Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/yxOvSTzI2gtPVoRewqnN6sXMS8Q.roa
File:                     yxOvSTzI2gtPVoRewqnN6sXMS8Q.roa (raw, json)
Hash identifier:          rFLNfAEOSVnOhE7FTKa1cgVniaI2I408IApsifwxDBw=
Subject key identifier:   CB:13:AF:49:3C:C8:DA:0B:4F:56:84:5E:C2:A9:CD:EA:C5:CC:4B:C4
Certificate issuer:       /CN=5806da5a59251275ceb18694e17415352aedd6aa
Certificate serial:       018B13FC23DDF9C57A1F16A98032AEF3A82F
Authority key identifier: 58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/yxOvSTzI2gtPVoRewqnN6sXMS8Q.roa
Signing time:             Mon 09 Oct 2023 10:29:33 +0000
ROA not before:           Mon 09 Oct 2023 10:29:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.220.146.0/23 maxlen: 24
                          185.255.196.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 16 Oct 2023 09:45:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:13:fc:23:dd:f9:c5:7a:1f:16:a9:80:32:ae:f3:a8:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5806da5a59251275ceb18694e17415352aedd6aa
        Validity
            Not Before: Oct  9 10:29:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cb13af493cc8da0b4f56845ec2a9cdeac5cc4bc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:cb:79:ff:30:70:a3:1e:f4:5f:80:a7:8e:1d:
                    1a:e4:06:2a:f7:cb:f8:80:24:ea:dd:df:b8:34:5a:
                    4e:a7:b6:7a:a3:0d:4c:4e:bc:45:78:34:f9:e1:47:
                    b3:66:18:14:2a:aa:45:64:0d:83:66:5d:dd:cf:15:
                    28:70:9e:59:3b:7d:28:e1:59:12:6a:0a:ce:1c:7a:
                    bd:77:b6:4a:fe:65:2e:6b:f5:6a:b5:41:64:ef:23:
                    f0:c6:88:00:89:db:97:95:88:92:5e:b3:46:08:fa:
                    d0:05:08:bb:26:61:85:d3:76:72:9f:9a:f0:b4:36:
                    55:9e:00:59:7b:d6:14:e3:5d:44:8d:c4:8f:5b:e4:
                    e8:e0:c7:9a:78:72:3c:38:21:ee:9b:63:8e:55:b1:
                    13:87:e0:3c:ea:ae:49:b8:27:22:bb:62:25:fe:ab:
                    50:c3:73:46:78:62:7e:73:4f:c6:4e:eb:4e:05:78:
                    9b:33:45:44:88:e1:d1:df:cd:51:81:ed:ab:22:13:
                    01:54:b3:75:05:6c:76:45:b3:6f:db:e7:a0:73:2f:
                    41:90:fc:8d:fd:78:34:ec:32:01:96:2a:a2:7d:3f:
                    5b:a3:90:4f:7e:97:e3:bc:8d:a2:34:cf:7f:20:29:
                    e0:11:63:d3:15:50:4b:ea:2e:7d:16:a5:9b:6f:6a:
                    a2:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:13:AF:49:3C:C8:DA:0B:4F:56:84:5E:C2:A9:CD:EA:C5:CC:4B:C4
            X509v3 Authority Key Identifier:
                keyid:58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/yxOvSTzI2gtPVoRewqnN6sXMS8Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.220.146.0/23
                  185.255.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:2b:31:73:e8:2a:c5:da:58:42:db:94:f8:7a:ac:82:d6:c6:
         9e:12:10:c1:0f:ab:0e:a7:93:df:f3:eb:bc:e3:da:fb:27:3f:
         e6:df:2e:d8:9d:81:9f:2a:f8:66:6a:1b:5c:18:54:8f:ab:2e:
         aa:b1:05:9c:7b:23:62:8f:47:fc:99:ea:a4:eb:da:6c:73:8a:
         6b:ab:e1:3b:12:5a:7d:10:e1:d7:9f:dc:6c:26:ac:52:5e:eb:
         4a:89:52:44:87:13:0b:58:26:d2:33:86:b0:91:e8:de:b3:63:
         ec:5a:5f:0d:a5:88:cb:2d:16:36:b0:fb:54:ba:43:ea:8d:d6:
         b1:58:07:63:e4:ef:e9:2c:ad:eb:a0:c1:9f:b1:7f:13:7e:3b:
         3f:b8:75:84:88:80:9a:07:ed:c1:7a:96:cf:1c:9d:c1:5c:a6:
         07:1a:72:4e:2b:72:78:b1:18:c5:6f:68:b1:5c:d1:02:3d:aa:
         71:8c:c7:61:7d:a9:f1:0d:22:03:10:a7:f9:6d:17:ec:2c:0f:
         23:fd:ce:92:a1:3d:02:e1:a8:d2:6b:ab:70:57:f4:00:cb:e6:
         1c:40:a8:fe:84:41:23:2a:6a:3d:a2:01:47:f5:fd:64:5c:d4:
         79:39:8d:ea:d6:c7:3c:68:34:a1:d5:e7:4c:4e:aa:8a:9c:1b:
         bd:b4:08:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYsT/CPd+cV6HxapgDKu86gvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDZkYTVhNTkyNTEyNzVjZWIxODY5NGUxNzQxNTM1MmFl
ZGQ2YWEwHhcNMjMxMDA5MTAyOTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjEzYWY0OTNjYzhkYTBiNGY1Njg0NWVjMmE5Y2RlYWM1Y2M0YmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyst5/zBwox70X4Cnjh0a5AYq98v4
gCTq3d+4NFpOp7Z6ow1MTrxFeDT54UezZhgUKqpFZA2DZl3dzxUocJ5ZO30o4VkS
agrOHHq9d7ZK/mUua/VqtUFk7yPwxogAiduXlYiSXrNGCPrQBQi7JmGF03Zyn5rw
tDZVngBZe9YU411EjcSPW+To4MeaeHI8OCHum2OOVbETh+A86q5JuCciu2Il/qtQ
w3NGeGJ+c0/GTutOBXibM0VEiOHR381Rge2rIhMBVLN1BWx2RbNv2+egcy9BkPyN
/Xg07DIBliqifT9bo5BPfpfjvI2iNM9/ICngEWPTFVBL6i59FqWbb2qiJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMsTr0k8yNoLT1aEXsKpzerFzEvEMB8GA1UdIwQY
MBaAFFgG2lpZJRJ1zrGGlOF0FTUq7daqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYt
Zjc5Y2NjM2Y0ZWFmLzEveXhPdlNUekkyZ3RQVm9SZXdxbk42c1hNUzhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYtZjc5Y2NjM2Y0ZWFm
LzEvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBudySAwQA
uf/EMA0GCSqGSIb3DQEBCwUAA4IBAQAHKzFz6CrF2lhC25T4eqyC1saeEhDBD6sO
p5Pf8+u849r7Jz/m3y7YnYGfKvhmahtcGFSPqy6qsQWceyNij0f8meqk69psc4pr
q+E7Elp9EOHXn9xsJqxSXutKiVJEhxMLWCbSM4awkejes2PsWl8NpYjLLRY2sPtU
ukPqjdaxWAdj5O/pLK3roMGfsX8Tfjs/uHWEiICaB+3BepbPHJ3BXKYHGnJOK3J4
sRjFb2ixXNECPapxjMdhfanxDSIDEKf5bRfsLA8j/c6SoT0C4ajSa6twV/QAy+Yc
QKj+hEEjKmo9ogFH9f1kXNR5OY3q1sc8aDSh1edMTqqKnBu9tAgp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:58 2024 by rpki-client on console-ams.rpki-client.org