Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/trkn72Rycr_ApHTJqf-JsLnqc34.roa
File:                     trkn72Rycr_ApHTJqf-JsLnqc34.roa (raw, json)
Hash identifier:          bARC6y79T+jtxaYJg8BCqEW43LT8pEFqlukxG6wa+5k=
Subject key identifier:   B6:B9:27:EF:64:72:72:BF:C0:A4:74:C9:A9:FF:89:B0:B9:EA:73:7E
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       01856C5414298D875DFA54E6FD180F9CE458
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/trkn72Rycr_ApHTJqf-JsLnqc34.roa
Signing time:             Sun 01 Jan 2023 07:55:27 +0000
ROA not before:           Sun 01 Jan 2023 07:55:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210405
IP address blocks:        185.223.164.0/24 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:54:14:29:8d:87:5d:fa:54:e6:fd:18:0f:9c:e4:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 07:55:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b6b927ef647272bfc0a474c9a9ff89b0b9ea737e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:0c:cf:33:ae:b1:c3:2a:67:b4:b8:86:9a:14:
                    bc:1a:88:5e:9e:94:cf:77:6a:d2:a4:95:3a:7b:66:
                    29:1d:0f:b9:c5:b7:62:ca:39:e7:e8:7a:fe:dc:5a:
                    f0:5d:a1:5a:4a:6e:c3:09:31:12:66:04:6b:d3:83:
                    28:fc:15:92:0c:49:57:1c:b7:46:59:a9:45:f0:e6:
                    e0:f2:86:c7:39:60:57:61:b9:d1:f1:bb:31:a0:7a:
                    66:cb:d3:91:63:7a:d9:de:36:28:a4:12:f9:12:70:
                    f6:75:85:0d:1c:04:e6:64:be:a1:d4:4b:01:86:6e:
                    b9:b1:4c:d8:e2:c4:eb:20:3f:d2:1f:2e:61:eb:2f:
                    23:94:9b:86:b8:e9:a3:08:e6:a7:01:9a:6e:e6:fe:
                    e9:91:c4:72:cc:76:d9:f4:18:68:3e:a2:8e:e7:2a:
                    31:4e:f4:d9:19:5c:e3:3b:c1:d9:7d:eb:85:75:ef:
                    ff:f0:ea:ec:e0:05:c5:8f:f9:e6:cd:26:fa:6d:29:
                    b9:f7:46:96:1b:8e:fb:e3:3d:e7:01:b1:ec:0e:2f:
                    72:49:57:51:35:dc:37:18:4b:15:d5:83:e8:c4:53:
                    44:40:18:b1:51:32:ae:68:a1:4d:9e:34:f6:f6:93:
                    9b:3f:00:95:c9:35:44:4c:52:74:9e:80:c7:1e:fe:
                    0b:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:B9:27:EF:64:72:72:BF:C0:A4:74:C9:A9:FF:89:B0:B9:EA:73:7E
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/trkn72Rycr_ApHTJqf-JsLnqc34.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.223.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:a0:af:c3:d4:a0:b3:8e:8b:eb:b6:27:6e:ee:d1:1a:fa:38:
         e9:2d:12:82:a3:6a:d4:bc:e3:da:27:63:86:78:b8:d9:43:bc:
         56:2a:1a:28:dc:83:0b:0a:e9:26:a0:17:76:5c:15:04:88:73:
         1e:96:3c:b2:16:05:6c:5f:48:49:12:e5:51:7b:79:29:ec:68:
         23:c5:82:d5:b1:95:e6:01:2d:13:e3:44:5d:89:7b:cb:c3:19:
         3c:69:60:d8:8b:82:b2:b8:e8:dc:cf:b9:42:ea:c0:7b:44:72:
         bb:20:7f:5f:6e:fd:9a:09:2a:27:dc:37:98:99:83:f0:11:0b:
         98:3f:ec:0a:f7:7e:dc:e2:4d:e4:78:06:e8:b2:4f:6e:b4:af:
         ec:af:fb:27:e6:67:da:34:56:9d:27:97:a1:fd:ee:6e:f3:30:
         64:2c:a9:08:21:dc:8c:ff:ab:77:20:b1:ca:2e:06:fa:cd:bf:
         18:9f:a7:ba:54:8d:4a:94:e4:c1:50:0e:77:a9:42:f0:26:64:
         4f:96:05:ba:68:71:23:89:8e:ad:55:c1:17:3f:19:11:a1:33:
         a1:c4:a1:77:6c:30:56:a6:96:45:04:26:3e:97:d0:a7:a3:3f:
         4d:48:cb:47:29:db:fc:e7:b0:2d:93:8f:f4:c8:b1:f2:f9:7c:
         72:0c:e8:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsVBQpjYdd+lTm/RgPnORYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmI5MjdlZjY0NzI3MmJmYzBhNDc0YzlhOWZmODliMGI5ZWE3MzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAzPM66xwypntLiGmhS8GohenpTP
d2rSpJU6e2YpHQ+5xbdiyjnn6Hr+3FrwXaFaSm7DCTESZgRr04Mo/BWSDElXHLdG
WalF8Obg8obHOWBXYbnR8bsxoHpmy9ORY3rZ3jYopBL5EnD2dYUNHATmZL6h1EsB
hm65sUzY4sTrID/SHy5h6y8jlJuGuOmjCOanAZpu5v7pkcRyzHbZ9BhoPqKO5yox
TvTZGVzjO8HZfeuFde//8Ors4AXFj/nmzSb6bSm590aWG4774z3nAbHsDi9ySVdR
Ndw3GEsV1YPoxFNEQBixUTKuaKFNnjT29pObPwCVyTVETFJ0noDHHv4LtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLa5J+9kcnK/wKR0yan/ibC56nN+MB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvdHJrbjcyUnljcl9BcEhUSnFmLUpzTG5xYzM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud+kMA0G
CSqGSIb3DQEBCwUAA4IBAQApoK/D1KCzjovrtidu7tEa+jjpLRKCo2rUvOPaJ2OG
eLjZQ7xWKhoo3IMLCukmoBd2XBUEiHMeljyyFgVsX0hJEuVRe3kp7GgjxYLVsZXm
AS0T40RdiXvLwxk8aWDYi4KyuOjcz7lC6sB7RHK7IH9fbv2aCSon3DeYmYPwEQuY
P+wK937c4k3keAbosk9utK/sr/sn5mfaNFadJ5eh/e5u8zBkLKkIIdyM/6t3ILHK
Lgb6zb8Yn6e6VI1KlOTBUA53qULwJmRPlgW6aHEjiY6tVcEXPxkRoTOhxKF3bDBW
ppZFBCY+l9Cnoz9NSMtHKdv857Atk4/0yLHy+XxyDOhV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:33 2024 by rpki-client on console-ams.rpki-client.org