Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/pb1OLes5xQjP6UgV9VqtzTCFq6c.roa
File:                     pb1OLes5xQjP6UgV9VqtzTCFq6c.roa (raw, json)
Hash identifier:          e3VZaKVdykRqZeuyCy2bqWA5OIhah20lMfcrgIjavlk=
Subject key identifier:   A5:BD:4E:2D:EB:39:C5:08:CF:E9:48:15:F5:5A:AD:CD:30:85:AB:A7
Certificate issuer:       /CN=262341b433e1f8fcb796322d2fd926409396e7ad
Certificate serial:       0185708CBCF98782012F2AF5FF374EBC9EC3
Authority key identifier: 26:23:41:B4:33:E1:F8:FC:B7:96:32:2D:2F:D9:26:40:93:96:E7:AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JiNBtDPh-Py3ljItL9kmQJOW560.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/pb1OLes5xQjP6UgV9VqtzTCFq6c.roa
Signing time:             Mon 02 Jan 2023 03:35:49 +0000
ROA not before:           Mon 02 Jan 2023 03:35:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57030
IP address blocks:        185.66.0.0/22 maxlen: 22
                          176.62.200.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:8c:bc:f9:87:82:01:2f:2a:f5:ff:37:4e:bc:9e:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=262341b433e1f8fcb796322d2fd926409396e7ad
        Validity
            Not Before: Jan  2 03:35:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a5bd4e2deb39c508cfe94815f55aadcd3085aba7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:2f:e6:3a:79:70:75:b8:d4:72:96:9e:c0:92:
                    45:e7:c4:38:79:1e:35:15:77:78:cf:76:18:16:98:
                    51:26:1e:6d:f8:af:81:ec:67:c1:f7:bb:7f:3b:7e:
                    11:6b:26:09:7c:76:11:7a:70:07:16:2d:c7:11:00:
                    3f:a7:1e:14:e5:e6:09:e2:2a:ae:f0:e5:e8:2a:25:
                    b1:67:1a:02:9a:13:a0:f5:3d:47:27:ea:a8:b1:bc:
                    ea:41:0d:e1:53:7a:15:e1:bd:50:3d:3e:7c:2a:1e:
                    b1:3c:5b:a1:2b:9a:b7:67:b6:a6:d0:03:79:c1:3c:
                    89:c8:be:9f:a4:41:21:c4:0a:5e:7c:89:34:79:33:
                    ce:9d:21:38:20:42:0a:87:70:b4:32:c7:8c:4e:6b:
                    f6:43:e8:8a:f0:51:6b:39:cf:74:37:65:86:fc:cc:
                    b7:94:c1:8b:44:9f:9f:b9:cc:38:75:dd:ad:5f:2f:
                    1a:ce:53:cf:81:db:ed:00:51:f3:d6:b0:cb:60:0d:
                    8c:3d:ed:94:29:29:26:a0:0b:d9:1e:00:a9:ed:50:
                    ea:5c:57:c3:e9:72:19:5b:f9:9c:a2:9a:b3:43:b9:
                    73:8a:08:b6:c0:b3:f3:2e:11:51:c8:db:bd:a6:42:
                    a7:81:7a:c1:87:c0:c9:75:e1:bc:85:1c:2e:46:19:
                    a1:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:BD:4E:2D:EB:39:C5:08:CF:E9:48:15:F5:5A:AD:CD:30:85:AB:A7
            X509v3 Authority Key Identifier:
                keyid:26:23:41:B4:33:E1:F8:FC:B7:96:32:2D:2F:D9:26:40:93:96:E7:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JiNBtDPh-Py3ljItL9kmQJOW560.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/pb1OLes5xQjP6UgV9VqtzTCFq6c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/JiNBtDPh-Py3ljItL9kmQJOW560.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.62.200.0/21
                  185.66.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         22:10:75:43:26:dc:dc:bb:9f:04:fa:02:43:b2:b7:8c:44:4e:
         a9:17:ba:6a:22:10:f2:46:08:4c:4f:a3:e9:fa:d4:e5:a2:a8:
         39:e8:cb:d6:15:4f:4f:97:18:68:e8:f5:dc:71:4d:40:98:12:
         24:aa:1b:e9:67:5a:5e:55:8d:66:df:0e:49:c0:c6:5d:0e:98:
         7f:1d:b5:f8:d6:c7:2d:21:ea:f1:72:92:e7:02:d6:f7:0e:40:
         7d:6e:ff:a1:da:ec:c6:d5:ff:c0:55:45:ec:56:6b:60:84:4d:
         bc:40:03:a7:74:ee:bb:d5:e4:52:5e:30:ff:6f:b3:2a:b3:f9:
         2f:3b:f8:65:79:8b:d3:3f:43:86:f4:79:5a:9c:d3:15:80:6a:
         70:69:da:ec:b7:71:5e:2c:e4:24:16:55:80:75:dc:c3:58:3c:
         22:2b:d6:49:6f:c4:f3:32:3c:64:b3:e1:e8:18:86:6f:f6:e8:
         d0:66:ce:cd:47:b0:51:85:d4:4b:95:d7:62:15:76:8b:e8:40:
         41:6e:e6:e3:f1:0e:ac:6d:0c:ba:28:14:6d:1f:62:e3:a9:af:
         34:e6:da:ff:7b:95:c5:b9:26:2b:2e:70:3c:c5:7d:5a:ac:20:
         ed:0a:a9:90:fd:fa:22:27:ca:bf:39:1c:b3:66:f5:3b:c2:a3:
         c2:5f:fc:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwjLz5h4IBLyr1/zdOvJ7DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MjM0MWI0MzNlMWY4ZmNiNzk2MzIyZDJmZDkyNjQwOTM5
NmU3YWQwHhcNMjMwMTAyMDMzNTQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWJkNGUyZGViMzljNTA4Y2ZlOTQ4MTVmNTVhYWRjZDMwODVhYmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgi/mOnlwdbjUcpaewJJF58Q4eR41
FXd4z3YYFphRJh5t+K+B7GfB97t/O34RayYJfHYRenAHFi3HEQA/px4U5eYJ4iqu
8OXoKiWxZxoCmhOg9T1HJ+qosbzqQQ3hU3oV4b1QPT58Kh6xPFuhK5q3Z7am0AN5
wTyJyL6fpEEhxApefIk0eTPOnSE4IEIKh3C0MseMTmv2Q+iK8FFrOc90N2WG/My3
lMGLRJ+fucw4dd2tXy8azlPPgdvtAFHz1rDLYA2MPe2UKSkmoAvZHgCp7VDqXFfD
6XIZW/mcopqzQ7lzigi2wLPzLhFRyNu9pkKngXrBh8DJdeG8hRwuRhmhJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKW9Ti3rOcUIz+lIFfVarc0whaunMB8GA1UdIwQY
MBaAFCYjQbQz4fj8t5YyLS/ZJkCTluetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmlOQnREUGgtUHkzbGpJdEw5a21RSk9XNTYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi81NjhlMjEtNTNhNC00ZTU1LTljNTct
OTgyODJjODlmNTE2LzEvcGIxT0xlczV4UWpQNlVnVjlWcXR6VENGcTZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi81NjhlMjEtNTNhNC00ZTU1LTljNTctOTgyODJjODlmNTE2
LzEvSmlOQnREUGgtUHkzbGpJdEw5a21RSk9XNTYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDsD7IAwQC
uUIAMA0GCSqGSIb3DQEBCwUAA4IBAQAiEHVDJtzcu58E+gJDsreMRE6pF7pqIhDy
RghMT6Pp+tTloqg56MvWFU9Plxho6PXccU1AmBIkqhvpZ1peVY1m3w5JwMZdDph/
HbX41sctIerxcpLnAtb3DkB9bv+h2uzG1f/AVUXsVmtghE28QAOndO671eRSXjD/
b7Mqs/kvO/hleYvTP0OG9HlanNMVgGpwadrst3FeLOQkFlWAddzDWDwiK9ZJb8Tz
Mjxks+HoGIZv9ujQZs7NR7BRhdRLlddiFXaL6EBBbubj8Q6sbQy6KBRtH2Ljqa80
5tr/e5XFuSYrLnA8xX1arCDtCqmQ/foiJ8q/ORyzZvU7wqPCX/wp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:26 2024 by rpki-client on console-fra.rpki-client.org