Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/cmqyD_2ggmkqwZYmYJXE0Z1yBwA.roa
File:                     cmqyD_2ggmkqwZYmYJXE0Z1yBwA.roa (raw, json)
Hash identifier:          jiMjU6uPxmdTQXZtUIC/mZyCg42UlV/sulnzRXLv01c=
Subject key identifier:   72:6A:B2:0F:FD:A0:82:69:2A:C1:96:26:60:95:C4:D1:9D:72:07:00
Certificate issuer:       /CN=5806da5a59251275ceb18694e17415352aedd6aa
Certificate serial:       018B37DFF64F931CCFE8A6F2A9B0492B11F6
Authority key identifier: 58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/cmqyD_2ggmkqwZYmYJXE0Z1yBwA.roa
Signing time:             Mon 16 Oct 2023 09:45:06 +0000
ROA not before:           Mon 16 Oct 2023 09:45:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.220.146.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 21 Nov 2023 05:45:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:37:df:f6:4f:93:1c:cf:e8:a6:f2:a9:b0:49:2b:11:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5806da5a59251275ceb18694e17415352aedd6aa
        Validity
            Not Before: Oct 16 09:45:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=726ab20ffda082692ac196266095c4d19d720700
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:d3:bf:f6:c8:51:c0:36:6a:b7:38:48:2f:5e:
                    15:25:2e:43:d4:2e:cd:9d:ca:f7:dd:69:a1:d6:77:
                    ea:c0:10:5d:7b:3a:19:0b:3a:31:1f:6b:62:5d:29:
                    5d:68:ca:8b:4b:d9:65:1a:92:37:23:7c:c8:1b:21:
                    65:5d:85:26:fb:bb:73:7c:84:6d:7c:30:2b:38:87:
                    02:fd:83:73:4c:e0:e2:07:9f:29:ef:84:6d:ae:d6:
                    db:f3:e2:5b:50:7a:7a:ee:4e:60:f8:25:84:4f:f8:
                    ff:94:15:f6:ec:e1:cc:7d:04:47:b3:73:b0:29:d5:
                    73:74:d4:0a:7e:54:2e:79:72:f2:7e:e6:3f:9d:e1:
                    20:de:21:76:d4:13:c6:64:2a:ad:39:f5:de:fd:c2:
                    31:3a:46:7b:56:49:72:54:d7:63:b4:08:87:22:91:
                    af:79:8d:99:77:32:b7:3a:1d:06:24:14:d4:0d:3e:
                    f9:98:17:f4:f9:65:68:6c:e6:3c:69:52:fe:52:38:
                    3d:f2:a7:60:38:e6:7a:81:52:56:bb:9c:8f:c2:12:
                    6c:78:16:70:2b:f1:d0:62:f8:ff:64:ad:99:0e:21:
                    bd:af:a5:df:68:56:22:46:5d:f6:0e:3e:73:0d:73:
                    72:65:a8:4d:4b:c3:83:bf:bf:db:fa:76:2e:99:20:
                    dc:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:6A:B2:0F:FD:A0:82:69:2A:C1:96:26:60:95:C4:D1:9D:72:07:00
            X509v3 Authority Key Identifier:
                keyid:58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/cmqyD_2ggmkqwZYmYJXE0Z1yBwA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.220.146.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6e:af:04:6c:ce:80:a7:de:6f:19:f4:28:92:42:a9:34:e1:ae:
         8e:09:72:d6:74:44:d6:89:05:9c:86:9b:d8:7a:31:85:2b:3c:
         5e:94:77:32:1c:f7:ff:ea:de:0b:b7:41:2e:8d:ca:93:38:1c:
         f6:5d:e2:ea:47:4e:51:7f:f4:7f:65:e5:6b:15:20:78:6f:55:
         2d:03:25:7b:30:e6:fa:b9:45:76:9e:54:2d:91:2e:7c:1b:4b:
         1c:60:c7:8d:3d:23:f3:1e:ac:43:99:18:49:86:b9:81:0f:80:
         92:6c:3f:3c:c8:f4:ff:5e:5d:05:25:14:03:a9:8f:6b:7c:85:
         31:5a:92:a4:99:03:08:ee:e0:e8:db:1d:8f:8b:bc:4d:5c:51:
         dc:3d:3b:b2:ec:cc:ed:01:d2:bb:bf:8e:50:5a:1d:02:ab:9d:
         8a:d8:5c:17:14:1e:29:fd:aa:15:85:82:58:fe:97:87:0d:b2:
         e6:79:b6:e5:93:81:b4:08:4b:d1:25:ce:e0:d7:fe:6d:a2:45:
         62:ba:29:cd:23:32:bb:9b:c6:05:43:d3:19:98:fa:f1:e2:48:
         f8:17:2d:1d:07:a8:53:29:82:99:68:6e:b4:fe:b6:f9:23:37:
         47:81:31:12:2f:6c:a7:9d:d6:25:67:f9:97:20:2b:fd:31:c7:
         f7:f9:19:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs33/ZPkxzP6KbyqbBJKxH2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDZkYTVhNTkyNTEyNzVjZWIxODY5NGUxNzQxNTM1MmFl
ZGQ2YWEwHhcNMjMxMDE2MDk0NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjZhYjIwZmZkYTA4MjY5MmFjMTk2MjY2MDk1YzRkMTlkNzIwNzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNO/9shRwDZqtzhIL14VJS5D1C7N
ncr33Wmh1nfqwBBdezoZCzoxH2tiXSldaMqLS9llGpI3I3zIGyFlXYUm+7tzfIRt
fDArOIcC/YNzTODiB58p74Rtrtbb8+JbUHp67k5g+CWET/j/lBX27OHMfQRHs3Ow
KdVzdNQKflQueXLyfuY/neEg3iF21BPGZCqtOfXe/cIxOkZ7VklyVNdjtAiHIpGv
eY2ZdzK3Oh0GJBTUDT75mBf0+WVobOY8aVL+Ujg98qdgOOZ6gVJWu5yPwhJseBZw
K/HQYvj/ZK2ZDiG9r6XfaFYiRl32Dj5zDXNyZahNS8ODv7/b+nYumSDcSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHJqsg/9oIJpKsGWJmCVxNGdcgcAMB8GA1UdIwQY
MBaAFFgG2lpZJRJ1zrGGlOF0FTUq7daqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYt
Zjc5Y2NjM2Y0ZWFmLzEvY21xeURfMmdnbWtxd1pZbVlKWEUwWjF5QndBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYtZjc5Y2NjM2Y0ZWFm
LzEvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudySMA0G
CSqGSIb3DQEBCwUAA4IBAQBurwRszoCn3m8Z9CiSQqk04a6OCXLWdETWiQWchpvY
ejGFKzxelHcyHPf/6t4Lt0EujcqTOBz2XeLqR05Rf/R/ZeVrFSB4b1UtAyV7MOb6
uUV2nlQtkS58G0scYMeNPSPzHqxDmRhJhrmBD4CSbD88yPT/Xl0FJRQDqY9rfIUx
WpKkmQMI7uDo2x2Pi7xNXFHcPTuy7MztAdK7v45QWh0Cq52K2FwXFB4p/aoVhYJY
/peHDbLmebblk4G0CEvRJc7g1/5tokViuinNIzK7m8YFQ9MZmPrx4kj4Fy0dB6hT
KYKZaG60/rb5IzdHgTESL2ynndYlZ/mXICv9Mcf3+RnJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:56 2024 by rpki-client on console-fra.rpki-client.org