Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/6iqSW-KlJzLwvhUJICCUd689qBA.roa
File:                     6iqSW-KlJzLwvhUJICCUd689qBA.roa (raw, json)
Hash identifier:          a1F0bSd+FbEgnRcnByzni50CUm1yvCv23LrT6/04peQ=
Subject key identifier:   EA:2A:92:5B:E2:A5:27:32:F0:BE:15:09:20:20:94:77:AF:3D:A8:10
Certificate issuer:       /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial:       018DD4374667C8444220348862A9B18452F7
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/6iqSW-KlJzLwvhUJICCUd689qBA.roa
Signing time:             Fri 23 Feb 2024 04:26:48 +0000
ROA not before:           Fri 23 Feb 2024 04:26:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57175
IP address blocks:        82.115.8.0/23 maxlen: 24
                          188.253.0.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Wed 20 Mar 2024 13:14:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:d4:37:46:67:c8:44:42:20:34:88:62:a9:b1:84:52:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
        Validity
            Not Before: Feb 23 04:26:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ea2a925be2a52732f0be150920209477af3da810
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:e8:71:eb:b4:da:2b:b6:c2:d0:37:ce:d1:1f:
                    72:f2:8f:d6:1e:6f:27:68:47:fc:eb:25:8e:20:e3:
                    1c:b3:69:64:0e:6a:47:4e:1d:37:3f:ac:a8:a8:55:
                    da:8e:cb:98:c0:86:4f:16:05:15:1e:cb:42:55:18:
                    52:1a:6f:ea:50:b0:4a:e9:78:29:e4:83:8c:7d:b5:
                    b7:a7:6a:15:e7:30:bc:3e:f7:70:e0:bc:94:e1:5d:
                    5f:a1:b4:6a:dc:79:be:4d:0a:8a:2f:26:ba:0d:5e:
                    22:ff:4a:a8:13:99:55:ef:37:e9:05:71:3f:22:e9:
                    22:97:7f:74:67:d8:44:06:b8:50:d0:89:fc:28:be:
                    d1:99:73:52:38:d9:7b:09:02:9e:e0:95:be:94:d2:
                    eb:03:18:b0:dc:61:2b:01:d7:f6:46:4b:61:89:f5:
                    0a:09:64:34:9a:33:f3:04:b7:09:73:f9:da:5b:d3:
                    1f:2c:04:09:1e:09:1b:da:e6:df:b5:b2:57:9e:83:
                    1f:7b:fd:5f:37:d7:53:91:89:be:9b:34:99:37:bc:
                    e8:07:d6:1d:97:ed:80:c0:70:e3:73:d0:9e:b9:7a:
                    62:73:68:85:d6:d7:80:ab:62:29:95:ae:4e:03:13:
                    e3:03:e8:da:c9:fd:e9:78:dc:e1:19:22:05:9e:a7:
                    a8:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:2A:92:5B:E2:A5:27:32:F0:BE:15:09:20:20:94:77:AF:3D:A8:10
            X509v3 Authority Key Identifier:
                keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/6iqSW-KlJzLwvhUJICCUd689qBA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.115.8.0/23
                  188.253.0.0/23

    Signature Algorithm: sha256WithRSAEncryption
         df:7c:5a:a6:d2:e7:9f:ef:33:97:fc:85:4d:99:15:87:39:2e:
         b8:0e:4d:6c:f9:4d:c0:21:8f:93:63:cf:7e:47:9f:6b:59:01:
         ce:b3:b3:85:3d:5d:d7:f2:bf:2c:cc:6d:55:c2:5a:65:ae:ed:
         4b:89:55:9a:a4:b6:61:ec:79:83:b1:dd:06:09:61:62:e5:50:
         98:1a:74:03:b2:ec:da:40:a0:7b:ad:a1:59:0a:36:f0:e8:e7:
         f3:43:73:31:65:e6:87:78:93:c2:03:a5:5e:f0:14:fd:20:ee:
         09:ea:23:a5:d2:64:e2:6a:8c:a3:3d:3f:6e:ac:df:2e:6d:8f:
         71:50:61:e5:6a:4c:2a:19:c1:f6:30:ba:6e:2d:55:99:e4:0f:
         af:10:10:d1:99:b2:d3:d1:1e:fd:e1:31:b5:3d:ff:04:b4:73:
         bd:cd:3d:d2:46:53:e3:ed:49:30:41:15:9d:d2:1f:5a:2e:97:
         9d:bf:85:b8:fa:1c:cc:ac:65:cf:1d:ed:07:17:57:e2:19:ad:
         22:4f:7e:81:27:3f:16:25:c5:10:5e:86:87:bb:a2:5c:f0:df:
         f7:3c:97:a2:eb:ae:95:e5:79:6f:bb:38:fc:18:ac:45:a5:cf:
         4a:9c:cf:0b:6a:3b:93:d1:9b:ca:99:fc:eb:f7:f8:36:3e:98:
         43:1a:01:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3UN0ZnyERCIDSIYqmxhFL3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMjIzMDQyNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTJhOTI1YmUyYTUyNzMyZjBiZTE1MDkyMDIwOTQ3N2FmM2RhODEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlehx67TaK7bC0DfO0R9y8o/WHm8n
aEf86yWOIOMcs2lkDmpHTh03P6yoqFXajsuYwIZPFgUVHstCVRhSGm/qULBK6Xgp
5IOMfbW3p2oV5zC8Pvdw4LyU4V1fobRq3Hm+TQqKLya6DV4i/0qoE5lV7zfpBXE/
Iukil390Z9hEBrhQ0In8KL7RmXNSONl7CQKe4JW+lNLrAxiw3GErAdf2RkthifUK
CWQ0mjPzBLcJc/naW9MfLAQJHgkb2ubftbJXnoMfe/1fN9dTkYm+mzSZN7zoB9Yd
l+2AwHDjc9CeuXpic2iF1teAq2Ipla5OAxPjA+jayf3peNzhGSIFnqeoGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOoqklvipScy8L4VCSAglHevPagQMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvNmlxU1ctS2xKekx3dmhVSklDQ1VkNjg5cUJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUnMIAwQB
vP0AMA0GCSqGSIb3DQEBCwUAA4IBAQDffFqm0uef7zOX/IVNmRWHOS64Dk1s+U3A
IY+TY89+R59rWQHOs7OFPV3X8r8szG1Vwlplru1LiVWapLZh7HmDsd0GCWFi5VCY
GnQDsuzaQKB7raFZCjbw6OfzQ3MxZeaHeJPCA6Ve8BT9IO4J6iOl0mTiaoyjPT9u
rN8ubY9xUGHlakwqGcH2MLpuLVWZ5A+vEBDRmbLT0R794TG1Pf8EtHO9zT3SRlPj
7UkwQRWd0h9aLpedv4W4+hzMrGXPHe0HF1fiGa0iT36BJz8WJcUQXoaHu6Jc8N/3
PJei666V5Xlvuzj8GKxFpc9KnM8LajuT0ZvKmfzr9/g2PphDGgGJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:15 2024 by rpki-client on console-ams.rpki-client.org