Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/xu3e6MZa6-R5w7kN-rWNvuKhCjE.roa
File:                     xu3e6MZa6-R5w7kN-rWNvuKhCjE.roa (raw, json)
Hash identifier:          y9bfEYQijN0q3SXtSdp3UFxtRsIOnYdPkarhWAIYYEM=
Subject key identifier:   C6:ED:DE:E8:C6:5A:EB:E4:79:C3:B9:0D:FA:B5:8D:BE:E2:A1:0A:31
Certificate issuer:       /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial:       0188D56BFFC50290FF79469FE6B2FB192952
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/xu3e6MZa6-R5w7kN-rWNvuKhCjE.roa
Signing time:             Mon 19 Jun 2023 20:50:04 +0000
ROA not before:           Mon 19 Jun 2023 20:50:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213005
IP address blocks:        185.223.220.0/22 maxlen: 22
                          92.60.34.0/24 maxlen: 24
                          185.211.180.0/22 maxlen: 22
                          185.245.34.0/23 maxlen: 23
                          185.179.228.0/22 maxlen: 22
                          185.227.128.0/22 maxlen: 22
                          185.189.64.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 11 Oct 2023 09:51:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:d5:6b:ff:c5:02:90:ff:79:46:9f:e6:b2:fb:19:29:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
        Validity
            Not Before: Jun 19 20:50:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c6eddee8c65aebe479c3b90dfab58dbee2a10a31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:7d:6c:01:ae:e8:cc:6e:d4:d5:b3:23:6f:41:
                    c6:a1:b3:24:6e:e5:0e:b3:e4:31:37:fe:3d:3f:c7:
                    2c:aa:92:57:a2:a5:48:55:96:06:2d:eb:91:ac:02:
                    d3:1e:7f:0b:5f:5a:c7:9f:47:dd:c5:08:ba:75:e1:
                    0a:48:c5:a9:a5:a5:d2:97:5f:cb:7e:44:d7:b8:5a:
                    f6:fd:0b:76:7f:39:c9:71:67:b6:28:a5:85:8f:ea:
                    33:c7:f5:8d:b2:9f:7d:2f:0b:d1:68:fa:23:77:d0:
                    d0:6a:86:b1:b3:7c:f4:0b:9b:30:f4:94:70:00:87:
                    43:20:c6:f9:a7:7e:58:09:31:ad:34:af:a6:0d:d8:
                    82:fd:8d:06:5d:79:52:a1:c6:41:08:e8:10:88:43:
                    be:0b:3d:a8:09:0e:1e:2e:d5:61:f9:f9:bf:73:09:
                    b0:55:80:be:96:b0:d8:d4:47:30:89:65:7a:1c:30:
                    88:88:fe:c9:4b:d8:8f:4e:91:94:3d:81:a2:ec:43:
                    f5:aa:a2:34:13:53:d3:10:67:85:36:5a:5f:b8:bd:
                    c5:47:5e:ce:ab:5d:6f:06:8d:dc:01:89:2e:a4:26:
                    4a:4f:a7:2f:6f:ea:49:63:3a:b6:96:97:03:61:41:
                    45:97:46:41:54:8d:3a:5c:fc:d9:d1:3d:fe:88:69:
                    00:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:ED:DE:E8:C6:5A:EB:E4:79:C3:B9:0D:FA:B5:8D:BE:E2:A1:0A:31
            X509v3 Authority Key Identifier:
                keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/xu3e6MZa6-R5w7kN-rWNvuKhCjE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.60.34.0/24
                  185.179.228.0/22
                  185.189.64.0/22
                  185.211.180.0/22
                  185.223.220.0/22
                  185.227.128.0/22
                  185.245.34.0/23

    Signature Algorithm: sha256WithRSAEncryption
         06:47:ed:35:a5:aa:d2:a4:ab:27:06:8c:b7:bc:53:55:07:48:
         67:f0:56:8f:d0:51:3d:4e:1e:b9:a7:a6:34:9a:06:4c:4e:22:
         65:5f:82:05:0b:38:9c:e7:d3:41:d2:67:df:1f:52:68:74:bd:
         d6:6f:e9:ed:cc:51:51:fd:ac:0b:81:2b:3c:14:a7:55:ee:2e:
         11:3b:4a:58:45:ec:b3:e3:0c:03:b4:aa:0d:cb:3c:5a:3c:f2:
         27:83:e6:d5:ed:a3:72:d1:24:43:9e:d4:ad:67:cd:53:78:56:
         4c:07:f8:35:b6:21:1d:be:b2:c6:2b:89:11:28:6e:51:5d:2b:
         a0:7f:a8:90:b5:17:56:c5:c1:7d:1e:58:8c:78:26:fc:33:59:
         f9:3a:e8:b5:70:50:e4:fd:d1:6e:7f:27:7c:54:39:91:1d:e8:
         80:b8:bd:06:e8:36:cf:21:87:b5:b3:ed:91:aa:55:4a:9f:06:
         5e:90:d6:a8:6b:e0:08:58:b2:44:ed:f8:81:28:fa:a8:3e:d9:
         8f:c0:e0:08:c3:ce:64:25:a7:e9:df:74:a0:a9:d5:05:82:f7:
         fd:38:75:ae:b2:f4:6d:4b:ba:c5:b9:d3:e4:fe:9c:5b:bf:5a:
         ba:95:84:0b:a9:17:c5:42:02:5b:fc:b0:1c:19:58:fa:0c:36:
         dd:ec:72:2a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYjVa//FApD/eUaf5rL7GSlSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNjE5MjA1MDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmVkZGVlOGM2NWFlYmU0NzljM2I5MGRmYWI1OGRiZWUyYTEwYTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnn1sAa7ozG7U1bMjb0HGobMkbuUO
s+QxN/49P8csqpJXoqVIVZYGLeuRrALTHn8LX1rHn0fdxQi6deEKSMWppaXSl1/L
fkTXuFr2/Qt2fznJcWe2KKWFj+ozx/WNsp99LwvRaPojd9DQaoaxs3z0C5sw9JRw
AIdDIMb5p35YCTGtNK+mDdiC/Y0GXXlSocZBCOgQiEO+Cz2oCQ4eLtVh+fm/cwmw
VYC+lrDY1EcwiWV6HDCIiP7JS9iPTpGUPYGi7EP1qqI0E1PTEGeFNlpfuL3FR17O
q11vBo3cAYkupCZKT6cvb+pJYzq2lpcDYUFFl0ZBVI06XPzZ0T3+iGkAUwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMbt3ujGWuvkecO5Dfq1jb7ioQoxMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEveHUzZTZNWmE2LVI1dzdrTi1yV052dUtoQ2pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAXDwiAwQC
ubPkAwQCub1AAwQCudO0AwQCud/cAwQCueOAAwQBufUiMA0GCSqGSIb3DQEBCwUA
A4IBAQAGR+01parSpKsnBoy3vFNVB0hn8FaP0FE9Th65p6Y0mgZMTiJlX4IFCzic
59NB0mffH1JodL3Wb+ntzFFR/awLgSs8FKdV7i4RO0pYReyz4wwDtKoNyzxaPPIn
g+bV7aNy0SRDntStZ81TeFZMB/g1tiEdvrLGK4kRKG5RXSugf6iQtRdWxcF9HliM
eCb8M1n5Oui1cFDk/dFufyd8VDmRHeiAuL0G6DbPIYe1s+2RqlVKnwZekNaoa+AI
WLJE7fiBKPqoPtmPwOAIw85kJafp33SgqdUFgvf9OHWusvRtS7rFudPk/pxbv1q6
lYQLqRfFQgJb/LAcGVj6DDbd7HIq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:30 2024 by rpki-client on console-ams.rpki-client.org