Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/a1449e-2adb-4b1a-b23c-bd6d8badcdc0/1/u6M6gDrs-9vGpCAk8IZedrdLY4Y.roa
File:                     u6M6gDrs-9vGpCAk8IZedrdLY4Y.roa (raw, json)
Hash identifier:          WiJCI3jdRiVt7PoXd+NSvAM3a9D3Dx+IwCBDWv0jZUA=
Subject key identifier:   BB:A3:3A:80:3A:EC:FB:DB:C6:A4:20:24:F0:86:5E:76:B7:4B:63:86
Certificate issuer:       /CN=cd698f55b40959b178f7cecbc20c35e9c1379344
Certificate serial:       01856C1CACE4E26E8E050560DD3DE854BC0E
Authority key identifier: CD:69:8F:55:B4:09:59:B1:78:F7:CE:CB:C2:0C:35:E9:C1:37:93:44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zWmPVbQJWbF4987Lwgw16cE3k0Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/a1449e-2adb-4b1a-b23c-bd6d8badcdc0/1/u6M6gDrs-9vGpCAk8IZedrdLY4Y.roa
Signing time:             Sun 01 Jan 2023 06:54:56 +0000
ROA not before:           Sun 01 Jan 2023 06:54:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25540
IP address blocks:        185.26.88.0/22 maxlen: 22
                          2a00:88a0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:1c:ac:e4:e2:6e:8e:05:05:60:dd:3d:e8:54:bc:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd698f55b40959b178f7cecbc20c35e9c1379344
        Validity
            Not Before: Jan  1 06:54:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bba33a803aecfbdbc6a42024f0865e76b74b6386
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:d6:95:51:4c:a8:db:c4:ee:f7:ee:11:fe:f6:
                    35:08:11:e2:03:e5:bf:c1:57:65:0d:e6:4a:be:25:
                    31:e0:bf:70:d6:3f:32:cc:78:46:d4:be:5c:b1:99:
                    c3:7d:27:24:02:3a:33:ca:2d:20:ae:e2:54:00:08:
                    33:2a:65:98:98:08:ba:de:8e:16:cf:1b:bf:44:d1:
                    bd:c0:b7:55:5d:93:fe:55:c4:e4:64:14:1f:87:5f:
                    dc:78:1b:1c:9a:14:a9:f2:d5:10:39:e7:1a:ff:cd:
                    6a:f9:69:15:9c:89:3a:f5:38:3e:d1:30:0a:06:1c:
                    ff:56:21:22:d3:fb:29:2a:2f:14:66:b2:91:6b:b4:
                    ae:6d:60:5a:41:7d:11:3c:e3:81:b5:2a:d6:5b:8a:
                    a3:01:f1:41:79:37:36:7c:4b:72:3b:22:4c:7f:73:
                    38:4b:ca:c9:1f:77:78:d3:dc:5d:d4:79:ce:92:d3:
                    12:18:9d:17:7e:85:45:fb:24:6b:0c:c1:e0:02:01:
                    b4:4a:8f:9a:20:41:ad:61:ad:29:fb:1f:12:da:49:
                    14:f4:e4:f7:c9:5b:1c:fb:af:f0:3a:6b:56:05:14:
                    5e:d8:c8:74:90:30:be:57:a4:24:16:fc:e4:73:aa:
                    12:2f:99:a5:96:02:59:05:4d:ca:8b:0b:8f:fb:06:
                    63:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:A3:3A:80:3A:EC:FB:DB:C6:A4:20:24:F0:86:5E:76:B7:4B:63:86
            X509v3 Authority Key Identifier:
                keyid:CD:69:8F:55:B4:09:59:B1:78:F7:CE:CB:C2:0C:35:E9:C1:37:93:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWmPVbQJWbF4987Lwgw16cE3k0Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/a1449e-2adb-4b1a-b23c-bd6d8badcdc0/1/u6M6gDrs-9vGpCAk8IZedrdLY4Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/a1449e-2adb-4b1a-b23c-bd6d8badcdc0/1/zWmPVbQJWbF4987Lwgw16cE3k0Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.26.88.0/22
                IPv6:
                  2a00:88a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         48:87:b2:93:d7:89:5a:ec:be:7a:9e:09:3c:55:83:eb:0d:2b:
         57:08:98:03:5a:39:22:c4:55:4f:ac:2b:91:80:bc:02:19:8e:
         ff:6e:1d:13:44:85:fd:d1:ff:69:a1:43:35:84:d0:d0:26:33:
         6a:e5:f7:e9:3a:ff:ce:bb:aa:d1:77:42:c2:fb:d9:19:7e:f9:
         bc:ec:9c:16:dd:e2:84:75:1b:18:ec:99:ad:69:a1:03:00:c2:
         e3:f2:4e:19:a6:eb:66:b2:ac:1b:4b:ce:ff:7f:97:26:0e:be:
         ba:f7:3c:39:72:d7:1e:a7:93:68:87:60:66:a0:4e:36:84:4e:
         c7:50:1e:86:7b:04:44:54:10:19:81:6d:50:17:a9:80:91:f1:
         ab:17:43:58:15:eb:3b:25:7b:c6:50:b1:a7:e2:60:75:4f:aa:
         19:5e:0f:ec:f6:c4:b2:a9:a9:32:e7:b8:3e:9f:53:ad:5e:0f:
         41:fd:a9:0b:6c:b7:77:e0:8e:a1:fb:61:cf:92:7a:1f:9c:f6:
         02:7a:ee:c7:4e:f7:2a:46:6d:7a:e4:46:00:cb:f5:82:61:a3:
         11:2b:64:9c:7a:cc:e8:b8:e5:c5:4b:e9:b7:89:d1:7d:e4:33:
         bf:49:72:6b:b0:4f:8d:3c:72:ea:f7:bb:e3:a7:b7:0b:52:9c:
         e8:e9:1d:de
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsHKzk4m6OBQVg3T3oVLwOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNjk4ZjU1YjQwOTU5YjE3OGY3Y2VjYmMyMGMzNWU5YzEz
NzkzNDQwHhcNMjMwMTAxMDY1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmEzM2E4MDNhZWNmYmRiYzZhNDIwMjRmMDg2NWU3NmI3NGI2Mzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9aVUUyo28Tu9+4R/vY1CBHiA+W/
wVdlDeZKviUx4L9w1j8yzHhG1L5csZnDfSckAjozyi0gruJUAAgzKmWYmAi63o4W
zxu/RNG9wLdVXZP+VcTkZBQfh1/ceBscmhSp8tUQOeca/81q+WkVnIk69Tg+0TAK
Bhz/ViEi0/spKi8UZrKRa7SubWBaQX0RPOOBtSrWW4qjAfFBeTc2fEtyOyJMf3M4
S8rJH3d409xd1HnOktMSGJ0XfoVF+yRrDMHgAgG0So+aIEGtYa0p+x8S2kkU9OT3
yVsc+6/wOmtWBRRe2Mh0kDC+V6QkFvzkc6oSL5mllgJZBU3KiwuP+wZjqQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLujOoA67PvbxqQgJPCGXna3S2OGMB8GA1UdIwQY
MBaAFM1pj1W0CVmxePfOy8IMNenBN5NEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveldtUFZiUUpXYkY0OTg3THdndzE2Y0UzazBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9hMTQ0OWUtMmFkYi00YjFhLWIyM2Mt
YmQ2ZDhiYWRjZGMwLzEvdTZNNmdEcnMtOXZHcENBazhJWmVkcmRMWTRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9hMTQ0OWUtMmFkYi00YjFhLWIyM2MtYmQ2ZDhiYWRjZGMw
LzEveldtUFZiUUpXYkY0OTg3THdndzE2Y0UzazBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRpYMA0E
AgACMAcDBQAqAIigMA0GCSqGSIb3DQEBCwUAA4IBAQBIh7KT14la7L56ngk8VYPr
DStXCJgDWjkixFVPrCuRgLwCGY7/bh0TRIX90f9poUM1hNDQJjNq5ffpOv/Ou6rR
d0LC+9kZfvm87JwW3eKEdRsY7JmtaaEDAMLj8k4ZputmsqwbS87/f5cmDr669zw5
ctcep5Noh2BmoE42hE7HUB6GewREVBAZgW1QF6mAkfGrF0NYFes7JXvGULGn4mB1
T6oZXg/s9sSyqaky57g+n1OtXg9B/akLbLd34I6h+2HPknofnPYCeu7HTvcqRm16
5EYAy/WCYaMRK2SceszouOXFS+m3idF95DO/SXJrsE+NPHLq97vjp7cLUpzo6R3e
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:53 2024 by rpki-client on console-fra.rpki-client.org