Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/137786-466c-4b58-a7af-f33741295101/1/IG6JZAPYsK93L3TJKxNGaHhHVBM.roa
File:                     IG6JZAPYsK93L3TJKxNGaHhHVBM.roa (raw, json)
Hash identifier:          e+XNOC11NsQoGlFRqgIQ6U8hsHPMvADgzRV0L6Spsrs=
Subject key identifier:   20:6E:89:64:03:D8:B0:AF:77:2F:74:C9:2B:13:46:68:78:47:54:13
Certificate issuer:       /CN=bfeaab1ba68e87c9f7ab0d9050bff9f20a6267da
Certificate serial:       01856C6EFEAB1291660FD26D3D6CF051BDD3
Authority key identifier: BF:EA:AB:1B:A6:8E:87:C9:F7:AB:0D:90:50:BF:F9:F2:0A:62:67:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v-qrG6aOh8n3qw2QUL_58gpiZ9o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/137786-466c-4b58-a7af-f33741295101/1/IG6JZAPYsK93L3TJKxNGaHhHVBM.roa
Signing time:             Sun 01 Jan 2023 08:24:51 +0000
ROA not before:           Sun 01 Jan 2023 08:24:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206310
IP address blocks:        185.209.184.0/22 maxlen: 22
                          185.187.216.0/22 maxlen: 22
                          2a0b:af80::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:6e:fe:ab:12:91:66:0f:d2:6d:3d:6c:f0:51:bd:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfeaab1ba68e87c9f7ab0d9050bff9f20a6267da
        Validity
            Not Before: Jan  1 08:24:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=206e896403d8b0af772f74c92b13466878475413
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:9e:e6:a0:43:75:cb:ca:1d:46:22:2d:76:5f:
                    75:67:52:91:ed:37:88:40:59:42:3a:7d:ab:f5:c5:
                    3f:4a:75:b4:07:97:37:df:86:8a:53:ce:52:b8:4f:
                    6e:e4:66:76:71:08:f5:bd:f5:f4:4d:f4:ee:d7:e6:
                    78:32:0d:58:ea:6b:c0:ec:0b:14:1d:eb:16:39:1e:
                    9c:90:7b:2a:1a:dd:28:a8:ee:ba:49:88:fe:04:9b:
                    71:7c:06:ca:e7:fd:e4:f3:02:ce:1e:7f:fa:5e:8e:
                    01:61:15:23:c3:56:68:6b:d0:06:44:89:46:ca:54:
                    38:5e:c2:1a:f6:e7:ff:0c:32:37:05:04:3a:f8:67:
                    aa:04:77:57:bd:e8:50:95:ed:10:b0:cf:d2:e6:9e:
                    5e:e3:9f:d4:82:89:64:4f:9f:8c:51:cf:94:52:b5:
                    e8:02:ee:c3:2a:d2:6c:7b:59:14:a8:38:37:0a:78:
                    c3:16:4a:48:26:d1:7b:55:d2:0c:8b:f9:33:4e:76:
                    e9:83:bd:6f:16:96:ac:a7:4e:71:ab:6d:4e:d2:d3:
                    38:56:af:7c:7f:89:f8:c1:bf:3c:07:2f:fe:09:b1:
                    10:1c:91:72:78:91:ee:4d:e9:10:f0:7c:c0:4d:65:
                    60:d3:b0:2f:6f:c6:d0:44:a3:10:b4:12:a3:7f:5c:
                    ed:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:6E:89:64:03:D8:B0:AF:77:2F:74:C9:2B:13:46:68:78:47:54:13
            X509v3 Authority Key Identifier:
                keyid:BF:EA:AB:1B:A6:8E:87:C9:F7:AB:0D:90:50:BF:F9:F2:0A:62:67:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-qrG6aOh8n3qw2QUL_58gpiZ9o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/137786-466c-4b58-a7af-f33741295101/1/IG6JZAPYsK93L3TJKxNGaHhHVBM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/137786-466c-4b58-a7af-f33741295101/1/v-qrG6aOh8n3qw2QUL_58gpiZ9o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.187.216.0/22
                  185.209.184.0/22
                IPv6:
                  2a0b:af80::/29

    Signature Algorithm: sha256WithRSAEncryption
         b9:ad:18:59:de:80:45:6a:c1:0c:3b:24:1f:75:31:d8:76:eb:
         ee:94:7f:3c:15:30:eb:16:79:fe:94:49:d5:0c:5a:0d:58:4e:
         81:6f:72:60:7a:64:2c:f1:f2:73:26:c5:20:df:2b:1c:4b:bb:
         99:56:7d:b4:a8:83:38:67:11:fe:59:a9:11:60:64:d5:dd:00:
         3d:0b:96:5d:86:cf:10:cf:05:96:26:fa:79:ba:17:a6:8c:f0:
         df:72:46:d2:88:2f:05:19:c1:28:35:0c:15:d8:3e:6a:b6:f5:
         df:9f:95:5c:9a:7a:bf:9d:50:65:60:37:c2:9a:56:58:f0:d7:
         4e:86:4e:95:1c:dd:ef:3d:76:fd:0e:4a:74:78:54:cc:ed:b7:
         ae:a2:3c:3f:71:ea:2c:fb:9c:95:46:92:64:de:dd:ad:36:e8:
         6f:b5:b3:19:d9:6d:cd:b1:65:03:d7:9f:c1:35:80:e0:a4:17:
         aa:a2:12:0e:47:d3:71:b7:f4:2a:6d:ce:bc:fd:2a:5e:f7:23:
         42:09:4f:1c:9f:00:a8:2e:6a:22:95:8c:de:73:70:e1:8c:9b:
         8e:3c:2b:eb:48:61:3a:9b:85:1e:41:a2:d4:b4:13:4c:7e:49:
         e1:ff:0f:ce:12:58:e1:75:27:d9:3f:25:01:64:12:75:8d:fb:
         b7:18:e1:26
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsbv6rEpFmD9JtPWzwUb3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZWFhYjFiYTY4ZTg3YzlmN2FiMGQ5MDUwYmZmOWYyMGE2
MjY3ZGEwHhcNMjMwMTAxMDgyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDZlODk2NDAzZDhiMGFmNzcyZjc0YzkyYjEzNDY2ODc4NDc1NDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZ7moEN1y8odRiItdl91Z1KR7TeI
QFlCOn2r9cU/SnW0B5c334aKU85SuE9u5GZ2cQj1vfX0TfTu1+Z4Mg1Y6mvA7AsU
HesWOR6ckHsqGt0oqO66SYj+BJtxfAbK5/3k8wLOHn/6Xo4BYRUjw1Zoa9AGRIlG
ylQ4XsIa9uf/DDI3BQQ6+GeqBHdXvehQle0QsM/S5p5e45/UgolkT5+MUc+UUrXo
Au7DKtJse1kUqDg3CnjDFkpIJtF7VdIMi/kzTnbpg71vFpasp05xq21O0tM4Vq98
f4n4wb88By/+CbEQHJFyeJHuTekQ8HzATWVg07Avb8bQRKMQtBKjf1zt+wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCBuiWQD2LCvdy90ySsTRmh4R1QTMB8GA1UdIwQY
MBaAFL/qqxumjofJ96sNkFC/+fIKYmfaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1xckc2YU9oOG4zcXcyUVVMXzU4Z3BpWjlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8xMzc3ODYtNDY2Yy00YjU4LWE3YWYt
ZjMzNzQxMjk1MTAxLzEvSUc2SlpBUFlzSzkzTDNUSkt4TkdhSGhIVkJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8xMzc3ODYtNDY2Yy00YjU4LWE3YWYtZjMzNzQxMjk1MTAx
LzEvdi1xckc2YU9oOG4zcXcyUVVMXzU4Z3BpWjlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCubvYAwQC
udG4MA0EAgACMAcDBQMqC6+AMA0GCSqGSIb3DQEBCwUAA4IBAQC5rRhZ3oBFasEM
OyQfdTHYduvulH88FTDrFnn+lEnVDFoNWE6Bb3JgemQs8fJzJsUg3yscS7uZVn20
qIM4ZxH+WakRYGTV3QA9C5Zdhs8QzwWWJvp5uhemjPDfckbSiC8FGcEoNQwV2D5q
tvXfn5Vcmnq/nVBlYDfCmlZY8NdOhk6VHN3vPXb9Dkp0eFTM7beuojw/ceos+5yV
RpJk3t2tNuhvtbMZ2W3NsWUD15/BNYDgpBeqohIOR9Nxt/Qqbc68/Spe9yNCCU8c
nwCoLmoilYzec3DhjJuOPCvrSGE6m4UeQaLUtBNMfknh/w/OEljhdSfZPyUBZBJ1
jfu3GOEm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:34 2024 by rpki-client on console-ams.rpki-client.org