Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/81b2c7-f454-4119-894a-7a06ff002517/1/6k9GNTODpqYRqNs6FYPo-1gU98M.roa
File:                     6k9GNTODpqYRqNs6FYPo-1gU98M.roa (raw, json)
Hash identifier:          LCu/h9Z+mC+t6hba2wkqn1SVrM0YQ/grapA6Am4OwQ0=
Subject key identifier:   EA:4F:46:35:33:83:A6:A6:11:A8:DB:3A:15:83:E8:FB:58:14:F7:C3
Certificate issuer:       /CN=11660f0a05fc4cf7332230852d9d78bd7ac2f24b
Certificate serial:       01856C53C03BFD01AB7C808FA48E495F6767
Authority key identifier: 11:66:0F:0A:05:FC:4C:F7:33:22:30:85:2D:9D:78:BD:7A:C2:F2:4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EWYPCgX8TPczIjCFLZ14vXrC8ks.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/81b2c7-f454-4119-894a-7a06ff002517/1/6k9GNTODpqYRqNs6FYPo-1gU98M.roa
Signing time:             Sun 01 Jan 2023 07:55:06 +0000
ROA not before:           Sun 01 Jan 2023 07:55:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211713
IP address blocks:        185.93.24.0/22 maxlen: 24
                          2a03:8e20::/32 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:53:c0:3b:fd:01:ab:7c:80:8f:a4:8e:49:5f:67:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11660f0a05fc4cf7332230852d9d78bd7ac2f24b
        Validity
            Not Before: Jan  1 07:55:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ea4f46353383a6a611a8db3a1583e8fb5814f7c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:1a:34:b4:23:a1:cb:f7:b4:3e:1c:b2:3b:0a:
                    6b:29:da:f5:5a:e6:2e:a0:89:a5:1b:12:28:d1:82:
                    d1:e8:84:e2:2f:1b:42:04:20:f5:5a:c6:83:0b:44:
                    dc:95:6e:d5:b9:e1:71:5f:b8:9a:79:7f:42:2f:f9:
                    03:0c:d7:50:e5:1a:41:04:3c:cc:39:4a:02:9f:c3:
                    e8:fa:9d:94:05:97:b2:6c:cc:ac:fe:d4:49:92:34:
                    73:a2:49:30:a7:9f:b7:1e:07:6f:50:ce:a3:32:05:
                    5a:6b:8f:b1:ec:59:3b:67:32:ab:8c:c2:f6:c2:15:
                    1b:5c:7f:52:86:20:a3:ae:0d:57:a4:ad:36:30:0f:
                    92:94:7f:5f:a8:0b:30:42:34:e8:90:f4:d5:9b:3e:
                    b3:e6:e2:a9:3e:6f:d6:bd:ac:a3:0c:a6:16:86:df:
                    92:f8:67:6d:38:cd:a9:53:94:87:fa:08:e0:0b:80:
                    cb:29:d3:0a:d9:d2:76:cc:2f:df:3e:c5:d9:fc:4e:
                    00:91:6b:78:8b:d7:91:1a:3c:9d:05:92:b9:be:71:
                    ad:17:27:19:23:10:e5:ed:f4:78:2f:bd:62:2a:37:
                    39:a9:16:a7:10:ab:2e:ff:a9:da:c1:31:67:8e:de:
                    29:3d:85:fc:7b:76:19:12:26:69:f2:57:1a:21:85:
                    79:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:4F:46:35:33:83:A6:A6:11:A8:DB:3A:15:83:E8:FB:58:14:F7:C3
            X509v3 Authority Key Identifier:
                keyid:11:66:0F:0A:05:FC:4C:F7:33:22:30:85:2D:9D:78:BD:7A:C2:F2:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EWYPCgX8TPczIjCFLZ14vXrC8ks.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/81b2c7-f454-4119-894a-7a06ff002517/1/6k9GNTODpqYRqNs6FYPo-1gU98M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/81b2c7-f454-4119-894a-7a06ff002517/1/EWYPCgX8TPczIjCFLZ14vXrC8ks.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.93.24.0/22
                IPv6:
                  2a03:8e20::/32

    Signature Algorithm: sha256WithRSAEncryption
         98:73:f2:ed:3f:a1:2d:56:e5:5b:03:2f:7e:8a:71:f7:dc:15:
         a3:ec:39:47:ee:c7:07:dc:5a:9d:fc:e5:57:83:7e:8f:68:5a:
         db:02:fa:95:7d:44:34:19:c0:30:18:cb:b9:77:11:8a:12:42:
         0c:fe:47:ce:be:e5:8b:00:5e:e9:7e:84:33:ef:59:f7:72:11:
         d6:71:cb:3e:27:50:db:22:4d:08:f9:7a:eb:6a:86:52:aa:d6:
         f0:1c:18:db:e9:e0:f8:5a:0d:79:46:0d:cc:08:a9:40:d5:cd:
         25:d5:87:f3:a9:f3:91:bc:65:e1:be:96:f2:40:fd:d5:44:18:
         34:45:38:fb:69:64:3a:0b:39:5a:a1:85:9c:32:d0:21:ed:cc:
         e9:4c:2f:8a:19:bc:0e:4d:4c:b1:2a:ee:c3:f1:87:3e:0d:37:
         e2:55:64:ca:1e:4e:53:a2:83:ce:24:f4:15:8e:a3:24:c6:a1:
         a5:41:49:f9:71:73:06:44:ef:93:fb:7a:29:14:a7:b0:8a:82:
         66:02:35:22:a0:bc:74:49:3e:fa:8a:ce:64:42:2b:4a:be:ce:
         98:1b:25:a4:4d:07:a6:7a:3e:d9:4c:7d:1f:87:54:74:1f:7e:
         0a:c6:e3:3f:ea:45:d1:23:66:ea:be:94:cd:4c:c2:ac:70:77:
         96:ed:70:c4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsU8A7/QGrfICPpI5JX2dnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExNjYwZjBhMDVmYzRjZjczMzIyMzA4NTJkOWQ3OGJkN2Fj
MmYyNGIwHhcNMjMwMTAxMDc1NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTRmNDYzNTMzODNhNmE2MTFhOGRiM2ExNTgzZThmYjU4MTRmN2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoho0tCOhy/e0PhyyOwprKdr1WuYu
oImlGxIo0YLR6ITiLxtCBCD1WsaDC0TclW7VueFxX7iaeX9CL/kDDNdQ5RpBBDzM
OUoCn8Po+p2UBZeybMys/tRJkjRzokkwp5+3HgdvUM6jMgVaa4+x7Fk7ZzKrjML2
whUbXH9ShiCjrg1XpK02MA+SlH9fqAswQjTokPTVmz6z5uKpPm/WvayjDKYWht+S
+GdtOM2pU5SH+gjgC4DLKdMK2dJ2zC/fPsXZ/E4AkWt4i9eRGjydBZK5vnGtFycZ
IxDl7fR4L71iKjc5qRanEKsu/6nawTFnjt4pPYX8e3YZEiZp8lcaIYV5/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOpPRjUzg6amEajbOhWD6PtYFPfDMB8GA1UdIwQY
MBaAFBFmDwoF/Ez3MyIwhS2deL16wvJLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVdZUENnWDhUUGN6SWpDRkxaMTR2WHJDOGtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS84MWIyYzctZjQ1NC00MTE5LTg5NGEt
N2EwNmZmMDAyNTE3LzEvNms5R05UT0RwcVlScU5zNkZZUG8tMWdVOThNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS84MWIyYzctZjQ1NC00MTE5LTg5NGEtN2EwNmZmMDAyNTE3
LzEvRVdZUENnWDhUUGN6SWpDRkxaMTR2WHJDOGtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuV0YMA0E
AgACMAcDBQAqA44gMA0GCSqGSIb3DQEBCwUAA4IBAQCYc/LtP6EtVuVbAy9+inH3
3BWj7DlH7scH3Fqd/OVXg36PaFrbAvqVfUQ0GcAwGMu5dxGKEkIM/kfOvuWLAF7p
foQz71n3chHWccs+J1DbIk0I+XrraoZSqtbwHBjb6eD4Wg15Rg3MCKlA1c0l1Yfz
qfORvGXhvpbyQP3VRBg0RTj7aWQ6CzlaoYWcMtAh7czpTC+KGbwOTUyxKu7D8Yc+
DTfiVWTKHk5TooPOJPQVjqMkxqGlQUn5cXMGRO+T+3opFKewioJmAjUioLx0ST76
is5kQitKvs6YGyWkTQemej7ZTH0fh1R0H34KxuM/6kXRI2bqvpTNTMKscHeW7XDE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:22 2024 by rpki-client on console-ams.rpki-client.org