Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/6a2302-85c5-4ebc-9641-39369689f27e/1/ahEgG1_HlpeGHw0c4n8Pa4cYxuY.roa
File:                     ahEgG1_HlpeGHw0c4n8Pa4cYxuY.roa (raw, json)
Hash identifier:          Veu5YSHSRcZPbq4g2GN3zgvGZj0sML/N5i5Q4YxoeQc=
Subject key identifier:   6A:11:20:1B:5F:C7:96:97:86:1F:0D:1C:E2:7F:0F:6B:87:18:C6:E6
Certificate issuer:       /CN=351353429e72eb286cc18ecbeb8fa71a31c08190
Certificate serial:       018570153EB9902CC8D0A945DDBB2E277450
Authority key identifier: 35:13:53:42:9E:72:EB:28:6C:C1:8E:CB:EB:8F:A7:1A:31:C0:81:90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NRNTQp5y6yhswY7L64-nGjHAgZA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/6a2302-85c5-4ebc-9641-39369689f27e/1/ahEgG1_HlpeGHw0c4n8Pa4cYxuY.roa
Signing time:             Mon 02 Jan 2023 01:25:18 +0000
ROA not before:           Mon 02 Jan 2023 01:25:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62284
IP address blocks:        185.110.28.0/24 maxlen: 24
                          185.110.28.0/22 maxlen: 22
                          185.110.29.0/24 maxlen: 24
                          185.110.30.0/24 maxlen: 24
                          185.110.31.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 13 May 2023 07:49:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:15:3e:b9:90:2c:c8:d0:a9:45:dd:bb:2e:27:74:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=351353429e72eb286cc18ecbeb8fa71a31c08190
        Validity
            Not Before: Jan  2 01:25:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6a11201b5fc79697861f0d1ce27f0f6b8718c6e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:da:9c:4a:0c:a1:92:53:f7:7b:17:b9:2f:1d:
                    4e:f3:92:f5:9a:39:00:b1:82:04:49:6d:c8:e0:91:
                    f8:b6:b4:9d:51:84:44:84:bc:c2:6a:6a:7a:55:b7:
                    09:0b:3a:b0:cd:0a:15:e0:05:75:df:f7:89:10:dd:
                    6e:5a:76:0e:16:3e:43:a3:52:8a:27:d6:b4:d6:97:
                    3a:ef:ab:03:61:d2:8c:73:ab:c2:dd:37:57:17:1c:
                    3f:84:0c:29:27:92:5b:20:7a:6a:7f:3f:5d:28:04:
                    d2:ee:69:9f:f0:fa:4d:50:7c:dc:6c:76:09:84:c5:
                    a8:05:4f:83:0d:7a:69:3f:7d:d4:78:81:dc:30:7e:
                    40:32:4d:92:7f:16:29:b8:ee:04:6d:0a:33:df:46:
                    6f:98:10:e4:2a:cd:52:69:d7:22:39:b4:bc:da:79:
                    66:c8:3c:3f:41:2a:f7:29:be:ac:66:6c:4f:0f:db:
                    3e:ad:bd:b5:72:fc:ce:64:0e:f5:9e:a5:08:39:58:
                    2f:ba:71:54:39:f7:ad:ee:23:89:58:54:87:a1:e8:
                    08:e5:db:25:c0:fb:2a:a2:c4:3a:e0:f9:e9:b6:38:
                    2a:97:51:cc:fb:0b:26:91:ef:c6:80:49:95:4a:f9:
                    3f:92:59:74:07:34:ea:5b:06:cd:ec:94:0d:a5:63:
                    ea:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:11:20:1B:5F:C7:96:97:86:1F:0D:1C:E2:7F:0F:6B:87:18:C6:E6
            X509v3 Authority Key Identifier:
                keyid:35:13:53:42:9E:72:EB:28:6C:C1:8E:CB:EB:8F:A7:1A:31:C0:81:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRNTQp5y6yhswY7L64-nGjHAgZA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6a2302-85c5-4ebc-9641-39369689f27e/1/ahEgG1_HlpeGHw0c4n8Pa4cYxuY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6a2302-85c5-4ebc-9641-39369689f27e/1/NRNTQp5y6yhswY7L64-nGjHAgZA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.110.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         17:74:95:1c:c5:fa:c6:b0:60:17:17:b5:e6:e7:ca:2b:89:5d:
         73:0f:e6:7c:8a:b6:3f:ac:ce:86:39:7b:1a:9e:4a:57:e5:36:
         fa:49:e8:d7:a6:76:03:11:3f:00:96:c7:ae:06:5a:5e:87:1d:
         f0:5e:c9:5a:d9:16:14:16:26:e9:90:a1:68:e1:c8:a6:be:00:
         7e:28:b7:cc:e5:9c:25:80:9f:ad:9c:27:6a:22:12:8c:d7:81:
         92:3c:e1:1f:9f:ac:50:8c:56:02:31:62:93:59:c0:4f:f4:4a:
         cd:38:52:28:9a:f7:7e:aa:f6:ec:7e:38:46:90:5b:91:f0:3f:
         82:87:3d:d0:8b:27:c3:c7:ef:e8:a4:1b:ca:e1:69:48:42:13:
         5d:5e:0f:ce:bb:91:09:a0:bc:98:e3:30:53:8c:47:b6:d5:62:
         79:4a:60:82:28:9c:ad:30:fa:b8:7a:2f:86:48:1d:af:f7:7c:
         44:80:12:15:53:e5:51:38:ce:73:86:73:92:95:cf:c0:16:7d:
         40:eb:06:6b:45:43:e6:f0:94:3b:4a:34:5b:28:e2:aa:5a:5a:
         b3:e4:ea:fb:65:41:c7:62:78:4f:a8:c0:25:fb:52:c7:23:be:
         a7:55:0e:c3:bc:f4:2c:30:15:ae:ce:2e:a8:ed:54:d9:3a:79:
         bf:d6:d8:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwFT65kCzI0KlF3bsuJ3RQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTM1MzQyOWU3MmViMjg2Y2MxOGVjYmViOGZhNzFhMzFj
MDgxOTAwHhcNMjMwMTAyMDEyNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTExMjAxYjVmYzc5Njk3ODYxZjBkMWNlMjdmMGY2Yjg3MThjNmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtqcSgyhklP3exe5Lx1O85L1mjkA
sYIESW3I4JH4trSdUYREhLzCamp6VbcJCzqwzQoV4AV13/eJEN1uWnYOFj5Do1KK
J9a01pc676sDYdKMc6vC3TdXFxw/hAwpJ5JbIHpqfz9dKATS7mmf8PpNUHzcbHYJ
hMWoBU+DDXppP33UeIHcMH5AMk2SfxYpuO4EbQoz30ZvmBDkKs1SadciObS82nlm
yDw/QSr3Kb6sZmxPD9s+rb21cvzOZA71nqUIOVgvunFUOfet7iOJWFSHoegI5dsl
wPsqosQ64Pnptjgql1HM+wsmke/GgEmVSvk/kll0BzTqWwbN7JQNpWPqYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGoRIBtfx5aXhh8NHOJ/D2uHGMbmMB8GA1UdIwQY
MBaAFDUTU0KecusobMGOy+uPpxoxwIGQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJOVFFwNXk2eWhzd1k3TDY0LW5HakhBZ1pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS82YTIzMDItODVjNS00ZWJjLTk2NDEt
MzkzNjk2ODlmMjdlLzEvYWhFZ0cxX0hscGVHSHcwYzRuOFBhNGNZeHVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS82YTIzMDItODVjNS00ZWJjLTk2NDEtMzkzNjk2ODlmMjdl
LzEvTlJOVFFwNXk2eWhzd1k3TDY0LW5HakhBZ1pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuW4cMA0G
CSqGSIb3DQEBCwUAA4IBAQAXdJUcxfrGsGAXF7Xm58oriV1zD+Z8irY/rM6GOXsa
nkpX5Tb6SejXpnYDET8AlseuBlpehx3wXsla2RYUFibpkKFo4cimvgB+KLfM5Zwl
gJ+tnCdqIhKM14GSPOEfn6xQjFYCMWKTWcBP9ErNOFIomvd+qvbsfjhGkFuR8D+C
hz3QiyfDx+/opBvK4WlIQhNdXg/Ou5EJoLyY4zBTjEe21WJ5SmCCKJytMPq4ei+G
SB2v93xEgBIVU+VROM5zhnOSlc/AFn1A6wZrRUPm8JQ7SjRbKOKqWlqz5Or7ZUHH
YnhPqMAl+1LHI76nVQ7DvPQsMBWuzi6o7VTZOnm/1tgf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:39 2024 by rpki-client on console-ams.rpki-client.org