Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/6fd5d2-b7ce-4b3d-8f2c-138bbaac7fe2/1/aj1zwA9PC7dnTnEu2iKF3x8ma1k.roa
File:                     aj1zwA9PC7dnTnEu2iKF3x8ma1k.roa (raw, json)
Hash identifier:          MQX5Q9as1nTO+G2DLEWPnsjtgje/LakMPEvexidZJmU=
Subject key identifier:   6A:3D:73:C0:0F:4F:0B:B7:67:4E:71:2E:DA:22:85:DF:1F:26:6B:59
Certificate issuer:       /CN=e6e4687ab8b1eb6de1abd04a07617c86d118518d
Certificate serial:       01856CB8488CADAAD2924424A7FC7BB76E4B
Authority key identifier: E6:E4:68:7A:B8:B1:EB:6D:E1:AB:D0:4A:07:61:7C:86:D1:18:51:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5uRoerix623hq9BKB2F8htEYUY0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/6fd5d2-b7ce-4b3d-8f2c-138bbaac7fe2/1/aj1zwA9PC7dnTnEu2iKF3x8ma1k.roa
Signing time:             Sun 01 Jan 2023 09:44:54 +0000
ROA not before:           Sun 01 Jan 2023 09:44:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     22773
IP address blocks:        216.247.232.0/22 maxlen: 22
                          185.217.166.0/24 maxlen: 24
                          113.30.192.0/21 maxlen: 21
                          5.183.88.0/22 maxlen: 22
                          2a10:d502::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:b8:48:8c:ad:aa:d2:92:44:24:a7:fc:7b:b7:6e:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e6e4687ab8b1eb6de1abd04a07617c86d118518d
        Validity
            Not Before: Jan  1 09:44:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6a3d73c00f4f0bb7674e712eda2285df1f266b59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:01:ec:74:6b:f5:e6:43:73:b2:ed:25:e9:5d:
                    10:d2:0c:ea:e3:6e:8a:cd:26:db:3c:d8:a3:18:a2:
                    58:8f:db:ff:4f:c8:fa:1b:32:e1:8f:e6:4a:3b:1a:
                    f6:ab:18:7c:bf:f2:dc:33:64:ba:f2:93:a9:14:a8:
                    c4:f5:d9:44:4d:47:31:49:8b:a5:3a:55:7b:58:0e:
                    fa:cb:1d:c9:dd:65:44:ca:b0:b9:37:58:ba:c7:e4:
                    20:c0:8d:0c:27:79:2d:40:ad:57:c7:1c:83:2b:a7:
                    ad:4e:92:c7:c7:5f:62:f3:14:89:da:e8:1c:01:6d:
                    2c:9c:71:3a:34:39:69:e9:2e:e6:8b:b6:26:cf:b4:
                    73:05:41:cf:2c:d4:32:59:d2:b5:54:5f:1f:5a:05:
                    56:bb:05:88:cf:c1:4d:91:22:78:a2:78:9a:89:41:
                    16:ff:2d:5c:0a:15:d5:a6:01:a6:a2:f0:b5:8c:a8:
                    05:d0:35:d6:5c:01:2e:14:20:01:ce:de:81:6d:3e:
                    c6:1e:2e:52:16:58:0b:4a:d8:36:3c:69:b0:43:83:
                    04:23:af:70:b1:e3:1c:5d:fa:a3:1b:50:a3:af:a6:
                    38:33:70:78:cc:02:35:1d:06:c9:f3:a4:dd:9c:36:
                    c0:20:96:23:6a:4e:76:55:a5:94:87:c3:32:e3:36:
                    05:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:3D:73:C0:0F:4F:0B:B7:67:4E:71:2E:DA:22:85:DF:1F:26:6B:59
            X509v3 Authority Key Identifier:
                keyid:E6:E4:68:7A:B8:B1:EB:6D:E1:AB:D0:4A:07:61:7C:86:D1:18:51:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5uRoerix623hq9BKB2F8htEYUY0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/6fd5d2-b7ce-4b3d-8f2c-138bbaac7fe2/1/aj1zwA9PC7dnTnEu2iKF3x8ma1k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/6fd5d2-b7ce-4b3d-8f2c-138bbaac7fe2/1/5uRoerix623hq9BKB2F8htEYUY0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.183.88.0/22
                  113.30.192.0/21
                  185.217.166.0/24
                  216.247.232.0/22
                IPv6:
                  2a10:d502::/32

    Signature Algorithm: sha256WithRSAEncryption
         2d:40:90:cf:21:47:f5:ba:f1:ec:d2:e3:8f:0c:8c:63:4e:91:
         1e:40:54:8c:12:69:6b:60:f1:0e:d3:51:74:0d:91:75:d2:5f:
         59:24:be:40:b2:82:c4:5b:06:d0:01:54:7a:4b:ca:93:1d:8e:
         d8:ec:4b:b2:1a:ab:3c:2c:98:01:52:3e:cf:d7:72:f4:d7:8e:
         7c:52:ee:79:9a:9c:68:52:ee:e7:71:e9:41:90:0e:a9:f6:ae:
         8d:bf:40:45:41:44:fb:96:cf:d0:50:60:a0:74:e5:15:86:9a:
         41:cc:09:06:d3:ba:42:2d:21:d7:99:fe:67:ea:39:18:96:84:
         b5:3f:37:29:52:05:70:c2:14:bf:b3:73:1a:8e:65:17:ff:31:
         dc:7b:ff:67:92:5a:98:c5:bd:49:60:50:12:59:ca:fb:95:bd:
         8f:af:48:70:62:3a:8f:58:38:9e:44:55:64:71:ac:8e:b4:5a:
         94:d4:09:ad:5d:f4:30:f1:c7:ed:3b:69:03:ef:75:4e:ef:9a:
         18:3e:29:8e:b2:05:78:33:c3:a4:12:5a:86:ef:84:a6:97:9e:
         5b:cd:f5:29:39:22:07:85:d6:17:e1:ea:14:b9:64:fe:67:e7:
         b3:d8:c4:f5:14:30:4d:4b:77:48:64:f3:04:45:8c:0d:57:56:
         48:0e:b7:90
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVsuEiMrarSkkQkp/x7t25LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2ZTQ2ODdhYjhiMWViNmRlMWFiZDA0YTA3NjE3Yzg2ZDEx
ODUxOGQwHhcNMjMwMTAxMDk0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTNkNzNjMDBmNGYwYmI3Njc0ZTcxMmVkYTIyODVkZjFmMjY2YjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowHsdGv15kNzsu0l6V0Q0gzq426K
zSbbPNijGKJYj9v/T8j6GzLhj+ZKOxr2qxh8v/LcM2S68pOpFKjE9dlETUcxSYul
OlV7WA76yx3J3WVEyrC5N1i6x+QgwI0MJ3ktQK1XxxyDK6etTpLHx19i8xSJ2ugc
AW0snHE6NDlp6S7mi7Ymz7RzBUHPLNQyWdK1VF8fWgVWuwWIz8FNkSJ4oniaiUEW
/y1cChXVpgGmovC1jKgF0DXWXAEuFCABzt6BbT7GHi5SFlgLStg2PGmwQ4MEI69w
seMcXfqjG1Cjr6Y4M3B4zAI1HQbJ86TdnDbAIJYjak52VaWUh8My4zYF6wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGo9c8APTwu3Z05xLtoihd8fJmtZMB8GA1UdIwQY
MBaAFObkaHq4sett4avQSgdhfIbRGFGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXVSb2VyaXg2MjNocTlCS0IyRjhodEVZVVkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS82ZmQ1ZDItYjdjZS00YjNkLThmMmMt
MTM4YmJhYWM3ZmUyLzEvYWoxendBOVBDN2RuVG5FdTJpS0YzeDhtYTFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS82ZmQ1ZDItYjdjZS00YjNkLThmMmMtMTM4YmJhYWM3ZmUy
LzEvNXVSb2VyaXg2MjNocTlCS0IyRjhodEVZVVkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCBbdYAwQD
cR7AAwQAudmmAwQC2PfoMA0EAgACMAcDBQAqENUCMA0GCSqGSIb3DQEBCwUAA4IB
AQAtQJDPIUf1uvHs0uOPDIxjTpEeQFSMEmlrYPEO01F0DZF10l9ZJL5AsoLEWwbQ
AVR6S8qTHY7Y7EuyGqs8LJgBUj7P13L01458Uu55mpxoUu7ncelBkA6p9q6Nv0BF
QUT7ls/QUGCgdOUVhppBzAkG07pCLSHXmf5n6jkYloS1PzcpUgVwwhS/s3MajmUX
/zHce/9nklqYxb1JYFASWcr7lb2Pr0hwYjqPWDieRFVkcayOtFqU1AmtXfQw8cft
O2kD73VO75oYPimOsgV4M8OkElqG74Sml55bzfUpOSIHhdYX4eoUuWT+Z+ez2MT1
FDBNS3dIZPMERYwNV1ZIDreQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:06 2024 by rpki-client on console-fra.rpki-client.org