Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/b8b606-c65a-409a-ba8d-cf1a5d8e5f6d/1/wLasK9jJsFS8fuyra4uDFTVRwAA.roa
File:                     wLasK9jJsFS8fuyra4uDFTVRwAA.roa (raw, json)
Hash identifier:          oy/GoeONEb1uFZYaLKMdteGQthShRDlQjXWUcqOYK5k=
Subject key identifier:   C0:B6:AC:2B:D8:C9:B0:54:BC:7E:EC:AB:6B:8B:83:15:35:51:C0:00
Certificate issuer:       /CN=40cf69cca2c86e194754788edcd88e352ed4e11c
Certificate serial:       0185730CCAC7BE9BB2F06ADF522B568D84EB
Authority key identifier: 40:CF:69:CC:A2:C8:6E:19:47:54:78:8E:DC:D8:8E:35:2E:D4:E1:1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QM9pzKLIbhlHVHiO3NiONS7U4Rw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/b8b606-c65a-409a-ba8d-cf1a5d8e5f6d/1/wLasK9jJsFS8fuyra4uDFTVRwAA.roa
Signing time:             Mon 02 Jan 2023 15:14:56 +0000
ROA not before:           Mon 02 Jan 2023 15:14:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15404
IP address blocks:        176.119.201.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:0c:ca:c7:be:9b:b2:f0:6a:df:52:2b:56:8d:84:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40cf69cca2c86e194754788edcd88e352ed4e11c
        Validity
            Not Before: Jan  2 15:14:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c0b6ac2bd8c9b054bc7eecab6b8b83153551c000
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:7e:17:e9:67:3c:14:c1:b0:0f:be:2f:5a:2b:
                    a1:90:29:e3:dd:da:1b:c8:30:60:0e:d9:be:f4:cd:
                    a7:96:18:af:4d:42:8e:1c:29:e9:e5:e4:c3:b3:1e:
                    61:af:1b:bc:38:33:ef:5d:cc:65:9f:e1:8e:aa:ac:
                    ac:d8:bb:fa:db:77:63:94:a2:1d:9b:61:b7:d7:70:
                    45:71:61:ce:41:04:05:e5:e6:5d:0e:a3:60:81:8a:
                    2d:0b:ad:f3:58:8c:1d:26:33:9e:36:77:fb:7f:f2:
                    82:cb:50:d7:62:57:9a:d9:c8:8b:e3:8f:cb:71:0f:
                    9c:4c:11:59:8e:94:d1:f8:7b:13:f8:06:8a:c6:3d:
                    e0:4c:31:54:2d:b6:16:67:af:05:cf:ca:fb:0e:4b:
                    34:20:16:ce:8f:85:4e:75:4a:cb:cf:72:fd:68:9f:
                    a5:56:fd:c6:72:b5:22:62:65:8d:f2:c6:eb:a8:11:
                    e4:79:e2:e4:ff:b7:7d:1a:d5:ba:9b:9e:32:2d:23:
                    17:b7:4b:34:55:fb:0e:5f:75:bd:42:70:5f:c1:6a:
                    98:48:00:49:9a:d5:7d:e6:8d:44:35:48:94:b7:52:
                    9e:ff:ec:3d:38:d6:0d:bd:9b:d3:e4:bc:59:21:b1:
                    8b:ae:56:5d:77:76:04:95:c7:21:8e:98:0d:66:9b:
                    21:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:B6:AC:2B:D8:C9:B0:54:BC:7E:EC:AB:6B:8B:83:15:35:51:C0:00
            X509v3 Authority Key Identifier:
                keyid:40:CF:69:CC:A2:C8:6E:19:47:54:78:8E:DC:D8:8E:35:2E:D4:E1:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QM9pzKLIbhlHVHiO3NiONS7U4Rw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b8b606-c65a-409a-ba8d-cf1a5d8e5f6d/1/wLasK9jJsFS8fuyra4uDFTVRwAA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b8b606-c65a-409a-ba8d-cf1a5d8e5f6d/1/QM9pzKLIbhlHVHiO3NiONS7U4Rw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.119.201.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:d1:54:62:de:08:f0:4b:8f:d3:92:f7:5e:99:e8:be:d5:45:
         18:d4:ce:32:11:54:d6:b3:c5:ee:63:8d:17:fe:9e:f9:fe:21:
         f0:5c:23:d9:ab:e2:2e:b9:c0:11:de:cf:19:28:15:b0:df:78:
         75:25:c5:e0:53:20:91:72:40:96:62:07:4b:17:aa:76:a1:d9:
         2a:8d:3c:fa:35:a3:de:94:b4:d7:cc:ef:9c:eb:d2:b4:34:e3:
         83:79:1e:54:47:f5:27:87:e5:6c:63:9a:1d:92:7e:57:e0:14:
         96:f9:59:60:15:e6:a0:8b:8c:a0:69:82:bf:77:02:bd:92:56:
         46:00:cc:2c:9f:89:d8:67:e7:8f:81:70:81:04:e2:c4:68:31:
         48:2e:24:be:88:56:3f:20:e0:cc:cf:7f:7e:19:21:db:e2:69:
         6f:77:26:cb:26:bb:98:de:15:77:6a:b1:6c:ea:0d:f8:b9:dc:
         ff:09:dc:69:af:24:8b:be:83:cc:65:64:36:03:6f:dd:22:3a:
         ba:9c:6b:e1:00:a2:bc:01:3c:2c:e9:f7:e1:10:35:68:21:9f:
         6b:ff:b2:09:a4:02:8e:27:55:9b:48:4f:a0:e9:91:06:7b:c5:
         65:c6:24:28:c5:eb:89:08:7e:32:f7:c3:bd:1c:4d:e5:67:b0:
         81:1d:87:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzDMrHvpuy8GrfUitWjYTrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwY2Y2OWNjYTJjODZlMTk0NzU0Nzg4ZWRjZDg4ZTM1MmVk
NGUxMWMwHhcNMjMwMTAyMTUxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGI2YWMyYmQ4YzliMDU0YmM3ZWVjYWI2YjhiODMxNTM1NTFjMDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo34X6Wc8FMGwD74vWiuhkCnj3dob
yDBgDtm+9M2nlhivTUKOHCnp5eTDsx5hrxu8ODPvXcxln+GOqqys2Lv623djlKId
m2G313BFcWHOQQQF5eZdDqNggYotC63zWIwdJjOeNnf7f/KCy1DXYlea2ciL44/L
cQ+cTBFZjpTR+HsT+AaKxj3gTDFULbYWZ68Fz8r7Dks0IBbOj4VOdUrLz3L9aJ+l
Vv3GcrUiYmWN8sbrqBHkeeLk/7d9GtW6m54yLSMXt0s0VfsOX3W9QnBfwWqYSABJ
mtV95o1ENUiUt1Ke/+w9ONYNvZvT5LxZIbGLrlZdd3YElcchjpgNZpshyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMC2rCvYybBUvH7sq2uLgxU1UcAAMB8GA1UdIwQY
MBaAFEDPacyiyG4ZR1R4jtzYjjUu1OEcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU05cHpLTEliaGxIVkhpTzNOaU9OUzdVNFJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9iOGI2MDYtYzY1YS00MDlhLWJhOGQt
Y2YxYTVkOGU1ZjZkLzEvd0xhc0s5akpzRlM4ZnV5cmE0dURGVFZSd0FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9iOGI2MDYtYzY1YS00MDlhLWJhOGQtY2YxYTVkOGU1ZjZk
LzEvUU05cHpLTEliaGxIVkhpTzNOaU9OUzdVNFJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHfJMA0G
CSqGSIb3DQEBCwUAA4IBAQAU0VRi3gjwS4/Tkvdemei+1UUY1M4yEVTWs8XuY40X
/p75/iHwXCPZq+IuucAR3s8ZKBWw33h1JcXgUyCRckCWYgdLF6p2odkqjTz6NaPe
lLTXzO+c69K0NOODeR5UR/Unh+VsY5odkn5X4BSW+VlgFeagi4ygaYK/dwK9klZG
AMwsn4nYZ+ePgXCBBOLEaDFILiS+iFY/IODMz39+GSHb4mlvdybLJruY3hV3arFs
6g34udz/CdxprySLvoPMZWQ2A2/dIjq6nGvhAKK8ATws6ffhEDVoIZ9r/7IJpAKO
J1WbSE+g6ZEGe8VlxiQoxeuJCH4y98O9HE3lZ7CBHYfb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:48 2024 by rpki-client on console-fra.rpki-client.org