Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/6OBM9NdUm152LnqEc___OpcWKvI.roa
File:                     6OBM9NdUm152LnqEc___OpcWKvI.roa (raw, json)
Hash identifier:          L+fKyYvvZBuc/RLaDJrrZlzcIBkKNnRK5HMMs7uQ8NU=
Subject key identifier:   E8:E0:4C:F4:D7:54:9B:5E:76:2E:7A:84:73:FF:FF:3A:97:16:2A:F2
Certificate issuer:       /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial:       0185711546983D50D1B916FD573BC2D2A8A1
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/6OBM9NdUm152LnqEc___OpcWKvI.roa
Signing time:             Mon 02 Jan 2023 06:04:57 +0000
ROA not before:           Mon 02 Jan 2023 06:04:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2590
IP address blocks:        89.174.32.0/23 maxlen: 24
                          89.174.73.128/25 maxlen: 25
                          89.174.74.128/25 maxlen: 25
                          78.133.144.0/22 maxlen: 24
                          89.174.229.0/24 maxlen: 24
                          85.219.244.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:15:46:98:3d:50:d1:b9:16:fd:57:3b:c2:d2:a8:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
        Validity
            Not Before: Jan  2 06:04:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e8e04cf4d7549b5e762e7a8473ffff3a97162af2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:a8:67:20:70:0e:a1:6a:cc:cf:3b:66:a4:f0:
                    36:3f:57:4d:87:70:64:22:14:17:c4:48:9f:f3:7c:
                    32:26:75:75:38:97:7f:75:4e:09:44:2d:62:e7:18:
                    aa:07:84:b8:c2:4a:8f:ab:d6:13:89:78:2b:56:34:
                    85:65:33:0e:56:e4:14:63:f1:72:a0:83:46:93:1d:
                    4b:9e:9e:78:83:fa:82:67:4d:eb:2f:c4:84:fb:60:
                    8f:ad:df:1e:0c:7f:8c:c8:0d:2b:91:54:ee:a5:7e:
                    55:18:e3:8d:58:9a:cd:a9:f0:01:3b:5b:19:0a:f3:
                    ed:c6:bb:49:2f:84:30:35:01:be:bf:30:39:60:e1:
                    75:16:18:de:b0:e7:ba:5c:07:f9:5e:f6:c6:11:7c:
                    7f:4c:db:54:6d:af:2b:cf:ba:e3:13:f7:10:ea:68:
                    b8:2b:f8:c8:c7:ec:26:ba:64:90:16:e9:b5:1a:c4:
                    6d:ef:64:42:31:b5:72:6a:07:f5:ca:18:fa:9b:68:
                    ef:66:93:fb:ae:3f:4c:46:a7:53:38:31:da:10:e9:
                    dc:dc:a4:f9:10:f3:37:bd:3d:77:8d:33:fe:82:c6:
                    fb:43:5f:61:01:64:42:be:fe:8c:7d:6a:1a:e1:28:
                    f4:e9:bc:e1:ea:d7:bc:29:20:e9:3b:d9:33:e4:22:
                    90:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:E0:4C:F4:D7:54:9B:5E:76:2E:7A:84:73:FF:FF:3A:97:16:2A:F2
            X509v3 Authority Key Identifier:
                keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/6OBM9NdUm152LnqEc___OpcWKvI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.133.144.0/22
                  85.219.244.0/22
                  89.174.32.0/23
                  89.174.73.128/25
                  89.174.74.128/25
                  89.174.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:6f:7f:4c:e1:1f:80:2c:09:a4:5d:67:4d:e1:1d:2d:a5:75:
         3d:a1:1f:5f:4e:17:81:a0:64:2e:5c:49:0e:ce:9c:c6:80:df:
         d8:4e:ba:8f:8f:ef:ee:fd:3d:3b:ce:58:27:e6:02:15:14:75:
         19:ef:18:94:b0:ec:4a:15:78:93:6c:eb:f6:ce:98:5d:f1:ce:
         c6:4b:f2:c9:7b:e7:37:65:31:ea:db:30:bf:e3:93:4f:45:c6:
         c5:d8:50:e1:7b:18:c3:5e:6b:30:69:0b:80:82:b3:98:1e:3a:
         98:6e:96:ce:83:25:89:9e:ab:c1:66:35:7b:94:a6:a2:25:08:
         f8:09:e9:e8:60:5d:27:4c:2f:2e:57:d4:a3:1d:48:95:7f:86:
         36:d2:88:ab:5b:8c:4e:32:cf:86:a4:58:69:63:48:a6:7f:2b:
         58:03:10:05:e6:f1:bb:74:fd:5b:e9:3f:39:b1:e1:dd:8c:d4:
         87:b7:f2:3d:e6:b4:31:f1:25:77:d1:4e:a9:91:13:c9:4c:5c:
         d4:7c:29:e6:1a:8c:08:b2:8a:4c:92:0c:92:ed:7c:80:68:47:
         88:73:88:bb:0e:d0:83:08:c8:ff:2c:d6:39:49:a0:6c:da:90:
         34:1b:ee:d1:a3:14:5f:e4:e6:73:33:c1:b2:f8:f3:4b:3c:b0:
         ad:22:80:6e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVxFUaYPVDRuRb9VzvC0qihMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwMTAyMDYwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGUwNGNmNGQ3NTQ5YjVlNzYyZTdhODQ3M2ZmZmYzYTk3MTYyYWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqhnIHAOoWrMzztmpPA2P1dNh3Bk
IhQXxEif83wyJnV1OJd/dU4JRC1i5xiqB4S4wkqPq9YTiXgrVjSFZTMOVuQUY/Fy
oINGkx1Lnp54g/qCZ03rL8SE+2CPrd8eDH+MyA0rkVTupX5VGOONWJrNqfABO1sZ
CvPtxrtJL4QwNQG+vzA5YOF1FhjesOe6XAf5XvbGEXx/TNtUba8rz7rjE/cQ6mi4
K/jIx+wmumSQFum1GsRt72RCMbVyagf1yhj6m2jvZpP7rj9MRqdTODHaEOnc3KT5
EPM3vT13jTP+gsb7Q19hAWRCvv6MfWoa4Sj06bzh6te8KSDpO9kz5CKQYQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFOjgTPTXVJtedi56hHP//zqXFiryMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvNk9CTTlOZFVtMTUyTG5xRWNfX19PcGNXS3ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCToWQAwQC
Vdv0AwQBWa4gAwUHWa5JgAMFB1muSoADBABZruUwDQYJKoZIhvcNAQELBQADggEB
AGlvf0zhH4AsCaRdZ03hHS2ldT2hH19OF4GgZC5cSQ7OnMaA39hOuo+P7+79PTvO
WCfmAhUUdRnvGJSw7EoVeJNs6/bOmF3xzsZL8sl75zdlMerbML/jk09FxsXYUOF7
GMNeazBpC4CCs5geOphuls6DJYmeq8FmNXuUpqIlCPgJ6ehgXSdMLy5X1KMdSJV/
hjbSiKtbjE4yz4akWGljSKZ/K1gDEAXm8bt0/VvpPzmx4d2M1Ie38j3mtDHxJXfR
TqmRE8lMXNR8KeYajAiyikySDJLtfIBoR4hziLsO0IMIyP8s1jlJoGzakDQb7tGj
FF/k5nMzwbL480s8sK0igG4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:32 2024 by rpki-client on console-ams.rpki-client.org