Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/6ccab3-479b-4da8-ae98-2cb6e3fdf9cd/1/2w6rw7_3k6HZYJl8b3UMS6HpuVo.roa
File:                     2w6rw7_3k6HZYJl8b3UMS6HpuVo.roa (raw, json)
Hash identifier:          78JhoGkkRt4aM1lspgEntpcZvEUN8mA7hnkdo7usde4=
Subject key identifier:   DB:0E:AB:C3:BF:F7:93:A1:D9:60:99:7C:6F:75:0C:4B:A1:E9:B9:5A
Certificate issuer:       /CN=3ec9fb0d13552aad04f3aaaeb58d4dd4e7cf40f0
Certificate serial:       01856F428DF89633C4A0CE95B1491B435F29
Authority key identifier: 3E:C9:FB:0D:13:55:2A:AD:04:F3:AA:AE:B5:8D:4D:D4:E7:CF:40:F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Psn7DRNVKq0E86qutY1N1OfPQPA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/6ccab3-479b-4da8-ae98-2cb6e3fdf9cd/1/2w6rw7_3k6HZYJl8b3UMS6HpuVo.roa
Signing time:             Sun 01 Jan 2023 21:35:10 +0000
ROA not before:           Sun 01 Jan 2023 21:35:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62166
IP address blocks:        185.83.172.0/22 maxlen: 22
                          185.83.172.0/23 maxlen: 23
                          185.83.174.0/23 maxlen: 23
                          193.58.36.0/23 maxlen: 23
                          193.58.36.0/22 maxlen: 22
                          193.58.38.0/23 maxlen: 23
                          2a05:9d40::/29 maxlen: 29

Validation:               Failed, certificate revoked on Sun 12 Nov 2023 13:35:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:8d:f8:96:33:c4:a0:ce:95:b1:49:1b:43:5f:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ec9fb0d13552aad04f3aaaeb58d4dd4e7cf40f0
        Validity
            Not Before: Jan  1 21:35:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=db0eabc3bff793a1d960997c6f750c4ba1e9b95a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:a7:41:fb:d4:8e:7f:f0:3f:d5:ea:17:1f:85:
                    94:a5:90:6f:c1:21:54:4b:d7:67:ed:7d:02:ab:42:
                    6a:92:8d:6f:bf:6f:9f:b4:f2:49:7d:9e:a4:6f:79:
                    58:6e:63:23:06:4b:7c:4f:d0:8d:cc:0f:5c:73:0f:
                    eb:1a:19:e9:f0:83:23:4e:d3:fa:2f:77:41:37:84:
                    6b:c8:13:2f:0e:fd:6b:f6:7f:36:a6:d1:47:77:53:
                    f8:bb:e9:97:b1:c8:73:08:34:3e:46:f2:b3:8b:06:
                    da:97:2c:4c:ba:6b:a3:96:27:89:2a:62:52:c6:f7:
                    e5:28:03:ab:17:cf:fe:09:bc:14:73:02:d1:c5:f4:
                    f4:91:6e:3a:26:4a:ee:cf:fd:54:fc:39:19:01:42:
                    b1:a8:10:2b:d5:62:74:ce:b2:ce:79:28:c0:9b:90:
                    c3:83:1f:e0:0d:14:9b:4f:51:a5:44:48:3b:9b:91:
                    29:44:2a:6f:da:96:01:e0:5a:dd:b3:28:e7:b9:0a:
                    37:ff:83:5b:58:bf:04:96:b6:c5:b7:ec:37:52:d8:
                    51:14:de:71:e9:18:f3:58:68:2d:f3:ba:46:27:f7:
                    6e:5a:b9:28:72:76:b7:ba:9d:22:06:cb:ad:da:35:
                    68:05:5a:75:d6:50:29:67:35:d5:18:12:29:11:b0:
                    23:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:0E:AB:C3:BF:F7:93:A1:D9:60:99:7C:6F:75:0C:4B:A1:E9:B9:5A
            X509v3 Authority Key Identifier:
                keyid:3E:C9:FB:0D:13:55:2A:AD:04:F3:AA:AE:B5:8D:4D:D4:E7:CF:40:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Psn7DRNVKq0E86qutY1N1OfPQPA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6ccab3-479b-4da8-ae98-2cb6e3fdf9cd/1/2w6rw7_3k6HZYJl8b3UMS6HpuVo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6ccab3-479b-4da8-ae98-2cb6e3fdf9cd/1/Psn7DRNVKq0E86qutY1N1OfPQPA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.83.172.0/22
                  193.58.36.0/22
                IPv6:
                  2a05:9d40::/29

    Signature Algorithm: sha256WithRSAEncryption
         05:72:b8:de:e3:25:a7:6e:02:af:24:63:45:7d:56:5d:b0:7e:
         52:a1:67:a1:27:d8:98:fd:79:ba:14:ec:ef:47:0d:d9:d7:55:
         7e:6c:e5:8a:06:42:bc:46:35:fd:35:11:64:b1:3b:03:d9:70:
         24:c7:4e:17:24:c0:a4:7d:6a:29:11:54:84:4d:67:46:74:d2:
         8b:06:5a:9b:ee:27:98:d9:b9:5c:98:e7:94:1a:94:be:7c:08:
         f8:c3:fa:8f:ef:05:9d:07:f5:54:59:9c:58:d4:f5:ad:78:a2:
         5f:a9:25:4a:69:95:73:d0:e4:d4:5c:87:30:dd:f8:b6:41:20:
         f8:de:9b:43:9c:a6:f6:d8:44:28:ff:68:8c:9d:8b:10:7f:ac:
         64:2f:5f:2a:8a:73:a6:e5:29:9b:5f:a2:71:ee:f1:e1:45:4b:
         88:c7:e0:f5:b1:dc:f5:b4:62:26:f2:87:b8:1a:42:9c:03:97:
         a5:83:ad:a7:1d:23:e3:63:04:8f:37:30:a4:fd:dc:05:42:d0:
         ed:d0:a9:cd:65:64:e1:f5:27:9e:82:e1:8e:9a:c3:df:cd:93:
         ad:7c:e8:70:9f:fc:1f:75:58:40:c6:b1:50:55:85:71:b0:1e:
         77:25:a4:03:2b:0a:df:42:0c:3f:e0:0a:a0:1e:a4:7c:74:76:
         ad:a8:1a:5c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvQo34ljPEoM6VsUkbQ18pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzlmYjBkMTM1NTJhYWQwNGYzYWFhZWI1OGQ0ZGQ0ZTdj
ZjQwZjAwHhcNMjMwMTAxMjEzNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjBlYWJjM2JmZjc5M2ExZDk2MDk5N2M2Zjc1MGM0YmExZTliOTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhadB+9SOf/A/1eoXH4WUpZBvwSFU
S9dn7X0Cq0Jqko1vv2+ftPJJfZ6kb3lYbmMjBkt8T9CNzA9ccw/rGhnp8IMjTtP6
L3dBN4RryBMvDv1r9n82ptFHd1P4u+mXschzCDQ+RvKziwbalyxMumujlieJKmJS
xvflKAOrF8/+CbwUcwLRxfT0kW46Jkruz/1U/DkZAUKxqBAr1WJ0zrLOeSjAm5DD
gx/gDRSbT1GlREg7m5EpRCpv2pYB4FrdsyjnuQo3/4NbWL8ElrbFt+w3UthRFN5x
6RjzWGgt87pGJ/duWrkocna3up0iBsut2jVoBVp11lApZzXVGBIpEbAjPQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNsOq8O/95Oh2WCZfG91DEuh6blaMB8GA1UdIwQY
MBaAFD7J+w0TVSqtBPOqrrWNTdTnz0DwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNuN0RSTlZLcTBFODZxdXRZMU4xT2ZQUVBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny82Y2NhYjMtNDc5Yi00ZGE4LWFlOTgt
MmNiNmUzZmRmOWNkLzEvMnc2cnc3XzNrNkhaWUpsOGIzVU1TNkhwdVZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny82Y2NhYjMtNDc5Yi00ZGE4LWFlOTgtMmNiNmUzZmRmOWNk
LzEvUHNuN0RSTlZLcTBFODZxdXRZMU4xT2ZQUVBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuVOsAwQC
wTokMA0EAgACMAcDBQMqBZ1AMA0GCSqGSIb3DQEBCwUAA4IBAQAFcrje4yWnbgKv
JGNFfVZdsH5SoWehJ9iY/Xm6FOzvRw3Z11V+bOWKBkK8RjX9NRFksTsD2XAkx04X
JMCkfWopEVSETWdGdNKLBlqb7ieY2blcmOeUGpS+fAj4w/qP7wWdB/VUWZxY1PWt
eKJfqSVKaZVz0OTUXIcw3fi2QSD43ptDnKb22EQo/2iMnYsQf6xkL18qinOm5Smb
X6Jx7vHhRUuIx+D1sdz1tGIm8oe4GkKcA5elg62nHSPjYwSPNzCk/dwFQtDt0KnN
ZWTh9SeeguGOmsPfzZOtfOhwn/wfdVhAxrFQVYVxsB53JaQDKwrfQgw/4AqgHqR8
dHatqBpc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:45 2024 by rpki-client on console-ams.rpki-client.org