Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/A6HKHMuZFDxf6ETRWgP5yjB8r1I.roa
File:                     A6HKHMuZFDxf6ETRWgP5yjB8r1I.roa (raw, json)
Hash identifier:          YSttIywDToyychQjhDj6PPBVtsCZ4x/9b+anm/5IEnk=
Subject key identifier:   03:A1:CA:1C:CB:99:14:3C:5F:E8:44:D1:5A:03:F9:CA:30:7C:AF:52
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       0185F50957FDEECB888FD8FADA091DADC0DB
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/A6HKHMuZFDxf6ETRWgP5yjB8r1I.roa
Signing time:             Fri 27 Jan 2023 21:01:48 +0000
ROA not before:           Fri 27 Jan 2023 21:01:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        91.186.200.0/22 maxlen: 24
                          91.186.214.0/23 maxlen: 24
                          94.241.168.0/21 maxlen: 24
                          83.147.216.0/23 maxlen: 24
                          178.253.31.0/24 maxlen: 24
                          83.147.217.0/24 maxlen: 24
                          83.147.222.0/23 maxlen: 24
                          83.147.232.0/22 maxlen: 24
                          178.253.52.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 28 Mar 2023 03:48:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:f5:09:57:fd:ee:cb:88:8f:d8:fa:da:09:1d:ad:c0:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Jan 27 21:01:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=03a1ca1ccb99143c5fe844d15a03f9ca307caf52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:f8:a8:52:7b:87:04:5c:5a:69:7c:fc:4d:fc:
                    12:f4:bb:2c:1c:cb:87:47:da:1d:8f:9f:18:be:ac:
                    92:be:14:c4:89:8c:ee:12:3d:96:19:59:d7:80:b1:
                    8f:6b:bd:5d:ad:7e:5c:78:82:7e:c9:54:e3:b6:85:
                    b8:74:09:e2:2c:ed:3c:2f:41:96:8a:47:b6:ed:80:
                    77:77:2f:f3:67:5e:85:60:3a:69:86:45:02:31:cc:
                    1c:5c:6b:d4:26:60:e1:ed:e1:ce:77:83:33:6a:6f:
                    c2:6f:b4:05:36:da:2c:c9:f3:4e:5c:7a:33:b9:4f:
                    79:f5:fe:39:5b:bc:5c:20:33:a9:2a:83:a8:d8:9b:
                    5f:c9:73:43:1b:84:5f:1f:1a:b5:4f:f1:8b:06:5d:
                    0f:d6:db:62:7e:55:1a:40:73:6a:04:8f:4d:2f:3d:
                    a8:91:f5:ab:90:c2:b2:b6:6a:f8:a9:32:6b:cf:0d:
                    95:11:14:e7:52:c8:df:68:b8:59:26:63:c6:3b:98:
                    fb:33:81:9d:8c:6a:b1:bb:e4:f3:59:3e:44:5a:8c:
                    e8:2a:da:02:3f:fb:b3:24:62:bb:ed:3e:74:eb:60:
                    f3:c9:e9:f6:7a:6d:2a:16:85:53:a8:6d:de:4a:ef:
                    8a:05:00:ad:1f:ec:be:6a:ad:3b:2b:6e:75:9a:1f:
                    23:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:A1:CA:1C:CB:99:14:3C:5F:E8:44:D1:5A:03:F9:CA:30:7C:AF:52
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/A6HKHMuZFDxf6ETRWgP5yjB8r1I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.216.0/23
                  83.147.222.0/23
                  83.147.232.0/22
                  91.186.200.0/22
                  91.186.214.0/23
                  94.241.168.0/21
                  178.253.31.0/24
                  178.253.52.0/23

    Signature Algorithm: sha256WithRSAEncryption
         28:e5:51:d6:11:05:63:0c:de:e3:15:45:38:3d:97:5e:6d:01:
         e1:ca:d7:03:d3:26:45:a2:81:95:ec:38:3e:c5:92:10:df:9d:
         a0:68:97:60:38:44:5f:e7:df:30:fd:ef:cf:58:67:c5:9d:d0:
         50:a5:fd:e8:2e:3d:40:29:b0:04:49:96:1d:a0:73:cb:05:7d:
         23:2e:78:9e:ab:6c:05:77:eb:a1:b5:4e:fa:c1:e4:27:50:35:
         ea:92:71:bf:3b:3f:47:84:88:f3:da:71:bf:02:d5:5e:29:e0:
         65:b6:15:11:ff:b9:45:c2:3a:1c:e5:9d:f1:33:3a:fa:89:31:
         40:f2:ae:69:1e:ec:ee:1b:b7:08:95:25:45:05:06:08:d5:7d:
         0b:0b:6c:e6:ff:8c:8e:8a:1b:42:ad:52:f5:df:6f:f2:eb:8c:
         7a:97:00:6e:d0:f0:63:5b:be:a2:7a:d4:90:2d:20:3b:02:53:
         f5:0c:03:b7:6a:85:62:cc:ec:49:2a:b2:51:fc:82:80:d3:be:
         e3:ff:d0:b9:5d:8d:b1:f7:07:e2:06:d4:db:d2:b2:95:1d:40:
         92:b3:91:a6:e8:35:aa:ab:a3:4e:81:d7:a7:13:4f:68:ff:87:
         21:84:fa:c1:f3:55:c8:04:c8:f1:a8:e1:58:7c:07:52:63:9e:
         9c:23:8f:11
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYX1CVf97suIj9j62gkdrcDbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwMTI3MjEwMTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2ExY2ExY2NiOTkxNDNjNWZlODQ0ZDE1YTAzZjljYTMwN2NhZjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPioUnuHBFxaaXz8TfwS9LssHMuH
R9odj58YvqySvhTEiYzuEj2WGVnXgLGPa71drX5ceIJ+yVTjtoW4dAniLO08L0GW
ike27YB3dy/zZ16FYDpphkUCMcwcXGvUJmDh7eHOd4Mzam/Cb7QFNtosyfNOXHoz
uU959f45W7xcIDOpKoOo2JtfyXNDG4RfHxq1T/GLBl0P1ttiflUaQHNqBI9NLz2o
kfWrkMKytmr4qTJrzw2VERTnUsjfaLhZJmPGO5j7M4GdjGqxu+TzWT5EWozoKtoC
P/uzJGK77T5062Dzyen2em0qFoVTqG3eSu+KBQCtH+y+aq07K251mh8j5QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAOhyhzLmRQ8X+hE0VoD+cowfK9SMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvQTZIS0hNdVpGRHhmNkVUUldnUDV5akI4cjFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBU5PYAwQB
U5PeAwQCU5PoAwQCW7rIAwQBW7rWAwQDXvGoAwQAsv0fAwQBsv00MA0GCSqGSIb3
DQEBCwUAA4IBAQAo5VHWEQVjDN7jFUU4PZdebQHhytcD0yZFooGV7Dg+xZIQ352g
aJdgOERf598w/e/PWGfFndBQpf3oLj1AKbAESZYdoHPLBX0jLnieq2wFd+uhtU76
weQnUDXqknG/Oz9HhIjz2nG/AtVeKeBlthUR/7lFwjoc5Z3xMzr6iTFA8q5pHuzu
G7cIlSVFBQYI1X0LC2zm/4yOihtCrVL132/y64x6lwBu0PBjW76ietSQLSA7AlP1
DAO3aoVizOxJKrJR/IKA077j/9C5XY2x9wfiBtTb0rKVHUCSs5Gm6DWqq6NOgden
E09o/4chhPrB81XIBMjxqOFYfAdSY56cI48R
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:18 2024 by rpki-client on console-ams.rpki-client.org