Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/BFUyHmx3x5iqBtNDR0uGFuOdX7k.roa
File:                     BFUyHmx3x5iqBtNDR0uGFuOdX7k.roa (raw, json)
Hash identifier:          DQ74FgAZXpA9oRbmeW7P1nTzitghgRz9KPuLtV2iBC4=
Subject key identifier:   04:55:32:1E:6C:77:C7:98:AA:06:D3:43:47:4B:86:16:E3:9D:5F:B9
Certificate issuer:       /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial:       018CC5006537077D97122C4F8F6A3913B4DB
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/BFUyHmx3x5iqBtNDR0uGFuOdX7k.roa
Signing time:             Mon 01 Jan 2024 12:29:46 +0000
ROA not before:           Mon 01 Jan 2024 12:29:46 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197033
IP address blocks:        185.232.192.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 27 May 2024 14:36:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:00:65:37:07:7d:97:12:2c:4f:8f:6a:39:13:b4:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
        Validity
            Not Before: Jan  1 12:29:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0455321e6c77c798aa06d343474b8616e39d5fb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:42:58:9f:a4:87:12:6b:36:d2:ed:27:76:3b:
                    00:96:e7:d7:1d:b0:dc:7c:50:48:f6:6c:de:23:e3:
                    c6:da:32:05:44:87:47:96:42:1b:7f:1d:ce:02:95:
                    8a:bd:e0:32:8a:60:27:70:c7:8f:2a:cb:a6:ae:41:
                    e9:b5:9c:a7:b7:d1:29:c8:af:42:a5:1c:87:a3:f7:
                    88:a7:36:50:08:c5:40:57:4d:e0:7a:34:a7:5c:0c:
                    e7:23:29:a6:14:98:36:3f:af:f9:62:b0:06:b7:e3:
                    e6:c2:e9:0a:60:f1:db:8a:73:ee:c0:58:0a:ce:6e:
                    c4:f6:a7:3f:72:94:74:94:1c:0d:1a:7f:d5:77:e9:
                    ff:a2:80:e8:bb:b2:c7:a8:da:49:5c:ad:59:71:be:
                    1c:67:b8:14:0f:95:f1:e2:3a:eb:00:ab:27:d5:35:
                    12:d9:b2:20:a1:0e:f5:81:2d:f2:69:91:ff:e3:4c:
                    3e:87:b6:a8:65:4b:9e:9e:92:47:34:c0:a7:70:24:
                    50:81:09:47:05:28:c1:cc:90:27:c4:8b:6b:87:19:
                    ab:5a:4e:43:93:f2:24:14:dd:1e:b6:09:32:75:64:
                    e2:da:88:db:90:17:c0:b2:52:46:fa:57:27:e5:4d:
                    aa:89:b2:ae:88:96:08:0b:f6:07:e4:30:5c:08:c8:
                    99:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:55:32:1E:6C:77:C7:98:AA:06:D3:43:47:4B:86:16:E3:9D:5F:B9
            X509v3 Authority Key Identifier:
                keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/BFUyHmx3x5iqBtNDR0uGFuOdX7k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.232.192.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:7d:98:4b:81:ea:ca:66:f3:76:ff:d8:33:cc:b7:8d:c5:2b:
         38:91:97:00:f9:a5:8d:9e:ab:0c:9a:60:95:7c:8f:da:0c:77:
         ed:59:55:d3:f1:29:8c:2f:01:4f:e6:5c:98:7c:68:10:38:0a:
         3c:8c:82:5f:0c:d1:c9:79:4a:16:0e:a7:da:85:7c:96:e6:88:
         ca:1c:b4:93:05:ee:a6:ad:5d:ad:2d:55:5a:35:b4:9a:07:43:
         d7:04:44:20:e8:a7:6e:22:fb:95:07:32:91:b6:53:47:84:e6:
         ec:39:f4:e4:95:d3:cc:53:29:b0:d4:22:e4:c1:51:7c:61:39:
         c6:66:d7:96:42:f3:3c:38:f6:d6:36:bb:7b:f8:a7:75:f6:a6:
         d8:2c:0e:8d:fe:50:1a:ce:3b:58:4c:3a:3e:d5:ea:35:ea:54:
         3e:d6:b8:f8:ce:29:6d:02:19:67:d6:5e:9c:9e:f6:b4:36:1e:
         79:91:bf:35:52:74:0f:3e:2d:ee:ea:92:59:7f:a2:8c:73:7b:
         0b:59:70:18:e0:8e:7b:25:60:9c:6c:5e:85:5b:d3:71:9a:f5:
         60:5b:96:cf:79:6a:65:46:9c:4e:a8:ed:9d:a3:3e:d8:b9:f0:
         2b:cb:6a:64:e6:a7:99:6a:75:5f:3d:df:a9:7c:80:cc:50:73:
         67:26:29:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAGU3B32XEixPj2o5E7TbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjQwMTAxMTIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDU1MzIxZTZjNzdjNzk4YWEwNmQzNDM0NzRiODYxNmUzOWQ1ZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUJYn6SHEms20u0ndjsAlufXHbDc
fFBI9mzeI+PG2jIFRIdHlkIbfx3OApWKveAyimAncMePKsumrkHptZynt9EpyK9C
pRyHo/eIpzZQCMVAV03gejSnXAznIymmFJg2P6/5YrAGt+PmwukKYPHbinPuwFgK
zm7E9qc/cpR0lBwNGn/Vd+n/ooDou7LHqNpJXK1Zcb4cZ7gUD5Xx4jrrAKsn1TUS
2bIgoQ71gS3yaZH/40w+h7aoZUuenpJHNMCncCRQgQlHBSjBzJAnxItrhxmrWk5D
k/IkFN0etgkydWTi2ojbkBfAslJG+lcn5U2qibKuiJYIC/YH5DBcCMiZqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFARVMh5sd8eYqgbTQ0dLhhbjnV+5MB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEvQkZVeUhteDN4NWlxQnRORFIwdUdGdU9kWDdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuejAMA0G
CSqGSIb3DQEBCwUAA4IBAQBffZhLgerKZvN2/9gzzLeNxSs4kZcA+aWNnqsMmmCV
fI/aDHftWVXT8SmMLwFP5lyYfGgQOAo8jIJfDNHJeUoWDqfahXyW5ojKHLSTBe6m
rV2tLVVaNbSaB0PXBEQg6KduIvuVBzKRtlNHhObsOfTkldPMUymw1CLkwVF8YTnG
ZteWQvM8OPbWNrt7+Kd19qbYLA6N/lAazjtYTDo+1eo16lQ+1rj4ziltAhln1l6c
nva0Nh55kb81UnQPPi3u6pJZf6KMc3sLWXAY4I57JWCcbF6FW9NxmvVgW5bPeWpl
RpxOqO2doz7YufAry2pk5qeZanVfPd+pfIDMUHNnJiku
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:51 2024 by rpki-client on console-fra.rpki-client.org