Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/RwYBYIuBImp1O_3bITCKvN8cmmc.roa
File:                     RwYBYIuBImp1O_3bITCKvN8cmmc.roa (raw, json)
Hash identifier:          6vUrU2DYzyZHNjEIC0rSQz/bgtQUCHVKFjAZbAO91yk=
Subject key identifier:   47:06:01:60:8B:81:22:6A:75:3B:FD:DB:21:30:8A:BC:DF:1C:9A:67
Certificate issuer:       /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial:       0187760C2A78E66E42172771D7476D3DDE45
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/RwYBYIuBImp1O_3bITCKvN8cmmc.roa
Signing time:             Wed 12 Apr 2023 15:18:41 +0000
ROA not before:           Wed 12 Apr 2023 15:18:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209372
IP address blocks:        85.28.57.0/24 maxlen: 24
                          85.28.58.0/24 maxlen: 24
                          85.28.56.0/24 maxlen: 24
                          85.28.59.0/24 maxlen: 24
                          85.28.60.0/24 maxlen: 24
                          85.28.60.0/22 maxlen: 22
                          109.238.205.0/24 maxlen: 24
                          109.238.200.0/24 maxlen: 24
                          109.238.203.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 16 Jun 2023 09:15:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:76:0c:2a:78:e6:6e:42:17:27:71:d7:47:6d:3d:de:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
        Validity
            Not Before: Apr 12 15:18:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=470601608b81226a753bfddb21308abcdf1c9a67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:cb:cd:34:dd:c3:9b:fc:2b:c3:f6:6c:d4:6f:
                    a3:70:27:45:cf:58:10:84:59:70:8b:34:bb:9a:f7:
                    5e:4b:d4:32:88:67:70:81:e5:cb:7d:b9:94:bc:ee:
                    8f:e3:4d:74:c5:3b:b8:52:16:84:b8:42:77:74:e5:
                    c1:73:2f:94:97:cf:87:3e:36:ab:43:3f:4d:30:20:
                    06:5b:52:81:fa:35:be:24:83:ec:a2:3e:ed:be:e7:
                    d2:84:49:46:fd:12:29:f8:19:b8:0d:16:67:1b:d5:
                    2f:0e:31:4f:0f:5e:c7:13:03:b1:d8:d0:b9:c4:a4:
                    58:e2:c2:8a:1f:5b:e8:1b:de:60:63:d1:3f:72:ed:
                    58:46:55:30:7b:2e:45:0c:bd:a2:b2:6c:c4:93:7c:
                    45:cf:30:a0:e8:bf:e6:76:6f:0c:32:6c:73:a0:36:
                    f0:cd:70:ff:32:9d:cc:a6:42:56:b7:5a:64:25:4f:
                    66:bd:37:26:a0:19:4f:a4:c8:cd:65:6c:1e:07:82:
                    dc:49:bb:b6:61:59:d6:ac:41:f6:03:6a:4d:2a:98:
                    e6:77:e9:1c:fa:3c:60:b3:ea:c2:b0:fc:bb:71:d9:
                    36:ff:83:b4:37:a9:12:cd:7d:56:a8:2c:fa:17:f0:
                    1f:a3:24:09:de:8c:03:f3:14:81:86:25:d9:b8:7d:
                    81:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:06:01:60:8B:81:22:6A:75:3B:FD:DB:21:30:8A:BC:DF:1C:9A:67
            X509v3 Authority Key Identifier:
                keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/RwYBYIuBImp1O_3bITCKvN8cmmc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.28.56.0/21
                  109.238.200.0/24
                  109.238.203.0/24
                  109.238.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:bb:1e:f3:20:27:93:02:67:53:0d:6f:ce:cf:2a:b3:10:ec:
         07:0f:20:75:8b:ee:33:a0:31:15:6c:4f:14:86:dc:dc:e9:49:
         81:9e:a8:76:8b:e0:0b:a8:84:c8:38:47:ff:aa:b9:f6:3e:b3:
         d7:97:fe:f6:eb:2f:36:3b:2f:68:72:6a:06:77:c7:e7:75:0f:
         fb:f5:c1:d6:85:25:77:7c:07:1d:73:97:31:eb:b0:6c:e1:7a:
         f1:94:67:fa:a9:77:cf:91:f5:c7:dc:5e:3b:5c:52:a1:da:4f:
         82:eb:aa:c9:a6:4a:eb:8f:6e:d5:72:6e:4b:7c:90:aa:88:31:
         d1:57:53:b2:ed:49:46:fa:9c:07:b8:75:e5:5e:68:75:73:2a:
         56:5d:89:62:b3:fb:8a:b3:36:23:cd:90:ed:60:45:46:7d:7d:
         30:6b:68:8b:79:7c:d8:ee:cf:55:d7:04:9d:a9:d9:75:d6:59:
         ce:d1:48:5e:ab:2e:c3:18:df:6e:2d:9c:5c:4c:18:2f:32:c3:
         78:05:83:0e:cd:1c:58:07:ba:2f:a5:d5:76:31:c5:47:43:1a:
         55:ca:94:2c:b2:75:0e:0a:12:c2:ed:b2:f7:90:c8:63:25:59:
         03:51:84:ab:91:52:75:6e:f9:0b:fe:3d:01:9f:57:0a:68:fc:
         c5:eb:80:2e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYd2DCp45m5CFydx10dtPd5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2
NTg4MWEwHhcNMjMwNDEyMTUxODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzA2MDE2MDhiODEyMjZhNzUzYmZkZGIyMTMwOGFiY2RmMWM5YTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4MvNNN3Dm/wrw/Zs1G+jcCdFz1gQ
hFlwizS7mvdeS9QyiGdwgeXLfbmUvO6P4010xTu4UhaEuEJ3dOXBcy+Ul8+HPjar
Qz9NMCAGW1KB+jW+JIPsoj7tvufShElG/RIp+Bm4DRZnG9UvDjFPD17HEwOx2NC5
xKRY4sKKH1voG95gY9E/cu1YRlUwey5FDL2ismzEk3xFzzCg6L/mdm8MMmxzoDbw
zXD/Mp3MpkJWt1pkJU9mvTcmoBlPpMjNZWweB4LcSbu2YVnWrEH2A2pNKpjmd+kc
+jxgs+rCsPy7cdk2/4O0N6kSzX1WqCz6F/AfoyQJ3owD8xSBhiXZuH2B4QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEcGAWCLgSJqdTv92yEwirzfHJpnMB8GA1UdIwQY
MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct
ZmViYjY0YjVlMTY0LzEvUndZQllJdUJJbXAxT18zYklUQ0t2TjhjbW1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0
LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDVRw4AwQA
be7IAwQAbe7LAwQAbe7NMA0GCSqGSIb3DQEBCwUAA4IBAQB0ux7zICeTAmdTDW/O
zyqzEOwHDyB1i+4zoDEVbE8Uhtzc6UmBnqh2i+ALqITIOEf/qrn2PrPXl/726y82
Oy9ocmoGd8fndQ/79cHWhSV3fAcdc5cx67Bs4XrxlGf6qXfPkfXH3F47XFKh2k+C
66rJpkrrj27Vcm5LfJCqiDHRV1Oy7UlG+pwHuHXlXmh1cypWXYlis/uKszYjzZDt
YEVGfX0wa2iLeXzY7s9V1wSdqdl11lnO0Uheqy7DGN9uLZxcTBgvMsN4BYMOzRxY
B7ovpdV2McVHQxpVypQssnUOChLC7bL3kMhjJVkDUYSrkVJ1bvkL/j0Bn1cKaPzF
64Au
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:55 2024 by rpki-client on console-fra.rpki-client.org