Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/9e16d2-d3b9-4efa-9c3d-e4961852c8b6/1/BbeK0SZC1X7DLhIqcdQ3c3N5_4k.roa
File:                     BbeK0SZC1X7DLhIqcdQ3c3N5_4k.roa (raw, json)
Hash identifier:          ZcuymClM+xLhoPqfGR6UjKPc2EDXAoFmW2p3t7e8vS4=
Subject key identifier:   05:B7:8A:D1:26:42:D5:7E:C3:2E:12:2A:71:D4:37:73:73:79:FF:89
Certificate issuer:       /CN=66f04275253f967384c4973758a54b7fd085fe45
Certificate serial:       01856E01E491C79FDE375DE0ECC2249FFB38
Authority key identifier: 66:F0:42:75:25:3F:96:73:84:C4:97:37:58:A5:4B:7F:D0:85:FE:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZvBCdSU_lnOExJc3WKVLf9CF_kU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/9e16d2-d3b9-4efa-9c3d-e4961852c8b6/1/BbeK0SZC1X7DLhIqcdQ3c3N5_4k.roa
Signing time:             Sun 01 Jan 2023 15:44:55 +0000
ROA not before:           Sun 01 Jan 2023 15:44:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204645
IP address blocks:        185.109.172.0/22 maxlen: 24
                          2a02:4e80::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:01:e4:91:c7:9f:de:37:5d:e0:ec:c2:24:9f:fb:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66f04275253f967384c4973758a54b7fd085fe45
        Validity
            Not Before: Jan  1 15:44:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=05b78ad12642d57ec32e122a71d437737379ff89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:49:f2:49:ef:28:70:f0:60:3e:f4:d4:78:98:
                    e9:65:ad:25:26:0b:b1:fb:41:51:1d:74:fc:ed:ba:
                    46:f0:fc:f2:8e:51:68:64:08:e2:68:9d:cc:d6:72:
                    f3:4c:02:bf:b3:04:33:c3:be:22:8d:cd:b2:6d:7b:
                    ee:b4:cb:ae:d1:b3:40:b4:5e:33:8f:73:47:dc:51:
                    14:87:01:a1:20:12:5b:43:4a:9c:e1:36:2c:ac:3d:
                    46:bf:82:84:a4:fd:27:e9:15:04:6f:7b:05:56:91:
                    d6:ef:1a:f9:6a:b3:99:d9:5d:8e:75:df:ae:ef:fc:
                    47:40:a7:55:72:56:e3:b7:c2:ef:83:f3:06:1d:ab:
                    aa:c7:7c:f4:61:3b:04:d5:b3:6e:70:5b:ec:d4:48:
                    c1:9d:a9:ce:22:7b:14:c8:33:23:5a:14:c9:ff:ca:
                    ea:57:20:d6:23:97:60:14:a5:bd:eb:0f:52:ad:83:
                    bc:1c:12:40:b2:62:b3:c0:2f:ba:51:db:8c:dd:df:
                    1c:9f:10:f4:84:a7:18:f8:ad:25:eb:4a:ca:22:6c:
                    ce:5f:df:52:b9:60:e6:eb:52:90:98:83:16:17:29:
                    ec:52:63:15:05:f1:de:97:b4:df:b0:e5:64:62:5b:
                    0e:64:57:d0:bf:29:82:d0:5b:73:c8:84:10:63:73:
                    a6:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:B7:8A:D1:26:42:D5:7E:C3:2E:12:2A:71:D4:37:73:73:79:FF:89
            X509v3 Authority Key Identifier:
                keyid:66:F0:42:75:25:3F:96:73:84:C4:97:37:58:A5:4B:7F:D0:85:FE:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvBCdSU_lnOExJc3WKVLf9CF_kU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9e16d2-d3b9-4efa-9c3d-e4961852c8b6/1/BbeK0SZC1X7DLhIqcdQ3c3N5_4k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9e16d2-d3b9-4efa-9c3d-e4961852c8b6/1/ZvBCdSU_lnOExJc3WKVLf9CF_kU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.109.172.0/22
                IPv6:
                  2a02:4e80::/32

    Signature Algorithm: sha256WithRSAEncryption
         8c:73:b4:f9:97:43:b2:b4:a6:57:1a:cb:10:9b:c4:11:9f:81:
         be:e9:e5:cd:4b:1a:e4:f5:6c:d3:4f:e3:2b:03:f0:3b:df:7e:
         83:d7:9d:3b:2c:78:c0:20:03:72:2e:c9:1b:26:13:ae:18:e1:
         fa:23:57:2d:14:48:8d:54:7c:90:74:0f:c4:94:9a:c4:dc:31:
         ff:87:2f:00:21:46:18:e1:2a:9a:98:33:35:1f:cb:f4:5b:18:
         5b:60:fa:53:c9:4a:e2:df:55:18:aa:32:54:74:fd:eb:1b:c5:
         1e:e2:71:b6:c0:15:c3:c9:02:a9:20:c3:56:0b:14:84:d2:77:
         d6:ea:f1:dd:66:50:17:20:40:d5:e0:6f:b2:c9:6c:f6:77:1c:
         eb:b2:50:b3:cc:56:60:97:61:ef:b7:c9:6a:8f:04:eb:01:97:
         c9:3d:d4:e1:e7:ba:fa:ec:54:1d:ca:43:87:18:93:5c:cb:96:
         f9:73:78:04:6d:ad:1f:71:6d:3d:e3:25:59:db:fe:86:a8:05:
         27:3d:65:40:ef:60:07:2d:fa:eb:22:44:55:20:e9:b9:c7:e7:
         8a:35:9d:06:82:a1:78:6f:2b:12:d3:1c:51:f1:e8:03:8b:e3:
         ff:e7:e6:c0:0a:02:00:1c:5c:db:04:1d:cc:40:77:7a:6d:e4:
         8e:2f:bc:00
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuAeSRx5/eN13g7MIkn/s4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZjA0Mjc1MjUzZjk2NzM4NGM0OTczNzU4YTU0YjdmZDA4
NWZlNDUwHhcNMjMwMTAxMTU0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWI3OGFkMTI2NDJkNTdlYzMyZTEyMmE3MWQ0Mzc3MzczNzlmZjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjknySe8ocPBgPvTUeJjpZa0lJgux
+0FRHXT87bpG8PzyjlFoZAjiaJ3M1nLzTAK/swQzw74ijc2ybXvutMuu0bNAtF4z
j3NH3FEUhwGhIBJbQ0qc4TYsrD1Gv4KEpP0n6RUEb3sFVpHW7xr5arOZ2V2Odd+u
7/xHQKdVclbjt8Lvg/MGHauqx3z0YTsE1bNucFvs1EjBnanOInsUyDMjWhTJ/8rq
VyDWI5dgFKW96w9SrYO8HBJAsmKzwC+6UduM3d8cnxD0hKcY+K0l60rKImzOX99S
uWDm61KQmIMWFynsUmMVBfHel7TfsOVkYlsOZFfQvymC0FtzyIQQY3OmSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAW3itEmQtV+wy4SKnHUN3Nzef+JMB8GA1UdIwQY
MBaAFGbwQnUlP5ZzhMSXN1ilS3/Qhf5FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnZCQ2RTVV9sbk9FeEpjM1dLVkxmOUNGX2tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS85ZTE2ZDItZDNiOS00ZWZhLTljM2Qt
ZTQ5NjE4NTJjOGI2LzEvQmJlSzBTWkMxWDdETGhJcWNkUTNjM041XzRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS85ZTE2ZDItZDNiOS00ZWZhLTljM2QtZTQ5NjE4NTJjOGI2
LzEvWnZCQ2RTVV9sbk9FeEpjM1dLVkxmOUNGX2tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuW2sMA0E
AgACMAcDBQAqAk6AMA0GCSqGSIb3DQEBCwUAA4IBAQCMc7T5l0OytKZXGssQm8QR
n4G+6eXNSxrk9WzTT+MrA/A7336D1507LHjAIANyLskbJhOuGOH6I1ctFEiNVHyQ
dA/ElJrE3DH/hy8AIUYY4SqamDM1H8v0WxhbYPpTyUri31UYqjJUdP3rG8Ue4nG2
wBXDyQKpIMNWCxSE0nfW6vHdZlAXIEDV4G+yyWz2dxzrslCzzFZgl2Hvt8lqjwTr
AZfJPdTh57r67FQdykOHGJNcy5b5c3gEba0fcW094yVZ2/6GqAUnPWVA72AHLfrr
IkRVIOm5x+eKNZ0GgqF4bysS0xxR8egDi+P/5+bACgIAHFzbBB3MQHd6beSOL7wA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:08 2024 by rpki-client on console-ams.rpki-client.org