Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1800a4-50fc-4ff8-9e36-49c6fdbbafb7/1/AHleruvTONfIMoHmllt-lpNP7lU.roa
File:                     AHleruvTONfIMoHmllt-lpNP7lU.roa (raw, json)
Hash identifier:          AeyicgUZQCxZ8ZKL0cjM3p+wZHSRSXWT9N4HUKLrnEk=
Subject key identifier:   00:79:5E:AE:EB:D3:38:D7:C8:32:81:E6:96:5B:7E:96:93:4F:EE:55
Certificate issuer:       /CN=480c3b93ff2a34fbfa5ae82556f670340cb5d5c9
Certificate serial:       018571152AD1FF6B948106BCAA77B6C0AF50
Authority key identifier: 48:0C:3B:93:FF:2A:34:FB:FA:5A:E8:25:56:F6:70:34:0C:B5:D5:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SAw7k_8qNPv6WuglVvZwNAy11ck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/1800a4-50fc-4ff8-9e36-49c6fdbbafb7/1/AHleruvTONfIMoHmllt-lpNP7lU.roa
Signing time:             Mon 02 Jan 2023 06:04:50 +0000
ROA not before:           Mon 02 Jan 2023 06:04:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205796
IP address blocks:        185.206.60.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:31:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:15:2a:d1:ff:6b:94:81:06:bc:aa:77:b6:c0:af:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=480c3b93ff2a34fbfa5ae82556f670340cb5d5c9
        Validity
            Not Before: Jan  2 06:04:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=00795eaeebd338d7c83281e6965b7e96934fee55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:66:17:5d:a2:5c:6f:17:fe:e3:42:34:6b:47:
                    8f:a1:69:2b:30:4f:74:3e:be:32:f7:d0:8f:79:20:
                    b9:87:1b:b2:8f:d4:67:84:a5:f1:78:f6:b2:8b:ac:
                    ff:44:7e:2a:08:54:29:af:2b:c5:3d:3f:94:35:60:
                    f4:11:a8:0f:9d:42:ea:bc:04:97:eb:03:a3:fd:18:
                    49:4c:c8:94:88:99:ba:71:16:ee:ba:a3:11:11:42:
                    d6:b2:b5:ae:02:3d:97:dc:7c:c9:06:3a:98:9e:bc:
                    39:ec:fc:30:e4:a7:17:d3:5a:df:de:c4:dc:1f:15:
                    73:db:a0:e4:20:9b:f8:40:c4:4b:81:9c:fd:b7:05:
                    37:b6:07:f8:e8:2f:10:c9:ec:9f:4d:05:7c:96:74:
                    8b:d6:72:cb:36:b2:7d:85:1c:62:0f:16:92:4c:99:
                    3e:e4:0e:54:85:f4:0a:22:e4:8f:81:29:9e:ba:5d:
                    a7:bf:4a:a1:7a:f1:43:08:9c:cb:3e:92:04:13:70:
                    0a:e3:8d:42:8e:37:38:c7:a7:28:17:60:0d:d4:7f:
                    2b:a5:4a:df:17:6d:95:f1:4e:f3:cf:0f:e0:47:0c:
                    e0:44:2b:7f:af:52:47:15:4f:a9:b6:57:47:ad:de:
                    cd:9a:b0:cb:0e:6a:38:1c:1f:67:38:8a:e8:f8:cf:
                    6b:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:79:5E:AE:EB:D3:38:D7:C8:32:81:E6:96:5B:7E:96:93:4F:EE:55
            X509v3 Authority Key Identifier:
                keyid:48:0C:3B:93:FF:2A:34:FB:FA:5A:E8:25:56:F6:70:34:0C:B5:D5:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAw7k_8qNPv6WuglVvZwNAy11ck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1800a4-50fc-4ff8-9e36-49c6fdbbafb7/1/AHleruvTONfIMoHmllt-lpNP7lU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1800a4-50fc-4ff8-9e36-49c6fdbbafb7/1/SAw7k_8qNPv6WuglVvZwNAy11ck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.206.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:9d:4e:8f:99:44:cc:4c:d0:66:74:38:e1:a2:af:94:7d:ca:
         0f:b7:a5:24:51:a8:0a:af:bd:ae:76:ab:da:d1:8c:8e:79:c9:
         23:1c:32:1e:c9:50:ab:44:bf:2d:c2:10:86:94:58:a8:a1:a2:
         e8:09:4b:d8:67:5b:55:8f:53:22:53:30:cd:05:51:22:43:73:
         75:7c:ca:b4:57:19:98:d8:be:f8:59:e8:28:91:4e:20:9f:e9:
         53:9b:85:97:57:3b:54:8b:f8:4a:21:a0:44:dd:ce:a0:af:b0:
         e6:ca:16:ff:46:9e:f0:26:26:7f:f2:54:b9:f5:65:ac:00:48:
         7e:c7:fd:56:78:f2:57:4c:d5:29:24:c0:06:d7:9c:77:34:47:
         7b:88:b6:08:25:d5:31:34:72:1e:36:6c:86:d9:3d:d1:c0:5a:
         4f:0e:18:50:01:1c:cf:a0:88:43:f1:5f:39:c9:94:bb:97:05:
         e9:17:82:00:d2:ad:1c:e8:12:af:73:6f:c1:ae:94:60:28:de:
         12:10:e0:72:e0:d2:e1:f2:c5:72:e9:81:e6:b9:17:e7:24:c9:
         e2:b2:4a:3f:4a:6a:2f:cc:3e:22:7d:73:75:0d:75:13:01:a0:
         11:94:ad:2b:6f:07:48:3f:12:0c:69:85:07:35:f5:f0:be:32:
         4e:99:d3:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFSrR/2uUgQa8qne2wK9QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MGMzYjkzZmYyYTM0ZmJmYTVhZTgyNTU2ZjY3MDM0MGNi
NWQ1YzkwHhcNMjMwMTAyMDYwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDc5NWVhZWViZDMzOGQ3YzgzMjgxZTY5NjViN2U5NjkzNGZlZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWYXXaJcbxf+40I0a0ePoWkrME90
Pr4y99CPeSC5hxuyj9RnhKXxePayi6z/RH4qCFQpryvFPT+UNWD0EagPnULqvASX
6wOj/RhJTMiUiJm6cRbuuqMREULWsrWuAj2X3HzJBjqYnrw57Pww5KcX01rf3sTc
HxVz26DkIJv4QMRLgZz9twU3tgf46C8QyeyfTQV8lnSL1nLLNrJ9hRxiDxaSTJk+
5A5UhfQKIuSPgSmeul2nv0qhevFDCJzLPpIEE3AK441Cjjc4x6coF2AN1H8rpUrf
F22V8U7zzw/gRwzgRCt/r1JHFU+ptldHrd7NmrDLDmo4HB9nOIro+M9rAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAB5Xq7r0zjXyDKB5pZbfpaTT+5VMB8GA1UdIwQY
MBaAFEgMO5P/KjT7+lroJVb2cDQMtdXJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0F3N2tfOHFOUHY2V3VnbFZ2WndOQXkxMWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xODAwYTQtNTBmYy00ZmY4LTllMzYt
NDljNmZkYmJhZmI3LzEvQUhsZXJ1dlRPTmZJTW9IbWxsdC1scE5QN2xVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xODAwYTQtNTBmYy00ZmY4LTllMzYtNDljNmZkYmJhZmI3
LzEvU0F3N2tfOHFOUHY2V3VnbFZ2WndOQXkxMWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc48MA0G
CSqGSIb3DQEBCwUAA4IBAQAVnU6PmUTMTNBmdDjhoq+UfcoPt6UkUagKr72udqva
0YyOeckjHDIeyVCrRL8twhCGlFiooaLoCUvYZ1tVj1MiUzDNBVEiQ3N1fMq0VxmY
2L74WegokU4gn+lTm4WXVztUi/hKIaBE3c6gr7Dmyhb/Rp7wJiZ/8lS59WWsAEh+
x/1WePJXTNUpJMAG15x3NEd7iLYIJdUxNHIeNmyG2T3RwFpPDhhQARzPoIhD8V85
yZS7lwXpF4IA0q0c6BKvc2/BrpRgKN4SEOBy4NLh8sVy6YHmuRfnJMnisko/Smov
zD4ifXN1DXUTAaARlK0rbwdIPxIMaYUHNfXwvjJOmdOG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:56 2024 by rpki-client on console-ams.rpki-client.org