Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/SGDu6g7o2ohdET4IGfhZVRDkpbE.roa
File:                     SGDu6g7o2ohdET4IGfhZVRDkpbE.roa (raw, json)
Hash identifier:          19JCg3F+nwb3CJa/HgUj9MFEPDfqZ3RSoEb6JgdN10U=
Subject key identifier:   48:60:EE:EA:0E:E8:DA:88:5D:11:3E:08:19:F8:59:55:10:E4:A5:B1
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       01856C5407EA815FE76056F765E7FEF21996
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/SGDu6g7o2ohdET4IGfhZVRDkpbE.roa
Signing time:             Sun 01 Jan 2023 07:55:24 +0000
ROA not before:           Sun 01 Jan 2023 07:55:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     138145
IP address blocks:        85.209.254.0/24 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:54:07:ea:81:5f:e7:60:56:f7:65:e7:fe:f2:19:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 07:55:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4860eeea0ee8da885d113e0819f8595510e4a5b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:ce:02:8e:ce:6a:ba:66:f2:d8:a6:a0:b6:4a:
                    3e:de:b1:67:e2:34:cb:1c:cf:db:4f:94:9b:7f:70:
                    bf:78:2d:5b:2a:c9:f2:ea:d1:60:ee:71:29:d8:20:
                    6f:a8:16:0f:01:d7:05:f3:47:75:a1:42:95:cd:f1:
                    c2:80:e3:d6:60:e8:0f:25:51:9c:60:4d:d6:a8:b5:
                    01:cc:8a:9c:f2:b5:4f:b9:8f:c8:82:26:89:be:13:
                    e5:f6:fd:36:03:06:76:74:6d:6e:25:45:b4:ce:2d:
                    cd:49:ff:c0:56:0f:64:9c:4a:01:40:09:ee:05:88:
                    75:cf:41:84:57:f5:6d:21:0f:cc:ad:7a:d1:e1:04:
                    80:ce:53:fe:fb:af:d5:bb:e6:fc:d7:25:c0:48:de:
                    a7:d6:08:36:a0:4a:82:5d:94:0d:23:e9:09:6f:98:
                    cd:8a:00:2d:02:1a:a5:5e:93:f8:c1:36:48:96:50:
                    be:dd:cf:9b:3f:dd:57:0b:96:3e:4a:8b:f8:f0:05:
                    c0:13:1f:e8:ae:16:e2:d0:dd:4c:ab:d8:f0:0b:cc:
                    c4:0b:ed:76:f9:4c:da:a2:a4:b8:54:04:16:58:cc:
                    e5:39:1d:ea:ac:3f:27:7b:8f:06:c6:f0:79:9a:51:
                    79:30:fc:be:33:50:da:1a:8f:9d:3d:77:c8:fa:ca:
                    2f:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:60:EE:EA:0E:E8:DA:88:5D:11:3E:08:19:F8:59:55:10:E4:A5:B1
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/SGDu6g7o2ohdET4IGfhZVRDkpbE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.209.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:20:33:19:51:f1:3a:3e:ab:bc:e6:61:c2:b4:f3:03:19:e9:
         b7:55:d7:2b:c8:ea:c0:09:58:e7:75:35:83:06:c3:27:76:18:
         12:8c:ec:ae:08:56:3d:5b:94:e0:14:eb:ac:45:66:38:60:6d:
         d2:c8:93:00:e3:b1:c1:b0:df:07:98:5b:ba:96:66:31:b9:7b:
         13:07:44:67:af:b2:1e:76:fb:c3:52:dd:64:a8:a3:cd:d4:12:
         ef:34:a6:e3:43:ae:8e:0c:88:e7:2b:a0:35:2b:12:0e:6a:1b:
         69:84:b6:b8:83:c7:c9:25:cc:52:43:58:d3:c9:2d:36:4d:2e:
         e6:72:ae:d4:23:d1:e7:32:95:fc:ab:9c:e0:91:c3:a7:dc:bf:
         38:9a:0f:c2:90:fb:54:e3:5b:6a:3b:bd:33:fe:ee:0c:9b:72:
         27:1e:38:b6:2b:f4:d3:14:81:80:9c:19:f3:38:d7:e3:a2:73:
         ad:35:b5:4f:21:be:76:1b:2e:79:ea:d2:f1:6b:73:bd:7e:96:
         68:f9:8d:22:f6:08:90:d4:dc:f2:60:f2:77:58:cf:5a:4c:94:
         3e:e2:bd:63:2e:35:1a:31:5e:e0:8b:f8:63:bc:ec:43:de:81:
         24:7b:c9:a4:2c:73:e4:c7:c5:1f:a4:85:56:ac:9b:bc:66:c4:
         0f:bd:40:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsVAfqgV/nYFb3Zef+8hmWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODYwZWVlYTBlZThkYTg4NWQxMTNlMDgxOWY4NTk1NTEwZTRhNWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnc4Cjs5qumby2Kagtko+3rFn4jTL
HM/bT5Sbf3C/eC1bKsny6tFg7nEp2CBvqBYPAdcF80d1oUKVzfHCgOPWYOgPJVGc
YE3WqLUBzIqc8rVPuY/IgiaJvhPl9v02AwZ2dG1uJUW0zi3NSf/AVg9knEoBQAnu
BYh1z0GEV/VtIQ/MrXrR4QSAzlP++6/Vu+b81yXASN6n1gg2oEqCXZQNI+kJb5jN
igAtAhqlXpP4wTZIllC+3c+bP91XC5Y+Sov48AXAEx/orhbi0N1Mq9jwC8zEC+12
+UzaoqS4VAQWWMzlOR3qrD8ne48GxvB5mlF5MPy+M1DaGo+dPXfI+sov0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEhg7uoO6NqIXRE+CBn4WVUQ5KWxMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvU0dEdTZnN28yb2hkRVQ0SUdmaFpWUkRrcGJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdH+MA0G
CSqGSIb3DQEBCwUAA4IBAQBzIDMZUfE6Pqu85mHCtPMDGem3VdcryOrACVjndTWD
BsMndhgSjOyuCFY9W5TgFOusRWY4YG3SyJMA47HBsN8HmFu6lmYxuXsTB0Rnr7Ie
dvvDUt1kqKPN1BLvNKbjQ66ODIjnK6A1KxIOahtphLa4g8fJJcxSQ1jTyS02TS7m
cq7UI9HnMpX8q5zgkcOn3L84mg/CkPtU41tqO70z/u4Mm3InHji2K/TTFIGAnBnz
ONfjonOtNbVPIb52Gy556tLxa3O9fpZo+Y0i9giQ1NzyYPJ3WM9aTJQ+4r1jLjUa
MV7gi/hjvOxD3oEke8mkLHPkx8UfpIVWrJu8ZsQPvUCB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org