Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/piIErU0OQMMylsAzvP9QmnM9Be8.roa
File:                     piIErU0OQMMylsAzvP9QmnM9Be8.roa (raw, json)
Hash identifier:          eMHEF8eM86gKbDUZfbLht79ZvVqdDwKsT7cCcxLprRE=
Subject key identifier:   A6:22:04:AD:4D:0E:40:C3:32:96:C0:33:BC:FF:50:9A:73:3D:05:EF
Certificate issuer:       /CN=e61bd7dd1f8ac8b4192ba78a592348b5dd0a1a66
Certificate serial:       018573E87AB6FE5C9315491615C394764E4F
Authority key identifier: E6:1B:D7:DD:1F:8A:C8:B4:19:2B:A7:8A:59:23:48:B5:DD:0A:1A:66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5hvX3R-KyLQZK6eKWSNItd0KGmY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/piIErU0OQMMylsAzvP9QmnM9Be8.roa
Signing time:             Mon 02 Jan 2023 19:14:53 +0000
ROA not before:           Mon 02 Jan 2023 19:14:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7018
IP address blocks:        185.69.120.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Thu 02 Mar 2023 09:31:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:e8:7a:b6:fe:5c:93:15:49:16:15:c3:94:76:4e:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e61bd7dd1f8ac8b4192ba78a592348b5dd0a1a66
        Validity
            Not Before: Jan  2 19:14:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a62204ad4d0e40c33296c033bcff509a733d05ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:82:b3:fe:39:da:4b:0a:6f:ad:af:ad:71:7f:
                    d8:4a:3b:f1:dd:90:79:bd:2d:37:b9:6c:96:47:2b:
                    ef:57:ea:b4:4c:ef:d3:4d:34:fb:78:9c:ea:48:04:
                    1a:a6:88:2d:87:8f:02:1d:3f:f9:f9:f4:c8:c2:4f:
                    9e:f5:14:31:f5:80:bf:4b:8d:cd:b5:f6:c3:be:db:
                    45:3c:f1:fe:85:43:62:00:1b:c6:fb:dc:20:98:38:
                    7e:ec:31:e8:ca:59:40:dc:de:af:12:f6:1b:44:1a:
                    c7:3c:92:09:80:f4:ee:43:12:23:cb:6c:e7:ab:f4:
                    c8:a0:7b:ae:b9:95:d1:02:c3:e1:e9:e2:c3:ca:c5:
                    13:02:16:44:fb:0b:3d:7a:42:fb:8a:4e:58:75:a9:
                    0d:aa:22:8e:b1:6b:66:e0:88:90:51:e2:3d:11:55:
                    cc:a7:c3:4e:69:6a:3a:a3:90:66:52:b5:f7:ee:71:
                    9f:d8:8f:11:77:7e:6a:24:40:7e:93:40:4e:8a:2a:
                    5e:a4:39:6a:20:73:d9:5d:60:6c:a1:36:5d:d6:b2:
                    98:d1:4c:ae:de:54:65:7c:ef:cc:59:a1:9f:1c:1c:
                    44:0b:4f:ea:d1:6e:b2:44:f5:2a:87:d4:83:49:b2:
                    59:a0:2c:64:4f:21:53:b3:33:6d:5a:9d:cc:70:9a:
                    db:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:22:04:AD:4D:0E:40:C3:32:96:C0:33:BC:FF:50:9A:73:3D:05:EF
            X509v3 Authority Key Identifier:
                keyid:E6:1B:D7:DD:1F:8A:C8:B4:19:2B:A7:8A:59:23:48:B5:DD:0A:1A:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5hvX3R-KyLQZK6eKWSNItd0KGmY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/piIErU0OQMMylsAzvP9QmnM9Be8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/5hvX3R-KyLQZK6eKWSNItd0KGmY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.69.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b7:9d:85:c7:1f:17:10:35:80:c4:36:b2:e7:94:41:22:dd:6e:
         c3:7e:41:f7:44:de:cf:c4:8b:2d:e0:08:ad:b7:30:5d:47:9f:
         c6:3d:b3:cf:d0:ad:47:ee:6b:ea:00:96:4a:a3:c7:fd:98:1a:
         7a:bf:3b:ae:ed:3d:f6:74:74:68:55:61:f3:20:4f:a9:b5:01:
         e5:64:0b:5a:67:36:4b:da:a1:a2:a0:f1:e3:0c:d8:0f:af:3b:
         10:9c:c4:cf:ff:2e:a5:bc:23:2a:9e:5e:b7:5c:ea:98:02:96:
         fa:12:38:4e:d9:a1:a4:cf:00:e1:5e:47:cf:cd:d2:97:17:9f:
         60:8d:70:9b:58:e9:8d:e0:20:35:51:69:c2:5c:6b:b4:d9:7c:
         39:70:a9:93:4f:27:10:a1:e9:cf:97:94:e9:5d:42:31:ff:7d:
         e3:4f:9e:35:9f:33:23:b4:ce:5c:ba:7e:2e:66:99:24:d9:7d:
         87:b7:0c:ce:d1:ac:21:85:25:7f:3f:d9:33:5f:25:b2:cd:f9:
         a7:35:03:0a:80:04:27:b0:c4:c1:50:9a:71:26:80:f7:86:51:
         1d:e9:b4:de:67:72:b6:a2:44:d2:ed:05:10:6d:9e:42:a5:66:
         dc:12:26:f6:d8:a1:b7:b2:7e:ce:f2:8a:47:1d:dc:45:b5:e7:
         c4:e5:39:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVz6Hq2/lyTFUkWFcOUdk5PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MWJkN2RkMWY4YWM4YjQxOTJiYTc4YTU5MjM0OGI1ZGQw
YTFhNjYwHhcNMjMwMTAyMTkxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjIyMDRhZDRkMGU0MGMzMzI5NmMwMzNiY2ZmNTA5YTczM2QwNWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIKz/jnaSwpvra+tcX/YSjvx3ZB5
vS03uWyWRyvvV+q0TO/TTTT7eJzqSAQapogth48CHT/5+fTIwk+e9RQx9YC/S43N
tfbDvttFPPH+hUNiABvG+9wgmDh+7DHoyllA3N6vEvYbRBrHPJIJgPTuQxIjy2zn
q/TIoHuuuZXRAsPh6eLDysUTAhZE+ws9ekL7ik5YdakNqiKOsWtm4IiQUeI9EVXM
p8NOaWo6o5BmUrX37nGf2I8Rd35qJEB+k0BOiipepDlqIHPZXWBsoTZd1rKY0Uyu
3lRlfO/MWaGfHBxEC0/q0W6yRPUqh9SDSbJZoCxkTyFTszNtWp3McJrbsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKYiBK1NDkDDMpbAM7z/UJpzPQXvMB8GA1UdIwQY
MBaAFOYb190fisi0GSunilkjSLXdChpmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWh2WDNSLUt5TFFaSzZlS1dTTkl0ZDBLR21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80YWNjMTUtYmJhMC00NDU5LTk2Njct
ZGU5YjJmOGY3ZTI5LzEvcGlJRXJVME9RTU15bHNBenZQOVFtbk05QmU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80YWNjMTUtYmJhMC00NDU5LTk2NjctZGU5YjJmOGY3ZTI5
LzEvNWh2WDNSLUt5TFFaSzZlS1dTTkl0ZDBLR21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUV4MA0G
CSqGSIb3DQEBCwUAA4IBAQC3nYXHHxcQNYDENrLnlEEi3W7DfkH3RN7PxIst4Ait
tzBdR5/GPbPP0K1H7mvqAJZKo8f9mBp6vzuu7T32dHRoVWHzIE+ptQHlZAtaZzZL
2qGioPHjDNgPrzsQnMTP/y6lvCMqnl63XOqYApb6EjhO2aGkzwDhXkfPzdKXF59g
jXCbWOmN4CA1UWnCXGu02Xw5cKmTTycQoenPl5TpXUIx/33jT541nzMjtM5cun4u
Zpkk2X2HtwzO0awhhSV/P9kzXyWyzfmnNQMKgAQnsMTBUJpxJoD3hlEd6bTeZ3K2
okTS7QUQbZ5CpWbcEib22KG3sn7O8opHHdxFtefE5Tk9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:46 2024 by rpki-client on console-fra.rpki-client.org