Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/e1e670-626a-4c15-a669-6fe1494fbc2c/1/c6HJlPo-TOoOYzPQdITE5oZDSlg.roa
File:                     c6HJlPo-TOoOYzPQdITE5oZDSlg.roa (raw, json)
Hash identifier:          wYhgDuOAAM3IjFe7vZRh0JY7IJueljn7Awi6fcUBxPM=
Subject key identifier:   73:A1:C9:94:FA:3E:4C:EA:0E:63:33:D0:74:84:C4:E6:86:43:4A:58
Certificate issuer:       /CN=cf5de5f4fec16f516f0bc4d631c2627663f905f3
Certificate serial:       018571FA2038AEB779E93360AD4E68DA8BDA
Authority key identifier: CF:5D:E5:F4:FE:C1:6F:51:6F:0B:C4:D6:31:C2:62:76:63:F9:05:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z13l9P7Bb1FvC8TWMcJidmP5BfM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/e1e670-626a-4c15-a669-6fe1494fbc2c/1/c6HJlPo-TOoOYzPQdITE5oZDSlg.roa
Signing time:             Mon 02 Jan 2023 10:14:55 +0000
ROA not before:           Mon 02 Jan 2023 10:14:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197082
IP address blocks:        185.75.216.0/22 maxlen: 22
                          91.217.225.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:fa:20:38:ae:b7:79:e9:33:60:ad:4e:68:da:8b:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf5de5f4fec16f516f0bc4d631c2627663f905f3
        Validity
            Not Before: Jan  2 10:14:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=73a1c994fa3e4cea0e6333d07484c4e686434a58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:7c:a7:95:24:25:0a:ae:60:1e:d4:a0:55:3b:
                    4a:18:38:a9:60:99:2e:5e:f6:a8:ee:43:ba:2e:eb:
                    e7:b8:87:c3:01:34:f5:2d:43:d8:57:26:ae:d0:87:
                    cd:63:b6:10:27:71:05:56:54:06:5e:32:ac:4f:f5:
                    94:1a:c1:df:f9:60:5e:a1:6e:21:d3:c3:e5:e4:29:
                    35:3d:73:4a:05:46:ce:b5:70:9d:47:35:13:28:bf:
                    2f:32:27:4d:09:6a:f8:44:f8:2a:c0:ab:ee:6e:b1:
                    d9:89:73:3c:00:31:96:f0:52:67:a7:6c:9a:f9:3b:
                    86:3b:6b:05:07:4c:d9:60:a8:a9:18:fd:bb:e1:71:
                    f2:b3:d7:6a:2b:64:c0:7d:32:1d:5e:37:f7:80:8e:
                    b5:77:9e:33:e9:be:ad:34:10:58:37:05:f8:fb:c0:
                    3b:ee:6a:be:91:1d:ec:c4:81:fe:bf:74:2e:d0:cd:
                    66:50:da:08:c1:f8:ea:bf:93:e7:f5:74:08:5d:d8:
                    b5:b9:88:f0:84:29:a4:ca:1b:29:73:b8:28:9a:47:
                    bb:a0:c6:0b:50:30:9a:dd:b8:d7:6a:77:c1:7e:81:
                    ad:1e:59:16:eb:4e:4b:a7:04:93:8f:75:75:ab:d8:
                    4a:97:59:3e:a2:62:df:fc:79:76:6c:c1:0a:c5:0e:
                    24:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:A1:C9:94:FA:3E:4C:EA:0E:63:33:D0:74:84:C4:E6:86:43:4A:58
            X509v3 Authority Key Identifier:
                keyid:CF:5D:E5:F4:FE:C1:6F:51:6F:0B:C4:D6:31:C2:62:76:63:F9:05:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z13l9P7Bb1FvC8TWMcJidmP5BfM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/e1e670-626a-4c15-a669-6fe1494fbc2c/1/c6HJlPo-TOoOYzPQdITE5oZDSlg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/e1e670-626a-4c15-a669-6fe1494fbc2c/1/z13l9P7Bb1FvC8TWMcJidmP5BfM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.217.225.0/24
                  185.75.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         70:93:80:0d:88:81:14:ea:ae:c0:b6:26:4d:e3:20:c6:f0:eb:
         3b:14:bf:92:5e:71:71:12:81:98:0b:92:2e:86:f8:bf:44:26:
         82:49:e8:ed:a0:23:56:52:1e:90:9a:6e:d8:6f:f5:4e:35:f2:
         5b:d2:e2:98:4b:cc:a7:cf:4f:8a:da:b3:4d:85:e6:e0:e8:58:
         8f:ea:2b:0b:8b:2f:d9:e6:07:a2:ca:94:e9:8a:0e:75:0c:89:
         11:4e:09:47:2d:53:bb:ed:1c:17:c9:47:12:37:57:09:df:40:
         38:76:40:f8:33:d6:84:92:31:50:c3:c0:ce:00:7c:7d:49:f1:
         02:6b:b2:b9:18:a8:d3:9d:fd:ec:1f:f9:ff:cd:fd:63:84:de:
         3f:72:5a:36:f8:dc:33:22:37:a1:96:3a:84:52:91:91:b5:fa:
         ea:93:db:a1:41:b6:24:f4:7e:52:34:30:ce:d7:b8:e1:8b:1c:
         f2:cc:6a:17:59:3d:2e:53:39:ae:97:26:05:e2:63:c7:66:1f:
         cb:c1:a3:44:ed:37:70:e9:96:9e:f7:1e:94:ec:05:60:dc:8d:
         a4:af:3f:b5:49:a1:a9:3c:7e:bf:cc:35:e1:8d:01:5c:7d:b9:
         7a:e8:45:ca:73:6f:ff:45:a5:60:3b:a7:fe:97:cf:0a:3d:43:
         f5:10:30:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx+iA4rrd56TNgrU5o2ovaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNWRlNWY0ZmVjMTZmNTE2ZjBiYzRkNjMxYzI2Mjc2NjNm
OTA1ZjMwHhcNMjMwMTAyMTAxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2ExYzk5NGZhM2U0Y2VhMGU2MzMzZDA3NDg0YzRlNjg2NDM0YTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3ynlSQlCq5gHtSgVTtKGDipYJku
Xvao7kO6LuvnuIfDATT1LUPYVyau0IfNY7YQJ3EFVlQGXjKsT/WUGsHf+WBeoW4h
08Pl5Ck1PXNKBUbOtXCdRzUTKL8vMidNCWr4RPgqwKvubrHZiXM8ADGW8FJnp2ya
+TuGO2sFB0zZYKipGP274XHys9dqK2TAfTIdXjf3gI61d54z6b6tNBBYNwX4+8A7
7mq+kR3sxIH+v3Qu0M1mUNoIwfjqv5Pn9XQIXdi1uYjwhCmkyhspc7gomke7oMYL
UDCa3bjXanfBfoGtHlkW605LpwSTj3V1q9hKl1k+omLf/Hl2bMEKxQ4kewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHOhyZT6PkzqDmMz0HSExOaGQ0pYMB8GA1UdIwQY
MBaAFM9d5fT+wW9RbwvE1jHCYnZj+QXzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejEzbDlQN0JiMUZ2QzhUV01jSmlkbVA1QmZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9lMWU2NzAtNjI2YS00YzE1LWE2Njkt
NmZlMTQ5NGZiYzJjLzEvYzZISmxQby1UT29PWXpQUWRJVEU1b1pEU2xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9lMWU2NzAtNjI2YS00YzE1LWE2NjktNmZlMTQ5NGZiYzJj
LzEvejEzbDlQN0JiMUZ2QzhUV01jSmlkbVA1QmZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9nhAwQC
uUvYMA0GCSqGSIb3DQEBCwUAA4IBAQBwk4ANiIEU6q7AtiZN4yDG8Os7FL+SXnFx
EoGYC5Iuhvi/RCaCSejtoCNWUh6Qmm7Yb/VONfJb0uKYS8ynz0+K2rNNhebg6FiP
6isLiy/Z5geiypTpig51DIkRTglHLVO77RwXyUcSN1cJ30A4dkD4M9aEkjFQw8DO
AHx9SfECa7K5GKjTnf3sH/n/zf1jhN4/clo2+NwzIjehljqEUpGRtfrqk9uhQbYk
9H5SNDDO17jhixzyzGoXWT0uUzmulyYF4mPHZh/LwaNE7Tdw6Zae9x6U7AVg3I2k
rz+1SaGpPH6/zDXhjQFcfbl66EXKc2//RaVgO6f+l88KPUP1EDCh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:16 2024 by rpki-client on console-fra.rpki-client.org