Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ArqHhK6o8tB0v_R2EGGTP5yEkrA.roa
File:                     ArqHhK6o8tB0v_R2EGGTP5yEkrA.roa (raw, json)
Hash identifier:          yyLkohEp4krQaoAXtzbpADFUCA3Ky8sKMaectVVl0Ec=
Subject key identifier:   02:BA:87:84:AE:A8:F2:D0:74:BF:F4:76:10:61:93:3F:9C:84:92:B0
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       01856C53EBCCE270D090109C9987B93C4D42
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ArqHhK6o8tB0v_R2EGGTP5yEkrA.roa
Signing time:             Sun 01 Jan 2023 07:55:17 +0000
ROA not before:           Sun 01 Jan 2023 07:55:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39526
IP address blocks:        194.56.76.0/24 maxlen: 32
                          185.214.71.0/24 maxlen: 32

Validation:               Failed, certificate revoked on Mon 30 Oct 2023 20:45:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:53:eb:cc:e2:70:d0:90:10:9c:99:87:b9:3c:4d:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 07:55:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=02ba8784aea8f2d074bff4761061933f9c8492b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:54:6d:a3:c3:d6:01:1d:0f:11:c4:cc:63:4d:
                    b8:4a:03:48:df:fd:cf:57:94:2c:99:6b:d2:fe:be:
                    6e:06:8b:50:94:7e:be:bb:d5:8e:0c:e0:34:55:0b:
                    7a:b9:9e:83:3f:9f:13:d2:c0:15:e0:60:8b:af:d7:
                    57:c9:6b:f5:02:7b:b3:ac:b1:da:2b:03:53:97:9d:
                    f8:9d:b2:6e:a8:ae:90:96:12:1d:10:7a:93:53:72:
                    e6:fb:f4:88:8e:8e:ff:4e:0e:65:8d:c3:d2:fb:e2:
                    20:47:64:9b:28:53:a5:d7:f8:8e:f8:1b:3e:74:c8:
                    db:dc:83:d5:e1:5c:6d:57:b5:5e:e6:ec:37:24:c9:
                    1a:1a:14:c7:16:3f:b9:aa:c0:0f:67:d6:23:ae:58:
                    27:9e:ed:5b:8e:80:0e:18:c8:0f:1c:81:7a:f5:a0:
                    c0:e1:d0:97:88:77:c5:06:8e:bb:4c:41:3d:53:9e:
                    a9:1a:55:77:71:57:7f:c4:0d:ba:70:93:0e:10:fb:
                    2c:ee:e5:38:05:5f:bc:53:31:b9:de:6c:c2:b9:42:
                    98:4e:3c:05:f7:5e:9e:ab:0a:bf:51:51:03:dd:ae:
                    53:18:19:16:e2:90:65:3b:0b:1c:72:32:81:a2:94:
                    34:e6:8c:f4:67:51:81:97:8d:0f:4d:b9:e9:33:df:
                    21:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:BA:87:84:AE:A8:F2:D0:74:BF:F4:76:10:61:93:3F:9C:84:92:B0
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ArqHhK6o8tB0v_R2EGGTP5yEkrA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.214.71.0/24
                  194.56.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:6b:64:02:72:75:72:ae:a9:af:42:17:5a:fb:ec:bd:7f:c7:
         8e:3b:ae:95:5e:b6:ba:5c:c2:19:a3:a4:8e:26:0a:23:47:56:
         65:2a:89:07:34:72:61:4c:2a:f8:cb:0a:b6:c9:af:86:c1:ce:
         40:b8:d6:90:47:8e:e0:bb:6e:15:c4:c0:24:9f:07:9c:bf:0a:
         f9:83:0d:9d:95:88:d8:2f:17:1a:96:8d:80:f6:7e:87:66:c4:
         6f:9e:ea:66:89:33:ef:1a:3a:65:16:7d:bd:92:b4:82:a4:27:
         15:0a:f7:e1:d8:89:36:0f:d6:2f:31:22:0c:1c:a6:23:cf:ab:
         24:3c:5e:8c:34:5b:84:f4:b6:5a:f6:61:66:43:f3:59:96:15:
         a2:e5:97:52:36:fb:82:95:62:c8:fd:ac:71:76:63:d2:1e:04:
         d9:2d:51:ff:44:ab:5f:fe:d5:db:d4:64:a5:b8:bd:ca:73:10:
         14:1e:84:0b:be:97:4d:bd:af:c9:ba:dc:93:38:90:46:e6:ff:
         0d:1f:e8:2e:70:3a:ca:0b:a7:fb:e4:af:ce:87:db:e1:74:2a:
         c4:b5:2d:df:6c:8b:c7:2a:12:0e:aa:8e:36:97:da:33:45:71:
         28:99:3b:8f:61:bd:0b:73:b7:f0:b8:db:0d:50:aa:86:6c:5c:
         71:73:c6:16
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsU+vM4nDQkBCcmYe5PE1CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmJhODc4NGFlYThmMmQwNzRiZmY0NzYxMDYxOTMzZjljODQ5MmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1Rto8PWAR0PEcTMY024SgNI3/3P
V5QsmWvS/r5uBotQlH6+u9WODOA0VQt6uZ6DP58T0sAV4GCLr9dXyWv1AnuzrLHa
KwNTl534nbJuqK6QlhIdEHqTU3Lm+/SIjo7/Tg5ljcPS++IgR2SbKFOl1/iO+Bs+
dMjb3IPV4VxtV7Ve5uw3JMkaGhTHFj+5qsAPZ9Yjrlgnnu1bjoAOGMgPHIF69aDA
4dCXiHfFBo67TEE9U56pGlV3cVd/xA26cJMOEPss7uU4BV+8UzG53mzCuUKYTjwF
916eqwq/UVED3a5TGBkW4pBlOwsccjKBopQ05oz0Z1GBl40PTbnpM98hlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAK6h4SuqPLQdL/0dhBhkz+chJKwMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvQXJxSGhLNm84dEIwdl9SMkVHR1RQNXlFa3JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudZHAwQA
wjhMMA0GCSqGSIb3DQEBCwUAA4IBAQAOa2QCcnVyrqmvQhda++y9f8eOO66VXra6
XMIZo6SOJgojR1ZlKokHNHJhTCr4ywq2ya+Gwc5AuNaQR47gu24VxMAknwecvwr5
gw2dlYjYLxcalo2A9n6HZsRvnupmiTPvGjplFn29krSCpCcVCvfh2Ik2D9YvMSIM
HKYjz6skPF6MNFuE9LZa9mFmQ/NZlhWi5ZdSNvuClWLI/axxdmPSHgTZLVH/RKtf
/tXb1GSluL3KcxAUHoQLvpdNva/JutyTOJBG5v8NH+gucDrKC6f75K/Oh9vhdCrE
tS3fbIvHKhIOqo42l9ozRXEomTuPYb0Lc7fwuNsNUKqGbFxxc8YW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org