Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/fa6f43-7dd1-405b-8dce-29b038084aa6/1/hW_gZYISsjNYMEc_iK2TPG-eZ4A.roa
File:                     hW_gZYISsjNYMEc_iK2TPG-eZ4A.roa (raw, json)
Hash identifier:          n/QR+KKmusgpc2kaJ+8P+gATnZUesSpEZcGNr6PBBUk=
Subject key identifier:   85:6F:E0:65:82:12:B2:33:58:30:47:3F:88:AD:93:3C:6F:9E:67:80
Certificate issuer:       /CN=061e2554e52037781d107c8f8319c93e59986f05
Certificate serial:       01865ED2759AC52F012094DBC3999CD0C5E8
Authority key identifier: 06:1E:25:54:E5:20:37:78:1D:10:7C:8F:83:19:C9:3E:59:98:6F:05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Bh4lVOUgN3gdEHyPgxnJPlmYbwU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/fa6f43-7dd1-405b-8dce-29b038084aa6/1/hW_gZYISsjNYMEc_iK2TPG-eZ4A.roa
Signing time:             Fri 17 Feb 2023 10:01:36 +0000
ROA not before:           Fri 17 Feb 2023 10:01:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        185.137.166.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:5e:d2:75:9a:c5:2f:01:20:94:db:c3:99:9c:d0:c5:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=061e2554e52037781d107c8f8319c93e59986f05
        Validity
            Not Before: Feb 17 10:01:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=856fe0658212b2335830473f88ad933c6f9e6780
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:79:0d:7e:a7:65:66:ee:c8:ea:07:1b:fe:a5:
                    28:1f:51:19:fe:73:a1:8e:81:56:36:12:88:b7:b5:
                    37:41:77:bf:22:5f:c2:d4:d7:8f:44:e2:c2:ec:27:
                    09:1f:6e:47:fe:e5:83:81:44:ee:87:f8:48:3e:fe:
                    49:55:b3:6f:2a:e7:83:be:25:b5:60:fd:c5:3e:b5:
                    12:b0:7e:7b:9a:6b:f3:ad:6d:24:e6:73:23:e6:23:
                    82:07:68:0e:2b:b5:14:6e:4e:86:81:12:9e:37:02:
                    4c:a2:5d:57:83:62:3f:0b:8d:51:ea:a1:0b:63:62:
                    15:78:a4:eb:d1:b2:9a:a1:12:cc:4f:36:7b:ed:0d:
                    44:7a:c3:ec:fc:78:b1:94:05:56:73:44:13:9a:57:
                    fd:2e:3a:8f:b3:3b:af:0d:bf:36:89:33:e5:b5:d8:
                    b8:44:46:28:18:7b:ba:a7:62:ff:9b:3a:32:b2:1a:
                    60:51:a7:3d:3c:b0:11:26:f6:9c:bf:c7:08:f1:a9:
                    a4:ab:d0:fb:25:1d:7b:ae:81:78:04:d1:ef:9f:ab:
                    a2:ad:53:be:90:5f:f1:b1:60:c0:e9:18:64:39:bc:
                    41:70:4f:b8:ba:4e:ce:8e:86:9d:3c:77:d7:95:56:
                    27:cb:e7:99:e2:d4:f6:b7:d4:43:28:b6:33:d9:65:
                    d3:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:6F:E0:65:82:12:B2:33:58:30:47:3F:88:AD:93:3C:6F:9E:67:80
            X509v3 Authority Key Identifier:
                keyid:06:1E:25:54:E5:20:37:78:1D:10:7C:8F:83:19:C9:3E:59:98:6F:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bh4lVOUgN3gdEHyPgxnJPlmYbwU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/fa6f43-7dd1-405b-8dce-29b038084aa6/1/hW_gZYISsjNYMEc_iK2TPG-eZ4A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/fa6f43-7dd1-405b-8dce-29b038084aa6/1/Bh4lVOUgN3gdEHyPgxnJPlmYbwU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.137.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:1e:06:7e:d2:a8:eb:ea:2f:a6:27:1d:52:51:5d:78:1e:81:
         93:ab:44:7a:26:e1:2c:53:15:d4:5d:a2:02:53:ff:b7:2e:4c:
         37:0a:8c:ce:a1:14:34:d0:2d:c0:0b:bd:61:0a:22:0e:5e:e7:
         41:ae:92:b7:e9:59:13:c3:91:64:02:22:ed:4b:d8:91:e6:89:
         98:ff:ba:08:80:47:bf:12:30:9e:a0:f2:bb:82:83:4d:81:9a:
         a2:fa:15:0c:d8:78:5e:7d:cd:8e:35:72:d0:76:12:3d:94:e9:
         c3:41:2a:0e:44:0a:e2:21:e0:92:f2:0f:ed:e4:0d:3b:90:61:
         6a:36:b6:42:3d:b4:2f:66:c5:04:f4:87:d7:df:59:ca:e0:cc:
         7d:15:a2:3e:f1:05:74:a0:b4:ad:d2:94:1f:d1:74:62:bb:40:
         d6:ab:0b:7a:29:8b:65:7f:aa:cf:96:f2:29:c6:c5:13:73:56:
         62:ea:53:2c:1f:13:08:39:fe:83:4c:ac:3e:4a:98:e8:9f:89:
         13:c4:2c:93:de:3e:f0:fa:9f:46:c2:ef:0e:bf:08:1a:4c:e2:
         69:8b:7a:23:05:b8:84:d2:e4:14:99:f9:09:83:80:1c:25:8c:
         cb:89:34:90:a8:5c:e2:25:6f:50:a4:f1:3a:6b:4a:41:c5:c1:
         6c:04:6c:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZe0nWaxS8BIJTbw5mc0MXoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MWUyNTU0ZTUyMDM3NzgxZDEwN2M4ZjgzMTljOTNlNTk5
ODZmMDUwHhcNMjMwMjE3MTAwMTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTZmZTA2NTgyMTJiMjMzNTgzMDQ3M2Y4OGFkOTMzYzZmOWU2NzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3kNfqdlZu7I6gcb/qUoH1EZ/nOh
joFWNhKIt7U3QXe/Il/C1NePROLC7CcJH25H/uWDgUTuh/hIPv5JVbNvKueDviW1
YP3FPrUSsH57mmvzrW0k5nMj5iOCB2gOK7UUbk6GgRKeNwJMol1Xg2I/C41R6qEL
Y2IVeKTr0bKaoRLMTzZ77Q1EesPs/HixlAVWc0QTmlf9LjqPszuvDb82iTPltdi4
REYoGHu6p2L/mzoyshpgUac9PLARJvacv8cI8amkq9D7JR17roF4BNHvn6uirVO+
kF/xsWDA6RhkObxBcE+4uk7OjoadPHfXlVYny+eZ4tT2t9RDKLYz2WXTHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIVv4GWCErIzWDBHP4itkzxvnmeAMB8GA1UdIwQY
MBaAFAYeJVTlIDd4HRB8j4MZyT5ZmG8FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmg0bFZPVWdOM2dkRUh5UGd4bkpQbG1ZYndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9mYTZmNDMtN2RkMS00MDViLThkY2Ut
MjliMDM4MDg0YWE2LzEvaFdfZ1pZSVNzak5ZTUVjX2lLMlRQRy1lWjRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9mYTZmNDMtN2RkMS00MDViLThkY2UtMjliMDM4MDg0YWE2
LzEvQmg0bFZPVWdOM2dkRUh5UGd4bkpQbG1ZYndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYmmMA0G
CSqGSIb3DQEBCwUAA4IBAQAGHgZ+0qjr6i+mJx1SUV14HoGTq0R6JuEsUxXUXaIC
U/+3Lkw3CozOoRQ00C3AC71hCiIOXudBrpK36VkTw5FkAiLtS9iR5omY/7oIgEe/
EjCeoPK7goNNgZqi+hUM2Hhefc2ONXLQdhI9lOnDQSoORAriIeCS8g/t5A07kGFq
NrZCPbQvZsUE9IfX31nK4Mx9FaI+8QV0oLSt0pQf0XRiu0DWqwt6KYtlf6rPlvIp
xsUTc1Zi6lMsHxMIOf6DTKw+Spjon4kTxCyT3j7w+p9Gwu8OvwgaTOJpi3ojBbiE
0uQUmfkJg4AcJYzLiTSQqFziJW9QpPE6a0pBxcFsBGxF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:38 2024 by rpki-client on console-fra.rpki-client.org