Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/936806-bb6d-45f3-8837-c50734d020f0/1/5NwcunkLAsTU1wlUQyO1DoqseXM.roa
File:                     5NwcunkLAsTU1wlUQyO1DoqseXM.roa (raw, json)
Hash identifier:          y/1JqhD7zqCyULntqDj47Im3nAzZVNbgxclofyo0ciI=
Subject key identifier:   E4:DC:1C:BA:79:0B:02:C4:D4:D7:09:54:43:23:B5:0E:8A:AC:79:73
Certificate issuer:       /CN=6aa6f9e3e2622a7815a259e58d552439c255a31b
Certificate serial:       01856DAF5362F2CD1B5D26DAB5CA003D0CCC
Authority key identifier: 6A:A6:F9:E3:E2:62:2A:78:15:A2:59:E5:8D:55:24:39:C2:55:A3:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aqb54-JiKngVolnljVUkOcJVoxs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/936806-bb6d-45f3-8837-c50734d020f0/1/5NwcunkLAsTU1wlUQyO1DoqseXM.roa
Signing time:             Sun 01 Jan 2023 14:14:44 +0000
ROA not before:           Sun 01 Jan 2023 14:14:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207211
IP address blocks:        185.157.204.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:af:53:62:f2:cd:1b:5d:26:da:b5:ca:00:3d:0c:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6aa6f9e3e2622a7815a259e58d552439c255a31b
        Validity
            Not Before: Jan  1 14:14:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e4dc1cba790b02c4d4d709544323b50e8aac7973
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:f2:af:2b:74:83:a8:f8:3e:cc:96:b3:99:b2:
                    1d:cf:7f:aa:b9:8c:93:5b:85:36:a3:65:4c:2a:35:
                    6a:14:2a:ec:70:8b:4f:1c:db:30:6d:21:65:8e:57:
                    2b:78:62:33:c4:e6:a3:c9:8b:6d:76:db:b4:3a:66:
                    99:21:0b:c0:e4:98:f0:b8:b7:c2:0e:f9:91:eb:b8:
                    f9:54:90:e3:91:5b:5e:ba:73:66:cf:81:a5:02:4e:
                    b2:1e:ab:08:5f:d1:1a:3d:e5:f9:4a:e3:8f:23:a3:
                    a4:8e:1e:28:13:2e:53:5c:14:20:e2:4e:18:36:91:
                    fd:a5:80:6d:c4:94:b2:9b:d8:08:dc:f9:7e:ab:f6:
                    93:1d:ea:b7:9a:5e:1f:83:6d:ff:85:c0:b2:98:1a:
                    f5:92:3c:1d:43:97:60:72:62:5f:f2:83:91:b4:b1:
                    8f:aa:09:f0:ce:89:08:0f:a1:85:bf:94:23:00:a9:
                    f8:43:f4:8d:97:c7:38:5a:ce:8a:2e:52:d5:a6:33:
                    ba:6e:6e:26:76:55:80:39:28:43:8d:ef:16:da:ba:
                    8a:02:92:d3:fa:20:dd:38:0c:28:45:3c:7a:c8:dd:
                    71:6b:57:87:ec:79:06:73:f7:70:e5:65:f7:18:93:
                    f5:62:6d:a8:21:af:02:21:bd:51:cf:b0:21:12:36:
                    e0:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:DC:1C:BA:79:0B:02:C4:D4:D7:09:54:43:23:B5:0E:8A:AC:79:73
            X509v3 Authority Key Identifier:
                keyid:6A:A6:F9:E3:E2:62:2A:78:15:A2:59:E5:8D:55:24:39:C2:55:A3:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aqb54-JiKngVolnljVUkOcJVoxs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/936806-bb6d-45f3-8837-c50734d020f0/1/5NwcunkLAsTU1wlUQyO1DoqseXM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/936806-bb6d-45f3-8837-c50734d020f0/1/aqb54-JiKngVolnljVUkOcJVoxs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.157.204.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:e9:9e:8a:f0:3a:a7:77:50:b2:87:ba:85:46:f4:8a:94:d5:
         4a:63:53:af:9d:5a:18:2a:43:20:c9:cd:c5:f6:cd:a3:5a:80:
         1f:1f:09:14:56:77:32:a2:ef:0a:b4:ff:49:b0:f5:ad:44:72:
         c5:75:54:93:b6:8b:82:df:56:31:99:b3:6e:a1:27:88:a2:15:
         66:ff:f0:33:e9:0c:23:67:d8:96:b4:df:06:f1:70:0e:73:22:
         5e:1e:eb:84:56:02:3d:f5:7b:d8:00:8b:8a:1c:0d:5a:f4:14:
         87:9c:e9:e0:14:fd:c9:ab:ac:f9:9f:eb:46:97:19:b0:dd:6a:
         df:b2:9b:ae:fc:3f:a4:a2:5c:4a:03:d5:22:74:60:67:b1:25:
         6b:51:72:1b:cc:cd:a2:50:32:ac:98:43:89:f9:47:f2:80:23:
         c5:6a:73:99:d5:d7:2f:b5:8c:b3:f4:3b:62:df:6d:a5:d2:fc:
         01:23:a5:c7:47:94:90:89:b6:10:9b:73:ca:d8:41:7e:30:b7:
         ac:29:49:2e:a5:ff:99:d0:7a:b3:90:93:eb:3b:aa:51:48:dc:
         ce:bf:c8:c4:3e:d8:2b:87:5b:7c:45:11:51:43:bf:ef:84:09:
         a4:09:12:4d:b5:ab:32:df:c8:aa:be:5d:7e:d7:9d:b9:24:ad:
         06:0a:97:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtr1Ni8s0bXSbatcoAPQzMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYTZmOWUzZTI2MjJhNzgxNWEyNTllNThkNTUyNDM5YzI1
NWEzMWIwHhcNMjMwMTAxMTQxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGRjMWNiYTc5MGIwMmM0ZDRkNzA5NTQ0MzIzYjUwZThhYWM3OTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvKvK3SDqPg+zJazmbIdz3+quYyT
W4U2o2VMKjVqFCrscItPHNswbSFljlcreGIzxOajyYttdtu0OmaZIQvA5JjwuLfC
DvmR67j5VJDjkVteunNmz4GlAk6yHqsIX9EaPeX5SuOPI6Okjh4oEy5TXBQg4k4Y
NpH9pYBtxJSym9gI3Pl+q/aTHeq3ml4fg23/hcCymBr1kjwdQ5dgcmJf8oORtLGP
qgnwzokID6GFv5QjAKn4Q/SNl8c4Ws6KLlLVpjO6bm4mdlWAOShDje8W2rqKApLT
+iDdOAwoRTx6yN1xa1eH7HkGc/dw5WX3GJP1Ym2oIa8CIb1Rz7AhEjbgVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOTcHLp5CwLE1NcJVEMjtQ6KrHlzMB8GA1UdIwQY
MBaAFGqm+ePiYip4FaJZ5Y1VJDnCVaMbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXFiNTQtSmlLbmdWb2xubGpWVWtPY0pWb3hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS85MzY4MDYtYmI2ZC00NWYzLTg4Mzct
YzUwNzM0ZDAyMGYwLzEvNU53Y3Vua0xBc1RVMXdsVVF5TzFEb3FzZVhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS85MzY4MDYtYmI2ZC00NWYzLTg4MzctYzUwNzM0ZDAyMGYw
LzEvYXFiNTQtSmlLbmdWb2xubGpWVWtPY0pWb3hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ3MMA0G
CSqGSIb3DQEBCwUAA4IBAQAF6Z6K8Dqnd1Cyh7qFRvSKlNVKY1OvnVoYKkMgyc3F
9s2jWoAfHwkUVncyou8KtP9JsPWtRHLFdVSTtouC31YxmbNuoSeIohVm//Az6Qwj
Z9iWtN8G8XAOcyJeHuuEVgI99XvYAIuKHA1a9BSHnOngFP3Jq6z5n+tGlxmw3Wrf
spuu/D+kolxKA9UidGBnsSVrUXIbzM2iUDKsmEOJ+UfygCPFanOZ1dcvtYyz9Dti
322l0vwBI6XHR5SQibYQm3PK2EF+MLesKUkupf+Z0HqzkJPrO6pRSNzOv8jEPtgr
h1t8RRFRQ7/vhAmkCRJNtasy38iqvl1+1525JK0GCpeT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:23 2024 by rpki-client on console-fra.rpki-client.org