Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/sw5qfvvm7ehWtvJFBQsUIX1KXyE.roa
File:                     sw5qfvvm7ehWtvJFBQsUIX1KXyE.roa (raw, json)
Hash identifier:          y2VVc0pG2U7aJ8H+Ura4YcGFmT5yM54Z46cG9j7pcTo=
Subject key identifier:   B3:0E:6A:7E:FB:E6:ED:E8:56:B6:F2:45:05:0B:14:21:7D:4A:5F:21
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       01856C540F868AB0E9809A4020496A77648E
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/sw5qfvvm7ehWtvJFBQsUIX1KXyE.roa
Signing time:             Sun 01 Jan 2023 07:55:26 +0000
ROA not before:           Sun 01 Jan 2023 07:55:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206479
IP address blocks:        185.120.22.0/24 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:54:0f:86:8a:b0:e9:80:9a:40:20:49:6a:77:64:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 07:55:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b30e6a7efbe6ede856b6f245050b14217d4a5f21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:ef:78:6d:b0:c6:53:ae:d7:1b:bc:ca:96:1d:
                    61:19:ec:6f:60:f1:c9:8e:a1:b7:81:ca:79:07:6e:
                    33:25:6d:7f:d0:ec:d3:50:15:c8:3b:39:f6:23:5f:
                    f7:fd:7f:91:c6:97:5e:cc:96:fd:6b:80:14:c8:70:
                    d9:9e:93:6e:8f:18:51:70:0c:49:b4:2f:10:a0:84:
                    60:59:26:34:fb:ba:ab:e0:39:cd:20:32:fa:cc:22:
                    ef:05:9d:73:f8:71:83:bc:0a:bb:ae:97:cf:64:0d:
                    90:58:b7:04:34:f6:3e:70:24:5a:15:64:aa:b1:72:
                    64:83:9e:6d:17:c2:8a:76:af:9e:64:d1:4d:bf:99:
                    38:88:49:b5:9d:65:08:c0:ea:87:90:2f:24:a3:40:
                    c7:aa:d4:9a:1f:ed:e1:41:e6:ea:a8:55:04:1d:57:
                    bd:95:28:99:de:eb:61:44:fb:71:b7:cd:42:58:67:
                    27:42:6c:9a:f4:7d:40:b6:7d:bf:b5:c8:c9:d7:29:
                    da:29:a8:7f:ec:8e:c7:3a:6e:66:39:c8:bc:37:6d:
                    36:51:c4:ea:29:7e:a9:37:f0:85:bf:0b:30:cc:28:
                    29:b2:34:80:85:9d:26:c0:e0:d9:fd:0f:36:41:10:
                    3d:0d:93:d3:58:8f:65:04:f3:9e:a2:10:4d:fe:5c:
                    b0:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:0E:6A:7E:FB:E6:ED:E8:56:B6:F2:45:05:0B:14:21:7D:4A:5F:21
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/sw5qfvvm7ehWtvJFBQsUIX1KXyE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.120.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c3:6d:ad:e3:99:1a:4d:bb:84:48:ce:db:4b:a2:93:65:34:53:
         06:96:39:13:a3:1b:fe:ce:92:76:97:a0:65:85:ae:ad:1c:14:
         bc:99:99:68:5d:33:f4:9c:b7:86:b2:43:57:80:f2:d8:d6:10:
         8a:56:4a:a4:b1:26:70:2f:59:af:b7:01:2b:55:ad:90:0d:1b:
         a8:54:88:6e:0f:9c:98:a1:c7:98:29:dc:d0:b1:ca:f7:8d:68:
         36:e4:a0:35:13:34:4d:27:9d:f5:0e:59:45:e5:6a:1a:4d:de:
         6a:62:72:53:0c:f2:1e:c7:c4:1a:e1:82:b0:6e:0d:04:b5:47:
         94:42:d5:6e:11:a3:10:9f:7e:bc:c2:ea:4c:ed:f7:57:1a:e8:
         b8:e2:4e:7c:ee:2a:3c:ec:3e:02:58:7f:c7:65:ec:65:72:ec:
         9f:cf:84:5b:4b:bf:e3:71:8d:f8:1c:3e:f1:7a:ef:94:7d:15:
         20:76:06:54:d7:4b:cc:03:f3:8e:81:a5:32:6c:ec:62:96:29:
         49:94:ad:39:24:a1:50:fa:69:a1:3e:bd:3e:7e:44:ee:ba:33:
         54:a9:2a:7f:e9:2e:de:6d:5d:47:30:f9:84:6b:90:0c:66:21:
         3a:f9:6b:bd:89:0a:f3:aa:95:b2:d3:c8:9c:c9:52:85:93:ab:
         3f:06:c8:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsVA+GirDpgJpAIElqd2SOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzBlNmE3ZWZiZTZlZGU4NTZiNmYyNDUwNTBiMTQyMTdkNGE1ZjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqe94bbDGU67XG7zKlh1hGexvYPHJ
jqG3gcp5B24zJW1/0OzTUBXIOzn2I1/3/X+RxpdezJb9a4AUyHDZnpNujxhRcAxJ
tC8QoIRgWSY0+7qr4DnNIDL6zCLvBZ1z+HGDvAq7rpfPZA2QWLcENPY+cCRaFWSq
sXJkg55tF8KKdq+eZNFNv5k4iEm1nWUIwOqHkC8ko0DHqtSaH+3hQebqqFUEHVe9
lSiZ3uthRPtxt81CWGcnQmya9H1Atn2/tcjJ1ynaKah/7I7HOm5mOci8N202UcTq
KX6pN/CFvwswzCgpsjSAhZ0mwODZ/Q82QRA9DZPTWI9lBPOeohBN/lywSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLMOan775u3oVrbyRQULFCF9Sl8hMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvc3c1cWZ2dm03ZWhXdHZKRkJRc1VJWDFLWHlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXgWMA0G
CSqGSIb3DQEBCwUAA4IBAQDDba3jmRpNu4RIzttLopNlNFMGljkToxv+zpJ2l6Bl
ha6tHBS8mZloXTP0nLeGskNXgPLY1hCKVkqksSZwL1mvtwErVa2QDRuoVIhuD5yY
oceYKdzQscr3jWg25KA1EzRNJ531DllF5WoaTd5qYnJTDPIex8Qa4YKwbg0EtUeU
QtVuEaMQn368wupM7fdXGui44k587io87D4CWH/HZexlcuyfz4RbS7/jcY34HD7x
eu+UfRUgdgZU10vMA/OOgaUybOxililJlK05JKFQ+mmhPr0+fkTuujNUqSp/6S7e
bV1HMPmEa5AMZiE6+Wu9iQrzqpWy08icyVKFk6s/Bsj/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:33 2024 by rpki-client on console-ams.rpki-client.org