Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/6nmIS5Y8J4KlOHvRIBGQlBffQKU.roa
File:                     6nmIS5Y8J4KlOHvRIBGQlBffQKU.roa (raw, json)
Hash identifier:          DE4Dhsaduje7KYDRcZk/RvqRQsRaLLqD0M1Fiko/4ss=
Subject key identifier:   EA:79:88:4B:96:3C:27:82:A5:38:7B:D1:20:11:90:94:17:DF:40:A5
Certificate issuer:       /CN=fc282a794b3f7ab4cd6feb6c5fd6b3d256afc461
Certificate serial:       0186C0B16CB9DF65A2CF0B40C38341B7F61E
Authority key identifier: FC:28:2A:79:4B:3F:7A:B4:CD:6F:EB:6C:5F:D6:B3:D2:56:AF:C4:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_CgqeUs_erTNb-tsX9az0lavxGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/6nmIS5Y8J4KlOHvRIBGQlBffQKU.roa
Signing time:             Wed 08 Mar 2023 10:08:18 +0000
ROA not before:           Wed 08 Mar 2023 10:08:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        185.144.236.0/24 maxlen: 24
                          185.144.236.0/22 maxlen: 22
                          2a07:4407::/32 maxlen: 48

Validation:               Failed, certificate revoked on Wed 08 Mar 2023 10:24:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:c0:b1:6c:b9:df:65:a2:cf:0b:40:c3:83:41:b7:f6:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc282a794b3f7ab4cd6feb6c5fd6b3d256afc461
        Validity
            Not Before: Mar  8 10:08:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ea79884b963c2782a5387bd12011909417df40a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:8f:54:ad:33:52:4a:a8:72:b3:44:fd:de:e2:
                    6b:fd:8f:4e:f1:ec:b7:26:4f:4d:ce:09:6b:72:2a:
                    92:97:77:86:f2:9f:5c:23:4b:a8:2b:13:ec:7f:6e:
                    03:ca:69:b9:50:12:7e:1a:06:3c:fe:3b:52:b6:6d:
                    f5:d0:80:34:6b:a2:5c:0e:54:f8:34:34:e8:79:3b:
                    73:ff:9c:74:1b:17:d4:e8:cc:ab:53:64:60:48:1e:
                    6b:88:18:50:b7:3e:15:de:fb:6e:a4:be:68:0b:a5:
                    99:3a:7e:a7:b2:1c:2c:be:ec:39:6c:82:5c:bf:eb:
                    93:43:66:0a:ee:84:52:2b:fe:47:ba:ab:ce:21:a6:
                    0f:1e:d0:a1:a9:82:72:94:ea:ba:86:3f:f8:a7:49:
                    a8:8e:d9:e4:40:2c:92:5e:d6:d5:bd:1b:76:a8:47:
                    79:24:52:1b:5a:3a:a7:0b:4a:3a:dc:b7:96:8e:20:
                    95:af:2f:70:83:38:c0:fe:11:ed:c9:be:00:21:1a:
                    a6:7f:8b:fe:d8:c3:4e:94:fd:b7:53:96:e4:34:44:
                    02:22:9a:3f:c7:b3:12:1b:ce:0a:8d:be:2e:72:a8:
                    ad:d7:f8:c0:dc:d8:29:f6:c8:06:c5:73:6b:d4:fd:
                    79:62:69:7b:b4:df:03:0b:fa:59:dd:0d:1f:a3:6f:
                    c6:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:79:88:4B:96:3C:27:82:A5:38:7B:D1:20:11:90:94:17:DF:40:A5
            X509v3 Authority Key Identifier:
                keyid:FC:28:2A:79:4B:3F:7A:B4:CD:6F:EB:6C:5F:D6:B3:D2:56:AF:C4:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_CgqeUs_erTNb-tsX9az0lavxGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/6nmIS5Y8J4KlOHvRIBGQlBffQKU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/_CgqeUs_erTNb-tsX9az0lavxGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.144.236.0/22
                IPv6:
                  2a07:4407::/32

    Signature Algorithm: sha256WithRSAEncryption
         be:7e:92:e3:85:f8:e1:9b:82:86:bf:f2:5e:e2:f9:e8:f4:c9:
         ab:e8:23:dc:79:aa:01:04:33:89:5b:88:95:9f:62:a9:c3:38:
         31:16:86:8c:eb:49:84:26:31:4a:f2:f8:fd:e0:f0:d0:25:3d:
         37:e3:07:7c:a0:76:15:b4:82:45:c2:92:73:65:a0:91:dd:c6:
         2c:b0:24:0a:3b:35:c6:0e:7f:9d:62:de:72:76:4a:ac:62:b7:
         4a:1e:a8:2e:ba:5f:e1:7b:8e:f9:81:42:12:76:7d:8d:b7:81:
         0f:63:55:b2:b2:98:37:2a:7a:9a:22:77:a1:e4:f2:45:4f:49:
         65:ee:91:93:4c:c5:5c:d7:45:a5:cd:1c:c7:63:b3:94:ec:81:
         11:12:c6:1e:b6:4e:39:31:6c:6b:46:2a:31:93:a2:e9:cf:36:
         56:17:35:37:b7:32:17:93:77:b8:2f:70:44:a7:f8:fe:f0:9d:
         74:37:fb:57:73:80:27:7c:9b:ff:63:56:18:fc:df:bb:4f:61:
         55:ed:0a:56:4f:5a:30:74:1d:c3:ee:bd:41:73:18:9f:36:a2:
         f3:26:91:b5:78:7a:a3:ea:cf:37:97:5b:91:5e:f4:49:00:c9:
         45:d0:d1:ac:ba:38:a4:04:2b:00:7e:38:25:85:82:a6:cc:22:
         aa:44:a6:62
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYbAsWy532WizwtAw4NBt/YeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMjgyYTc5NGIzZjdhYjRjZDZmZWI2YzVmZDZiM2QyNTZh
ZmM0NjEwHhcNMjMwMzA4MTAwODE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTc5ODg0Yjk2M2MyNzgyYTUzODdiZDEyMDExOTA5NDE3ZGY0MGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk49UrTNSSqhys0T93uJr/Y9O8ey3
Jk9NzglrciqSl3eG8p9cI0uoKxPsf24Dymm5UBJ+GgY8/jtStm310IA0a6JcDlT4
NDToeTtz/5x0GxfU6MyrU2RgSB5riBhQtz4V3vtupL5oC6WZOn6nshwsvuw5bIJc
v+uTQ2YK7oRSK/5HuqvOIaYPHtChqYJylOq6hj/4p0mojtnkQCySXtbVvRt2qEd5
JFIbWjqnC0o63LeWjiCVry9wgzjA/hHtyb4AIRqmf4v+2MNOlP23U5bkNEQCIpo/
x7MSG84Kjb4ucqit1/jA3Ngp9sgGxXNr1P15Yml7tN8DC/pZ3Q0fo2/GswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOp5iEuWPCeCpTh70SARkJQX30ClMB8GA1UdIwQY
MBaAFPwoKnlLP3q0zW/rbF/Ws9JWr8RhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0NncWVVc19lclROYi10c1g5YXowbGF2eEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9lNDg1ZTEtYTY1Zi00M2Q0LWI1NzIt
ZDMzMjZjNTliY2QyLzEvNm5tSVM1WThKNEtsT0h2UklCR1FsQmZmUUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9lNDg1ZTEtYTY1Zi00M2Q0LWI1NzItZDMzMjZjNTliY2Qy
LzEvX0NncWVVc19lclROYi10c1g5YXowbGF2eEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZDsMA0E
AgACMAcDBQAqB0QHMA0GCSqGSIb3DQEBCwUAA4IBAQC+fpLjhfjhm4KGv/Je4vno
9Mmr6CPceaoBBDOJW4iVn2KpwzgxFoaM60mEJjFK8vj94PDQJT034wd8oHYVtIJF
wpJzZaCR3cYssCQKOzXGDn+dYt5ydkqsYrdKHqguul/he475gUISdn2Nt4EPY1Wy
spg3KnqaIneh5PJFT0ll7pGTTMVc10WlzRzHY7OU7IEREsYetk45MWxrRioxk6Lp
zzZWFzU3tzIXk3e4L3BEp/j+8J10N/tXc4AnfJv/Y1YY/N+7T2FV7QpWT1owdB3D
7r1BcxifNqLzJpG1eHqj6s83l1uRXvRJAMlF0NGsujikBCsAfjglhYKmzCKqRKZi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:20 2024 by rpki-client on console-ams.rpki-client.org