Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/uw5ToeeWIP0gD9qA0ixBrL8kXNo.roa
File:                     uw5ToeeWIP0gD9qA0ixBrL8kXNo.roa (raw, json)
Hash identifier:          Tu80ykhm9gPd5XlAa9BgSeH70KOjAqgXuygPwMiIrw4=
Subject key identifier:   BB:0E:53:A1:E7:96:20:FD:20:0F:DA:80:D2:2C:41:AC:BF:24:5C:DA
Certificate issuer:       /CN=5806da5a59251275ceb18694e17415352aedd6aa
Certificate serial:       01877BE9A4D67C13F6F1B92A1C1B28124FC6
Authority key identifier: 58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/uw5ToeeWIP0gD9qA0ixBrL8kXNo.roa
Signing time:             Thu 13 Apr 2023 18:38:42 +0000
ROA not before:           Thu 13 Apr 2023 18:38:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.220.146.0/23 maxlen: 24
                          185.255.196.0/24 maxlen: 24
                          185.255.198.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 20 Apr 2023 10:17:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:7b:e9:a4:d6:7c:13:f6:f1:b9:2a:1c:1b:28:12:4f:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5806da5a59251275ceb18694e17415352aedd6aa
        Validity
            Not Before: Apr 13 18:38:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bb0e53a1e79620fd200fda80d22c41acbf245cda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:6d:e3:b7:74:1b:b6:6e:2e:3c:c6:8f:59:a0:
                    d0:ae:7c:cb:59:0c:e6:39:29:f7:c6:48:12:73:24:
                    96:41:e6:bc:0f:04:c8:bd:cf:d6:be:c8:07:17:b0:
                    f3:9a:59:63:fe:54:ec:ef:81:3d:e6:d0:ba:6e:47:
                    4d:7b:f8:18:16:d1:73:7e:80:68:1b:0c:4c:22:43:
                    14:bd:09:12:90:20:5e:96:80:b0:13:0f:ae:76:72:
                    2e:97:ab:3b:f4:94:69:a4:c1:ba:32:c3:a9:3c:07:
                    8f:ef:5d:cc:66:ec:6b:65:a3:ec:e0:c5:0f:68:e8:
                    21:68:22:87:ea:b9:a2:f4:3d:e3:ae:e0:d0:2d:e4:
                    21:d5:98:da:b2:7f:1d:51:e2:00:62:3a:33:f2:ec:
                    5d:5d:76:4d:bf:cf:e7:41:14:21:49:9f:a7:70:fc:
                    80:fe:d8:d5:05:e7:4c:d8:89:cc:8f:63:4d:55:ee:
                    a3:3f:e0:8e:24:56:aa:36:a6:1a:07:0c:b5:42:8a:
                    4f:cd:39:0f:ba:38:9c:06:e1:99:58:86:0e:9f:76:
                    ea:76:c8:9b:17:d2:59:6d:57:ed:e5:6e:2a:c2:70:
                    ed:df:f3:25:59:fb:4b:2c:ed:87:d1:ce:5d:e5:85:
                    16:8a:f6:f5:9e:97:92:f1:cc:8f:18:ad:ea:2c:c0:
                    60:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:0E:53:A1:E7:96:20:FD:20:0F:DA:80:D2:2C:41:AC:BF:24:5C:DA
            X509v3 Authority Key Identifier:
                keyid:58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/uw5ToeeWIP0gD9qA0ixBrL8kXNo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.220.146.0/23
                  185.255.196.0/24
                  185.255.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:0f:15:b1:71:30:56:c8:cb:90:85:e3:4d:1f:87:94:9c:68:
         7f:29:ae:8d:5f:73:5b:1c:19:45:c4:a4:b9:10:5f:47:d0:2a:
         49:a5:95:9c:18:36:e4:49:a3:93:68:39:73:48:4f:b3:dc:44:
         f4:d8:1d:e5:c5:9a:9b:5f:3f:ed:72:b2:cd:33:4a:ee:7a:c3:
         c3:a0:54:c4:93:b0:fd:54:78:4e:ce:c1:39:7c:a0:97:e7:e7:
         05:3f:f0:5c:d8:13:64:99:03:0c:28:99:dc:01:79:38:26:5c:
         e9:4b:85:de:c8:0d:8b:21:b1:81:60:30:18:d5:ca:53:a1:86:
         4b:4b:03:dd:e9:d4:5b:db:30:fb:98:80:92:74:cf:c0:17:01:
         b8:8b:1d:e4:f3:b8:b9:fc:12:5e:88:f1:ae:90:a0:4f:ea:5a:
         3c:b6:56:f7:52:fe:b6:f5:b0:64:75:d8:63:be:96:01:03:1e:
         99:4e:2c:42:bf:c8:df:7b:b2:74:06:29:20:05:2f:cb:3a:78:
         ea:09:45:cf:2d:aa:d4:28:e2:e3:35:38:5c:6a:f9:20:68:42:
         f6:e2:39:41:fe:c0:f3:ef:4e:7b:46:4f:24:76:37:38:46:29:
         0e:f6:6e:c9:72:bf:fe:a1:9b:dd:62:da:9e:39:bc:c8:8e:2f:
         e1:09:65:97
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYd76aTWfBP28bkqHBsoEk/GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDZkYTVhNTkyNTEyNzVjZWIxODY5NGUxNzQxNTM1MmFl
ZGQ2YWEwHhcNMjMwNDEzMTgzODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjBlNTNhMWU3OTYyMGZkMjAwZmRhODBkMjJjNDFhY2JmMjQ1Y2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoG3jt3Qbtm4uPMaPWaDQrnzLWQzm
OSn3xkgScySWQea8DwTIvc/WvsgHF7Dzmllj/lTs74E95tC6bkdNe/gYFtFzfoBo
GwxMIkMUvQkSkCBeloCwEw+udnIul6s79JRppMG6MsOpPAeP713MZuxrZaPs4MUP
aOghaCKH6rmi9D3jruDQLeQh1Zjasn8dUeIAYjoz8uxdXXZNv8/nQRQhSZ+ncPyA
/tjVBedM2InMj2NNVe6jP+COJFaqNqYaBwy1QopPzTkPujicBuGZWIYOn3bqdsib
F9JZbVft5W4qwnDt3/MlWftLLO2H0c5d5YUWivb1npeS8cyPGK3qLMBgSQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLsOU6HnliD9IA/agNIsQay/JFzaMB8GA1UdIwQY
MBaAFFgG2lpZJRJ1zrGGlOF0FTUq7daqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYt
Zjc5Y2NjM2Y0ZWFmLzEvdXc1VG9lZVdJUDBnRDlxQTBpeEJyTDhrWE5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYtZjc5Y2NjM2Y0ZWFm
LzEvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBudySAwQA
uf/EAwQAuf/GMA0GCSqGSIb3DQEBCwUAA4IBAQADDxWxcTBWyMuQheNNH4eUnGh/
Ka6NX3NbHBlFxKS5EF9H0CpJpZWcGDbkSaOTaDlzSE+z3ET02B3lxZqbXz/tcrLN
M0ruesPDoFTEk7D9VHhOzsE5fKCX5+cFP/Bc2BNkmQMMKJncAXk4JlzpS4XeyA2L
IbGBYDAY1cpToYZLSwPd6dRb2zD7mICSdM/AFwG4ix3k87i5/BJeiPGukKBP6lo8
tlb3Uv629bBkddhjvpYBAx6ZTixCv8jfe7J0BikgBS/LOnjqCUXPLarUKOLjNThc
avkgaEL24jlB/sDz7057Rk8kdjc4RikO9m7Jcr/+oZvdYtqeObzIji/hCWWX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:58 2024 by rpki-client on console-ams.rpki-client.org