Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/iC-20cqns_QY6fHefkaNN5t7umU.roa
File:                     iC-20cqns_QY6fHefkaNN5t7umU.roa (raw, json)
Hash identifier:          xvjxHcLPr7Mlo/4NQ3c1u8Rl6Xe3v6A2EIU1n38nyFI=
Subject key identifier:   88:2F:B6:D1:CA:A7:B3:F4:18:E9:F1:DE:7E:46:8D:37:9B:7B:BA:65
Certificate issuer:       /CN=c6c0fdbb65ca491cb83cc085a43e0340596ae873
Certificate serial:       01856CEF50CDCA3835E2B6304713F40873A1
Authority key identifier: C6:C0:FD:BB:65:CA:49:1C:B8:3C:C0:85:A4:3E:03:40:59:6A:E8:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xsD9u2XKSRy4PMCFpD4DQFlq6HM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/iC-20cqns_QY6fHefkaNN5t7umU.roa
Signing time:             Sun 01 Jan 2023 10:45:01 +0000
ROA not before:           Sun 01 Jan 2023 10:45:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31631
IP address blocks:        45.150.140.0/22 maxlen: 22
                          193.178.112.0/23 maxlen: 23
                          185.108.168.0/22 maxlen: 22
                          193.178.54.0/23 maxlen: 23
                          185.205.172.0/22 maxlen: 22
                          2a06:e40::/29 maxlen: 29

Validation:               Failed, certificate revoked on Thu 02 Feb 2023 09:48:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:ef:50:cd:ca:38:35:e2:b6:30:47:13:f4:08:73:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6c0fdbb65ca491cb83cc085a43e0340596ae873
        Validity
            Not Before: Jan  1 10:45:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=882fb6d1caa7b3f418e9f1de7e468d379b7bba65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:c8:3e:53:e5:93:9a:96:b4:d7:b2:a4:3c:66:
                    f1:69:44:04:67:e6:c2:f8:39:80:e7:f9:11:a9:e1:
                    70:dd:2f:d3:65:86:31:dc:51:5c:e0:2e:b5:37:d8:
                    a4:5c:d2:7b:9f:56:58:39:f9:c3:de:7f:cd:e3:ce:
                    2a:c0:32:eb:1d:7e:0e:e6:c3:86:bf:47:1f:cf:f8:
                    b4:55:0b:95:e6:02:fc:1e:83:29:48:bc:e8:22:c1:
                    36:c1:a7:0f:af:d3:9a:1d:68:df:3d:4f:47:df:79:
                    05:e0:63:d3:82:6a:9f:b8:09:3f:64:a9:1e:02:68:
                    47:8d:90:c5:42:7a:3f:c7:34:ed:62:62:a5:cf:61:
                    5d:35:1d:ab:74:36:19:67:ed:3a:1a:cf:99:1f:b0:
                    5c:be:7f:d5:bd:f0:9e:00:04:30:d3:8e:44:37:12:
                    2a:8d:2c:fa:9b:ee:ca:d3:5b:8c:cd:04:e8:52:e2:
                    c0:87:8f:c1:b1:ba:d7:b9:8d:ec:1c:56:4b:5f:59:
                    49:8b:13:43:42:6a:6a:9b:c4:09:85:a9:82:ec:ad:
                    e1:66:b5:ac:3e:16:70:2d:fb:4e:b3:34:d7:2b:e4:
                    19:00:2a:6b:f7:fc:b1:21:15:fc:d5:5e:58:9b:c6:
                    f0:29:a2:86:73:cb:cd:8e:37:35:1e:50:81:35:ef:
                    15:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:2F:B6:D1:CA:A7:B3:F4:18:E9:F1:DE:7E:46:8D:37:9B:7B:BA:65
            X509v3 Authority Key Identifier:
                keyid:C6:C0:FD:BB:65:CA:49:1C:B8:3C:C0:85:A4:3E:03:40:59:6A:E8:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsD9u2XKSRy4PMCFpD4DQFlq6HM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/iC-20cqns_QY6fHefkaNN5t7umU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/xsD9u2XKSRy4PMCFpD4DQFlq6HM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.150.140.0/22
                  185.108.168.0/22
                  185.205.172.0/22
                  193.178.54.0/23
                  193.178.112.0/23
                IPv6:
                  2a06:e40::/29

    Signature Algorithm: sha256WithRSAEncryption
         50:b7:d8:4f:e1:08:9a:23:dd:43:44:b5:e0:ac:6a:f4:60:78:
         71:36:9a:06:c8:c1:6f:5d:28:bd:b3:9a:a9:fc:eb:a5:9f:44:
         3f:57:bf:64:81:30:df:d4:8f:c8:32:b2:16:c5:a2:12:27:88:
         68:bc:4e:43:c2:86:7b:c4:bc:a6:e7:c2:d0:4e:4c:fc:70:c9:
         4e:3a:a9:01:7b:10:0e:06:ec:95:70:07:93:73:6b:55:ea:9d:
         80:a2:cf:7f:ef:24:07:92:28:17:65:86:84:e9:67:c2:20:d6:
         c5:23:fd:a5:93:7d:02:c1:78:f5:a5:fe:b8:b6:a1:e6:2f:dd:
         5c:8b:4d:dc:16:50:48:69:4e:fb:8b:4d:09:3a:17:bc:c0:2f:
         82:e5:8f:e7:d0:c8:ba:d9:c9:ad:05:f7:67:98:e4:e9:a2:ff:
         8c:64:74:13:e0:bf:0e:c1:c0:61:21:b0:03:5c:d0:ed:d5:84:
         90:84:b9:44:10:5d:05:39:17:ca:2c:91:87:f5:e1:35:75:89:
         c9:81:0c:69:3d:96:eb:b4:01:d5:8c:7d:0a:f8:71:0f:43:63:
         29:39:69:79:b8:a5:50:43:a4:6f:5f:4e:70:f6:7a:47:cd:f5:
         a3:4e:45:08:13:2b:08:e4:48:b4:ab:e0:8c:41:9c:17:a4:da:
         57:09:ae:d5
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVs71DNyjg14rYwRxP0CHOhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YzBmZGJiNjVjYTQ5MWNiODNjYzA4NWE0M2UwMzQwNTk2
YWU4NzMwHhcNMjMwMTAxMTA0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODJmYjZkMWNhYTdiM2Y0MThlOWYxZGU3ZTQ2OGQzNzliN2JiYTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8g+U+WTmpa017KkPGbxaUQEZ+bC
+DmA5/kRqeFw3S/TZYYx3FFc4C61N9ikXNJ7n1ZYOfnD3n/N484qwDLrHX4O5sOG
v0cfz/i0VQuV5gL8HoMpSLzoIsE2wacPr9OaHWjfPU9H33kF4GPTgmqfuAk/ZKke
AmhHjZDFQno/xzTtYmKlz2FdNR2rdDYZZ+06Gs+ZH7Bcvn/VvfCeAAQw045ENxIq
jSz6m+7K01uMzQToUuLAh4/BsbrXuY3sHFZLX1lJixNDQmpqm8QJhamC7K3hZrWs
PhZwLftOszTXK+QZACpr9/yxIRX81V5Ym8bwKaKGc8vNjjc1HlCBNe8V8wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIgvttHKp7P0GOnx3n5GjTebe7plMB8GA1UdIwQY
MBaAFMbA/btlykkcuDzAhaQ+A0BZauhzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHNEOXUyWEtTUnk0UE1DRnBENERRRmxxNkhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82NjY5YmItMWY2Mi00MmEzLTllOGQt
NDlhNjU0NTc4NmU2LzEvaUMtMjBjcW5zX1FZNmZIZWZrYU5ONXQ3dW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82NjY5YmItMWY2Mi00MmEzLTllOGQtNDlhNjU0NTc4NmU2
LzEveHNEOXUyWEtTUnk0UE1DRnBENERRRmxxNkhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLZaMAwQC
uWyoAwQCuc2sAwQBwbI2AwQBwbJwMA0EAgACMAcDBQMqBg5AMA0GCSqGSIb3DQEB
CwUAA4IBAQBQt9hP4QiaI91DRLXgrGr0YHhxNpoGyMFvXSi9s5qp/Ouln0Q/V79k
gTDf1I/IMrIWxaISJ4hovE5DwoZ7xLym58LQTkz8cMlOOqkBexAOBuyVcAeTc2tV
6p2Aos9/7yQHkigXZYaE6WfCINbFI/2lk30CwXj1pf64tqHmL91ci03cFlBIaU77
i00JOhe8wC+C5Y/n0Mi62cmtBfdnmOTpov+MZHQT4L8OwcBhIbADXNDt1YSQhLlE
EF0FORfKLJGH9eE1dYnJgQxpPZbrtAHVjH0K+HEPQ2MpOWl5uKVQQ6RvX05w9npH
zfWjTkUIEysI5Ei0q+CMQZwXpNpXCa7V
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:18 2024 by rpki-client on console-ams.rpki-client.org