Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/c5708b-faf9-42a4-bf48-4b8578715154/1/xj-1NwT4OzojXuq_dPKySIAbo00.roa
File:                     xj-1NwT4OzojXuq_dPKySIAbo00.roa (raw, json)
Hash identifier:          tTr8AmNPHy/nWwoVX6XRxLDe6zavWkge8bYuWbC+iqM=
Subject key identifier:   C6:3F:B5:37:04:F8:3B:3A:23:5E:EA:BF:74:F2:B2:48:80:1B:A3:4D
Certificate issuer:       /CN=e75bce163cb502a657f272f79fd3e487fbbd4b88
Certificate serial:       0185711E46B1FD7172352D826F95F3F5D135
Authority key identifier: E7:5B:CE:16:3C:B5:02:A6:57:F2:72:F7:9F:D3:E4:87:FB:BD:4B:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/51vOFjy1AqZX8nL3n9Pkh_u9S4g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/c5708b-faf9-42a4-bf48-4b8578715154/1/xj-1NwT4OzojXuq_dPKySIAbo00.roa
Signing time:             Mon 02 Jan 2023 06:14:47 +0000
ROA not before:           Mon 02 Jan 2023 06:14:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206377
IP address blocks:        185.35.84.0/22 maxlen: 22
                          2a00:f280::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:1e:46:b1:fd:71:72:35:2d:82:6f:95:f3:f5:d1:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e75bce163cb502a657f272f79fd3e487fbbd4b88
        Validity
            Not Before: Jan  2 06:14:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c63fb53704f83b3a235eeabf74f2b248801ba34d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:73:04:a2:9b:65:b5:15:55:96:e7:8b:e5:21:
                    5c:d9:1f:9b:50:ff:43:c0:59:83:1c:e2:de:9d:0e:
                    ad:5d:77:b0:aa:b6:8f:8e:06:59:f2:65:54:4c:9d:
                    fa:e0:31:95:76:07:29:5c:c8:89:0a:f1:40:5e:0d:
                    b1:80:0d:47:7a:81:20:5f:89:56:b6:5e:b7:91:5e:
                    43:c7:0b:61:d5:89:44:ad:b0:26:d3:33:49:83:23:
                    c5:d3:6e:67:c1:17:f9:12:9b:19:53:61:09:78:35:
                    8c:3e:69:2d:b0:93:be:95:41:24:4d:12:bd:49:7e:
                    a4:32:0b:d2:0c:34:62:dd:3e:8a:ba:f5:30:20:66:
                    51:9a:15:b9:25:92:a8:8b:0c:8a:7e:43:ef:c9:07:
                    75:04:37:cd:ff:b7:f3:8b:9e:57:ca:e1:9f:82:0c:
                    1a:c8:c5:bf:3b:cb:31:40:21:b0:13:8a:c4:7b:a7:
                    58:52:b7:22:3f:6b:d4:ca:91:82:22:83:a2:26:87:
                    79:b0:03:db:1d:f6:4e:94:8d:d8:3d:52:a1:da:b7:
                    b6:c5:a2:87:2a:a8:27:75:9e:32:fa:bc:16:a5:6a:
                    09:43:77:70:0f:b4:f3:70:f4:b5:05:dd:04:9d:19:
                    8a:0e:53:da:66:4c:06:f9:94:ab:dd:39:9d:59:12:
                    7d:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:3F:B5:37:04:F8:3B:3A:23:5E:EA:BF:74:F2:B2:48:80:1B:A3:4D
            X509v3 Authority Key Identifier:
                keyid:E7:5B:CE:16:3C:B5:02:A6:57:F2:72:F7:9F:D3:E4:87:FB:BD:4B:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51vOFjy1AqZX8nL3n9Pkh_u9S4g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/c5708b-faf9-42a4-bf48-4b8578715154/1/xj-1NwT4OzojXuq_dPKySIAbo00.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/c5708b-faf9-42a4-bf48-4b8578715154/1/51vOFjy1AqZX8nL3n9Pkh_u9S4g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.35.84.0/22
                IPv6:
                  2a00:f280::/32

    Signature Algorithm: sha256WithRSAEncryption
         75:9c:2f:c5:c2:9c:ca:62:75:dd:fd:e0:e4:e7:f7:51:6b:f6:
         e6:f2:1c:99:ba:28:3f:41:64:a3:1f:e2:14:57:9f:d0:65:70:
         ff:27:f1:9a:4a:d7:4d:72:c1:8f:72:bc:89:44:0a:84:d1:a4:
         95:44:d5:56:c4:e9:9a:7c:f9:f5:fc:8e:9c:8b:ee:70:ac:6d:
         70:5c:03:71:4c:cd:f7:1a:d2:6b:1f:b7:e3:df:6b:e3:85:1f:
         8a:11:7f:17:63:55:94:39:f5:fe:3c:54:b8:e6:69:2f:20:62:
         36:1b:9c:6f:64:4a:cc:e2:01:10:d0:fc:3d:8c:87:56:82:03:
         e5:3d:32:fa:59:14:dc:2c:41:d7:4e:3e:1c:ae:d9:c1:97:2b:
         9d:8c:c3:01:3a:dc:de:ce:2c:96:28:ff:43:80:a7:d4:f5:5a:
         e2:b8:35:51:f9:ef:52:ef:50:8e:b1:f2:c7:5d:cd:a6:78:89:
         a8:9f:ad:32:8c:bf:ff:d2:a5:df:35:5d:36:da:5c:a2:d4:bf:
         34:6c:7b:84:7e:6f:a9:db:b9:7d:31:19:34:42:ee:ef:79:03:
         88:b7:8f:f4:dc:64:62:2e:1f:eb:54:da:fa:50:14:1a:59:03:
         6d:4c:a6:99:e0:66:e0:a9:56:e6:34:99:a8:3a:60:54:1c:68:
         27:de:f3:4d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxHkax/XFyNS2Cb5Xz9dE1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NWJjZTE2M2NiNTAyYTY1N2YyNzJmNzlmZDNlNDg3ZmJi
ZDRiODgwHhcNMjMwMTAyMDYxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjNmYjUzNzA0ZjgzYjNhMjM1ZWVhYmY3NGYyYjI0ODgwMWJhMzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnMEoptltRVVlueL5SFc2R+bUP9D
wFmDHOLenQ6tXXewqraPjgZZ8mVUTJ364DGVdgcpXMiJCvFAXg2xgA1HeoEgX4lW
tl63kV5Dxwth1YlErbAm0zNJgyPF025nwRf5EpsZU2EJeDWMPmktsJO+lUEkTRK9
SX6kMgvSDDRi3T6KuvUwIGZRmhW5JZKoiwyKfkPvyQd1BDfN/7fzi55XyuGfggwa
yMW/O8sxQCGwE4rEe6dYUrciP2vUypGCIoOiJod5sAPbHfZOlI3YPVKh2re2xaKH
KqgndZ4y+rwWpWoJQ3dwD7TzcPS1Bd0EnRmKDlPaZkwG+ZSr3TmdWRJ95wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMY/tTcE+Ds6I17qv3TyskiAG6NNMB8GA1UdIwQY
MBaAFOdbzhY8tQKmV/Jy95/T5If7vUuIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTF2T0ZqeTFBcVpYOG5MM245UGtoX3U5UzRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9jNTcwOGItZmFmOS00MmE0LWJmNDgt
NGI4NTc4NzE1MTU0LzEveGotMU53VDRPem9qWHVxX2RQS3lTSUFibzAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9jNTcwOGItZmFmOS00MmE0LWJmNDgtNGI4NTc4NzE1MTU0
LzEvNTF2T0ZqeTFBcVpYOG5MM245UGtoX3U5UzRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSNUMA0E
AgACMAcDBQAqAPKAMA0GCSqGSIb3DQEBCwUAA4IBAQB1nC/FwpzKYnXd/eDk5/dR
a/bm8hyZuig/QWSjH+IUV5/QZXD/J/GaStdNcsGPcryJRAqE0aSVRNVWxOmafPn1
/I6ci+5wrG1wXANxTM33GtJrH7fj32vjhR+KEX8XY1WUOfX+PFS45mkvIGI2G5xv
ZErM4gEQ0Pw9jIdWggPlPTL6WRTcLEHXTj4crtnBlyudjMMBOtzeziyWKP9DgKfU
9VriuDVR+e9S71COsfLHXc2meImon60yjL//0qXfNV022lyi1L80bHuEfm+p27l9
MRk0Qu7veQOIt4/03GRiLh/rVNr6UBQaWQNtTKaZ4GbgqVbmNJmoOmBUHGgn3vNN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:01 2024 by rpki-client on console-fra.rpki-client.org