Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/XfIyb52X4MQMhA6npCk_FiKd9dY.roa
File:                     XfIyb52X4MQMhA6npCk_FiKd9dY.roa (raw, json)
Hash identifier:          /F4Z1KhlUOInw3GP+BS45xnDlGHiHJOh+MHtM6CIwFw=
Subject key identifier:   5D:F2:32:6F:9D:97:E0:C4:0C:84:0E:A7:A4:29:3F:16:22:9D:F5:D6
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       0185EA798F47D91EC1EC1CBF94C9F1BD753B
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/XfIyb52X4MQMhA6npCk_FiKd9dY.roa
Signing time:             Wed 25 Jan 2023 19:48:33 +0000
ROA not before:           Wed 25 Jan 2023 19:48:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        85.208.106.0/24 maxlen: 24
                          85.208.107.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 25 Feb 2023 08:06:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:ea:79:8f:47:d9:1e:c1:ec:1c:bf:94:c9:f1:bd:75:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Jan 25 19:48:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5df2326f9d97e0c40c840ea7a4293f16229df5d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:18:41:65:2d:12:0f:63:4b:a2:fb:df:4b:22:
                    3c:4c:e0:5a:20:99:57:77:c0:86:0e:46:46:2e:c6:
                    19:58:5a:f7:17:a9:13:ba:26:ac:49:71:4d:9d:22:
                    2c:af:45:1a:e2:a2:61:46:e4:a4:00:60:ca:cb:ae:
                    18:c0:7a:b6:9b:5b:3c:25:6d:a1:f2:34:62:1b:2a:
                    14:64:96:cd:68:4b:c7:cb:08:87:2d:c0:f4:42:34:
                    e1:9d:ec:ee:c0:41:79:ee:99:f9:47:c0:08:21:4d:
                    92:5d:5b:40:f3:03:a0:4e:98:fd:83:87:77:92:9d:
                    71:52:67:2b:f8:18:36:a7:20:98:6b:fd:31:c7:6e:
                    c1:db:a9:79:6a:94:98:58:8a:ee:b6:91:8b:6b:3c:
                    4b:d1:9d:a0:8e:9e:71:3a:45:f6:85:ae:c2:32:c7:
                    ea:82:a5:6c:8a:e7:32:8a:31:9e:33:fe:7c:ea:63:
                    6d:e6:88:30:77:a6:e2:d8:30:dc:dd:f3:da:1e:59:
                    51:a1:81:85:a8:2d:7b:f1:df:e6:4a:cc:c9:58:55:
                    de:d9:f2:d2:d8:9c:bd:e6:80:0a:64:f0:60:9d:de:
                    22:91:5f:82:f7:f8:79:54:77:b3:e5:05:db:53:c9:
                    7d:a4:e6:05:7d:48:6c:32:d0:46:4e:d5:cf:1a:e8:
                    54:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:F2:32:6F:9D:97:E0:C4:0C:84:0E:A7:A4:29:3F:16:22:9D:F5:D6
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/XfIyb52X4MQMhA6npCk_FiKd9dY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.208.106.0/23

    Signature Algorithm: sha256WithRSAEncryption
         54:34:5d:ee:e1:9b:fa:66:b4:21:8b:2d:74:ea:23:68:bb:1e:
         07:57:23:c0:96:7c:a4:a3:37:10:97:9c:4b:4b:3d:dd:59:86:
         36:38:06:87:ee:d0:4b:69:a3:3c:1a:cb:ef:f7:db:50:d1:cb:
         57:b9:83:37:46:20:e9:57:02:7e:56:22:ba:0f:ed:76:89:46:
         f2:91:b7:9c:b2:42:29:b2:2a:01:ca:5f:b2:52:9a:be:70:7e:
         a9:a6:03:b7:d8:37:2c:4d:12:4e:a0:68:69:dc:dc:5e:4d:8b:
         9d:63:5c:e8:c8:61:7a:55:e7:dd:c2:45:7e:18:71:75:62:8a:
         f1:2c:9c:cb:87:51:94:81:0a:c1:c0:7e:f5:b4:14:ac:99:79:
         6c:fb:d7:1a:ee:89:db:7d:bd:9c:f0:69:9e:86:ee:d7:ec:4b:
         55:2e:60:f1:b9:5c:50:33:d1:71:5f:75:34:33:80:23:65:5a:
         a1:e9:63:b0:56:e6:58:9b:3d:41:64:94:94:94:ba:9b:23:c6:
         e1:bc:c8:46:f8:0e:8b:35:97:01:26:db:44:ea:41:b0:0d:57:
         27:42:4c:44:73:b2:8d:80:cb:5a:94:5b:c7:e9:f6:11:6c:44:
         d6:80:fe:5b:8b:73:3e:25:b9:89:80:2c:83:0e:9a:6d:c8:a7:
         c4:63:72:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXqeY9H2R7B7By/lMnxvXU7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwMTI1MTk0ODMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGYyMzI2ZjlkOTdlMGM0MGM4NDBlYTdhNDI5M2YxNjIyOWRmNWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRhBZS0SD2NLovvfSyI8TOBaIJlX
d8CGDkZGLsYZWFr3F6kTuiasSXFNnSIsr0Ua4qJhRuSkAGDKy64YwHq2m1s8JW2h
8jRiGyoUZJbNaEvHywiHLcD0QjThnezuwEF57pn5R8AIIU2SXVtA8wOgTpj9g4d3
kp1xUmcr+Bg2pyCYa/0xx27B26l5apSYWIrutpGLazxL0Z2gjp5xOkX2ha7CMsfq
gqVsiucyijGeM/586mNt5ogwd6bi2DDc3fPaHllRoYGFqC178d/mSszJWFXe2fLS
2Jy95oAKZPBgnd4ikV+C9/h5VHez5QXbU8l9pOYFfUhsMtBGTtXPGuhUAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF3yMm+dl+DEDIQOp6QpPxYinfXWMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvWGZJeWI1Mlg0TVFNaEE2bnBDa19GaUtkOWRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVdBqMA0G
CSqGSIb3DQEBCwUAA4IBAQBUNF3u4Zv6ZrQhiy106iNoux4HVyPAlnykozcQl5xL
Sz3dWYY2OAaH7tBLaaM8Gsvv99tQ0ctXuYM3RiDpVwJ+ViK6D+12iUbykbecskIp
sioByl+yUpq+cH6ppgO32DcsTRJOoGhp3NxeTYudY1zoyGF6VefdwkV+GHF1Yorx
LJzLh1GUgQrBwH71tBSsmXls+9ca7onbfb2c8Gmehu7X7EtVLmDxuVxQM9FxX3U0
M4AjZVqh6WOwVuZYmz1BZJSUlLqbI8bhvMhG+A6LNZcBJttE6kGwDVcnQkxEc7KN
gMtalFvH6fYRbETWgP5bi3M+JbmJgCyDDpptyKfEY3Jf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:20 2024 by rpki-client on console-ams.rpki-client.org