Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/W6JyyLc0qiQg1i1CzkeUEbMh_sk.roa
File:                     W6JyyLc0qiQg1i1CzkeUEbMh_sk.roa (raw, json)
Hash identifier:          T5c+yGdTG+Z+fmVGm2a910eUXwC/Po+pzWoluM+gBhw=
Subject key identifier:   5B:A2:72:C8:B7:34:AA:24:20:D6:2D:42:CE:47:94:11:B3:21:FE:C9
Certificate issuer:       /CN=89b5fad18dd9110413a31b4d8e18765a27d4c3f1
Certificate serial:       01856F0B5D697A27C7F6076C0D71D1689358
Authority key identifier: 89:B5:FA:D1:8D:D9:11:04:13:A3:1B:4D:8E:18:76:5A:27:D4:C3:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ibX60Y3ZEQQToxtNjhh2WifUw_E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/W6JyyLc0qiQg1i1CzkeUEbMh_sk.roa
Signing time:             Sun 01 Jan 2023 20:34:53 +0000
ROA not before:           Sun 01 Jan 2023 20:34:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62451
IP address blocks:        185.35.152.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:31:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:0b:5d:69:7a:27:c7:f6:07:6c:0d:71:d1:68:93:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89b5fad18dd9110413a31b4d8e18765a27d4c3f1
        Validity
            Not Before: Jan  1 20:34:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5ba272c8b734aa2420d62d42ce479411b321fec9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:08:94:8c:35:c6:39:cc:8d:50:76:db:fc:45:
                    52:1c:ce:34:25:79:06:d4:82:2b:5e:bc:3e:58:4e:
                    23:7e:d5:f4:ba:d4:5f:2e:3f:0b:77:1c:6e:cd:d2:
                    c0:67:53:9b:35:99:eb:90:0c:d0:5b:3f:90:d9:81:
                    3e:c0:23:56:cb:6c:5e:bb:cd:1e:92:4b:13:22:cd:
                    3b:ac:91:e3:fe:08:73:df:66:30:3e:ba:33:bc:13:
                    52:56:4a:fd:8e:fc:46:49:59:97:aa:50:fc:2c:39:
                    63:29:59:aa:5c:88:58:32:d8:16:63:fc:53:c6:14:
                    a0:b0:c7:93:98:d6:27:b8:89:42:e1:20:63:bf:32:
                    fe:65:cb:66:4e:5c:da:7c:2c:34:4f:e9:b2:8a:25:
                    7d:1c:d4:95:34:16:98:bb:fc:ef:d5:1a:03:67:db:
                    c5:5f:43:73:f7:e2:1d:58:8b:1e:92:a2:57:0b:a4:
                    ff:25:ef:8f:ce:5e:ea:0e:e3:82:9a:41:c2:18:79:
                    e7:3c:72:66:af:e1:8b:6e:a4:fa:a4:54:7b:47:f4:
                    d0:aa:bc:d9:72:3b:e6:e7:24:a9:db:6a:d7:37:41:
                    31:0b:f0:61:98:1b:6f:3f:a6:a1:13:45:d5:c7:a7:
                    13:d8:71:fe:cc:e5:51:09:63:9e:31:99:f5:14:a9:
                    15:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:A2:72:C8:B7:34:AA:24:20:D6:2D:42:CE:47:94:11:B3:21:FE:C9
            X509v3 Authority Key Identifier:
                keyid:89:B5:FA:D1:8D:D9:11:04:13:A3:1B:4D:8E:18:76:5A:27:D4:C3:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibX60Y3ZEQQToxtNjhh2WifUw_E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/W6JyyLc0qiQg1i1CzkeUEbMh_sk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/ibX60Y3ZEQQToxtNjhh2WifUw_E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.35.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6b:4a:e1:5f:94:f7:f2:16:02:fe:e0:65:d0:a4:19:c8:c7:06:
         0f:6f:71:2c:2d:df:a1:df:d4:b4:ed:cf:42:be:ad:25:b6:b3:
         2d:4b:54:0e:b9:f1:19:97:4e:0d:c3:bf:d8:df:ed:28:ea:2d:
         43:9d:b3:f2:9c:a1:f4:d6:1e:f0:7a:3b:16:0b:b5:db:9e:72:
         ab:91:7c:65:46:d6:28:5a:06:27:31:f5:c3:42:bc:a7:75:ce:
         ec:e0:98:51:04:e4:26:27:5c:aa:53:ed:2b:8f:06:47:6b:97:
         cc:ca:8c:fa:9c:d5:6e:9f:29:ad:59:b1:c7:8a:73:db:cf:2e:
         54:ac:da:70:c9:4e:ff:25:a2:ee:f7:6a:15:44:34:9f:31:59:
         cb:10:b2:2d:74:e9:f1:94:79:a8:bf:02:8c:67:57:c4:75:48:
         63:eb:d3:80:96:30:ea:17:85:b5:d3:43:a3:fc:57:65:83:b7:
         8a:bb:98:d1:e1:fa:74:c5:6b:03:f4:4e:b4:22:4d:fa:ea:eb:
         bd:c7:df:fd:75:9e:a7:0c:eb:0b:b0:fa:82:57:a8:6f:ff:dd:
         ca:70:3c:04:ca:06:f0:50:fa:48:3a:45:63:40:5d:8b:9c:09:
         c4:96:82:dd:2d:d2:d6:0c:5f:aa:db:10:aa:6c:5c:48:6a:bb:
         f6:ad:aa:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvC11peifH9gdsDXHRaJNYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YjVmYWQxOGRkOTExMDQxM2EzMWI0ZDhlMTg3NjVhMjdk
NGMzZjEwHhcNMjMwMTAxMjAzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmEyNzJjOGI3MzRhYTI0MjBkNjJkNDJjZTQ3OTQxMWIzMjFmZWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQiUjDXGOcyNUHbb/EVSHM40JXkG
1IIrXrw+WE4jftX0utRfLj8LdxxuzdLAZ1ObNZnrkAzQWz+Q2YE+wCNWy2xeu80e
kksTIs07rJHj/ghz32YwProzvBNSVkr9jvxGSVmXqlD8LDljKVmqXIhYMtgWY/xT
xhSgsMeTmNYnuIlC4SBjvzL+ZctmTlzafCw0T+myiiV9HNSVNBaYu/zv1RoDZ9vF
X0Nz9+IdWIsekqJXC6T/Je+Pzl7qDuOCmkHCGHnnPHJmr+GLbqT6pFR7R/TQqrzZ
cjvm5ySp22rXN0ExC/BhmBtvP6ahE0XVx6cT2HH+zOVRCWOeMZn1FKkVjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFuicsi3NKokINYtQs5HlBGzIf7JMB8GA1UdIwQY
MBaAFIm1+tGN2REEE6MbTY4Ydlon1MPxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWJYNjBZM1pFUVFUb3h0TmpoaDJXaWZVd19FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85MDFhZDItNmM2Yy00M2M2LWEyODAt
NDI1MGNlNTUxN2Q5LzEvVzZKeXlMYzBxaVFnMWkxQ3prZVVFYk1oX3NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85MDFhZDItNmM2Yy00M2M2LWEyODAtNDI1MGNlNTUxN2Q5
LzEvaWJYNjBZM1pFUVFUb3h0TmpoaDJXaWZVd19FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSOYMA0G
CSqGSIb3DQEBCwUAA4IBAQBrSuFflPfyFgL+4GXQpBnIxwYPb3EsLd+h39S07c9C
vq0ltrMtS1QOufEZl04Nw7/Y3+0o6i1DnbPynKH01h7wejsWC7XbnnKrkXxlRtYo
WgYnMfXDQryndc7s4JhRBOQmJ1yqU+0rjwZHa5fMyoz6nNVunymtWbHHinPbzy5U
rNpwyU7/JaLu92oVRDSfMVnLELItdOnxlHmovwKMZ1fEdUhj69OAljDqF4W100Oj
/Fdlg7eKu5jR4fp0xWsD9E60Ik366uu9x9/9dZ6nDOsLsPqCV6hv/93KcDwEygbw
UPpIOkVjQF2LnAnEloLdLdLWDF+q2xCqbFxIarv2rao2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:09 2024 by rpki-client on console-ams.rpki-client.org