Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/ANugVShlxhp4AXvX8T2cLntpEQY.roa
File:                     ANugVShlxhp4AXvX8T2cLntpEQY.roa (raw, json)
Hash identifier:          yqm1FOkd+6N17xpfIgzaYtDi9KedW9WDNR5gl1rqerU=
Subject key identifier:   00:DB:A0:55:28:65:C6:1A:78:01:7B:D7:F1:3D:9C:2E:7B:69:11:06
Certificate issuer:       /CN=a6a0434bebe5dfa63dda78c24a4ebc1d2cd7369d
Certificate serial:       018BD22898C48F804F9A052C4A0CCE3B4C19
Authority key identifier: A6:A0:43:4B:EB:E5:DF:A6:3D:DA:78:C2:4A:4E:BC:1D:2C:D7:36:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pqBDS-vl36Y92njCSk68HSzXNp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/ANugVShlxhp4AXvX8T2cLntpEQY.roa
Signing time:             Wed 15 Nov 2023 08:45:57 +0000
ROA not before:           Wed 15 Nov 2023 08:45:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42649
IP address blocks:        185.195.94.0/24 maxlen: 24
                          185.195.95.0/24 maxlen: 24
                          185.195.92.0/24 maxlen: 24
                          185.195.93.0/24 maxlen: 24
                          185.24.248.0/22 maxlen: 22
                          185.149.56.0/22 maxlen: 22
                          2a0a:56c0::/29 maxlen: 48

Validation:               Failed, certificate revoked on Fri 01 Dec 2023 14:46:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:d2:28:98:c4:8f:80:4f:9a:05:2c:4a:0c:ce:3b:4c:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6a0434bebe5dfa63dda78c24a4ebc1d2cd7369d
        Validity
            Not Before: Nov 15 08:45:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=00dba0552865c61a78017bd7f13d9c2e7b691106
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:30:a2:e2:6e:42:2d:86:3d:7a:01:46:42:a4:
                    3f:a0:30:88:7d:50:bc:2b:76:cb:60:f0:f4:a7:48:
                    81:56:6d:13:72:56:9e:5a:a9:5e:07:c6:65:e8:4d:
                    62:2f:d5:02:9c:3e:c9:a2:ed:de:b6:28:90:4c:40:
                    5f:c0:7f:ed:20:be:9a:b6:0c:f2:92:1b:bf:f9:05:
                    41:2e:fa:b2:f7:15:b9:b7:2e:df:0b:33:5d:e8:22:
                    bc:b0:9d:5a:1a:ee:e3:13:6a:5c:72:2e:8b:b3:75:
                    43:f4:d1:f1:8d:61:d4:89:fc:9b:55:89:3d:b2:9d:
                    0b:e5:3b:50:eb:44:02:a8:a0:c3:79:bb:7d:fb:c2:
                    ed:45:5a:76:f4:45:2f:d3:0b:3d:14:d9:50:a6:a9:
                    a4:da:f1:bb:49:74:e4:f0:e5:26:95:85:ff:fa:8c:
                    9f:f4:bb:38:6b:f5:2e:04:55:34:dc:d7:91:29:ea:
                    89:a0:cf:9d:ad:c3:5f:51:db:ff:4b:a1:d3:3a:1d:
                    0a:8d:0f:2b:88:99:f3:51:80:8e:42:51:95:2b:aa:
                    1c:10:ea:8f:84:b5:a0:4d:c3:8d:54:30:19:02:83:
                    8a:87:62:b0:b9:c2:5d:ad:2b:1b:cb:35:41:24:97:
                    82:5a:83:19:ca:3b:b7:53:d1:bf:24:99:5c:96:03:
                    90:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:DB:A0:55:28:65:C6:1A:78:01:7B:D7:F1:3D:9C:2E:7B:69:11:06
            X509v3 Authority Key Identifier:
                keyid:A6:A0:43:4B:EB:E5:DF:A6:3D:DA:78:C2:4A:4E:BC:1D:2C:D7:36:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pqBDS-vl36Y92njCSk68HSzXNp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/ANugVShlxhp4AXvX8T2cLntpEQY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/pqBDS-vl36Y92njCSk68HSzXNp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.24.248.0/22
                  185.149.56.0/22
                  185.195.92.0/22
                IPv6:
                  2a0a:56c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         6e:b8:f5:29:c4:28:ee:7c:12:24:b1:61:7e:74:de:63:ff:c9:
         ba:f5:b9:72:7a:cb:14:40:e8:64:2a:74:d0:7d:89:07:34:c4:
         27:9d:3a:71:13:d4:53:10:23:de:e3:6c:34:2f:cb:e4:41:2e:
         60:8e:1d:5b:e4:81:fc:3c:36:a4:21:2e:4d:0f:2b:17:10:9c:
         da:84:a8:73:45:bc:66:10:af:f2:5a:d1:48:d4:4a:da:3f:c9:
         e8:fd:24:a0:93:36:45:e5:c9:7d:11:c9:ee:51:29:39:79:5b:
         7f:ef:de:e7:7b:04:8e:e5:c3:17:0a:d5:5f:b6:ca:99:8a:59:
         d5:7d:0f:1f:41:36:71:8a:4e:de:aa:9e:da:23:d9:a9:05:40:
         f3:d9:ec:a1:0e:c6:e2:1e:98:8d:e2:9b:2f:f8:4f:2f:bd:54:
         c9:31:eb:04:7f:99:90:55:0d:f9:8a:a5:d9:df:83:3a:62:42:
         00:c2:6d:c8:38:d3:2c:74:56:2d:40:b2:b2:85:c7:a2:98:b3:
         2f:ff:88:b9:8d:c5:17:26:84:94:73:96:de:61:8f:d8:ef:42:
         ea:9d:8b:e7:9e:67:3d:ee:df:ed:69:9d:2c:6a:e3:e7:ac:9d:
         de:a5:f9:be:36:f6:8c:bd:07:78:2c:ba:2c:c8:47:82:cc:85:
         21:25:b6:4e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYvSKJjEj4BPmgUsSgzOO0wZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YTA0MzRiZWJlNWRmYTYzZGRhNzhjMjRhNGViYzFkMmNk
NzM2OWQwHhcNMjMxMTE1MDg0NTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGRiYTA1NTI4NjVjNjFhNzgwMTdiZDdmMTNkOWMyZTdiNjkxMTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjCi4m5CLYY9egFGQqQ/oDCIfVC8
K3bLYPD0p0iBVm0TclaeWqleB8Zl6E1iL9UCnD7Jou3etiiQTEBfwH/tIL6atgzy
khu/+QVBLvqy9xW5ty7fCzNd6CK8sJ1aGu7jE2pcci6Ls3VD9NHxjWHUifybVYk9
sp0L5TtQ60QCqKDDebt9+8LtRVp29EUv0ws9FNlQpqmk2vG7SXTk8OUmlYX/+oyf
9Ls4a/UuBFU03NeRKeqJoM+drcNfUdv/S6HTOh0KjQ8riJnzUYCOQlGVK6ocEOqP
hLWgTcONVDAZAoOKh2KwucJdrSsbyzVBJJeCWoMZyju3U9G/JJlclgOQ0wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFADboFUoZcYaeAF71/E9nC57aREGMB8GA1UdIwQY
MBaAFKagQ0vr5d+mPdp4wkpOvB0s1zadMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHFCRFMtdmwzNlk5Mm5qQ1NrNjhIU3pYTnAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9kODM5OGUtMjMyYy00NWMyLWI4ZTAt
OWNlNDc2N2RhMmMxLzEvQU51Z1ZTaGx4aHA0QVh2WDhUMmNMbnRwRVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9kODM5OGUtMjMyYy00NWMyLWI4ZTAtOWNlNDc2N2RhMmMx
LzEvcHFCRFMtdmwzNlk5Mm5qQ1NrNjhIU3pYTnAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuRj4AwQC
uZU4AwQCucNcMA0EAgACMAcDBQMqClbAMA0GCSqGSIb3DQEBCwUAA4IBAQBuuPUp
xCjufBIksWF+dN5j/8m69blyessUQOhkKnTQfYkHNMQnnTpxE9RTECPe42w0L8vk
QS5gjh1b5IH8PDakIS5NDysXEJzahKhzRbxmEK/yWtFI1EraP8no/SSgkzZF5cl9
EcnuUSk5eVt/797newSO5cMXCtVftsqZilnVfQ8fQTZxik7eqp7aI9mpBUDz2eyh
DsbiHpiN4psv+E8vvVTJMesEf5mQVQ35iqXZ34M6YkIAwm3IONMsdFYtQLKyhcei
mLMv/4i5jcUXJoSUc5beYY/Y70LqnYvnnmc97t/taZ0sauPnrJ3epfm+NvaMvQd4
LLosyEeCzIUhJbZO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:41 2024 by rpki-client on console-ams.rpki-client.org