Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/46922f-5cb6-4d98-b4fc-93bd5e408f91/1/R3MDbrA0eNrAu0ymND0PkQmop0g.roa
File:                     R3MDbrA0eNrAu0ymND0PkQmop0g.roa (raw, json)
Hash identifier:          vxGdv9WcNY8jLmBO8M3BK9W9oJD4orzDonHwEwvaJy8=
Subject key identifier:   47:73:03:6E:B0:34:78:DA:C0:BB:4C:A6:34:3D:0F:91:09:A8:A7:48
Certificate issuer:       /CN=bbc55fb24ad556e04202651f6d5a8b27d5bedf97
Certificate serial:       01856D53F3B9693B80A83E7539F52110607A
Authority key identifier: BB:C5:5F:B2:4A:D5:56:E0:42:02:65:1F:6D:5A:8B:27:D5:BE:DF:97
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u8VfskrVVuBCAmUfbVqLJ9W-35c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/46922f-5cb6-4d98-b4fc-93bd5e408f91/1/R3MDbrA0eNrAu0ymND0PkQmop0g.roa
Signing time:             Sun 01 Jan 2023 12:34:56 +0000
ROA not before:           Sun 01 Jan 2023 12:34:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213319
IP address blocks:        185.168.228.0/22 maxlen: 24
                          2a0b:f080::/32 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:53:f3:b9:69:3b:80:a8:3e:75:39:f5:21:10:60:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bbc55fb24ad556e04202651f6d5a8b27d5bedf97
        Validity
            Not Before: Jan  1 12:34:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4773036eb03478dac0bb4ca6343d0f9109a8a748
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:ea:e2:a8:bc:28:bc:18:9a:57:11:0b:a5:80:
                    12:74:86:05:01:e6:3c:2f:df:61:ab:a8:aa:1f:4c:
                    57:44:fb:4b:28:13:23:e2:e8:30:49:3f:a7:b7:11:
                    6a:f1:0c:03:be:0e:79:79:81:5f:32:3b:47:7e:a0:
                    98:c5:c2:4a:03:90:77:8d:4d:8e:5b:bf:16:11:66:
                    7f:4f:e0:68:00:6d:fd:7a:b9:dd:c4:e6:ee:8b:fe:
                    b0:12:62:9b:b5:78:33:24:3f:18:b1:b2:a0:c1:4b:
                    26:5d:bf:e0:4f:c3:82:10:dd:ad:e6:02:3f:53:63:
                    2c:7e:d2:69:70:92:e7:28:d7:dd:dd:90:ad:da:da:
                    ac:f7:ae:54:ba:96:fa:aa:bd:57:bf:d7:71:c6:ba:
                    b4:a1:23:22:28:cb:83:9c:16:fb:1b:70:98:cb:f8:
                    81:34:5e:dc:e7:34:25:7a:62:12:4b:41:0f:49:ac:
                    6f:6a:73:fd:2a:e0:b5:1a:fb:8d:1a:88:20:05:3a:
                    e8:7a:63:dc:b9:0f:8c:2b:9a:13:d3:1b:0a:2e:17:
                    db:ac:29:e5:08:6e:fc:85:e6:b4:35:fa:25:7a:54:
                    9c:a3:d3:3d:a9:15:b5:72:1a:74:3e:7c:c4:80:e3:
                    df:1c:28:d9:91:0f:a9:57:72:32:a0:23:4e:97:d7:
                    33:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:73:03:6E:B0:34:78:DA:C0:BB:4C:A6:34:3D:0F:91:09:A8:A7:48
            X509v3 Authority Key Identifier:
                keyid:BB:C5:5F:B2:4A:D5:56:E0:42:02:65:1F:6D:5A:8B:27:D5:BE:DF:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u8VfskrVVuBCAmUfbVqLJ9W-35c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/46922f-5cb6-4d98-b4fc-93bd5e408f91/1/R3MDbrA0eNrAu0ymND0PkQmop0g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/46922f-5cb6-4d98-b4fc-93bd5e408f91/1/u8VfskrVVuBCAmUfbVqLJ9W-35c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.168.228.0/22
                IPv6:
                  2a0b:f080::/32

    Signature Algorithm: sha256WithRSAEncryption
         b2:2b:68:9f:c5:aa:52:44:b1:32:1b:70:7c:53:6d:8e:5e:2f:
         ed:2b:9b:c3:eb:f1:bd:67:95:3f:cd:28:52:ec:2d:ac:93:12:
         00:3b:43:8a:95:43:15:54:63:be:d9:bb:a7:8f:06:10:3d:e5:
         0d:0d:15:49:34:19:0e:52:92:b2:27:8c:6d:08:92:bd:ae:fd:
         6f:d1:7c:54:92:d6:cb:13:87:a8:12:01:13:bb:48:38:be:10:
         18:68:2f:8e:ec:a3:63:14:67:d8:2c:fb:d7:09:1e:f6:dd:37:
         5f:e2:21:85:2e:8c:78:92:53:2f:92:dc:23:02:d6:9d:fb:3e:
         82:55:8f:cc:7e:55:80:e4:94:e6:2c:57:bb:5c:aa:8b:11:ff:
         48:5f:87:f4:af:ea:ed:65:ae:cb:c6:60:84:63:28:c8:a1:ad:
         54:fe:c6:42:e3:c8:c2:30:d4:86:35:23:51:e7:20:c8:fd:a4:
         b5:73:10:eb:ba:9a:c1:93:3a:0f:35:f1:11:cd:39:ed:bc:dc:
         f3:d5:54:c5:8a:45:fd:a5:fa:ea:d1:44:88:82:fd:e4:2d:9a:
         8a:0b:bd:6b:a4:4e:ea:7c:00:65:2a:1f:c4:59:97:b2:7a:31:
         d6:7b:e8:e8:59:03:4b:a2:e9:80:56:c8:2a:3c:45:8f:f3:ca:
         16:a5:24:26
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtU/O5aTuAqD51OfUhEGB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYzU1ZmIyNGFkNTU2ZTA0MjAyNjUxZjZkNWE4YjI3ZDVi
ZWRmOTcwHhcNMjMwMTAxMTIzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzczMDM2ZWIwMzQ3OGRhYzBiYjRjYTYzNDNkMGY5MTA5YThhNzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOriqLwovBiaVxELpYASdIYFAeY8
L99hq6iqH0xXRPtLKBMj4ugwST+ntxFq8QwDvg55eYFfMjtHfqCYxcJKA5B3jU2O
W78WEWZ/T+BoAG39erndxObui/6wEmKbtXgzJD8YsbKgwUsmXb/gT8OCEN2t5gI/
U2MsftJpcJLnKNfd3ZCt2tqs965Uupb6qr1Xv9dxxrq0oSMiKMuDnBb7G3CYy/iB
NF7c5zQlemISS0EPSaxvanP9KuC1GvuNGoggBTroemPcuQ+MK5oT0xsKLhfbrCnl
CG78hea0NfolelSco9M9qRW1chp0PnzEgOPfHCjZkQ+pV3IyoCNOl9czfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEdzA26wNHjawLtMpjQ9D5EJqKdIMB8GA1UdIwQY
MBaAFLvFX7JK1VbgQgJlH21aiyfVvt+XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdThWZnNrclZWdUJDQW1VZmJWcUxKOVctMzVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80NjkyMmYtNWNiNi00ZDk4LWI0ZmMt
OTNiZDVlNDA4ZjkxLzEvUjNNRGJyQTBlTnJBdTB5bU5EMFBrUW1vcDBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80NjkyMmYtNWNiNi00ZDk4LWI0ZmMtOTNiZDVlNDA4Zjkx
LzEvdThWZnNrclZWdUJDQW1VZmJWcUxKOVctMzVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuajkMA0E
AgACMAcDBQAqC/CAMA0GCSqGSIb3DQEBCwUAA4IBAQCyK2ifxapSRLEyG3B8U22O
Xi/tK5vD6/G9Z5U/zShS7C2skxIAO0OKlUMVVGO+2bunjwYQPeUNDRVJNBkOUpKy
J4xtCJK9rv1v0XxUktbLE4eoEgETu0g4vhAYaC+O7KNjFGfYLPvXCR723Tdf4iGF
Lox4klMvktwjAtad+z6CVY/MflWA5JTmLFe7XKqLEf9IX4f0r+rtZa7LxmCEYyjI
oa1U/sZC48jCMNSGNSNR5yDI/aS1cxDruprBkzoPNfERzTntvNzz1VTFikX9pfrq
0USIgv3kLZqKC71rpE7qfABlKh/EWZeyejHWe+joWQNLoumAVsgqPEWP88oWpSQm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:32 2024 by rpki-client on console-ams.rpki-client.org