Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/bDmpuQYn9BuDLErflk3RspTqdis.roa
File:                     bDmpuQYn9BuDLErflk3RspTqdis.roa (raw, json)
Hash identifier:          +Ph1flofIRnVATe1+DXhhiMmz8tMwrj3F1iln7OdC5k=
Subject key identifier:   6C:39:A9:B9:06:27:F4:1B:83:2C:4A:DF:96:4D:D1:B2:94:EA:76:2B
Certificate issuer:       /CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Certificate serial:       018ED387F73755323773F691893A18B8993B
Authority key identifier: 7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/bDmpuQYn9BuDLErflk3RspTqdis.roa
Signing time:             Fri 12 Apr 2024 18:18:06 +0000
ROA not before:           Fri 12 Apr 2024 18:18:06 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     201642
IP address blocks:        121.127.36.0/24 maxlen: 24
                          185.249.100.0/23 maxlen: 23
                          185.249.102.0/23 maxlen: 23
                          194.164.0.0/23 maxlen: 23
                          2a14:3200:2a14::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 18 Apr 2024 10:04:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:d3:87:f7:37:55:32:37:73:f6:91:89:3a:18:b8:99:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
        Validity
            Not Before: Apr 12 18:18:06 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6c39a9b90627f41b832c4adf964dd1b294ea762b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:3a:ad:19:e5:5b:95:67:f8:e8:68:e2:60:02:
                    81:78:43:fc:0d:a2:29:cd:a8:3f:15:5a:6b:e6:0c:
                    00:e0:44:a1:80:49:49:c9:21:8f:a1:84:d1:82:3d:
                    4b:b8:47:91:23:02:aa:ee:f4:14:e8:cd:ab:92:3f:
                    05:53:8c:04:0d:05:2f:36:19:68:d2:33:9f:19:42:
                    60:e4:e3:13:38:25:32:ba:f4:e6:ed:95:10:a6:0b:
                    ed:21:84:53:09:b0:c7:d4:a2:c0:35:05:58:24:f0:
                    78:04:3e:da:43:aa:6c:6c:da:8e:e9:8c:00:04:45:
                    0e:b8:09:18:9a:30:2d:02:3a:a4:9b:71:0c:b5:44:
                    d2:fa:04:32:0c:76:16:38:75:b6:d0:36:14:52:6c:
                    76:15:c8:60:ff:0e:39:47:dc:ab:88:87:7f:9f:30:
                    6c:81:97:4d:4c:c1:1c:c9:2f:d9:35:3b:93:cf:1e:
                    f2:9e:d9:44:51:96:1f:92:a4:f4:85:f0:71:df:67:
                    b4:c0:3f:2b:7f:88:ea:4b:96:99:4c:77:92:17:37:
                    fe:2d:92:b5:e9:a1:dc:e2:71:2b:ed:5b:a1:da:23:
                    80:e3:52:26:ea:a5:2f:d1:0f:c6:ed:3b:2d:dd:27:
                    48:42:1b:ac:e4:e4:1f:48:ec:b9:3b:ad:42:40:75:
                    f6:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:39:A9:B9:06:27:F4:1B:83:2C:4A:DF:96:4D:D1:B2:94:EA:76:2B
            X509v3 Authority Key Identifier:
                keyid:7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/bDmpuQYn9BuDLErflk3RspTqdis.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/ffkEqxQGbHqf5hpSHVSSoOUpZco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  121.127.36.0/24
                  185.249.100.0/22
                  194.164.0.0/23
                IPv6:
                  2a14:3200:2a14::/48

    Signature Algorithm: sha256WithRSAEncryption
         63:72:96:ad:95:9a:3c:26:6f:93:8c:9e:29:dd:f7:d3:7c:ca:
         0a:d1:a4:57:02:2f:c0:7a:16:75:f9:b4:9b:54:09:d4:18:72:
         cb:10:f8:0a:bb:aa:ca:4a:c6:c4:e4:5c:05:ac:ea:99:8b:d2:
         e5:ce:31:99:cf:03:2e:fc:73:d3:2d:00:36:30:23:2e:32:68:
         8d:5d:90:c0:74:7c:b0:e1:a9:8c:b7:5f:2e:3d:5f:a8:30:ea:
         3c:5f:90:36:b2:81:fe:79:67:43:91:32:42:17:4a:4c:9e:9b:
         91:ec:36:9c:49:cc:4d:99:49:4d:84:ff:6b:55:27:69:1b:c1:
         36:bf:d9:08:cf:dc:3b:72:68:76:19:42:5c:9e:d8:ea:48:56:
         58:93:95:ad:a2:e7:6f:7d:67:23:93:dc:91:57:f3:d7:86:f2:
         eb:1f:36:e5:95:b0:2f:cf:9f:44:75:8a:e7:9a:1f:62:e8:d2:
         ae:d2:05:ea:b5:da:e6:2c:30:f9:c7:09:a2:ba:f1:04:27:0e:
         07:fa:19:6e:19:8c:86:55:f2:b5:d4:f6:32:76:b9:7e:c9:b2:
         3d:58:16:6e:97:04:9b:b6:a2:4a:1a:60:a2:20:53:d3:05:5e:
         59:a8:fa:74:5b:07:fc:3a:cb:ee:a9:cb:8c:7c:fc:bd:df:42:
         35:fe:f6:b1
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY7Th/c3VTI3c/aRiToYuJk7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjkwNGFiMTQwNjZjN2E5ZmU2MWE1MjFkNTQ5MmEwZTUy
OTY1Y2EwHhcNMjQwNDEyMTgxODA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzM5YTliOTA2MjdmNDFiODMyYzRhZGY5NjRkZDFiMjk0ZWE3NjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTqtGeVblWf46GjiYAKBeEP8DaIp
zag/FVpr5gwA4EShgElJySGPoYTRgj1LuEeRIwKq7vQU6M2rkj8FU4wEDQUvNhlo
0jOfGUJg5OMTOCUyuvTm7ZUQpgvtIYRTCbDH1KLANQVYJPB4BD7aQ6psbNqO6YwA
BEUOuAkYmjAtAjqkm3EMtUTS+gQyDHYWOHW20DYUUmx2Fchg/w45R9yriId/nzBs
gZdNTMEcyS/ZNTuTzx7yntlEUZYfkqT0hfBx32e0wD8rf4jqS5aZTHeSFzf+LZK1
6aHc4nEr7Vuh2iOA41Im6qUv0Q/G7Tst3SdIQhus5OQfSOy5O61CQHX2XwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGw5qbkGJ/QbgyxK35ZN0bKU6nYrMB8GA1UdIwQY
MBaAFH35BKsUBmx6n+YaUh1UkqDlKWXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYt
M2I0NDVmMjlmNWI3LzEvYkRtcHVRWW45QnVETEVyZmxrM1JzcFRxZGlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYtM2I0NDVmMjlmNWI3
LzEvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAeX8kAwQC
uflkAwQBwqQAMA8EAgACMAkDBwAqFDIAKhQwDQYJKoZIhvcNAQELBQADggEBAGNy
lq2Vmjwmb5OMnind99N8ygrRpFcCL8B6FnX5tJtUCdQYcssQ+Aq7qspKxsTkXAWs
6pmL0uXOMZnPAy78c9MtADYwIy4yaI1dkMB0fLDhqYy3Xy49X6gw6jxfkDaygf55
Z0ORMkIXSkyem5HsNpxJzE2ZSU2E/2tVJ2kbwTa/2QjP3DtyaHYZQlye2OpIVliT
la2i5299ZyOT3JFX89eG8usfNuWVsC/Pn0R1iueaH2Lo0q7SBeq12uYsMPnHCaK6
8QQnDgf6GW4ZjIZV8rXU9jJ2uX7Jsj1YFm6XBJu2okoaYKIgU9MFXlmo+nRbB/w6
y+6py4x8/L3fQjX+9rE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:52 2024 by rpki-client on console-fra.rpki-client.org