Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/XRAXlsPfy4PETnX7CoROO-iLymU.roa
File:                     XRAXlsPfy4PETnX7CoROO-iLymU.roa (raw, json)
Hash identifier:          93DHaLvuQoM4QLhkP90oPJcd7y4EqI0gz0GVejIx2IQ=
Subject key identifier:   5D:10:17:96:C3:DF:CB:83:C4:4E:75:FB:0A:84:4E:3B:E8:8B:CA:65
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       018BC7070E95B8DADCC6F0F8F8FB3333D59B
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/XRAXlsPfy4PETnX7CoROO-iLymU.roa
Signing time:             Mon 13 Nov 2023 04:53:30 +0000
ROA not before:           Mon 13 Nov 2023 04:53:30 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3170
IP address blocks:        185.133.73.0/24 maxlen: 32
                          194.156.159.0/24 maxlen: 32
                          2a06:7a03::/48 maxlen: 128

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:c7:07:0e:95:b8:da:dc:c6:f0:f8:f8:fb:33:33:d5:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Nov 13 04:53:30 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5d101796c3dfcb83c44e75fb0a844e3be88bca65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:b1:15:ad:88:07:f6:83:74:d5:3d:f3:26:c4:
                    65:db:f7:a0:8c:53:55:c3:76:69:86:7c:21:7f:b5:
                    f7:bd:64:69:6f:bc:eb:2c:8c:dd:e0:99:59:b1:9b:
                    38:05:bf:62:ab:7c:74:aa:87:78:e5:90:5f:eb:47:
                    1b:71:86:1c:02:05:26:20:32:98:b9:90:e8:6a:d3:
                    e4:f2:a6:db:64:46:71:2a:33:7b:d2:3e:91:0d:28:
                    11:e0:a7:2f:ed:98:db:5e:d1:38:8a:e3:86:cb:de:
                    97:74:d6:c2:3b:03:f1:56:69:ba:66:13:6f:aa:4b:
                    c8:79:e3:e8:9e:77:0e:39:8d:88:4e:d3:43:74:ac:
                    59:31:11:36:4d:01:2e:69:05:2e:21:94:d1:f9:19:
                    88:3d:e8:d5:01:b2:cb:5a:8a:f6:27:b2:17:99:a0:
                    f3:06:b7:b3:95:d1:39:18:6e:07:07:8f:f5:f4:85:
                    84:c7:b6:22:c4:f4:cc:9f:e5:71:d1:16:b8:57:3a:
                    78:2d:97:97:23:1b:8f:de:df:6e:2c:a6:50:df:f0:
                    fc:68:5c:de:b0:5c:8d:71:c4:e8:7e:ea:12:88:90:
                    d7:4b:cd:3d:7c:42:5a:ea:5f:5a:0a:27:43:5a:e3:
                    dd:94:6c:a1:81:8a:b8:26:8a:05:80:a6:20:c2:e1:
                    91:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:10:17:96:C3:DF:CB:83:C4:4E:75:FB:0A:84:4E:3B:E8:8B:CA:65
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/XRAXlsPfy4PETnX7CoROO-iLymU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.133.73.0/24
                  194.156.159.0/24
                IPv6:
                  2a06:7a03::/48

    Signature Algorithm: sha256WithRSAEncryption
         a7:54:f4:94:c6:ae:df:11:d0:de:a6:ad:b4:8f:af:8e:e1:33:
         b7:e3:15:eb:e7:eb:b3:61:63:d7:4f:01:fc:dd:02:e7:58:9b:
         ac:f9:e1:01:79:e5:3d:65:1c:f1:fc:fb:4a:8a:95:2f:b0:40:
         8a:bd:14:58:07:e6:a1:09:96:89:01:31:06:62:3c:30:ce:38:
         5a:e5:25:55:76:10:b5:d4:36:56:b5:db:8f:f3:5b:a0:06:39:
         4f:7d:2d:0d:3e:a4:99:14:f6:59:75:22:47:23:6f:f8:a0:3b:
         e5:29:6c:f9:0b:ad:8e:4c:c6:c8:a9:bf:b0:4f:09:64:3f:a6:
         8c:12:a9:bc:8d:0f:a2:01:92:93:1a:22:33:a2:38:7a:74:c8:
         66:42:04:13:32:5e:95:8c:af:d1:8e:3a:db:e4:0d:a2:0b:f9:
         6a:7d:4a:c7:af:6c:14:a7:5e:26:8d:52:c0:bf:67:15:95:74:
         12:e3:94:e6:ec:3d:0c:a8:c0:fb:11:5e:bc:c3:41:7c:ab:b4:
         32:48:50:08:81:d6:d0:3b:ce:cc:21:c8:a2:62:a0:82:26:67:
         43:46:fa:6b:5f:92:b9:00:a1:c6:77:c4:c6:a1:a5:c5:97:7f:
         2c:36:f7:cf:45:a8:9d:14:42:14:fc:62:5b:ad:53:7e:38:dc:
         d7:5c:48:72
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYvHBw6VuNrcxvD4+PszM9WbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMxMTEzMDQ1MzMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDEwMTc5NmMzZGZjYjgzYzQ0ZTc1ZmIwYTg0NGUzYmU4OGJjYTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA67EVrYgH9oN01T3zJsRl2/egjFNV
w3Zphnwhf7X3vWRpb7zrLIzd4JlZsZs4Bb9iq3x0qod45ZBf60cbcYYcAgUmIDKY
uZDoatPk8qbbZEZxKjN70j6RDSgR4Kcv7ZjbXtE4iuOGy96XdNbCOwPxVmm6ZhNv
qkvIeePonncOOY2ITtNDdKxZMRE2TQEuaQUuIZTR+RmIPejVAbLLWor2J7IXmaDz
BrezldE5GG4HB4/19IWEx7YixPTMn+Vx0Ra4Vzp4LZeXIxuP3t9uLKZQ3/D8aFze
sFyNccTofuoSiJDXS809fEJa6l9aCidDWuPdlGyhgYq4JooFgKYgwuGRJwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFF0QF5bD38uDxE51+wqETjvoi8plMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvWFJBWGxzUGZ5NFBFVG5YN0NvUk9PLWlMeW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuYVJAwQA
wpyfMA8EAgACMAkDBwAqBnoDAAAwDQYJKoZIhvcNAQELBQADggEBAKdU9JTGrt8R
0N6mrbSPr47hM7fjFevn67NhY9dPAfzdAudYm6z54QF55T1lHPH8+0qKlS+wQIq9
FFgH5qEJlokBMQZiPDDOOFrlJVV2ELXUNla124/zW6AGOU99LQ0+pJkU9ll1Ikcj
b/igO+UpbPkLrY5Mxsipv7BPCWQ/powSqbyND6IBkpMaIjOiOHp0yGZCBBMyXpWM
r9GOOtvkDaIL+Wp9SsevbBSnXiaNUsC/ZxWVdBLjlObsPQyowPsRXrzDQXyrtDJI
UAiB1tA7zswhyKJioIImZ0NG+mtfkrkAocZ3xMahpcWXfyw2989FqJ0UQhT8Ylut
U3443NdcSHI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org