Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/oNOf6bZDr7-ifm39bFIfXpTHTKE.roa
File:                     oNOf6bZDr7-ifm39bFIfXpTHTKE.roa (raw, json)
Hash identifier:          SIgqOrHTf6qCyrszyInFxRYnAMYsMDqC7FHE72HFeoE=
Subject key identifier:   A0:D3:9F:E9:B6:43:AF:BF:A2:7E:6D:FD:6C:52:1F:5E:94:C7:4C:A1
Certificate issuer:       /CN=5806da5a59251275ceb18694e17415352aedd6aa
Certificate serial:       01856F66CEF2C9D8AFF37970E559F18C2D13
Authority key identifier: 58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/oNOf6bZDr7-ifm39bFIfXpTHTKE.roa
Signing time:             Sun 01 Jan 2023 22:14:46 +0000
ROA not before:           Sun 01 Jan 2023 22:14:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399641
IP address blocks:        185.220.146.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:66:ce:f2:c9:d8:af:f3:79:70:e5:59:f1:8c:2d:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5806da5a59251275ceb18694e17415352aedd6aa
        Validity
            Not Before: Jan  1 22:14:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a0d39fe9b643afbfa27e6dfd6c521f5e94c74ca1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:db:7b:0a:25:82:38:a1:ef:0c:ab:2d:d6:05:
                    f8:79:49:5f:e3:3b:3a:a6:97:41:7a:17:e2:21:a1:
                    ee:ff:ed:26:c8:44:59:a8:57:d5:a2:96:07:89:c9:
                    5f:18:4e:de:e2:13:23:59:f1:e0:a9:ea:34:2e:02:
                    3a:3a:5c:f5:96:e1:31:88:7d:05:66:80:a0:c8:da:
                    12:93:a8:f1:2b:cd:31:1a:b2:7f:03:92:52:44:d4:
                    5f:42:2c:98:cb:7a:d5:9e:a6:9c:9e:06:4e:3a:d7:
                    8e:96:d0:e9:57:1d:d5:e0:2e:bf:d5:b7:66:a7:e3:
                    74:0f:a2:76:c2:52:ea:aa:21:e4:ff:66:1c:50:28:
                    d8:a9:fc:b1:00:23:47:aa:ed:fe:58:33:a6:00:46:
                    86:1d:d3:21:5d:c0:f8:76:96:2c:e6:86:00:25:82:
                    91:c1:f3:f7:74:6e:98:f0:f1:42:1c:6c:d8:98:72:
                    5f:a8:46:89:36:96:ae:0c:be:b1:43:4b:a0:f9:cc:
                    bb:28:d0:75:3c:6b:63:a6:e1:be:56:3a:d4:3e:75:
                    f7:15:d5:1e:90:5c:49:3e:02:22:a1:69:70:d0:2a:
                    90:ca:12:f7:a1:b0:fc:32:e4:64:37:fe:5a:e7:0b:
                    99:6f:75:71:af:d2:1f:48:99:51:cd:7d:fb:73:42:
                    dd:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:D3:9F:E9:B6:43:AF:BF:A2:7E:6D:FD:6C:52:1F:5E:94:C7:4C:A1
            X509v3 Authority Key Identifier:
                keyid:58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/oNOf6bZDr7-ifm39bFIfXpTHTKE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.220.146.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:d2:5a:58:ea:3e:bd:9c:fc:9f:4d:f8:71:ad:9f:27:96:e0:
         a9:c8:95:48:63:1f:37:bb:16:20:d8:9d:7f:0b:3e:e8:6f:ad:
         03:8f:d3:fc:19:88:44:8f:bd:b1:cb:60:ca:0b:ea:83:4a:8d:
         3b:a7:d2:25:f0:e1:44:48:71:56:19:2b:a6:27:f2:78:a6:74:
         e2:8b:32:eb:c7:3c:76:08:34:e4:f3:e6:42:da:6d:ae:2f:27:
         17:4e:a1:b5:7a:65:88:e3:24:54:8f:5b:7b:1b:2d:d8:a3:10:
         15:66:1f:74:69:9c:a5:4b:c6:94:1d:fd:f7:3d:fe:a5:1d:5e:
         9b:a9:f9:c1:db:70:ad:f0:1a:f3:30:2c:5f:5d:93:16:18:ca:
         ea:2e:6d:7c:96:8b:86:74:68:1c:26:52:7c:5a:5a:56:0f:36:
         a7:65:7a:29:d2:a2:52:7e:d1:84:48:27:c5:23:10:1b:12:51:
         ff:82:69:34:39:39:3e:93:fd:2b:51:ae:6e:82:82:9b:bb:39:
         1f:87:0a:f1:90:04:bd:4e:0f:97:7c:35:9b:25:b2:e3:42:fb:
         37:2a:7a:9b:a5:28:cb:1f:5c:97:ab:28:c3:a2:00:a7:06:77:
         81:ee:04:b8:44:fe:92:76:75:05:48:59:48:25:c1:b5:50:00:
         dd:f9:17:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZs7yydiv83lw5VnxjC0TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDZkYTVhNTkyNTEyNzVjZWIxODY5NGUxNzQxNTM1MmFl
ZGQ2YWEwHhcNMjMwMTAxMjIxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGQzOWZlOWI2NDNhZmJmYTI3ZTZkZmQ2YzUyMWY1ZTk0Yzc0Y2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndt7CiWCOKHvDKst1gX4eUlf4zs6
ppdBehfiIaHu/+0myERZqFfVopYHiclfGE7e4hMjWfHgqeo0LgI6Olz1luExiH0F
ZoCgyNoSk6jxK80xGrJ/A5JSRNRfQiyYy3rVnqacngZOOteOltDpVx3V4C6/1bdm
p+N0D6J2wlLqqiHk/2YcUCjYqfyxACNHqu3+WDOmAEaGHdMhXcD4dpYs5oYAJYKR
wfP3dG6Y8PFCHGzYmHJfqEaJNpauDL6xQ0ug+cy7KNB1PGtjpuG+VjrUPnX3FdUe
kFxJPgIioWlw0CqQyhL3obD8MuRkN/5a5wuZb3Vxr9IfSJlRzX37c0LduwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKDTn+m2Q6+/on5t/WxSH16Ux0yhMB8GA1UdIwQY
MBaAFFgG2lpZJRJ1zrGGlOF0FTUq7daqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYt
Zjc5Y2NjM2Y0ZWFmLzEvb05PZjZiWkRyNy1pZm0zOWJGSWZYcFRIVEtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYtZjc5Y2NjM2Y0ZWFm
LzEvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudySMA0G
CSqGSIb3DQEBCwUAA4IBAQBj0lpY6j69nPyfTfhxrZ8nluCpyJVIYx83uxYg2J1/
Cz7ob60Dj9P8GYhEj72xy2DKC+qDSo07p9Il8OFESHFWGSumJ/J4pnTiizLrxzx2
CDTk8+ZC2m2uLycXTqG1emWI4yRUj1t7Gy3YoxAVZh90aZylS8aUHf33Pf6lHV6b
qfnB23Ct8BrzMCxfXZMWGMrqLm18louGdGgcJlJ8WlpWDzanZXop0qJSftGESCfF
IxAbElH/gmk0OTk+k/0rUa5ugoKbuzkfhwrxkAS9Tg+XfDWbJbLjQvs3KnqbpSjL
H1yXqyjDogCnBneB7gS4RP6SdnUFSFlIJcG1UADd+ReQ
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:09 2024 by rpki-client on console-fra.rpki-client.org