Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/2e6613-4332-4c19-addf-dedaf79356ce/1/xBFoCwb1e_J-j1PGrOpEWRjCIno.roa
File:                     xBFoCwb1e_J-j1PGrOpEWRjCIno.roa (raw, json)
Hash identifier:          T3B9fIWUe/OPhKcVlV0HcmuAL5KP59sEzQEwGBx3VX8=
Subject key identifier:   C4:11:68:0B:06:F5:7B:F2:7E:8F:53:C6:AC:EA:44:59:18:C2:22:7A
Certificate issuer:       /CN=b78380b41e37b5757d3d4e2eecdf06d930a70b9d
Certificate serial:       018847B771B19FC570B15A959998F9852B1F
Authority key identifier: B7:83:80:B4:1E:37:B5:75:7D:3D:4E:2E:EC:DF:06:D9:30:A7:0B:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t4OAtB43tXV9PU4u7N8G2TCnC50.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/2e6613-4332-4c19-addf-dedaf79356ce/1/xBFoCwb1e_J-j1PGrOpEWRjCIno.roa
Signing time:             Tue 23 May 2023 08:26:24 +0000
ROA not before:           Tue 23 May 2023 08:26:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61213
IP address blocks:        185.206.4.0/22 maxlen: 23

Validation:               Failed, certificate revoked on Wed 27 Sep 2023 10:11:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:47:b7:71:b1:9f:c5:70:b1:5a:95:99:98:f9:85:2b:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b78380b41e37b5757d3d4e2eecdf06d930a70b9d
        Validity
            Not Before: May 23 08:26:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c411680b06f57bf27e8f53c6acea445918c2227a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:fd:62:30:ab:d2:c9:3f:df:f4:ac:ef:5c:7f:
                    2c:6e:67:f6:26:c2:7d:18:2b:25:54:0f:40:29:c6:
                    83:9b:16:f1:6c:ed:95:10:9c:3a:6e:49:02:28:04:
                    7b:0f:d8:b1:80:dc:40:25:51:d6:72:a1:d3:fc:29:
                    b3:de:3b:bf:b9:99:3a:d7:08:a3:a2:d5:fb:3e:98:
                    71:aa:cd:af:bc:fb:d0:62:51:5a:1c:2a:a3:d8:a1:
                    e0:93:5f:1a:c2:39:8b:77:63:a0:69:05:b9:f4:ed:
                    e5:94:23:ba:35:e8:53:ac:ea:c5:6c:39:18:57:9b:
                    e6:0d:09:45:d2:82:07:5c:8e:7c:f4:45:b0:31:01:
                    f2:17:fa:1f:df:f7:52:49:ee:80:42:87:59:64:92:
                    34:04:8a:f9:e4:5b:3a:7c:94:56:0a:df:68:6e:be:
                    82:03:66:32:c9:ba:54:c8:ac:bc:93:67:7b:ce:b1:
                    05:c1:4e:e9:7c:03:9e:50:c9:7e:95:4b:e4:84:46:
                    78:f2:da:0f:f0:36:50:c0:ee:66:48:b4:c0:a8:09:
                    72:2b:73:d6:23:89:b5:6b:34:b0:c5:8c:45:7f:66:
                    9b:bf:46:d3:4e:26:fb:05:8d:e1:ea:d7:f1:c3:e9:
                    b9:c0:79:89:8e:8d:af:f8:39:5d:58:a7:b3:90:e4:
                    90:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:11:68:0B:06:F5:7B:F2:7E:8F:53:C6:AC:EA:44:59:18:C2:22:7A
            X509v3 Authority Key Identifier:
                keyid:B7:83:80:B4:1E:37:B5:75:7D:3D:4E:2E:EC:DF:06:D9:30:A7:0B:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t4OAtB43tXV9PU4u7N8G2TCnC50.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/2e6613-4332-4c19-addf-dedaf79356ce/1/xBFoCwb1e_J-j1PGrOpEWRjCIno.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/2e6613-4332-4c19-addf-dedaf79356ce/1/t4OAtB43tXV9PU4u7N8G2TCnC50.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.206.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6f:19:b9:68:ec:3c:69:e7:26:4d:5e:ba:78:6b:b0:c4:5b:cc:
         bf:25:56:ca:84:2c:3e:6b:47:3a:90:2f:94:4b:48:6d:df:af:
         b6:00:34:e2:f8:c0:90:75:97:1b:04:a6:1d:f3:ca:5a:f3:52:
         ca:8f:93:9d:5e:e8:5d:d6:64:58:81:21:ca:ce:8e:b6:d8:02:
         dd:92:e7:94:e5:46:d1:da:56:ad:ca:90:0e:a9:78:18:47:44:
         80:5e:bd:07:02:7a:3e:e3:02:09:42:cc:70:4e:7d:25:de:eb:
         5b:e4:4e:70:c2:d3:60:54:15:f6:6f:53:cc:77:32:90:d0:90:
         61:90:de:52:14:ea:db:be:cf:33:2e:20:81:cb:54:a1:e5:1c:
         ea:41:72:12:d9:10:29:cc:8f:e8:cc:12:8b:8a:a4:53:b3:85:
         77:79:9d:16:6c:5a:c6:e3:ed:ad:25:19:b3:6f:14:73:a4:9d:
         42:28:ab:0f:59:ec:72:b9:0a:9b:49:e3:32:48:02:15:cf:33:
         d1:d8:0d:de:6a:12:25:be:1f:3c:a0:12:ac:01:93:e1:84:fd:
         b1:7e:e4:76:01:1b:f7:e4:86:8c:95:f7:18:42:4f:cc:f4:e6:
         e4:3e:fd:90:cf:6c:4e:55:60:c6:54:f2:c6:20:56:9f:ec:48:
         07:36:0c:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhHt3Gxn8VwsVqVmZj5hSsfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ODM4MGI0MWUzN2I1NzU3ZDNkNGUyZWVjZGYwNmQ5MzBh
NzBiOWQwHhcNMjMwNTIzMDgyNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDExNjgwYjA2ZjU3YmYyN2U4ZjUzYzZhY2VhNDQ1OTE4YzIyMjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/1iMKvSyT/f9KzvXH8sbmf2JsJ9
GCslVA9AKcaDmxbxbO2VEJw6bkkCKAR7D9ixgNxAJVHWcqHT/Cmz3ju/uZk61wij
otX7Pphxqs2vvPvQYlFaHCqj2KHgk18awjmLd2OgaQW59O3llCO6NehTrOrFbDkY
V5vmDQlF0oIHXI589EWwMQHyF/of3/dSSe6AQodZZJI0BIr55Fs6fJRWCt9obr6C
A2YyybpUyKy8k2d7zrEFwU7pfAOeUMl+lUvkhEZ48toP8DZQwO5mSLTAqAlyK3PW
I4m1azSwxYxFf2abv0bTTib7BY3h6tfxw+m5wHmJjo2v+DldWKezkOSQYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMQRaAsG9Xvyfo9TxqzqRFkYwiJ6MB8GA1UdIwQY
MBaAFLeDgLQeN7V1fT1OLuzfBtkwpwudMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDRPQXRCNDN0WFY5UFU0dTdOOEcyVENuQzUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8yZTY2MTMtNDMzMi00YzE5LWFkZGYt
ZGVkYWY3OTM1NmNlLzEveEJGb0N3YjFlX0otajFQR3JPcEVXUmpDSW5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8yZTY2MTMtNDMzMi00YzE5LWFkZGYtZGVkYWY3OTM1NmNl
LzEvdDRPQXRCNDN0WFY5UFU0dTdOOEcyVENuQzUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuc4EMA0G
CSqGSIb3DQEBCwUAA4IBAQBvGblo7Dxp5yZNXrp4a7DEW8y/JVbKhCw+a0c6kC+U
S0ht36+2ADTi+MCQdZcbBKYd88pa81LKj5OdXuhd1mRYgSHKzo622ALdkueU5UbR
2latypAOqXgYR0SAXr0HAno+4wIJQsxwTn0l3utb5E5wwtNgVBX2b1PMdzKQ0JBh
kN5SFOrbvs8zLiCBy1Sh5RzqQXIS2RApzI/ozBKLiqRTs4V3eZ0WbFrG4+2tJRmz
bxRzpJ1CKKsPWexyuQqbSeMySAIVzzPR2A3eahIlvh88oBKsAZPhhP2xfuR2ARv3
5IaMlfcYQk/M9ObkPv2Qz2xOVWDGVPLGIFaf7EgHNgyt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:53 2024 by rpki-client on console-ams.rpki-client.org