Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/319d61-560a-44fd-aa25-49671acdf486/1/XM1WOHLLwIJkJ9wmHi5uAYVcoy4.roa
File:                     XM1WOHLLwIJkJ9wmHi5uAYVcoy4.roa (raw, json)
Hash identifier:          scEHRAGh7p6VDe4PMvzkubq4hjxZDyrTeKF5WTepE+I=
Subject key identifier:   5C:CD:56:38:72:CB:C0:82:64:27:DC:26:1E:2E:6E:01:85:5C:A3:2E
Certificate issuer:       /CN=2dd3ae23cb46ee9c21950efcb60defa094ba5548
Certificate serial:       01856EB8F5F993E5C68791850F7CF3627982
Authority key identifier: 2D:D3:AE:23:CB:46:EE:9C:21:95:0E:FC:B6:0D:EF:A0:94:BA:55:48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LdOuI8tG7pwhlQ78tg3voJS6VUg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/319d61-560a-44fd-aa25-49671acdf486/1/XM1WOHLLwIJkJ9wmHi5uAYVcoy4.roa
Signing time:             Sun 01 Jan 2023 19:04:53 +0000
ROA not before:           Sun 01 Jan 2023 19:04:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204099
IP address blocks:        185.222.44.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:29:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:b8:f5:f9:93:e5:c6:87:91:85:0f:7c:f3:62:79:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2dd3ae23cb46ee9c21950efcb60defa094ba5548
        Validity
            Not Before: Jan  1 19:04:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5ccd563872cbc0826427dc261e2e6e01855ca32e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:b5:a1:66:e3:79:32:7c:de:9c:1e:10:d3:71:
                    cf:ec:35:2e:fe:af:04:73:6d:2a:ac:3a:03:e4:47:
                    22:ae:a2:d8:c2:d4:5b:ad:da:02:16:93:7f:c2:0d:
                    bf:c9:4d:72:9a:b9:6c:f3:e3:e8:a5:bb:03:03:05:
                    c0:35:67:99:01:99:7a:e8:ab:0c:b1:ee:41:5d:be:
                    7f:f1:6f:90:0c:5c:75:c8:2d:23:af:bf:c6:71:e8:
                    f2:8a:21:0a:15:9d:fd:f4:84:c9:b9:5a:92:a0:00:
                    04:7f:1f:7a:da:98:87:bc:6b:72:ba:82:c9:4c:e7:
                    ad:69:24:c3:b3:da:25:69:5b:13:98:31:7f:a8:2d:
                    39:77:e6:2a:28:2e:8c:15:dc:75:7b:da:fc:3a:6a:
                    31:70:2b:8c:5a:c0:74:80:6a:8c:a0:f7:1a:3c:b1:
                    ab:5a:a2:77:f9:64:1f:38:b9:6e:c3:4d:70:04:fc:
                    6c:63:8e:50:09:d5:21:0a:c1:83:2b:9a:8b:67:fa:
                    df:72:20:0a:0e:bc:97:38:2e:e0:aa:f9:85:75:3e:
                    85:92:8e:9e:cf:c0:23:4a:e7:2e:48:fe:fe:c6:c9:
                    61:5e:15:b8:b6:9c:bb:80:0b:fa:0f:f0:31:db:26:
                    a1:59:41:2e:0d:fc:ca:86:95:26:f0:df:e9:40:3c:
                    d4:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:CD:56:38:72:CB:C0:82:64:27:DC:26:1E:2E:6E:01:85:5C:A3:2E
            X509v3 Authority Key Identifier:
                keyid:2D:D3:AE:23:CB:46:EE:9C:21:95:0E:FC:B6:0D:EF:A0:94:BA:55:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LdOuI8tG7pwhlQ78tg3voJS6VUg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/319d61-560a-44fd-aa25-49671acdf486/1/XM1WOHLLwIJkJ9wmHi5uAYVcoy4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/319d61-560a-44fd-aa25-49671acdf486/1/LdOuI8tG7pwhlQ78tg3voJS6VUg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.222.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         19:ec:fb:55:49:bf:62:4b:0f:3a:6b:4b:96:f8:3c:b9:d5:09:
         6b:0b:25:05:36:7e:83:94:0d:0b:99:f3:7b:66:89:9d:d5:a4:
         23:b1:0e:95:b7:e7:a2:62:49:57:56:22:3a:71:d0:b1:01:e1:
         3d:cd:c5:2c:7b:be:75:31:26:c9:21:0d:07:01:01:17:95:76:
         55:04:d4:b6:97:74:1b:09:86:53:c1:5c:ca:7e:43:a1:d9:9d:
         15:6c:d4:f4:55:e8:09:2c:fe:b1:8b:a1:af:72:cc:b5:28:39:
         32:66:56:4d:78:ff:1f:af:de:26:2e:e0:48:13:32:55:7e:0c:
         48:8d:d4:d9:62:b1:40:86:2b:60:34:1a:92:33:d6:36:2f:63:
         0b:a7:48:8a:0a:7c:ae:51:6d:a4:e9:9e:dd:bf:1a:cd:12:43:
         32:97:99:cc:37:75:f2:0b:92:fa:cd:f7:fa:70:50:89:3a:c1:
         2d:68:7f:83:93:54:79:9c:20:b5:dd:b6:ff:67:eb:65:a9:12:
         4a:4f:44:4c:5b:96:75:46:25:e6:f2:63:a9:7f:ca:65:2d:a0:
         07:ac:b2:a3:10:ff:0b:5c:42:cd:02:d5:9a:57:ef:02:9d:49:
         08:ed:07:01:7b:d7:e1:bf:dc:79:48:94:7d:c7:e6:1e:29:23:
         f6:87:5e:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuuPX5k+XGh5GFD3zzYnmCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZDNhZTIzY2I0NmVlOWMyMTk1MGVmY2I2MGRlZmEwOTRi
YTU1NDgwHhcNMjMwMTAxMTkwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2NkNTYzODcyY2JjMDgyNjQyN2RjMjYxZTJlNmUwMTg1NWNhMzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7WhZuN5MnzenB4Q03HP7DUu/q8E
c20qrDoD5EcirqLYwtRbrdoCFpN/wg2/yU1ymrls8+PopbsDAwXANWeZAZl66KsM
se5BXb5/8W+QDFx1yC0jr7/GcejyiiEKFZ399ITJuVqSoAAEfx962piHvGtyuoLJ
TOetaSTDs9olaVsTmDF/qC05d+YqKC6MFdx1e9r8OmoxcCuMWsB0gGqMoPcaPLGr
WqJ3+WQfOLluw01wBPxsY45QCdUhCsGDK5qLZ/rfciAKDryXOC7gqvmFdT6Fko6e
z8AjSucuSP7+xslhXhW4tpy7gAv6D/Ax2yahWUEuDfzKhpUm8N/pQDzU3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFzNVjhyy8CCZCfcJh4ubgGFXKMuMB8GA1UdIwQY
MBaAFC3TriPLRu6cIZUO/LYN76CUulVIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGRPdUk4dEc3cHdobFE3OHRnM3ZvSlM2VlVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zMTlkNjEtNTYwYS00NGZkLWFhMjUt
NDk2NzFhY2RmNDg2LzEvWE0xV09ITEx3SUprSjl3bUhpNXVBWVZjb3k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zMTlkNjEtNTYwYS00NGZkLWFhMjUtNDk2NzFhY2RmNDg2
LzEvTGRPdUk4dEc3cHdobFE3OHRnM3ZvSlM2VlVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCud4sMA0G
CSqGSIb3DQEBCwUAA4IBAQAZ7PtVSb9iSw86a0uW+Dy51QlrCyUFNn6DlA0LmfN7
Zomd1aQjsQ6Vt+eiYklXViI6cdCxAeE9zcUse751MSbJIQ0HAQEXlXZVBNS2l3Qb
CYZTwVzKfkOh2Z0VbNT0VegJLP6xi6Gvcsy1KDkyZlZNeP8fr94mLuBIEzJVfgxI
jdTZYrFAhitgNBqSM9Y2L2MLp0iKCnyuUW2k6Z7dvxrNEkMyl5nMN3XyC5L6zff6
cFCJOsEtaH+Dk1R5nCC13bb/Z+tlqRJKT0RMW5Z1RiXm8mOpf8plLaAHrLKjEP8L
XELNAtWaV+8CnUkI7QcBe9fhv9x5SJR9x+YeKSP2h172
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:34 2024 by rpki-client on console-ams.rpki-client.org