Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bO0nNoEFu132Jdf4Ko69lnQvzsA.roa
File:                     bO0nNoEFu132Jdf4Ko69lnQvzsA.roa (raw, json)
Hash identifier:          TZfT5OahfD7eHFjCP0S5xnjbv9n61qodPmNMxy1cHdc=
Subject key identifier:   6C:ED:27:36:81:05:BB:5D:F6:25:D7:F8:2A:8E:BD:96:74:2F:CE:C0
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018CCA2A86D7392C68DC83912BCE02C13F24
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bO0nNoEFu132Jdf4Ko69lnQvzsA.roa
Signing time:             Tue 02 Jan 2024 12:33:53 +0000
ROA not before:           Tue 02 Jan 2024 12:33:53 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     205007
IP address blocks:        193.108.115.0/24 maxlen: 24
                          194.87.240.0/24 maxlen: 24
                          194.87.243.0/24 maxlen: 24
                          194.87.43.0/24 maxlen: 24
                          195.133.26.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 30 May 2024 08:28:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:86:d7:39:2c:68:dc:83:91:2b:ce:02:c1:3f:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan  2 12:33:53 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6ced27368105bb5df625d7f82a8ebd96742fcec0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:a1:a4:b1:b0:ea:03:fb:a2:4c:f5:d0:05:ed:
                    33:eb:c2:1d:bd:05:fa:3b:05:fd:11:ed:58:73:3f:
                    35:7e:b2:20:a2:ac:b4:51:d1:c6:b1:3b:98:6f:b5:
                    f1:6f:aa:65:b5:55:ae:50:43:ff:06:45:e6:59:2b:
                    f9:d0:73:e6:98:5f:f7:b8:aa:af:59:36:a1:71:94:
                    b9:d0:7e:05:d6:67:95:d1:85:39:d3:68:4c:59:bf:
                    4d:e0:49:b9:84:e3:20:94:2f:18:19:30:cb:7c:e9:
                    de:2b:8f:6f:41:a2:e9:2c:28:0d:ff:26:f4:1d:9f:
                    9a:79:d8:a1:b4:8c:88:86:49:2c:19:77:14:68:c8:
                    6f:c8:fa:1b:07:97:b9:ba:11:9e:b7:5c:b6:6b:aa:
                    c5:ad:7a:69:ad:35:33:db:02:e8:f5:dc:67:a6:ba:
                    07:f3:04:83:e1:61:3b:d5:0b:f9:fc:44:9b:34:11:
                    39:5a:cb:dd:2c:04:ee:58:ae:ce:a0:ef:24:14:75:
                    75:25:7d:3a:35:ca:65:83:26:4b:da:7e:76:86:06:
                    cb:05:68:4b:bd:88:39:87:c5:58:1d:2c:20:83:5a:
                    3e:a7:53:6e:b6:c9:ea:45:76:5a:02:bb:0d:9c:95:
                    5f:2d:6d:9f:79:44:5a:27:56:23:ef:0f:48:90:ba:
                    90:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:ED:27:36:81:05:BB:5D:F6:25:D7:F8:2A:8E:BD:96:74:2F:CE:C0
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bO0nNoEFu132Jdf4Ko69lnQvzsA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.108.115.0/24
                  194.87.43.0/24
                  194.87.240.0/24
                  194.87.243.0/24
                  195.133.26.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:ae:8b:9a:af:cb:6d:89:cd:0d:6a:e6:bb:ac:a4:a5:82:9e:
         07:ab:fb:f1:4d:36:6b:3f:71:4b:0d:37:e8:b8:64:0f:49:b9:
         f5:a2:e8:7f:29:83:27:de:7b:47:c2:2b:bd:75:01:bc:7a:57:
         48:b4:8d:34:1b:34:3b:6d:db:be:15:6c:0f:1f:57:12:32:0d:
         35:30:f8:ad:6c:e2:fd:f8:c7:16:d2:8b:10:b0:68:93:27:71:
         66:d5:8c:64:cc:38:84:07:b9:8a:c6:68:36:4f:54:6c:81:39:
         70:a7:dc:50:5d:7f:e8:d9:56:f8:08:01:97:88:ea:7f:d9:9e:
         c9:75:7a:42:aa:04:6c:68:17:fa:69:2f:29:c0:09:4a:59:f1:
         ac:23:89:12:64:5e:05:9b:6c:cf:63:4e:35:ec:45:72:5d:eb:
         f9:3f:72:d4:a9:d1:ed:d7:c5:87:af:58:ff:14:7f:fb:78:ab:
         ce:ff:d9:e2:5b:1b:9e:25:92:43:99:2b:95:a2:52:70:31:d7:
         2b:89:9f:2e:f8:f2:ee:38:d7:33:b0:5a:97:a0:06:bb:6b:47:
         cb:8d:af:37:7a:7f:e7:8a:8e:6e:3b:ec:30:a1:9e:1a:24:da:
         a4:ba:63:18:ef:ac:ae:2e:7c:b7:17:8e:5d:08:47:89:78:09:
         7a:5b:6c:8d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzKKobXOSxo3IORK84CwT8kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2VkMjczNjgxMDViYjVkZjYyNWQ3ZjgyYThlYmQ5Njc0MmZjZWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqGksbDqA/uiTPXQBe0z68IdvQX6
OwX9Ee1Ycz81frIgoqy0UdHGsTuYb7Xxb6pltVWuUEP/BkXmWSv50HPmmF/3uKqv
WTahcZS50H4F1meV0YU502hMWb9N4Em5hOMglC8YGTDLfOneK49vQaLpLCgN/yb0
HZ+aedihtIyIhkksGXcUaMhvyPobB5e5uhGet1y2a6rFrXpprTUz2wLo9dxnproH
8wSD4WE71Qv5/ESbNBE5WsvdLATuWK7OoO8kFHV1JX06NcplgyZL2n52hgbLBWhL
vYg5h8VYHSwgg1o+p1NutsnqRXZaArsNnJVfLW2feURaJ1Yj7w9IkLqQiwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGztJzaBBbtd9iXX+CqOvZZ0L87AMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYk8wbk5vRUZ1MTMySmRmNEtvNjlsblF2enNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwWxzAwQA
wlcrAwQAwlfwAwQAwlfzAwQAw4UaMA0GCSqGSIb3DQEBCwUAA4IBAQAbrouar8tt
ic0Naua7rKSlgp4Hq/vxTTZrP3FLDTfouGQPSbn1ouh/KYMn3ntHwiu9dQG8eldI
tI00GzQ7bdu+FWwPH1cSMg01MPitbOL9+McW0osQsGiTJ3Fm1YxkzDiEB7mKxmg2
T1RsgTlwp9xQXX/o2Vb4CAGXiOp/2Z7JdXpCqgRsaBf6aS8pwAlKWfGsI4kSZF4F
m2zPY0417EVyXev5P3LUqdHt18WHr1j/FH/7eKvO/9niWxueJZJDmSuVolJwMdcr
iZ8u+PLuONczsFqXoAa7a0fLja83en/nio5uO+wwoZ4aJNqkumMY76yuLny3F45d
CEeJeAl6W2yN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:21 2024 by rpki-client on console-fra.rpki-client.org