Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/snUFHt-e2syqvtJYKARoG2njPco.roa
File:                     snUFHt-e2syqvtJYKARoG2njPco.roa (raw, json)
Hash identifier:          dULHa5SSCM3vk3Mc+3KG/+6Q7szLQ3GBilDe1/UwC/M=
Subject key identifier:   B2:75:05:1E:DF:9E:DA:CC:AA:BE:D2:58:28:04:68:1B:69:E3:3D:CA
Certificate issuer:       /CN=5806da5a59251275ceb18694e17415352aedd6aa
Certificate serial:       01856F66CA00EAA54EE408897615C9E6A4FB
Authority key identifier: 58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/snUFHt-e2syqvtJYKARoG2njPco.roa
Signing time:             Sun 01 Jan 2023 22:14:44 +0000
ROA not before:           Sun 01 Jan 2023 22:14:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.220.146.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Thu 13 Apr 2023 18:35:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:66:ca:00:ea:a5:4e:e4:08:89:76:15:c9:e6:a4:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5806da5a59251275ceb18694e17415352aedd6aa
        Validity
            Not Before: Jan  1 22:14:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b275051edf9edaccaabed2582804681b69e33dca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:4b:fb:ef:3e:b1:6e:a6:a5:4f:39:39:65:31:
                    f5:d2:11:41:90:07:8f:09:85:9e:48:76:1a:78:85:
                    01:d5:24:af:25:57:85:42:e8:9e:db:d4:05:83:45:
                    01:01:d6:3e:f4:63:82:e8:18:0a:b7:a5:28:7b:02:
                    6e:b8:ed:37:c6:69:cc:2a:27:15:e8:ce:34:aa:bc:
                    56:33:41:13:66:f5:05:28:a1:59:21:03:77:f4:18:
                    5a:15:54:d5:92:79:54:e8:86:dc:d9:2d:37:0b:ee:
                    e4:22:c6:fd:ed:de:3b:5e:f5:d0:1f:8b:23:88:46:
                    f6:f6:e2:e6:95:a3:17:ae:0b:92:8a:30:2c:e2:72:
                    73:02:44:49:aa:50:0f:16:30:f8:02:f3:a9:5f:40:
                    1a:ba:04:19:be:0b:07:9d:cf:02:19:24:74:6c:f9:
                    60:df:15:11:d0:c9:25:d7:28:cc:8e:3d:7a:5f:e7:
                    29:f1:3a:c7:74:83:50:82:a2:66:1f:11:a1:77:58:
                    45:75:a3:72:69:f5:e9:71:d2:88:07:11:d4:ac:0f:
                    a4:01:41:16:b6:62:35:de:bf:65:14:a6:b4:a1:f3:
                    83:17:7f:aa:a1:2d:03:9b:6e:23:6f:60:8b:25:d4:
                    7c:ed:cb:c0:ab:9b:cb:2d:a3:69:15:3c:21:7e:98:
                    25:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:75:05:1E:DF:9E:DA:CC:AA:BE:D2:58:28:04:68:1B:69:E3:3D:CA
            X509v3 Authority Key Identifier:
                keyid:58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/snUFHt-e2syqvtJYKARoG2njPco.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.220.146.0/23

    Signature Algorithm: sha256WithRSAEncryption
         90:1b:74:52:23:b9:9c:af:9f:5c:33:39:eb:5d:bc:53:9f:42:
         d9:4c:cf:e1:90:e3:c2:6d:d3:ec:9d:fc:e7:5a:90:98:91:32:
         54:87:5f:8a:09:08:81:b4:0c:3a:86:d6:33:d4:d4:c6:fe:eb:
         2a:f9:2d:b6:69:c1:5c:11:91:ed:c4:4f:6e:a9:11:52:6d:96:
         0c:52:9d:06:db:51:1f:fd:53:65:82:47:cf:4d:ff:70:6f:59:
         56:6a:8a:2a:16:e7:69:34:3a:93:1d:e3:1a:47:f8:79:0e:dd:
         44:94:ae:74:7c:ce:5d:f9:33:02:51:6a:07:e7:1b:6c:8a:98:
         20:d7:1d:da:9b:67:5a:51:e1:87:ac:c0:34:e2:43:0a:44:20:
         48:28:56:6d:88:79:2e:3e:55:22:ad:bc:06:ee:97:bb:b2:ff:
         4e:f7:94:27:4c:f7:62:e5:bf:49:09:63:b7:77:9d:84:1a:72:
         39:94:e9:57:c8:da:6e:54:d0:8c:46:0b:6a:f3:bf:67:e1:ad:
         f1:f1:c2:c3:72:9a:6b:34:ef:20:cf:71:cf:e7:ca:04:c3:e6:
         bb:5d:27:3a:9c:b0:d1:d6:e3:cc:8e:b8:58:71:73:db:e9:fe:
         a4:c2:27:64:94:3e:31:85:8d:f0:97:f9:e2:3e:6e:bd:72:23:
         92:5d:1a:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZsoA6qVO5AiJdhXJ5qT7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDZkYTVhNTkyNTEyNzVjZWIxODY5NGUxNzQxNTM1MmFl
ZGQ2YWEwHhcNMjMwMTAxMjIxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjc1MDUxZWRmOWVkYWNjYWFiZWQyNTgyODA0NjgxYjY5ZTMzZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20v77z6xbqalTzk5ZTH10hFBkAeP
CYWeSHYaeIUB1SSvJVeFQuie29QFg0UBAdY+9GOC6BgKt6UoewJuuO03xmnMKicV
6M40qrxWM0ETZvUFKKFZIQN39BhaFVTVknlU6Ibc2S03C+7kIsb97d47XvXQH4sj
iEb29uLmlaMXrguSijAs4nJzAkRJqlAPFjD4AvOpX0AaugQZvgsHnc8CGSR0bPlg
3xUR0Mkl1yjMjj16X+cp8TrHdINQgqJmHxGhd1hFdaNyafXpcdKIBxHUrA+kAUEW
tmI13r9lFKa0ofODF3+qoS0Dm24jb2CLJdR87cvAq5vLLaNpFTwhfpglJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLJ1BR7fntrMqr7SWCgEaBtp4z3KMB8GA1UdIwQY
MBaAFFgG2lpZJRJ1zrGGlOF0FTUq7daqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYt
Zjc5Y2NjM2Y0ZWFmLzEvc25VRkh0LWUyc3lxdnRKWUtBUm9HMm5qUGNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYtZjc5Y2NjM2Y0ZWFm
LzEvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudySMA0G
CSqGSIb3DQEBCwUAA4IBAQCQG3RSI7mcr59cMznrXbxTn0LZTM/hkOPCbdPsnfzn
WpCYkTJUh1+KCQiBtAw6htYz1NTG/usq+S22acFcEZHtxE9uqRFSbZYMUp0G21Ef
/VNlgkfPTf9wb1lWaooqFudpNDqTHeMaR/h5Dt1ElK50fM5d+TMCUWoH5xtsipgg
1x3am2daUeGHrMA04kMKRCBIKFZtiHkuPlUirbwG7pe7sv9O95QnTPdi5b9JCWO3
d52EGnI5lOlXyNpuVNCMRgtq879n4a3x8cLDcpprNO8gz3HP58oEw+a7XSc6nLDR
1uPMjrhYcXPb6f6kwidklD4xhY3wl/niPm69ciOSXRrH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:58 2024 by rpki-client on console-ams.rpki-client.org