Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/n6MtDZQAHBGSFQEHbJUqvSq4S1c.roa
File:                     n6MtDZQAHBGSFQEHbJUqvSq4S1c.roa (raw, json)
Hash identifier:          w1Q93WOtpw73TaJ+sWrtNZJw0HHIddaMnQqCoeAmJ00=
Subject key identifier:   9F:A3:2D:0D:94:00:1C:11:92:15:01:07:6C:95:2A:BD:2A:B8:4B:57
Certificate issuer:       /CN=5806da5a59251275ceb18694e17415352aedd6aa
Certificate serial:       018C872DAAF2930B82DA6F6D5E516D433092
Authority key identifier: 58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/n6MtDZQAHBGSFQEHbJUqvSq4S1c.roa
Signing time:             Wed 20 Dec 2023 12:22:46 +0000
ROA not before:           Wed 20 Dec 2023 12:22:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.220.146.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:87:2d:aa:f2:93:0b:82:da:6f:6d:5e:51:6d:43:30:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5806da5a59251275ceb18694e17415352aedd6aa
        Validity
            Not Before: Dec 20 12:22:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9fa32d0d94001c11921501076c952abd2ab84b57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:53:29:65:cd:80:f2:11:5a:10:62:72:f6:04:
                    eb:4e:78:24:a5:bc:44:61:c6:e7:c3:ca:9f:96:f3:
                    e4:dc:e1:6e:03:46:a9:78:60:53:03:dc:b9:c6:29:
                    2b:5f:23:ab:c9:97:82:d7:f7:a8:01:f9:3a:d9:5f:
                    b7:69:c1:76:5a:cf:22:13:55:49:14:4d:68:4a:d9:
                    1e:18:77:e8:16:c3:3f:bd:bf:a5:74:66:6f:75:9c:
                    16:e0:c9:8c:48:0f:36:21:a3:7f:24:1b:72:36:92:
                    9c:d3:c8:62:5d:ff:86:c8:5a:2e:81:75:ba:17:f8:
                    c6:19:62:d9:09:f9:5a:f2:f6:59:c5:bc:34:9d:38:
                    f4:fd:48:a9:78:13:eb:f3:a1:ab:da:ac:ce:bd:9e:
                    ef:48:2e:c0:13:70:38:f8:a7:a4:6a:f1:0a:1a:52:
                    d9:91:13:5e:68:f7:1d:3c:00:2e:44:f4:dc:fd:96:
                    77:0f:a4:06:f5:7c:f1:aa:9f:03:82:33:c1:7e:74:
                    33:4a:38:0b:6b:9f:f2:01:fc:de:34:09:91:fe:9c:
                    7a:10:7d:78:7d:a8:0c:ed:fd:e7:91:83:bb:25:9d:
                    02:d2:02:17:28:3f:5a:08:91:b7:44:45:d9:10:6e:
                    ed:c6:43:b5:ae:8d:30:ad:4b:f0:62:94:09:e0:bf:
                    0c:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:A3:2D:0D:94:00:1C:11:92:15:01:07:6C:95:2A:BD:2A:B8:4B:57
            X509v3 Authority Key Identifier:
                keyid:58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/n6MtDZQAHBGSFQEHbJUqvSq4S1c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.220.146.0/23

    Signature Algorithm: sha256WithRSAEncryption
         39:18:10:a0:d8:4c:69:82:57:36:e7:31:9e:ba:73:f3:ea:e6:
         b9:94:2a:9e:7b:7b:67:99:7e:f4:36:1e:96:42:c8:b8:1a:7d:
         5b:3c:13:1f:9f:c2:00:31:56:b2:57:82:e7:b0:8d:7b:29:e9:
         1b:31:e6:d1:22:f6:29:5c:96:90:03:cf:33:93:f3:70:13:68:
         ab:ba:ca:ea:52:70:0f:02:92:c4:9c:5c:bb:87:8d:0c:ed:a1:
         a5:ad:5e:81:aa:00:88:9e:10:40:09:a3:31:5f:2e:23:79:48:
         fb:22:5e:96:8a:44:43:ab:8b:79:2d:f0:c5:68:2d:a2:12:7f:
         dd:76:15:05:d2:61:51:68:aa:10:c6:1a:48:27:84:0a:85:17:
         9b:de:55:44:f1:e4:9a:b7:22:0c:53:6b:c6:15:74:2c:0a:fd:
         60:1b:c6:43:1b:75:6e:47:32:97:16:02:0c:a3:e6:d5:3e:10:
         17:ba:ce:23:68:08:34:e4:13:14:92:9e:32:26:93:88:38:e6:
         ac:b3:44:05:a9:c0:7b:5e:06:19:8a:00:3f:a3:50:d1:11:e4:
         4a:bd:7c:14:35:d2:99:e8:35:3e:0f:9b:1f:fe:1e:59:fe:8c:
         2d:b1:4c:29:c8:93:65:9f:10:93:2f:ad:ef:d5:28:f4:ea:c3:
         c6:75:1e:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyHLarykwuC2m9tXlFtQzCSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDZkYTVhNTkyNTEyNzVjZWIxODY5NGUxNzQxNTM1MmFl
ZGQ2YWEwHhcNMjMxMjIwMTIyMjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmEzMmQwZDk0MDAxYzExOTIxNTAxMDc2Yzk1MmFiZDJhYjg0YjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVMpZc2A8hFaEGJy9gTrTngkpbxE
Ycbnw8qflvPk3OFuA0apeGBTA9y5xikrXyOryZeC1/eoAfk62V+3acF2Ws8iE1VJ
FE1oStkeGHfoFsM/vb+ldGZvdZwW4MmMSA82IaN/JBtyNpKc08hiXf+GyFougXW6
F/jGGWLZCfla8vZZxbw0nTj0/UipeBPr86Gr2qzOvZ7vSC7AE3A4+KekavEKGlLZ
kRNeaPcdPAAuRPTc/ZZ3D6QG9Xzxqp8DgjPBfnQzSjgLa5/yAfzeNAmR/px6EH14
fagM7f3nkYO7JZ0C0gIXKD9aCJG3REXZEG7txkO1ro0wrUvwYpQJ4L8MpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ+jLQ2UABwRkhUBB2yVKr0quEtXMB8GA1UdIwQY
MBaAFFgG2lpZJRJ1zrGGlOF0FTUq7daqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYt
Zjc5Y2NjM2Y0ZWFmLzEvbjZNdERaUUFIQkdTRlFFSGJKVXF2U3E0UzFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYtZjc5Y2NjM2Y0ZWFm
LzEvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudySMA0G
CSqGSIb3DQEBCwUAA4IBAQA5GBCg2Expglc25zGeunPz6ua5lCqee3tnmX70Nh6W
Qsi4Gn1bPBMfn8IAMVayV4LnsI17KekbMebRIvYpXJaQA88zk/NwE2irusrqUnAP
ApLEnFy7h40M7aGlrV6BqgCInhBACaMxXy4jeUj7Il6WikRDq4t5LfDFaC2iEn/d
dhUF0mFRaKoQxhpIJ4QKhReb3lVE8eSatyIMU2vGFXQsCv1gG8ZDG3VuRzKXFgIM
o+bVPhAXus4jaAg05BMUkp4yJpOIOOass0QFqcB7XgYZigA/o1DREeRKvXwUNdKZ
6DU+D5sf/h5Z/owtsUwpyJNlnxCTL63v1Sj06sPGdR6S
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:58 2024 by rpki-client on console-ams.rpki-client.org