Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/SDB8D5_gfzqVBZ_2NItoRLKXLEM.roa
File:                     SDB8D5_gfzqVBZ_2NItoRLKXLEM.roa (raw, json)
Hash identifier:          XbPKWWLtJWCTjbAJrhAUcnCWrcRe+TLWSFQUBknnOps=
Subject key identifier:   48:30:7C:0F:9F:E0:7F:3A:95:05:9F:F6:34:8B:68:44:B2:97:2C:43
Certificate issuer:       /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial:       01856FF9665C17E53465966CA1A722BA1B45
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/SDB8D5_gfzqVBZ_2NItoRLKXLEM.roa
Signing time:             Mon 02 Jan 2023 00:54:53 +0000
ROA not before:           Mon 02 Jan 2023 00:54:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207710
IP address blocks:        85.28.59.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f9:66:5c:17:e5:34:65:96:6c:a1:a7:22:ba:1b:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
        Validity
            Not Before: Jan  2 00:54:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=48307c0f9fe07f3a95059ff6348b6844b2972c43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:31:36:80:00:f0:5e:93:81:d8:ab:7c:93:b4:
                    61:7c:7f:88:22:4f:3c:99:70:3a:29:90:ad:6c:01:
                    a1:5d:e9:e5:84:6c:3a:43:96:c4:c0:83:90:9f:75:
                    94:63:6d:94:31:da:b1:08:b3:03:0d:d4:1f:62:25:
                    0f:56:dd:16:ba:e5:ee:b2:6e:13:a4:a3:da:ba:c2:
                    db:70:de:28:e6:f2:fd:b6:cd:d4:8f:a5:aa:06:23:
                    e9:4c:89:ac:30:98:4a:10:3b:6e:a8:ec:03:48:e1:
                    0b:6f:aa:aa:86:32:08:e3:1f:ea:98:ad:19:06:ec:
                    2a:c0:72:31:ed:13:4e:f9:cf:77:d4:bc:5e:f4:b5:
                    4b:6a:6d:b5:a9:1d:54:68:0a:33:06:a3:12:73:98:
                    de:36:56:37:4e:f9:fd:af:61:e1:4b:bc:15:86:ce:
                    71:cc:8f:85:19:7a:04:48:bd:98:4c:a5:23:f6:31:
                    ca:c6:8b:93:25:01:35:e0:2c:db:a7:bd:4a:80:8f:
                    51:02:07:25:23:41:11:1f:f4:45:89:a9:2f:ef:c5:
                    09:44:44:f4:ca:66:ff:e6:48:2c:2c:73:36:43:21:
                    10:0f:25:60:2f:c9:1c:31:56:25:3d:f3:e0:2c:72:
                    e1:99:73:46:32:0e:2f:e5:11:dc:4c:e6:aa:82:95:
                    90:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:30:7C:0F:9F:E0:7F:3A:95:05:9F:F6:34:8B:68:44:B2:97:2C:43
            X509v3 Authority Key Identifier:
                keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/SDB8D5_gfzqVBZ_2NItoRLKXLEM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.28.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:a5:fa:90:42:d8:a4:d3:a5:16:d3:0a:ef:d4:47:39:04:4f:
         05:7f:8b:96:91:fd:00:86:97:fb:a6:dd:ad:57:37:a3:42:4b:
         50:ec:2b:16:b0:99:c7:cc:c7:1a:01:76:f8:4f:bf:17:e0:d4:
         e3:bc:db:eb:18:64:74:76:67:32:93:cb:fe:50:00:d6:e2:2d:
         ee:8e:9f:01:fd:63:4f:7e:99:0b:06:7c:2f:60:d4:ea:85:f2:
         1f:94:9a:c7:cc:ed:dd:b7:d3:ea:b8:00:d5:ca:4a:d9:dc:12:
         66:55:fd:e0:9c:9a:52:dd:88:70:fb:f8:09:41:c5:76:2c:21:
         58:8a:49:bd:41:0c:c0:5e:18:66:93:be:8f:f9:a8:ef:8f:0f:
         9c:d6:93:fe:f6:e6:0f:36:a5:8a:40:b2:d1:7d:2f:45:9f:31:
         f7:0e:b5:0e:97:c2:7f:9f:de:05:64:26:7c:f8:29:bc:46:68:
         27:99:c5:e7:6d:31:d7:7a:1d:28:ce:77:10:b3:f0:b1:ad:a0:
         f8:ce:d7:cd:c2:6d:57:cd:6f:71:8f:7d:6f:4f:d5:1d:f8:5e:
         d0:2d:08:30:82:03:c6:40:a7:6e:df:28:b6:69:d3:01:62:de:
         6e:19:7e:57:1d:dc:72:a5:0c:74:67:ae:3d:1e:bc:3e:66:e1:
         f3:e8:82:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+WZcF+U0ZZZsoaciuhtFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2
NTg4MWEwHhcNMjMwMTAyMDA1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODMwN2MwZjlmZTA3ZjNhOTUwNTlmZjYzNDhiNjg0NGIyOTcyYzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDE2gADwXpOB2Kt8k7RhfH+IIk88
mXA6KZCtbAGhXenlhGw6Q5bEwIOQn3WUY22UMdqxCLMDDdQfYiUPVt0WuuXusm4T
pKPausLbcN4o5vL9ts3Uj6WqBiPpTImsMJhKEDtuqOwDSOELb6qqhjII4x/qmK0Z
BuwqwHIx7RNO+c931Lxe9LVLam21qR1UaAozBqMSc5jeNlY3Tvn9r2HhS7wVhs5x
zI+FGXoESL2YTKUj9jHKxouTJQE14Czbp71KgI9RAgclI0ERH/RFiakv78UJRET0
ymb/5kgsLHM2QyEQDyVgL8kcMVYlPfPgLHLhmXNGMg4v5RHcTOaqgpWQkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEgwfA+f4H86lQWf9jSLaESylyxDMB8GA1UdIwQY
MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct
ZmViYjY0YjVlMTY0LzEvU0RCOEQ1X2dmenFWQlpfMk5JdG9STEtYTEVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0
LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVRw7MA0G
CSqGSIb3DQEBCwUAA4IBAQAtpfqQQtik06UW0wrv1Ec5BE8Ff4uWkf0Ahpf7pt2t
VzejQktQ7CsWsJnHzMcaAXb4T78X4NTjvNvrGGR0dmcyk8v+UADW4i3ujp8B/WNP
fpkLBnwvYNTqhfIflJrHzO3dt9PquADVykrZ3BJmVf3gnJpS3Yhw+/gJQcV2LCFY
ikm9QQzAXhhmk76P+ajvjw+c1pP+9uYPNqWKQLLRfS9FnzH3DrUOl8J/n94FZCZ8
+Cm8RmgnmcXnbTHXeh0ozncQs/CxraD4ztfNwm1XzW9xj31vT9Ud+F7QLQgwggPG
QKdu3yi2adMBYt5uGX5XHdxypQx0Z649Hrw+ZuHz6IJ3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:55 2024 by rpki-client on console-fra.rpki-client.org