Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/936806-bb6d-45f3-8837-c50734d020f0/1/vHcKfMT-6jcKqMRp19SIgQEm4WY.roa
File:                     vHcKfMT-6jcKqMRp19SIgQEm4WY.roa (raw, json)
Hash identifier:          SPPcYEyc5Ml53TNufBnklfN1ORDypDoaFXmO2AfJ9a4=
Subject key identifier:   BC:77:0A:7C:C4:FE:EA:37:0A:A8:C4:69:D7:D4:88:81:01:26:E1:66
Certificate issuer:       /CN=6aa6f9e3e2622a7815a259e58d552439c255a31b
Certificate serial:       01856DAF52A1500AC0BB5935279E8C25AB1A
Authority key identifier: 6A:A6:F9:E3:E2:62:2A:78:15:A2:59:E5:8D:55:24:39:C2:55:A3:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aqb54-JiKngVolnljVUkOcJVoxs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/936806-bb6d-45f3-8837-c50734d020f0/1/vHcKfMT-6jcKqMRp19SIgQEm4WY.roa
Signing time:             Sun 01 Jan 2023 14:14:44 +0000
ROA not before:           Sun 01 Jan 2023 14:14:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15830
IP address blocks:        185.157.205.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:af:52:a1:50:0a:c0:bb:59:35:27:9e:8c:25:ab:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6aa6f9e3e2622a7815a259e58d552439c255a31b
        Validity
            Not Before: Jan  1 14:14:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bc770a7cc4feea370aa8c469d7d488810126e166
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:d7:14:ff:90:56:f8:2f:c7:ee:12:5d:fc:e2:
                    d5:d1:f2:55:5a:0d:5b:7a:a8:33:12:1f:4a:4a:75:
                    4a:ac:64:84:eb:cd:45:33:0d:09:c0:85:ba:f5:56:
                    5e:ab:c4:1a:fc:a1:c3:9f:a1:17:7e:d2:bd:3e:7d:
                    8a:d4:5e:a5:74:3f:18:1d:70:71:ec:d1:65:a5:4b:
                    e8:6f:6c:96:65:0f:4a:31:5a:da:b9:45:aa:e9:32:
                    ec:3f:b4:a0:e2:91:31:9b:24:b4:f1:c2:61:81:9c:
                    28:48:e5:65:41:3b:97:bf:59:76:48:25:3e:d8:4f:
                    96:dd:04:0b:48:16:65:34:13:d7:3d:c5:2c:86:27:
                    37:21:25:7d:33:1f:b3:8c:1b:68:7e:a1:14:e3:cd:
                    ac:20:77:83:64:93:2d:7f:54:8e:90:7f:ec:1c:90:
                    33:43:d0:38:98:a9:0d:b4:6a:d7:6d:f1:1f:a4:78:
                    79:ae:ba:fb:35:ac:0c:d0:39:1e:98:d7:83:a7:3a:
                    dd:a7:d2:e1:c6:f1:19:70:1c:44:9f:cf:ae:27:7b:
                    e3:7d:9c:19:ec:71:68:74:32:e9:94:8c:a5:88:12:
                    91:22:8f:c8:e2:04:b8:e4:7d:bc:8a:13:5d:4d:95:
                    28:aa:e7:5f:c3:0d:58:72:08:f7:89:4a:b8:6c:ae:
                    6f:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:77:0A:7C:C4:FE:EA:37:0A:A8:C4:69:D7:D4:88:81:01:26:E1:66
            X509v3 Authority Key Identifier:
                keyid:6A:A6:F9:E3:E2:62:2A:78:15:A2:59:E5:8D:55:24:39:C2:55:A3:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aqb54-JiKngVolnljVUkOcJVoxs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/936806-bb6d-45f3-8837-c50734d020f0/1/vHcKfMT-6jcKqMRp19SIgQEm4WY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/936806-bb6d-45f3-8837-c50734d020f0/1/aqb54-JiKngVolnljVUkOcJVoxs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.157.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:40:3d:2e:8a:78:e0:bf:9c:b9:a2:55:40:f5:d8:a6:69:97:
         e5:3d:9a:94:fe:a3:4e:0b:0c:36:73:d7:d0:63:3b:a0:c2:47:
         ab:81:be:c0:d8:cf:28:97:60:5f:34:31:7d:28:8e:9b:0d:57:
         84:18:a4:22:5c:a2:ad:a4:8e:8d:57:b3:55:39:b3:df:89:aa:
         40:98:ad:82:10:2e:e7:bf:3b:6b:1d:13:39:b4:8b:14:26:88:
         70:88:a6:c2:3d:14:c4:a5:f6:c7:ff:3c:9b:43:3b:d9:11:f6:
         ea:99:eb:35:96:40:e2:1c:16:24:51:7d:d0:5c:15:d4:03:a1:
         40:ea:ee:c4:d7:c5:19:17:f1:d3:1b:5a:e4:7e:ed:76:ed:54:
         19:76:52:7b:f0:4e:f3:e5:d9:e8:95:69:fa:af:6c:fe:86:4e:
         41:72:33:2b:10:98:95:9d:a5:d2:b6:1d:e8:c9:7d:cf:7d:41:
         ce:c2:f2:d6:6c:54:f1:3d:0d:4d:00:80:49:23:34:bc:c0:3f:
         95:79:b2:9a:ac:a2:81:2a:4a:a7:99:e7:81:f7:47:2a:8d:29:
         db:c1:7e:bb:0f:e9:05:21:e2:3a:ad:86:3a:0b:a4:cb:1b:5c:
         81:8a:30:33:20:89:c1:5e:59:75:6a:7c:bb:21:cf:f3:50:4b:
         3d:4a:63:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtr1KhUArAu1k1J56MJasaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYTZmOWUzZTI2MjJhNzgxNWEyNTllNThkNTUyNDM5YzI1
NWEzMWIwHhcNMjMwMTAxMTQxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzc3MGE3Y2M0ZmVlYTM3MGFhOGM0NjlkN2Q0ODg4MTAxMjZlMTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNcU/5BW+C/H7hJd/OLV0fJVWg1b
eqgzEh9KSnVKrGSE681FMw0JwIW69VZeq8Qa/KHDn6EXftK9Pn2K1F6ldD8YHXBx
7NFlpUvob2yWZQ9KMVrauUWq6TLsP7Sg4pExmyS08cJhgZwoSOVlQTuXv1l2SCU+
2E+W3QQLSBZlNBPXPcUshic3ISV9Mx+zjBtofqEU482sIHeDZJMtf1SOkH/sHJAz
Q9A4mKkNtGrXbfEfpHh5rrr7NawM0DkemNeDpzrdp9LhxvEZcBxEn8+uJ3vjfZwZ
7HFodDLplIyliBKRIo/I4gS45H28ihNdTZUoqudfww1Ycgj3iUq4bK5vSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLx3CnzE/uo3CqjEadfUiIEBJuFmMB8GA1UdIwQY
MBaAFGqm+ePiYip4FaJZ5Y1VJDnCVaMbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXFiNTQtSmlLbmdWb2xubGpWVWtPY0pWb3hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS85MzY4MDYtYmI2ZC00NWYzLTg4Mzct
YzUwNzM0ZDAyMGYwLzEvdkhjS2ZNVC02amNLcU1ScDE5U0lnUUVtNFdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS85MzY4MDYtYmI2ZC00NWYzLTg4MzctYzUwNzM0ZDAyMGYw
LzEvYXFiNTQtSmlLbmdWb2xubGpWVWtPY0pWb3hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ3NMA0G
CSqGSIb3DQEBCwUAA4IBAQAVQD0uinjgv5y5olVA9dimaZflPZqU/qNOCww2c9fQ
Yzugwkergb7A2M8ol2BfNDF9KI6bDVeEGKQiXKKtpI6NV7NVObPfiapAmK2CEC7n
vztrHRM5tIsUJohwiKbCPRTEpfbH/zybQzvZEfbqmes1lkDiHBYkUX3QXBXUA6FA
6u7E18UZF/HTG1rkfu127VQZdlJ78E7z5dnolWn6r2z+hk5BcjMrEJiVnaXSth3o
yX3PfUHOwvLWbFTxPQ1NAIBJIzS8wD+VebKarKKBKkqnmeeB90cqjSnbwX67D+kF
IeI6rYY6C6TLG1yBijAzIInBXll1any7Ic/zUEs9SmMq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:18 2024 by rpki-client on console-ams.rpki-client.org