Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/dd8f71-2b36-4fb7-b2d5-f997dbdc3e57/1/6M6TF1mL2p60K2FjWFX93_TCH1o.roa
File:                     6M6TF1mL2p60K2FjWFX93_TCH1o.roa (raw, json)
Hash identifier:          JuD1RKSAJbcBHXFV4/DFyeaDJyJFd5fuAOL4HsUhGh0=
Subject key identifier:   E8:CE:93:17:59:8B:DA:9E:B4:2B:61:63:58:55:FD:DF:F4:C2:1F:5A
Certificate issuer:       /CN=4451e83dae12a371c1dd49db34d9bd52a9688b4a
Certificate serial:       0188538FABA8A0953ED68CAF052036C4EEA7
Authority key identifier: 44:51:E8:3D:AE:12:A3:71:C1:DD:49:DB:34:D9:BD:52:A9:68:8B:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFHoPa4So3HB3UnbNNm9Uqloi0o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/dd8f71-2b36-4fb7-b2d5-f997dbdc3e57/1/6M6TF1mL2p60K2FjWFX93_TCH1o.roa
Signing time:             Thu 25 May 2023 15:38:24 +0000
ROA not before:           Thu 25 May 2023 15:38:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206022
IP address blocks:        185.198.157.0/24 maxlen: 24
                          185.198.159.0/24 maxlen: 24
                          185.198.156.0/22 maxlen: 24
                          185.198.158.0/23 maxlen: 24
                          2a0a:8b40:fede::/48 maxlen: 48
                          2a0a:8b40::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:53:8f:ab:a8:a0:95:3e:d6:8c:af:05:20:36:c4:ee:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4451e83dae12a371c1dd49db34d9bd52a9688b4a
        Validity
            Not Before: May 25 15:38:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e8ce9317598bda9eb42b61635855fddff4c21f5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:9e:f7:5a:1b:43:d8:45:71:56:d4:76:77:70:
                    af:c5:83:00:e7:7a:7f:90:75:99:ae:8d:aa:15:6c:
                    a4:71:c6:b3:ef:89:9a:b4:1d:15:cb:bd:58:b8:d1:
                    b4:14:1e:4c:35:69:56:83:b2:b0:0b:bf:4b:95:37:
                    7c:65:c8:43:8c:88:12:a8:b1:21:35:c0:90:9a:42:
                    94:42:e0:55:fd:a9:0c:35:40:89:8e:44:ca:3e:ac:
                    b4:32:d8:c3:c4:4f:b4:04:95:74:db:57:34:92:e4:
                    31:4a:80:7d:4d:91:f2:fe:50:7f:c7:0e:fd:4e:3c:
                    0f:bd:a4:5b:aa:58:cd:25:a3:be:3e:50:8f:4d:7a:
                    a6:7e:19:06:3b:7e:a1:a1:46:2c:ed:e9:4c:45:2f:
                    31:57:6b:d0:d9:f7:4c:7f:b6:91:a9:81:3d:e3:92:
                    98:98:b2:87:b5:ed:9b:63:91:90:f8:ec:17:d3:d1:
                    79:9c:94:ae:83:19:e1:4e:aa:6a:41:2f:10:31:37:
                    46:04:c2:6c:15:ee:63:e6:e5:9d:27:e3:da:e6:4e:
                    89:0c:8b:7f:d6:2b:83:bd:f0:ab:ea:01:76:6d:ef:
                    de:db:10:a7:fd:70:77:eb:cf:60:e8:e0:f7:ac:bd:
                    bb:31:5a:58:7a:2d:77:b3:a4:c5:92:db:90:33:d5:
                    4c:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:CE:93:17:59:8B:DA:9E:B4:2B:61:63:58:55:FD:DF:F4:C2:1F:5A
            X509v3 Authority Key Identifier:
                keyid:44:51:E8:3D:AE:12:A3:71:C1:DD:49:DB:34:D9:BD:52:A9:68:8B:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFHoPa4So3HB3UnbNNm9Uqloi0o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/dd8f71-2b36-4fb7-b2d5-f997dbdc3e57/1/6M6TF1mL2p60K2FjWFX93_TCH1o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/dd8f71-2b36-4fb7-b2d5-f997dbdc3e57/1/RFHoPa4So3HB3UnbNNm9Uqloi0o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.198.156.0/22
                IPv6:
                  2a0a:8b40::/29

    Signature Algorithm: sha256WithRSAEncryption
         62:58:31:39:03:52:4c:5e:d0:e7:cb:fb:29:0e:80:d9:d5:f4:
         f8:ad:6a:dc:ce:77:af:5f:b4:24:79:e4:55:c7:40:22:39:49:
         4d:c8:79:79:06:03:a6:3f:fe:7c:15:2c:1b:d4:66:4b:6c:85:
         69:32:3e:5a:42:f5:14:a0:4d:9d:b8:d2:de:a2:65:16:b6:42:
         4c:7f:08:78:66:b4:c7:d8:e5:9b:8c:81:58:5f:96:db:89:ec:
         61:51:f2:c5:5b:fa:e5:ef:d9:a1:a1:73:dc:54:1b:96:ae:fb:
         a2:17:22:f5:56:de:a9:d0:db:e8:63:57:e3:ca:ca:cc:fb:0e:
         87:f1:5d:55:0f:da:5a:4d:a9:06:01:1b:09:63:18:94:00:c8:
         f3:d3:98:8f:0c:68:30:f2:5a:a2:16:2d:ed:6a:8e:23:d4:e4:
         0c:bf:37:59:ce:8d:92:bc:8b:ed:a2:e6:07:75:c6:94:5d:33:
         f7:b5:2d:4f:b5:76:8a:05:92:f5:62:af:bb:4c:9d:b6:d2:c0:
         db:4d:cd:11:96:aa:81:48:d9:1c:58:61:63:cf:f9:1f:5b:90:
         a4:ad:9e:00:c0:23:2a:7b:66:3e:12:c0:4d:99:ca:08:da:87:
         4a:8e:48:5b:41:04:9b:2f:d5:33:8a:7d:3f:a3:51:c4:c5:fb:
         65:f7:fc:2e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYhTj6uooJU+1oyvBSA2xO6nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTFlODNkYWUxMmEzNzFjMWRkNDlkYjM0ZDliZDUyYTk2
ODhiNGEwHhcNMjMwNTI1MTUzODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGNlOTMxNzU5OGJkYTllYjQyYjYxNjM1ODU1ZmRkZmY0YzIxZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJ73WhtD2EVxVtR2d3CvxYMA53p/
kHWZro2qFWykccaz74matB0Vy71YuNG0FB5MNWlWg7KwC79LlTd8ZchDjIgSqLEh
NcCQmkKUQuBV/akMNUCJjkTKPqy0MtjDxE+0BJV021c0kuQxSoB9TZHy/lB/xw79
TjwPvaRbqljNJaO+PlCPTXqmfhkGO36hoUYs7elMRS8xV2vQ2fdMf7aRqYE945KY
mLKHte2bY5GQ+OwX09F5nJSugxnhTqpqQS8QMTdGBMJsFe5j5uWdJ+Pa5k6JDIt/
1iuDvfCr6gF2be/e2xCn/XB3689g6OD3rL27MVpYei13s6TFktuQM9VM0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOjOkxdZi9qetCthY1hV/d/0wh9aMB8GA1UdIwQY
MBaAFERR6D2uEqNxwd1J2zTZvVKpaItKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZIb1BhNFNvM0hCM1VuYk5ObTlVcWxvaTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9kZDhmNzEtMmIzNi00ZmI3LWIyZDUt
Zjk5N2RiZGMzZTU3LzEvNk02VEYxbUwycDYwSzJGaldGWDkzX1RDSDFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9kZDhmNzEtMmIzNi00ZmI3LWIyZDUtZjk5N2RiZGMzZTU3
LzEvUkZIb1BhNFNvM0hCM1VuYk5ObTlVcWxvaTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucacMA0E
AgACMAcDBQMqCotAMA0GCSqGSIb3DQEBCwUAA4IBAQBiWDE5A1JMXtDny/spDoDZ
1fT4rWrcznevX7QkeeRVx0AiOUlNyHl5BgOmP/58FSwb1GZLbIVpMj5aQvUUoE2d
uNLeomUWtkJMfwh4ZrTH2OWbjIFYX5bbiexhUfLFW/rl79mhoXPcVBuWrvuiFyL1
Vt6p0NvoY1fjysrM+w6H8V1VD9paTakGARsJYxiUAMjz05iPDGgw8lqiFi3tao4j
1OQMvzdZzo2SvIvtouYHdcaUXTP3tS1PtXaKBZL1Yq+7TJ220sDbTc0RlqqBSNkc
WGFjz/kfW5CkrZ4AwCMqe2Y+EsBNmcoI2odKjkhbQQSbL9Uzin0/o1HExftl9/wu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:07 2024 by rpki-client on console-ams.rpki-client.org