Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/DQTPvzvk5KdY1BXGF0CuaWalonM.roa
File:                     DQTPvzvk5KdY1BXGF0CuaWalonM.roa (raw, json)
Hash identifier:          zVi1EtzHZWuhT67FSz6ZdOeElBktPKZeJUeZO6JrNu4=
Subject key identifier:   0D:04:CF:BF:3B:E4:E4:A7:58:D4:15:C6:17:40:AE:69:66:A5:A2:73
Certificate issuer:       /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial:       018AF9BEF3178D4DE94654411A4A96103BEB
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/DQTPvzvk5KdY1BXGF0CuaWalonM.roa
Signing time:             Wed 04 Oct 2023 08:12:35 +0000
ROA not before:           Wed 04 Oct 2023 08:12:35 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     54339
IP address blocks:        85.28.61.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 09 Oct 2023 10:26:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:f9:be:f3:17:8d:4d:e9:46:54:41:1a:4a:96:10:3b:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
        Validity
            Not Before: Oct  4 08:12:35 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0d04cfbf3be4e4a758d415c61740ae6966a5a273
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:02:ba:af:ee:2a:ee:6f:7d:ac:31:d6:45:e2:
                    b2:eb:4b:14:1c:83:ac:34:42:c6:b7:5e:bb:09:9d:
                    68:77:7f:11:6e:8f:29:78:b7:8e:fa:7c:e3:5c:f4:
                    d0:6c:89:01:ec:70:b4:d3:27:9e:53:0b:a4:8d:43:
                    e5:aa:15:e7:37:1d:cb:13:d5:d6:e7:e7:23:8a:7a:
                    15:9f:4a:36:aa:12:14:22:ec:2a:a3:50:20:f7:27:
                    2b:dd:0c:14:4a:5f:62:59:7f:7b:f2:92:57:d4:8d:
                    bb:4d:a0:43:40:c7:97:6a:4f:d8:5f:f7:4a:21:63:
                    4a:8e:ef:0f:cf:c3:d4:25:db:ad:e2:a2:db:22:be:
                    cd:57:c0:7f:4f:ce:a6:dd:28:90:f5:ba:91:ce:40:
                    24:f8:c3:87:69:6c:ef:68:e1:77:5e:06:aa:49:5a:
                    6b:dc:2d:f7:3b:41:16:33:ae:24:9d:b7:9b:2e:75:
                    88:1e:5e:f9:da:6f:60:0b:bc:e4:d0:e7:be:ca:5d:
                    2d:61:36:12:fa:b5:7d:1a:b1:cd:2d:4c:6c:35:72:
                    ef:32:8a:0a:93:db:df:ce:c6:5e:40:c1:e7:a9:e0:
                    eb:dc:2d:23:ee:ca:8d:4c:7a:c5:06:61:a0:49:e6:
                    e2:8d:e4:be:16:25:38:dd:15:03:69:e7:1a:ea:f5:
                    24:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:04:CF:BF:3B:E4:E4:A7:58:D4:15:C6:17:40:AE:69:66:A5:A2:73
            X509v3 Authority Key Identifier:
                keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/DQTPvzvk5KdY1BXGF0CuaWalonM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.28.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:21:38:8d:16:8c:13:00:29:a4:45:fc:ee:89:b3:72:6e:4f:
         d4:7a:34:03:a5:01:36:72:a7:1d:47:a5:a3:38:ea:bc:ce:be:
         36:78:c2:96:56:2b:e5:0a:d1:aa:c6:bd:94:c8:60:94:b9:62:
         c4:13:ad:3f:44:31:ee:d2:fc:62:7f:40:4f:95:01:c3:85:c6:
         bc:1f:5e:ff:19:b5:70:d1:9b:e0:7a:fd:ec:49:f0:78:cc:59:
         1e:f5:d8:51:b1:68:c4:58:1d:70:76:24:b3:7e:78:f2:cf:fc:
         a5:e2:ce:97:78:21:90:97:51:3c:3d:ef:f7:bd:e8:58:56:9b:
         d9:c3:91:c8:81:c1:10:a9:b0:c9:57:b3:f1:10:f6:1a:e8:7a:
         a6:b4:f2:a1:34:37:6a:3e:bd:d0:ad:66:f7:ab:97:35:55:63:
         0d:ab:c6:d9:6a:56:9a:51:90:42:07:92:93:f1:27:46:f5:13:
         2e:39:46:92:e6:0a:10:f9:af:99:df:27:34:46:8a:ea:9c:88:
         ca:05:87:d1:40:5e:a5:89:11:29:97:9b:75:89:9a:d6:8e:b0:
         7d:7c:cb:7a:3f:61:aa:1a:00:eb:f4:f6:e4:ce:46:87:76:e6:
         64:42:0e:f6:48:e8:62:72:19:eb:25:a1:98:7d:05:22:ab:6e:
         bd:ce:f2:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr5vvMXjU3pRlRBGkqWEDvrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2
NTg4MWEwHhcNMjMxMDA0MDgxMjM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDA0Y2ZiZjNiZTRlNGE3NThkNDE1YzYxNzQwYWU2OTY2YTVhMjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgK6r+4q7m99rDHWReKy60sUHIOs
NELGt167CZ1od38Rbo8peLeO+nzjXPTQbIkB7HC00yeeUwukjUPlqhXnNx3LE9XW
5+cjinoVn0o2qhIUIuwqo1Ag9ycr3QwUSl9iWX978pJX1I27TaBDQMeXak/YX/dK
IWNKju8Pz8PUJdut4qLbIr7NV8B/T86m3SiQ9bqRzkAk+MOHaWzvaOF3XgaqSVpr
3C33O0EWM64knbebLnWIHl752m9gC7zk0Oe+yl0tYTYS+rV9GrHNLUxsNXLvMooK
k9vfzsZeQMHnqeDr3C0j7sqNTHrFBmGgSebijeS+FiU43RUDaeca6vUkUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA0Ez7875OSnWNQVxhdArmlmpaJzMB8GA1UdIwQY
MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct
ZmViYjY0YjVlMTY0LzEvRFFUUHZ6dms1S2RZMUJYR0YwQ3VhV2Fsb25NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0
LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVRw9MA0G
CSqGSIb3DQEBCwUAA4IBAQBIITiNFowTACmkRfzuibNybk/UejQDpQE2cqcdR6Wj
OOq8zr42eMKWVivlCtGqxr2UyGCUuWLEE60/RDHu0vxif0BPlQHDhca8H17/GbVw
0Zvgev3sSfB4zFke9dhRsWjEWB1wdiSzfnjyz/yl4s6XeCGQl1E8Pe/3vehYVpvZ
w5HIgcEQqbDJV7PxEPYa6HqmtPKhNDdqPr3QrWb3q5c1VWMNq8bZalaaUZBCB5KT
8SdG9RMuOUaS5goQ+a+Z3yc0RorqnIjKBYfRQF6liREpl5t1iZrWjrB9fMt6P2Gq
GgDr9PbkzkaHduZkQg72SOhichnrJaGYfQUiq269zvJ4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:57 2024 by rpki-client on console-ams.rpki-client.org