Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/Cqq8zSFwbws5trFXnwsaIhWmXZo.roa
File:                     Cqq8zSFwbws5trFXnwsaIhWmXZo.roa (raw, json)
Hash identifier:          ioeO1hp/yx3/O89aOTQbYrb9w+8HMdAgYjLL+BSI3SQ=
Subject key identifier:   0A:AA:BC:CD:21:70:6F:0B:39:B6:B1:57:9F:0B:1A:22:15:A6:5D:9A
Certificate issuer:       /CN=5806da5a59251275ceb18694e17415352aedd6aa
Certificate serial:       01856F66CC95429BE6CBCD2C80AF8862C6FD
Authority key identifier: 58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/Cqq8zSFwbws5trFXnwsaIhWmXZo.roa
Signing time:             Sun 01 Jan 2023 22:14:46 +0000
ROA not before:           Sun 01 Jan 2023 22:14:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62240
IP address blocks:        185.255.196.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 17 Feb 2023 14:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:66:cc:95:42:9b:e6:cb:cd:2c:80:af:88:62:c6:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5806da5a59251275ceb18694e17415352aedd6aa
        Validity
            Not Before: Jan  1 22:14:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0aaabccd21706f0b39b6b1579f0b1a2215a65d9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:00:da:1c:9b:3a:9e:9e:f5:9b:3b:8f:6a:5d:
                    49:8d:9c:59:9f:60:a2:71:8a:30:8d:3e:35:72:3d:
                    fe:f9:89:ae:21:5f:5b:5a:4e:bc:6e:ef:71:96:79:
                    fa:c3:1c:bc:ed:da:61:ce:a7:72:d6:8b:bb:37:05:
                    93:54:21:af:c1:6a:bc:71:3d:b9:ac:82:97:0e:7d:
                    4f:a6:96:b3:e8:67:18:77:ab:33:87:f1:8f:5e:10:
                    25:5e:e0:1a:e0:80:8f:b4:cf:5a:ca:83:19:5a:da:
                    85:6f:d2:61:f0:5b:81:ee:c9:d5:7d:08:88:0a:41:
                    6f:5f:47:bf:9b:2f:4c:78:85:00:b8:70:c4:8c:a4:
                    ef:be:52:9d:13:31:8f:88:bd:79:f0:ac:db:2d:9a:
                    3c:10:85:26:c2:33:0e:da:f9:84:f7:ab:57:03:ba:
                    48:f0:69:6f:01:fa:68:79:9c:a5:a2:e5:39:f3:d2:
                    0e:66:c2:d8:c8:1b:e2:c8:3b:d4:e2:a4:69:1c:37:
                    9c:52:4b:bb:d1:89:40:0c:34:19:26:5a:18:41:2f:
                    28:33:e1:bb:3a:16:af:85:e9:a8:12:a3:4a:e7:c2:
                    35:d7:1a:e5:94:09:50:19:fc:68:85:8a:8c:ed:83:
                    44:16:73:35:ed:68:df:9f:4e:9f:30:eb:2a:a0:16:
                    13:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:AA:BC:CD:21:70:6F:0B:39:B6:B1:57:9F:0B:1A:22:15:A6:5D:9A
            X509v3 Authority Key Identifier:
                keyid:58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/Cqq8zSFwbws5trFXnwsaIhWmXZo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.255.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:28:82:4b:f1:13:41:0a:72:04:f8:46:4a:8c:82:75:01:e8:
         d8:43:08:07:12:9c:31:4f:05:ee:32:11:38:34:b4:2c:53:55:
         fa:83:9e:d4:3b:91:0d:d9:05:35:e4:7d:ae:6a:d1:16:3d:a4:
         db:0c:e7:17:94:f6:73:b7:ff:7e:14:b4:64:aa:65:55:65:63:
         b8:c0:11:54:65:22:ad:98:e4:5d:28:e6:8b:dd:78:93:94:eb:
         07:9a:e1:12:19:4f:87:05:55:88:44:91:05:64:d2:f1:6b:05:
         da:b7:7d:cc:05:8f:41:22:17:19:b8:16:35:df:61:ee:46:2e:
         c1:d9:c0:4a:0f:f0:39:22:84:04:10:9d:2f:4e:7c:01:d2:02:
         e2:dd:56:8c:4a:f3:28:ad:1f:1d:d7:91:7f:21:68:b4:66:e4:
         9a:3e:fc:f8:8f:5f:d2:4d:da:c9:33:f6:cc:f5:16:38:7e:19:
         24:e3:00:f2:43:18:fc:9a:d4:a7:90:5c:04:d4:30:58:3b:ff:
         04:f7:83:11:e8:db:d6:b2:23:0d:bb:05:90:5d:72:d1:38:0d:
         32:63:e9:2d:6a:1d:24:10:8e:ee:1f:a4:e3:74:9e:ad:8a:4d:
         f2:15:39:41:d8:f1:f5:6d:d5:d3:60:60:35:13:52:5d:24:87:
         cf:f6:e7:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZsyVQpvmy80sgK+IYsb9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDZkYTVhNTkyNTEyNzVjZWIxODY5NGUxNzQxNTM1MmFl
ZGQ2YWEwHhcNMjMwMTAxMjIxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWFhYmNjZDIxNzA2ZjBiMzliNmIxNTc5ZjBiMWEyMjE1YTY1ZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwDaHJs6np71mzuPal1JjZxZn2Ci
cYowjT41cj3++YmuIV9bWk68bu9xlnn6wxy87dphzqdy1ou7NwWTVCGvwWq8cT25
rIKXDn1Pppaz6GcYd6szh/GPXhAlXuAa4ICPtM9ayoMZWtqFb9Jh8FuB7snVfQiI
CkFvX0e/my9MeIUAuHDEjKTvvlKdEzGPiL158KzbLZo8EIUmwjMO2vmE96tXA7pI
8GlvAfpoeZylouU589IOZsLYyBviyDvU4qRpHDecUku70YlADDQZJloYQS8oM+G7
OhavhemoEqNK58I11xrllAlQGfxohYqM7YNEFnM17Wjfn06fMOsqoBYT1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAqqvM0hcG8LObaxV58LGiIVpl2aMB8GA1UdIwQY
MBaAFFgG2lpZJRJ1zrGGlOF0FTUq7daqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYt
Zjc5Y2NjM2Y0ZWFmLzEvQ3FxOHpTRndid3M1dHJGWG53c2FJaFdtWFpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYtZjc5Y2NjM2Y0ZWFm
LzEvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf/EMA0G
CSqGSIb3DQEBCwUAA4IBAQBHKIJL8RNBCnIE+EZKjIJ1AejYQwgHEpwxTwXuMhE4
NLQsU1X6g57UO5EN2QU15H2uatEWPaTbDOcXlPZzt/9+FLRkqmVVZWO4wBFUZSKt
mORdKOaL3XiTlOsHmuESGU+HBVWIRJEFZNLxawXat33MBY9BIhcZuBY132HuRi7B
2cBKD/A5IoQEEJ0vTnwB0gLi3VaMSvMorR8d15F/IWi0ZuSaPvz4j1/STdrJM/bM
9RY4fhkk4wDyQxj8mtSnkFwE1DBYO/8E94MR6NvWsiMNuwWQXXLROA0yY+ktah0k
EI7uH6TjdJ6tik3yFTlB2PH1bdXTYGA1E1JdJIfP9udo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:56 2024 by rpki-client on console-fra.rpki-client.org