Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/0c363c-2d0e-4bca-a9f2-813c5aab783e/1/J6ZQ496BKQ2XIUG7Z58zOpV4kGA.roa
File:                     J6ZQ496BKQ2XIUG7Z58zOpV4kGA.roa (raw, json)
Hash identifier:          A/xuVlteDPpIHC/LmgbQoKdjPbgHLV08p4HdHWSAVmE=
Subject key identifier:   27:A6:50:E3:DE:81:29:0D:97:21:41:BB:67:9F:33:3A:95:78:90:60
Certificate issuer:       /CN=a0639adf1e0b84b9ff64e4f8ebe638ebbf5d27b9
Certificate serial:       01856C9CDB4AF583BA974A7E6184867FC754
Authority key identifier: A0:63:9A:DF:1E:0B:84:B9:FF:64:E4:F8:EB:E6:38:EB:BF:5D:27:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oGOa3x4LhLn_ZOT46-Y4679dJ7k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/0c363c-2d0e-4bca-a9f2-813c5aab783e/1/J6ZQ496BKQ2XIUG7Z58zOpV4kGA.roa
Signing time:             Sun 01 Jan 2023 09:14:57 +0000
ROA not before:           Sun 01 Jan 2023 09:14:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21263
IP address blocks:        185.124.224.0/22 maxlen: 24
                          146.255.112.0/22 maxlen: 24
                          185.16.72.0/22 maxlen: 24
                          217.24.192.0/20 maxlen: 24
                          185.162.220.0/22 maxlen: 24
                          217.31.208.0/20 maxlen: 24
                          185.198.140.0/22 maxlen: 24
                          212.62.192.0/19 maxlen: 24
                          45.155.112.0/22 maxlen: 24
                          81.27.112.0/20 maxlen: 24
                          185.231.72.0/22 maxlen: 24
                          161.51.240.0/21 maxlen: 24
                          217.11.144.0/20 maxlen: 24
                          2a02:590::/29 maxlen: 48

Validation:               Failed, certificate revoked on Tue 31 Jan 2023 13:47:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:9c:db:4a:f5:83:ba:97:4a:7e:61:84:86:7f:c7:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0639adf1e0b84b9ff64e4f8ebe638ebbf5d27b9
        Validity
            Not Before: Jan  1 09:14:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=27a650e3de81290d972141bb679f333a95789060
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:94:50:f9:c4:ac:11:33:8a:ad:10:fe:d7:71:
                    ac:a1:92:ff:69:47:06:b4:05:57:28:89:9b:a6:6e:
                    71:de:50:6d:cf:9c:da:6e:63:e3:16:70:3b:6d:22:
                    b8:1d:5e:37:08:ec:f4:3f:e6:f7:34:a5:2b:76:ce:
                    1b:a7:91:7d:aa:31:37:f2:0c:5e:48:35:81:15:47:
                    47:68:0e:c8:02:0d:62:8a:52:6d:99:5a:22:98:8e:
                    4d:ee:5e:e2:49:2d:e1:40:80:67:db:66:d8:54:2f:
                    f5:77:52:d2:a7:2d:ec:7d:81:e7:a1:82:d8:6e:48:
                    28:58:cb:a4:81:11:3d:e4:9b:62:e6:33:a7:d4:e8:
                    0a:6c:1a:de:4a:15:21:08:3b:0b:b7:f9:36:24:f1:
                    d5:53:48:21:b5:e3:4e:20:11:58:e5:83:dc:87:79:
                    1e:4c:c2:36:cf:b9:63:fc:91:63:5b:b8:fd:a1:f2:
                    13:a9:da:4f:8e:1b:a9:a7:f8:47:cf:40:82:e1:b5:
                    df:81:7c:93:64:6e:80:f5:a2:f8:71:d9:4a:1d:fb:
                    30:d8:30:62:95:70:1e:4a:f9:de:b9:8d:02:32:85:
                    d8:16:1e:ba:47:5c:59:f0:75:13:be:e1:53:2d:04:
                    10:e6:ee:df:70:14:8d:89:d2:1e:0d:e1:6b:27:28:
                    d5:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:A6:50:E3:DE:81:29:0D:97:21:41:BB:67:9F:33:3A:95:78:90:60
            X509v3 Authority Key Identifier:
                keyid:A0:63:9A:DF:1E:0B:84:B9:FF:64:E4:F8:EB:E6:38:EB:BF:5D:27:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oGOa3x4LhLn_ZOT46-Y4679dJ7k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0c363c-2d0e-4bca-a9f2-813c5aab783e/1/J6ZQ496BKQ2XIUG7Z58zOpV4kGA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0c363c-2d0e-4bca-a9f2-813c5aab783e/1/oGOa3x4LhLn_ZOT46-Y4679dJ7k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.155.112.0/22
                  81.27.112.0/20
                  146.255.112.0/22
                  161.51.240.0/21
                  185.16.72.0/22
                  185.124.224.0/22
                  185.162.220.0/22
                  185.198.140.0/22
                  185.231.72.0/22
                  212.62.192.0/19
                  217.11.144.0/20
                  217.24.192.0/20
                  217.31.208.0/20
                IPv6:
                  2a02:590::/29

    Signature Algorithm: sha256WithRSAEncryption
         15:a0:34:63:f1:16:c1:b7:94:4f:c4:d7:48:82:06:f4:64:8d:
         7f:42:91:fe:33:aa:4d:cc:8f:69:30:50:c8:09:5e:b1:04:e7:
         26:55:60:15:f9:08:51:2b:b0:67:b8:ab:77:ae:6f:05:2d:f4:
         20:22:44:94:1d:a5:d5:63:7c:28:66:e3:9c:ad:7b:a7:0a:27:
         fd:f0:8c:c6:87:77:2e:13:aa:e3:b1:8d:bd:85:0e:94:32:6e:
         04:a7:b9:a1:bd:ec:cf:8c:a3:58:c5:80:cb:49:ba:77:0f:36:
         a2:dd:6e:92:c8:b0:27:cf:b3:3d:b5:04:9f:a6:ca:f3:24:09:
         82:ba:28:f1:4f:8f:c9:b8:8d:96:fd:3f:3e:95:54:d0:2c:bf:
         e0:8c:4c:b8:94:c1:58:77:16:50:a8:8f:d4:bf:bd:de:7e:ac:
         4f:43:a1:a6:08:2c:6e:16:2a:0c:3a:54:ca:8d:f7:bd:13:c1:
         e2:3d:3d:0d:21:17:32:ef:64:64:a9:0f:6d:c7:d4:81:f4:a2:
         0b:6d:9e:de:23:fe:8f:d9:b4:eb:f4:b4:42:bb:2c:6d:17:28:
         31:76:bc:89:52:cb:54:09:69:29:58:6e:76:b2:a2:d8:4b:cc:
         00:37:d9:48:6b:80:64:66:96:c0:cd:82:ec:a6:aa:6e:44:b2:
         99:16:07:47
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYVsnNtK9YO6l0p+YYSGf8dUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNjM5YWRmMWUwYjg0YjlmZjY0ZTRmOGViZTYzOGViYmY1
ZDI3YjkwHhcNMjMwMTAxMDkxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2E2NTBlM2RlODEyOTBkOTcyMTQxYmI2NzlmMzMzYTk1Nzg5MDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpRQ+cSsETOKrRD+13GsoZL/aUcG
tAVXKImbpm5x3lBtz5zabmPjFnA7bSK4HV43COz0P+b3NKUrds4bp5F9qjE38gxe
SDWBFUdHaA7IAg1iilJtmVoimI5N7l7iSS3hQIBn22bYVC/1d1LSpy3sfYHnoYLY
bkgoWMukgRE95Jti5jOn1OgKbBreShUhCDsLt/k2JPHVU0ghteNOIBFY5YPch3ke
TMI2z7lj/JFjW7j9ofITqdpPjhupp/hHz0CC4bXfgXyTZG6A9aL4cdlKHfsw2DBi
lXAeSvneuY0CMoXYFh66R1xZ8HUTvuFTLQQQ5u7fcBSNidIeDeFrJyjVOwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFCemUOPegSkNlyFBu2efMzqVeJBgMB8GA1UdIwQY
MBaAFKBjmt8eC4S5/2Tk+OvmOOu/XSe5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0dPYTN4NExoTG5fWk9UNDYtWTQ2NzlkSjdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8wYzM2M2MtMmQwZS00YmNhLWE5ZjIt
ODEzYzVhYWI3ODNlLzEvSjZaUTQ5NkJLUTJYSVVHN1o1OHpPcFY0a0dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8wYzM2M2MtMmQwZS00YmNhLWE5ZjItODEzYzVhYWI3ODNl
LzEvb0dPYTN4NExoTG5fWk9UNDYtWTQ2NzlkSjdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQCLZtwAwQE
URtwAwQCkv9wAwQDoTPwAwQCuRBIAwQCuXzgAwQCuaLcAwQCucaMAwQCuedIAwQF
1D7AAwQE2QuQAwQE2RjAAwQE2R/QMA0EAgACMAcDBQMqAgWQMA0GCSqGSIb3DQEB
CwUAA4IBAQAVoDRj8RbBt5RPxNdIggb0ZI1/QpH+M6pNzI9pMFDICV6xBOcmVWAV
+QhRK7BnuKt3rm8FLfQgIkSUHaXVY3woZuOcrXunCif98IzGh3cuE6rjsY29hQ6U
Mm4Ep7mhvezPjKNYxYDLSbp3Dzai3W6SyLAnz7M9tQSfpsrzJAmCuijxT4/JuI2W
/T8+lVTQLL/gjEy4lMFYdxZQqI/Uv73efqxPQ6GmCCxuFioMOlTKjfe9E8HiPT0N
IRcy72RkqQ9tx9SB9KILbZ7eI/6P2bTr9LRCuyxtFygxdryJUstUCWkpWG52sqLY
S8wAN9lIa4BkZpbAzYLspqpuRLKZFgdH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:49 2024 by rpki-client on console-fra.rpki-client.org