Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/bSzHSmdJO20bDOslPqaC4tyoF2Q.roa
File:                     bSzHSmdJO20bDOslPqaC4tyoF2Q.roa (raw, json)
Hash identifier:          ooELd3j5E7uyd5A9s6drUSKxr56iA+nZv+DLk9EKXS8=
Subject key identifier:   6D:2C:C7:4A:67:49:3B:6D:1B:0C:EB:25:3E:A6:82:E2:DC:A8:17:64
Certificate issuer:       /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial:       01888AE743F46A60945DC95B2934BBC3156E
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/bSzHSmdJO20bDOslPqaC4tyoF2Q.roa
Signing time:             Mon 05 Jun 2023 09:33:11 +0000
ROA not before:           Mon 05 Jun 2023 09:33:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        185.230.52.0/23 maxlen: 24
                          185.199.159.0/24 maxlen: 24
                          185.210.152.0/24 maxlen: 24
                          185.210.154.0/24 maxlen: 24
                          185.210.153.0/24 maxlen: 24
                          185.210.155.0/24 maxlen: 24
                          185.228.74.0/24 maxlen: 24
                          185.223.76.0/24 maxlen: 24
                          185.225.2.0/24 maxlen: 24
                          185.225.0.0/24 maxlen: 24
                          185.121.12.0/22 maxlen: 24
                          185.206.251.0/24 maxlen: 24
                          185.206.248.0/24 maxlen: 24
                          185.226.105.0/24 maxlen: 24
                          185.226.107.0/24 maxlen: 24
                          185.234.20.0/22 maxlen: 24
                          185.234.23.0/24 maxlen: 24
                          185.240.120.0/23 maxlen: 24
                          185.238.228.0/22 maxlen: 24
                          185.36.204.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 12 Jun 2023 10:39:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:8a:e7:43:f4:6a:60:94:5d:c9:5b:29:34:bb:c3:15:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
        Validity
            Not Before: Jun  5 09:33:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6d2cc74a67493b6d1b0ceb253ea682e2dca81764
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:7d:00:64:68:fa:31:3b:ee:48:24:57:b7:e1:
                    df:c9:e5:46:f6:dd:7e:0b:36:bc:9d:97:72:e7:f3:
                    d3:77:8c:34:ae:63:f4:f9:1d:5e:b1:c4:b4:68:0a:
                    f6:49:26:31:88:a7:60:6a:2a:86:79:69:55:7b:87:
                    55:84:58:b1:29:7b:58:b3:88:8e:b8:c3:f0:29:79:
                    50:e5:b8:3a:30:36:40:08:05:ff:0a:0e:4d:35:29:
                    6a:46:e6:03:ac:c5:9c:d2:93:9d:21:c7:42:48:16:
                    2e:7b:45:06:fd:a3:17:3e:85:a5:ac:2b:28:b8:0e:
                    3c:55:3f:96:55:42:29:fb:21:78:be:cd:7e:38:e9:
                    61:c2:40:4b:4f:92:7d:bd:90:aa:d5:32:a3:4a:2f:
                    ed:6e:ab:58:c9:9a:a0:87:49:3c:26:0c:8c:45:66:
                    45:a8:d7:5e:4a:74:0d:27:94:e4:83:be:65:8d:4b:
                    99:e6:a8:a6:2d:e3:66:8b:0f:ca:4e:98:a6:49:fe:
                    73:ce:7e:6d:d7:9d:57:cc:2a:d4:7f:ca:e5:e5:ad:
                    1c:5f:06:71:78:8f:78:b8:35:dd:b6:12:66:d6:71:
                    a0:ae:f2:1e:b8:02:ca:f9:bd:f0:5e:e5:c4:8c:31:
                    26:96:9d:a1:0e:d5:6c:90:10:70:db:97:08:2d:a8:
                    e6:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:2C:C7:4A:67:49:3B:6D:1B:0C:EB:25:3E:A6:82:E2:DC:A8:17:64
            X509v3 Authority Key Identifier:
                keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/bSzHSmdJO20bDOslPqaC4tyoF2Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.36.204.0/24
                  185.121.12.0/22
                  185.199.159.0/24
                  185.206.248.0/24
                  185.206.251.0/24
                  185.210.152.0/22
                  185.223.76.0/24
                  185.225.0.0/24
                  185.225.2.0/24
                  185.226.105.0/24
                  185.226.107.0/24
                  185.228.74.0/24
                  185.230.52.0/23
                  185.234.20.0/22
                  185.238.228.0/22
                  185.240.120.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8d:57:86:2c:ab:61:76:af:69:0f:5d:0b:32:e4:61:bd:39:51:
         a3:97:ee:83:77:68:c2:26:49:77:3e:e7:66:8d:40:c2:3a:95:
         f5:b2:49:50:96:08:5a:17:6b:7a:43:a8:97:ba:89:82:3a:8f:
         f9:a4:e9:11:e4:50:b6:3e:07:71:7e:99:43:fa:76:0e:c3:99:
         b2:88:3b:01:ec:cd:2d:91:e1:69:98:83:4c:46:34:8d:c7:3b:
         33:50:14:46:f6:f3:00:8b:f9:cb:78:4c:16:cf:59:78:9f:1f:
         05:89:90:dc:18:e9:c1:ae:ee:94:2e:67:4a:b8:12:0c:26:3c:
         f8:2d:4f:bd:ff:a8:6f:a8:97:54:77:09:0b:b8:b6:4e:7a:c9:
         1d:c2:46:26:e4:8f:86:bb:45:34:81:00:a6:4f:6f:12:cb:88:
         61:da:9b:49:e7:48:c6:31:b8:b6:52:c2:20:ed:fe:68:42:54:
         74:6a:3a:09:80:5c:85:06:fe:8d:4c:2b:3e:9d:e3:3a:c7:e8:
         fe:6a:6b:07:40:a6:de:be:00:6c:23:75:28:7c:e6:08:d0:b2:
         1e:55:13:e8:2f:fa:c4:04:35:84:9e:8f:f3:65:73:44:e4:3a:
         74:7d:66:15:2e:3c:9f:56:8c:15:3b:ab:44:48:a7:f7:af:08:
         ac:7b:8f:8c
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYiK50P0amCUXclbKTS7wxVuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNjA1MDkzMzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDJjYzc0YTY3NDkzYjZkMWIwY2ViMjUzZWE2ODJlMmRjYTgxNzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh30AZGj6MTvuSCRXt+HfyeVG9t1+
Cza8nZdy5/PTd4w0rmP0+R1escS0aAr2SSYxiKdgaiqGeWlVe4dVhFixKXtYs4iO
uMPwKXlQ5bg6MDZACAX/Cg5NNSlqRuYDrMWc0pOdIcdCSBYue0UG/aMXPoWlrCso
uA48VT+WVUIp+yF4vs1+OOlhwkBLT5J9vZCq1TKjSi/tbqtYyZqgh0k8JgyMRWZF
qNdeSnQNJ5Tkg75ljUuZ5qimLeNmiw/KTpimSf5zzn5t151XzCrUf8rl5a0cXwZx
eI94uDXdthJm1nGgrvIeuALK+b3wXuXEjDEmlp2hDtVskBBw25cILajmmQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFG0sx0pnSTttGwzrJT6mguLcqBdkMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvYlN6SFNtZEpPMjBiRE9zbFBxYUM0dHlvRjJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAuSTMAwQC
uXkMAwQAucefAwQAuc74AwQAuc77AwQCudKYAwQAud9MAwQAueEAAwQAueECAwQA
ueJpAwQAueJrAwQAueRKAwQBueY0AwQCueoUAwQCue7kAwQBufB4MA0GCSqGSIb3
DQEBCwUAA4IBAQCNV4Ysq2F2r2kPXQsy5GG9OVGjl+6Dd2jCJkl3PudmjUDCOpX1
sklQlghaF2t6Q6iXuomCOo/5pOkR5FC2PgdxfplD+nYOw5myiDsB7M0tkeFpmINM
RjSNxzszUBRG9vMAi/nLeEwWz1l4nx8FiZDcGOnBru6ULmdKuBIMJjz4LU+9/6hv
qJdUdwkLuLZOeskdwkYm5I+Gu0U0gQCmT28Sy4hh2ptJ50jGMbi2UsIg7f5oQlR0
ajoJgFyFBv6NTCs+neM6x+j+amsHQKbevgBsI3UofOYI0LIeVRPoL/rEBDWEno/z
ZXNE5Dp0fWYVLjyfVowVO6tESKf3rwise4+M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:27 2024 by rpki-client on console-ams.rpki-client.org