Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DL6BuERVTIC2lOIgmnjONCXwV8o.roa
File:                     DL6BuERVTIC2lOIgmnjONCXwV8o.roa (raw, json)
Hash identifier:          U35VXwENEbTxPfwKPWXfAKMhpA8umO98Gbyuc9XzGzA=
Subject key identifier:   0C:BE:81:B8:44:55:4C:80:B6:94:E2:20:9A:78:CE:34:25:F0:57:CA
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018D81BCE05475643636E3DC83608D1D8C76
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DL6BuERVTIC2lOIgmnjONCXwV8o.roa
Signing time:             Wed 07 Feb 2024 04:04:15 +0000
ROA not before:           Wed 07 Feb 2024 04:04:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     7018
IP address blocks:        194.87.134.0/24 maxlen: 24
                          2a00:1c89::/32 maxlen: 32
                          2a00:1c8b::/32 maxlen: 32
                          2a00:1c8c::/32 maxlen: 32
                          2a00:1c8d::/32 maxlen: 32

Validation:               Failed, certificate revoked on Fri 16 Feb 2024 12:10:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:81:bc:e0:54:75:64:36:36:e3:dc:83:60:8d:1d:8c:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Feb  7 04:04:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0cbe81b844554c80b694e2209a78ce3425f057ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:d8:fd:b0:0a:f4:93:b2:62:9c:bf:63:6c:b9:
                    87:19:c4:2c:78:6d:4c:04:25:9b:aa:61:c1:0b:57:
                    68:33:6d:71:ea:10:53:3b:d8:a1:d7:e0:3b:99:b1:
                    15:d3:1c:36:52:ce:a8:b5:18:b2:7c:4a:da:a2:8d:
                    8d:b6:1e:3a:d1:77:85:fe:c9:1a:a6:d6:83:3b:1b:
                    db:13:29:a8:fa:37:30:65:2c:40:f6:05:e2:f4:05:
                    99:0a:00:6e:6f:33:b0:bc:2d:9a:df:96:e7:34:c6:
                    0f:bd:51:14:27:d0:27:50:da:0d:6c:56:89:af:dd:
                    0c:a3:23:39:fe:69:d0:08:fa:91:71:4a:b3:c8:12:
                    02:e1:43:da:c8:fa:0a:3e:d0:43:94:a2:0b:06:d6:
                    47:45:59:02:ee:34:7f:9d:86:26:c4:6d:57:f2:8e:
                    6b:03:bc:3d:ff:58:d9:22:8e:75:73:49:dd:ef:5e:
                    71:ae:2c:13:02:84:c1:1e:bc:64:5f:2b:83:35:46:
                    58:e1:71:64:a1:bd:a0:67:20:5e:98:7c:0b:37:06:
                    8b:e2:4e:1c:8e:62:ba:36:bb:c9:de:b9:98:f2:9b:
                    d7:9e:f7:da:59:4a:e6:44:a5:d2:86:a8:a7:8a:6d:
                    91:b2:18:c1:e8:9c:35:c0:64:ef:29:81:1f:83:64:
                    87:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:BE:81:B8:44:55:4C:80:B6:94:E2:20:9A:78:CE:34:25:F0:57:CA
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DL6BuERVTIC2lOIgmnjONCXwV8o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.134.0/24
                IPv6:
                  2a00:1c89::/32
                  2a00:1c8b::-2a00:1c8d:ffff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         28:48:7d:c3:0f:ae:f5:98:51:f8:0e:ea:7a:16:51:cd:c8:2c:
         77:1b:16:96:a4:7b:bc:a1:a7:f3:d5:ec:d5:b2:4d:99:1f:34:
         a3:ed:71:9b:48:f8:97:b4:32:7e:21:21:7d:1c:14:bc:d2:a4:
         5b:d0:47:fa:d1:fa:91:90:69:11:d4:0c:ce:3f:55:7c:fd:24:
         6d:51:fc:28:08:8a:cb:f6:f8:d3:da:3c:69:be:0a:09:4c:fa:
         23:45:ed:de:07:8e:71:0f:e8:69:56:b7:f5:9b:88:fa:1a:35:
         8b:6c:9e:eb:a6:1d:f0:0d:e7:99:aa:02:20:1c:19:9f:c7:50:
         34:0f:e2:c1:da:34:cc:f3:0b:38:ea:81:8a:47:29:93:6c:ab:
         02:ba:c2:d1:51:ac:64:8a:0e:0e:96:95:a6:e2:7b:3e:5a:c8:
         57:13:27:c6:79:3c:ce:c3:11:7e:14:75:9f:7a:13:75:9a:b1:
         42:f5:c8:51:b2:df:75:18:29:d4:2b:3d:b0:be:fa:83:8e:39:
         1f:b0:8f:35:47:de:4c:2e:94:9a:b0:e1:89:b2:38:8e:da:77:
         9a:f5:f3:20:5a:d3:ad:55:a0:e8:74:94:e6:9c:85:d4:8b:de:
         71:38:71:4d:45:b3:09:5f:a8:34:b4:f4:1f:12:93:3f:bc:64:
         7b:6d:67:a9
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAY2BvOBUdWQ2NuPcg2CNHYx2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjA3MDQwNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2JlODFiODQ0NTU0YzgwYjY5NGUyMjA5YTc4Y2UzNDI1ZjA1N2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9j9sAr0k7JinL9jbLmHGcQseG1M
BCWbqmHBC1doM21x6hBTO9ih1+A7mbEV0xw2Us6otRiyfEraoo2Nth460XeF/ska
ptaDOxvbEymo+jcwZSxA9gXi9AWZCgBubzOwvC2a35bnNMYPvVEUJ9AnUNoNbFaJ
r90MoyM5/mnQCPqRcUqzyBIC4UPayPoKPtBDlKILBtZHRVkC7jR/nYYmxG1X8o5r
A7w9/1jZIo51c0nd715xriwTAoTBHrxkXyuDNUZY4XFkob2gZyBemHwLNwaL4k4c
jmK6NrvJ3rmY8pvXnvfaWUrmRKXShqinim2RshjB6Jw1wGTvKYEfg2SHlwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFAy+gbhEVUyAtpTiIJp4zjQl8FfKMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvREw2QnVFUlZUSUMybE9JZ21uak9OQ1h3VjhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAMBAIAATAGAwQAwleGMB0E
AgACMBcDBQAqAByJMA4DBQAqAByLAwUBKgAcjDANBgkqhkiG9w0BAQsFAAOCAQEA
KEh9ww+u9ZhR+A7qehZRzcgsdxsWlqR7vKGn89Xs1bJNmR80o+1xm0j4l7QyfiEh
fRwUvNKkW9BH+tH6kZBpEdQMzj9VfP0kbVH8KAiKy/b409o8ab4KCUz6I0Xt3geO
cQ/oaVa39ZuI+ho1i2ye66Yd8A3nmaoCIBwZn8dQNA/iwdo0zPMLOOqBikcpk2yr
ArrC0VGsZIoODpaVpuJ7PlrIVxMnxnk8zsMRfhR1n3oTdZqxQvXIUbLfdRgp1Cs9
sL76g445H7CPNUfeTC6UmrDhibI4jtp3mvXzIFrTrVWg6HSU5pyF1IvecThxTUWz
CV+oNLT0HxKTP7xke21nqQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:10 2024 by rpki-client on console-fra.rpki-client.org