Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/3dc3c4-9c48-4a64-8fa1-88f7b91b6e32/1/O6E7MvCuHoLuMaBruXh-KQfd264.roa
File:                     O6E7MvCuHoLuMaBruXh-KQfd264.roa (raw, json)
Hash identifier:          ag45pCLkECowILotA2H42wIrfXpy/J1l6v7VhhiF4bU=
Subject key identifier:   3B:A1:3B:32:F0:AE:1E:82:EE:31:A0:6B:B9:78:7E:29:07:DD:DB:AE
Certificate issuer:       /CN=ff62562cae873f4fc4a3232bf49dd5343b7084f9
Certificate serial:       01856EB910AA9429195C32107039D001872B
Authority key identifier: FF:62:56:2C:AE:87:3F:4F:C4:A3:23:2B:F4:9D:D5:34:3B:70:84:F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_2JWLK6HP0_EoyMr9J3VNDtwhPk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/3dc3c4-9c48-4a64-8fa1-88f7b91b6e32/1/O6E7MvCuHoLuMaBruXh-KQfd264.roa
Signing time:             Sun 01 Jan 2023 19:05:00 +0000
ROA not before:           Sun 01 Jan 2023 19:05:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15576
IP address blocks:        185.187.120.0/22 maxlen: 22
                          2a0b:9e80::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:b9:10:aa:94:29:19:5c:32:10:70:39:d0:01:87:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff62562cae873f4fc4a3232bf49dd5343b7084f9
        Validity
            Not Before: Jan  1 19:05:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3ba13b32f0ae1e82ee31a06bb9787e2907dddbae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:d3:7e:63:92:a6:2e:18:ff:93:9f:57:fa:06:
                    9f:e4:31:a7:5a:e0:21:27:a7:c4:93:94:0f:f3:48:
                    31:68:18:7b:12:fe:be:84:ab:0b:2f:f1:15:19:07:
                    37:59:f5:0f:3d:fb:cd:f4:98:c7:39:a6:7c:fa:c1:
                    c4:3c:45:cd:b3:ef:64:36:a6:b7:01:83:f5:50:04:
                    37:6d:aa:12:c7:84:e3:6c:86:56:97:35:11:95:67:
                    0a:f3:74:ce:ad:a8:31:cc:4e:b7:47:d4:9d:c3:f2:
                    d9:be:0f:93:bc:9c:cf:95:68:ed:b6:1b:b4:d7:21:
                    0c:5a:70:44:25:bc:43:46:b2:94:cb:de:22:60:30:
                    c6:e0:05:bf:1c:d6:39:d0:02:64:78:29:cc:6c:3e:
                    8d:71:0e:e4:03:3b:c9:3b:ac:30:ad:18:5a:a1:a9:
                    5f:73:df:55:aa:68:23:ef:da:cc:7f:47:57:1a:15:
                    a3:a0:5e:f8:c8:04:65:17:eb:1b:6c:b7:52:25:b6:
                    f3:aa:82:f6:84:58:a4:f0:6b:f2:62:23:51:28:47:
                    fa:fc:66:b1:5d:16:f4:ca:90:e7:45:8f:86:c1:e4:
                    2d:73:85:e3:ee:aa:84:fb:27:e9:ad:b5:b1:18:90:
                    b8:53:b0:48:fb:b5:0e:f7:26:6e:2d:2e:66:5a:3d:
                    e7:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:A1:3B:32:F0:AE:1E:82:EE:31:A0:6B:B9:78:7E:29:07:DD:DB:AE
            X509v3 Authority Key Identifier:
                keyid:FF:62:56:2C:AE:87:3F:4F:C4:A3:23:2B:F4:9D:D5:34:3B:70:84:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_2JWLK6HP0_EoyMr9J3VNDtwhPk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/3dc3c4-9c48-4a64-8fa1-88f7b91b6e32/1/O6E7MvCuHoLuMaBruXh-KQfd264.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/3dc3c4-9c48-4a64-8fa1-88f7b91b6e32/1/_2JWLK6HP0_EoyMr9J3VNDtwhPk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.187.120.0/22
                IPv6:
                  2a0b:9e80::/32

    Signature Algorithm: sha256WithRSAEncryption
         4d:a4:1a:d8:a1:68:1a:af:18:ab:52:ec:7a:d0:dc:84:92:6e:
         79:4b:1d:0b:d8:94:b0:e8:c4:c6:48:77:fe:35:72:88:9f:e5:
         6f:f6:83:89:3a:11:d4:4e:a1:17:f2:e1:db:20:11:d5:ea:a4:
         ad:39:71:3e:e9:9c:66:6f:6a:a7:d2:1f:de:da:b2:3a:16:e9:
         a7:74:99:fc:b2:a2:4f:6c:0a:50:07:a3:b3:b9:cb:ff:63:23:
         ce:5d:34:14:6f:37:7f:8d:e3:60:e9:bc:60:f8:72:1b:df:59:
         70:f1:3e:4d:5b:12:d0:29:cc:b3:c7:ca:f4:eb:27:4f:07:dc:
         2e:53:30:5e:71:71:17:a6:4e:ce:79:8c:62:e2:16:f4:a4:2c:
         4d:73:09:11:7e:e8:76:e5:17:19:fd:4f:01:40:4d:95:f5:97:
         6c:7f:0b:72:cc:ad:e4:45:5b:d5:b3:c1:b6:3a:48:e7:ac:bd:
         df:32:33:1a:17:ce:8e:bb:67:8c:ef:5d:b8:4b:71:96:2f:1e:
         34:97:5a:f6:3c:f3:7d:55:e1:c7:e3:c1:a3:5e:9f:16:ab:f9:
         9d:62:77:a4:4a:cc:11:d9:7d:9d:fd:fb:87:d0:88:5f:56:38:
         21:be:b1:c0:96:1e:7f:3b:6e:11:d4:d1:17:27:9d:ce:1e:b2:
         c9:b4:bd:38
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuuRCqlCkZXDIQcDnQAYcrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNjI1NjJjYWU4NzNmNGZjNGEzMjMyYmY0OWRkNTM0M2I3
MDg0ZjkwHhcNMjMwMTAxMTkwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmExM2IzMmYwYWUxZTgyZWUzMWEwNmJiOTc4N2UyOTA3ZGRkYmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4NN+Y5KmLhj/k59X+gaf5DGnWuAh
J6fEk5QP80gxaBh7Ev6+hKsLL/EVGQc3WfUPPfvN9JjHOaZ8+sHEPEXNs+9kNqa3
AYP1UAQ3baoSx4TjbIZWlzURlWcK83TOragxzE63R9Sdw/LZvg+TvJzPlWjtthu0
1yEMWnBEJbxDRrKUy94iYDDG4AW/HNY50AJkeCnMbD6NcQ7kAzvJO6wwrRhaoalf
c99Vqmgj79rMf0dXGhWjoF74yARlF+sbbLdSJbbzqoL2hFik8GvyYiNRKEf6/Gax
XRb0ypDnRY+GweQtc4Xj7qqE+yfprbWxGJC4U7BI+7UO9yZuLS5mWj3nBwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDuhOzLwrh6C7jGga7l4fikH3duuMB8GA1UdIwQY
MBaAFP9iViyuhz9PxKMjK/Sd1TQ7cIT5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzJKV0xLNkhQMF9Fb3lNcjlKM1ZORHR3aFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zZGMzYzQtOWM0OC00YTY0LThmYTEt
ODhmN2I5MWI2ZTMyLzEvTzZFN012Q3VIb0x1TWFCcnVYaC1LUWZkMjY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zZGMzYzQtOWM0OC00YTY0LThmYTEtODhmN2I5MWI2ZTMy
LzEvXzJKV0xLNkhQMF9Fb3lNcjlKM1ZORHR3aFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubt4MA0E
AgACMAcDBQAqC56AMA0GCSqGSIb3DQEBCwUAA4IBAQBNpBrYoWgarxirUux60NyE
km55Sx0L2JSw6MTGSHf+NXKIn+Vv9oOJOhHUTqEX8uHbIBHV6qStOXE+6Zxmb2qn
0h/e2rI6FumndJn8sqJPbApQB6Ozucv/YyPOXTQUbzd/jeNg6bxg+HIb31lw8T5N
WxLQKcyzx8r06ydPB9wuUzBecXEXpk7OeYxi4hb0pCxNcwkRfuh25RcZ/U8BQE2V
9ZdsfwtyzK3kRVvVs8G2OkjnrL3fMjMaF86Ou2eM7124S3GWLx40l1r2PPN9VeHH
48GjXp8Wq/mdYnekSswR2X2d/fuH0IhfVjghvrHAlh5/O24R1NEXJ53OHrLJtL04
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:46 2024 by rpki-client on console-ams.rpki-client.org