Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/eafefe-787d-4b2d-b530-8af05ae3192c/1/D3mBeNuADFKDeExms_U-_YFxYLA.roa
File:                     D3mBeNuADFKDeExms_U-_YFxYLA.roa (raw, json)
Hash identifier:          UVEv+ayXph6YpkbroL92/hLKje5Ct0u/rUV8MFGo8SM=
Subject key identifier:   0F:79:81:78:DB:80:0C:52:83:78:4C:66:B3:F5:3E:FD:81:71:60:B0
Certificate issuer:       /CN=ebe324c4fff07240eeb1f00e63e635f7cb902f98
Certificate serial:       01857079A62D3EA8959D7D7C1BC0B69C6EF0
Authority key identifier: EB:E3:24:C4:FF:F0:72:40:EE:B1:F0:0E:63:E6:35:F7:CB:90:2F:98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6-MkxP_wckDusfAOY-Y198uQL5g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/eafefe-787d-4b2d-b530-8af05ae3192c/1/D3mBeNuADFKDeExms_U-_YFxYLA.roa
Signing time:             Mon 02 Jan 2023 03:14:58 +0000
ROA not before:           Mon 02 Jan 2023 03:14:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60764
IP address blocks:        185.174.192.0/24 maxlen: 32
                          185.174.195.0/24 maxlen: 32
                          185.174.193.0/24 maxlen: 32
                          185.174.194.0/24 maxlen: 32
                          86.62.14.0/24 maxlen: 32
                          86.62.15.0/24 maxlen: 32
                          86.62.12.0/24 maxlen: 32
                          86.62.13.0/24 maxlen: 32
                          2a0b:b500:f800::/48 maxlen: 48
                          2a0b:b500::/31 maxlen: 31
                          2a0b:b500:1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:79:a6:2d:3e:a8:95:9d:7d:7c:1b:c0:b6:9c:6e:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ebe324c4fff07240eeb1f00e63e635f7cb902f98
        Validity
            Not Before: Jan  2 03:14:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0f798178db800c5283784c66b3f53efd817160b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:bd:b5:24:dd:b1:4e:26:1e:e3:f5:6f:fd:69:
                    e6:9d:f5:54:ec:2a:8f:cd:22:e8:ef:fd:0d:82:41:
                    28:05:fb:d5:91:e7:54:38:2d:41:8a:1c:e5:d6:37:
                    42:dc:de:a8:b3:3b:bc:94:37:9a:dd:75:b5:d0:ac:
                    64:ca:a7:b0:74:bd:d2:11:e7:76:fd:6e:c1:d4:59:
                    6a:8b:1c:97:bc:9c:6d:c5:e5:45:98:f8:df:b8:e9:
                    c5:91:0d:22:31:bb:0e:6a:46:a6:d9:70:ef:b9:83:
                    cf:2e:ff:fc:eb:d7:eb:3d:f6:c4:08:fb:97:9c:24:
                    22:61:b0:57:a7:14:06:9a:9d:35:3a:59:75:32:77:
                    ae:bd:66:5f:e4:17:ff:d0:de:4c:ab:a8:0f:9e:1d:
                    5c:99:df:bd:ed:ca:10:86:5f:ec:95:93:06:d8:05:
                    1d:99:98:b2:5d:c1:61:81:6d:8f:c0:57:12:9c:a8:
                    b2:87:55:23:e7:6e:5a:cd:1b:9f:bd:5d:63:c7:0e:
                    27:a6:d2:26:34:6a:ba:d7:c6:3e:4f:14:11:f1:96:
                    27:3a:4e:6a:b0:76:5f:e2:06:ca:39:71:49:62:aa:
                    27:e8:5d:10:12:dd:9d:b5:7d:a5:31:57:a0:d0:b2:
                    13:20:66:65:af:fe:a8:6c:13:fc:be:52:da:3d:20:
                    79:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:79:81:78:DB:80:0C:52:83:78:4C:66:B3:F5:3E:FD:81:71:60:B0
            X509v3 Authority Key Identifier:
                keyid:EB:E3:24:C4:FF:F0:72:40:EE:B1:F0:0E:63:E6:35:F7:CB:90:2F:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-MkxP_wckDusfAOY-Y198uQL5g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/eafefe-787d-4b2d-b530-8af05ae3192c/1/D3mBeNuADFKDeExms_U-_YFxYLA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/eafefe-787d-4b2d-b530-8af05ae3192c/1/6-MkxP_wckDusfAOY-Y198uQL5g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.62.12.0/22
                  185.174.192.0/22
                IPv6:
                  2a0b:b500::/31

    Signature Algorithm: sha256WithRSAEncryption
         78:a8:12:0b:f4:68:48:c2:9e:c0:de:aa:71:5b:d9:b4:c0:f1:
         b8:de:91:08:c6:ed:2b:d4:27:05:57:c0:e1:08:de:aa:dd:d0:
         75:bb:09:9d:1c:52:af:93:5e:91:f9:67:b5:8c:fd:83:4f:7f:
         c1:0b:82:95:2c:fd:70:23:8c:a0:d6:f3:54:51:ef:72:76:8b:
         34:0c:8d:cd:90:46:29:53:a5:d4:a7:f0:90:cf:68:4f:44:1b:
         e5:33:72:c2:c8:c4:fc:9e:62:c5:18:46:ec:69:9d:9b:7f:0d:
         b4:9e:4b:e7:4b:0f:b7:e4:e3:26:fb:4a:54:1f:c9:c3:5a:12:
         58:b0:e8:5a:c4:56:e9:91:be:5f:a6:c0:95:29:52:bc:3b:f7:
         f4:25:64:10:1c:a8:6e:16:82:3d:d1:8a:95:af:b0:85:97:96:
         c2:39:84:e9:ff:b7:8a:67:aa:84:62:f0:7d:31:66:57:45:93:
         45:31:73:20:e0:42:79:c9:20:64:fd:b4:ae:df:0b:1f:68:e7:
         b2:2a:d7:9f:a6:e7:20:c0:40:49:12:dd:04:bf:86:41:2e:7c:
         b7:44:a5:3c:9b:95:d0:ab:42:b3:f1:e5:81:43:df:9b:a7:c3:
         bd:0c:16:6b:df:37:4a:e0:23:1e:b1:9f:99:7f:2f:4b:c0:36:
         1b:6e:9b:90
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVweaYtPqiVnX18G8C2nG7wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZTMyNGM0ZmZmMDcyNDBlZWIxZjAwZTYzZTYzNWY3Y2I5
MDJmOTgwHhcNMjMwMTAyMDMxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjc5ODE3OGRiODAwYzUyODM3ODRjNjZiM2Y1M2VmZDgxNzE2MGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgb21JN2xTiYe4/Vv/WnmnfVU7CqP
zSLo7/0NgkEoBfvVkedUOC1Bihzl1jdC3N6oszu8lDea3XW10KxkyqewdL3SEed2
/W7B1FlqixyXvJxtxeVFmPjfuOnFkQ0iMbsOakam2XDvuYPPLv/869frPfbECPuX
nCQiYbBXpxQGmp01Oll1MneuvWZf5Bf/0N5Mq6gPnh1cmd+97coQhl/slZMG2AUd
mZiyXcFhgW2PwFcSnKiyh1Uj525azRufvV1jxw4nptImNGq618Y+TxQR8ZYnOk5q
sHZf4gbKOXFJYqon6F0QEt2dtX2lMVeg0LITIGZlr/6obBP8vlLaPSB5nwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA95gXjbgAxSg3hMZrP1Pv2BcWCwMB8GA1UdIwQY
MBaAFOvjJMT/8HJA7rHwDmPmNffLkC+YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi1Na3hQX3dja0R1c2ZBT1ktWTE5OHVRTDVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9lYWZlZmUtNzg3ZC00YjJkLWI1MzAt
OGFmMDVhZTMxOTJjLzEvRDNtQmVOdUFERktEZUV4bXNfVS1fWUZ4WUxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9lYWZlZmUtNzg3ZC00YjJkLWI1MzAtOGFmMDVhZTMxOTJj
LzEvNi1Na3hQX3dja0R1c2ZBT1ktWTE5OHVRTDVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCVj4MAwQC
ua7AMA0EAgACMAcDBQEqC7UAMA0GCSqGSIb3DQEBCwUAA4IBAQB4qBIL9GhIwp7A
3qpxW9m0wPG43pEIxu0r1CcFV8DhCN6q3dB1uwmdHFKvk16R+We1jP2DT3/BC4KV
LP1wI4yg1vNUUe9ydos0DI3NkEYpU6XUp/CQz2hPRBvlM3LCyMT8nmLFGEbsaZ2b
fw20nkvnSw+35OMm+0pUH8nDWhJYsOhaxFbpkb5fpsCVKVK8O/f0JWQQHKhuFoI9
0YqVr7CFl5bCOYTp/7eKZ6qEYvB9MWZXRZNFMXMg4EJ5ySBk/bSu3wsfaOeyKtef
pucgwEBJEt0Ev4ZBLny3RKU8m5XQq0Kz8eWBQ9+bp8O9DBZr3zdK4CMesZ+Zfy9L
wDYbbpuQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:40 2024 by rpki-client on console-ams.rpki-client.org