKnYpKVxwyo7s1Sfrr6k+iE2Plymi
9o8Z9O4YdCpCSKKH818w8PY8A64xTwlzjCAP7XkqwnbY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:18 2024 by rpki-client on console-ams.rpki-client.org