Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/E0OkLmlDSN-lgNtXMqSUeBwhtXI.roa
File:                     E0OkLmlDSN-lgNtXMqSUeBwhtXI.roa (raw, json)
Hash identifier:          NCZlSLBSvf4pbKa2UxCdZvRdXJzzYzlyfJpkKUigd4I=
Subject key identifier:   13:43:A4:2E:69:43:48:DF:A5:80:DB:57:32:A4:94:78:1C:21:B5:72
Certificate issuer:       /CN=d9a988916d51406f9a269f30a02d0086b57f4d5a
Certificate serial:       01856DE64BB2B4DA9EB600C5517C594F4213
Authority key identifier: D9:A9:88:91:6D:51:40:6F:9A:26:9F:30:A0:2D:00:86:B5:7F:4D:5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2amIkW1RQG-aJp8woC0AhrV_TVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/E0OkLmlDSN-lgNtXMqSUeBwhtXI.roa
Signing time:             Sun 01 Jan 2023 15:14:47 +0000
ROA not before:           Sun 01 Jan 2023 15:14:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56324
IP address blocks:        185.6.28.0/23 maxlen: 23
                          185.6.30.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:e6:4b:b2:b4:da:9e:b6:00:c5:51:7c:59:4f:42:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9a988916d51406f9a269f30a02d0086b57f4d5a
        Validity
            Not Before: Jan  1 15:14:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1343a42e694348dfa580db5732a494781c21b572
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:cd:51:b1:08:1d:41:78:bb:e7:4e:c6:31:ce:
                    96:65:63:f4:8a:1c:24:55:3c:b7:45:97:fe:fb:9e:
                    d8:64:b9:85:e1:d4:f6:16:db:dc:a2:1d:3b:4f:7e:
                    ef:65:1f:05:48:35:cc:b1:31:e8:27:cf:9b:f1:cd:
                    df:24:ef:4e:52:00:f6:c3:4d:53:c3:b3:95:37:85:
                    d2:6f:d5:0d:ef:e4:7e:7c:51:33:5e:55:c2:56:64:
                    a2:cd:e4:6c:d8:81:7f:69:1b:9a:c9:79:b1:be:d1:
                    2f:3c:e8:0b:21:eb:be:0b:ed:dc:f9:10:4b:b4:24:
                    3c:c6:63:97:04:0b:9d:ae:ed:7a:e4:b4:c9:e2:b0:
                    2e:86:32:ee:32:4f:29:bd:a2:c5:86:c3:93:aa:e6:
                    01:42:2a:56:f8:af:24:9c:09:68:09:37:a3:5e:f3:
                    cf:fb:7c:d3:56:3c:87:83:bf:a8:8c:e4:6b:90:bc:
                    b3:91:66:a2:9d:25:0f:bb:0a:ab:1c:3f:cc:00:d2:
                    d2:e6:b4:cd:67:07:d2:e5:cb:87:af:29:6e:59:f2:
                    5f:26:7c:7e:2b:b5:14:93:e4:0f:a7:7f:80:f0:5d:
                    ba:73:f1:8f:b7:66:0d:22:34:88:4e:0d:ce:60:cf:
                    73:0a:7f:75:a8:cd:71:37:0d:1d:25:ad:70:dc:6c:
                    f4:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:43:A4:2E:69:43:48:DF:A5:80:DB:57:32:A4:94:78:1C:21:B5:72
            X509v3 Authority Key Identifier:
                keyid:D9:A9:88:91:6D:51:40:6F:9A:26:9F:30:A0:2D:00:86:B5:7F:4D:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2amIkW1RQG-aJp8woC0AhrV_TVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/E0OkLmlDSN-lgNtXMqSUeBwhtXI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/2amIkW1RQG-aJp8woC0AhrV_TVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.6.28.0-185.6.30.255

    Signature Algorithm: sha256WithRSAEncryption
         8e:66:64:35:00:57:cb:53:5e:b1:9d:fb:bc:6a:b1:2b:4b:f9:
         69:b6:1d:8b:dc:44:c5:99:26:11:6b:1a:a2:1d:3d:16:b7:75:
         20:5b:14:d2:eb:c1:26:7d:a5:fd:6d:1e:4a:b6:b5:ce:34:ce:
         d8:8f:7a:e7:5b:4c:5c:8a:a4:f8:b0:ca:bc:c7:78:28:c7:64:
         dd:a2:93:bc:e8:f0:6e:6a:85:18:b2:7a:1a:87:53:8d:33:9e:
         5e:a7:be:bc:7f:1d:60:dc:db:2b:43:52:93:a9:93:82:ab:46:
         cd:27:27:32:9c:4f:79:c3:65:40:5f:24:2f:2f:7f:98:c5:ab:
         5f:96:6a:02:44:50:91:b0:da:47:9d:9d:b4:c3:d9:fb:b0:02:
         17:41:18:88:b9:22:0e:88:08:b6:45:a1:10:97:28:3f:6c:2e:
         5c:e0:05:3f:7b:e6:bc:d2:ae:ef:94:6b:bd:d9:0c:ec:33:fd:
         f8:3d:72:ea:eb:9a:f2:b0:9d:9b:dc:f6:22:9d:c2:37:06:81:
         b5:3d:74:e4:65:b3:c8:a2:9f:e3:77:3f:8f:78:e7:bd:25:34:
         b9:23:ae:cb:f8:bf:1f:81:df:7b:7e:ae:7b:23:2b:4d:79:45:
         20:b4:e6:fb:40:01:c7:8d:1d:79:93:02:35:fd:85:4e:81:fa:
         6a:0a:4c:7a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVt5kuytNqetgDFUXxZT0ITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTk4ODkxNmQ1MTQwNmY5YTI2OWYzMGEwMmQwMDg2YjU3
ZjRkNWEwHhcNMjMwMTAxMTUxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzQzYTQyZTY5NDM0OGRmYTU4MGRiNTczMmE0OTQ3ODFjMjFiNTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0c1RsQgdQXi7507GMc6WZWP0ihwk
VTy3RZf++57YZLmF4dT2Ftvcoh07T37vZR8FSDXMsTHoJ8+b8c3fJO9OUgD2w01T
w7OVN4XSb9UN7+R+fFEzXlXCVmSizeRs2IF/aRuayXmxvtEvPOgLIeu+C+3c+RBL
tCQ8xmOXBAudru165LTJ4rAuhjLuMk8pvaLFhsOTquYBQipW+K8knAloCTejXvPP
+3zTVjyHg7+ojORrkLyzkWainSUPuwqrHD/MANLS5rTNZwfS5cuHryluWfJfJnx+
K7UUk+QPp3+A8F26c/GPt2YNIjSITg3OYM9zCn91qM1xNw0dJa1w3Gz0twIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBNDpC5pQ0jfpYDbVzKklHgcIbVyMB8GA1UdIwQY
MBaAFNmpiJFtUUBvmiafMKAtAIa1f01aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFtSWtXMVJRRy1hSnA4d29DMEFoclZfVFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy85NjJiM2YtZmMyNi00NTQ5LWFlMDIt
NGQwNDlhMWVhZjJmLzEvRTBPa0xtbERTTi1sZ050WE1xU1VlQndodFhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy85NjJiM2YtZmMyNi00NTQ5LWFlMDItNGQwNDlhMWVhZjJm
LzEvMmFtSWtXMVJRRy1hSnA4d29DMEFoclZfVFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK5BhwD
BAC5Bh4wDQYJKoZIhvcNAQELBQADggEBAI5mZDUAV8tTXrGd+7xqsStL+Wm2HYvc
RMWZJhFrGqIdPRa3dSBbFNLrwSZ9pf1tHkq2tc40ztiPeudbTFyKpPiwyrzHeCjH
ZN2ik7zo8G5qhRiyehqHU40znl6nvrx/HWDc2ytDUpOpk4KrRs0nJzKcT3nDZUBf
JC8vf5jFq1+WagJEUJGw2kednbTD2fuwAhdBGIi5Ig6ICLZFoRCXKD9sLlzgBT97
5rzSru+Ua73ZDOwz/fg9currmvKwnZvc9iKdwjcGgbU9dORls8iin+N3P494570l
NLkjrsv4vx+B33t+rnsjK015RSC05vtAAceNHXmTAjX9hU6B+moKTHo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:09 2024 by rpki-client on console-ams.rpki-client.org