Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/6I1f8jlBmwDsUQPLYY_nVCakIbI.roa
File:                     6I1f8jlBmwDsUQPLYY_nVCakIbI.roa (raw, json)
Hash identifier:          PxBH6A6VCmd2maC0tJkHtDCPJdSe5Ip6dIsR4Fn9A24=
Subject key identifier:   E8:8D:5F:F2:39:41:9B:00:EC:51:03:CB:61:8F:E7:54:26:A4:21:B2
Certificate issuer:       /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial:       018BCD407CA3AE507251B4BB88D1D84DC615
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/6I1f8jlBmwDsUQPLYY_nVCakIbI.roa
Signing time:             Tue 14 Nov 2023 09:53:57 +0000
ROA not before:           Tue 14 Nov 2023 09:53:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208485
IP address blocks:        94.154.43.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 17 Nov 2023 12:42:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:cd:40:7c:a3:ae:50:72:51:b4:bb:88:d1:d8:4d:c6:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
        Validity
            Not Before: Nov 14 09:53:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e88d5ff239419b00ec5103cb618fe75426a421b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:82:7d:d5:d3:17:6b:7c:6a:3f:12:14:72:05:
                    3f:2e:78:04:18:8f:17:ea:74:f8:6b:34:14:0d:70:
                    ec:a9:fe:98:1d:93:0c:89:43:c7:c5:93:20:61:19:
                    b2:ce:4f:a3:69:77:8f:0a:70:98:44:8f:46:4f:98:
                    c8:5e:1e:25:11:08:35:c1:38:6f:91:ef:11:97:cb:
                    f2:fe:57:48:34:d2:4b:98:61:5a:2e:0d:9c:95:7d:
                    62:dd:ea:2b:52:43:e2:e7:5d:0d:9e:8f:8b:35:38:
                    0e:96:92:0d:db:8c:53:bd:88:f1:d4:ba:53:23:bb:
                    1b:58:21:d9:08:0c:34:4b:26:73:b4:aa:fd:4f:a5:
                    d3:a8:d8:0e:66:d0:6b:b4:8e:3f:8c:fa:cb:de:89:
                    fe:29:73:48:98:9d:0b:30:9d:11:1d:5d:7f:e2:0b:
                    4b:79:4f:9c:8f:fb:10:58:b3:b3:d0:cd:e6:ec:cd:
                    af:49:78:50:7d:3c:31:48:d5:a7:95:0c:c5:56:ac:
                    f3:a6:cf:53:d3:c5:f4:5a:22:ed:ef:dd:4f:71:d9:
                    12:9e:17:c2:63:99:01:3e:08:af:fe:ef:6f:bb:15:
                    bc:2e:c2:72:a5:73:d4:3b:0a:09:0c:d2:c6:4c:da:
                    47:df:d4:41:2c:28:7d:7f:ac:ec:1b:55:e1:ec:13:
                    4b:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:8D:5F:F2:39:41:9B:00:EC:51:03:CB:61:8F:E7:54:26:A4:21:B2
            X509v3 Authority Key Identifier:
                keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/6I1f8jlBmwDsUQPLYY_nVCakIbI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.154.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:9f:31:38:ad:83:c8:ee:ce:c8:e3:ad:b9:ea:8c:48:ca:4a:
         78:9b:11:ad:70:51:e0:e4:f1:1e:d3:1b:2c:91:a5:4c:6c:08:
         be:e5:b6:0e:48:6d:f8:29:08:76:c1:91:e4:c1:96:40:f2:91:
         52:2b:1b:2b:92:6b:cb:29:ce:a1:4e:60:b9:78:8c:95:fa:84:
         46:a1:0c:8a:27:67:a2:35:7f:8c:a5:bd:bb:54:ff:6a:26:f6:
         ca:d0:20:73:10:01:b3:5d:a6:f2:da:93:70:6b:8c:95:6a:4b:
         05:b9:e6:6b:c5:b5:97:33:2d:73:ef:cc:65:97:65:d4:d7:70:
         d7:09:70:48:c5:cf:9b:05:cd:96:17:0b:af:99:00:49:f2:1d:
         52:d7:e2:db:b0:c2:b4:c3:66:49:c8:08:1a:4c:94:15:74:e6:
         7f:c5:74:3b:72:89:85:5a:3e:f5:67:30:8b:da:76:bf:cf:e8:
         b4:d5:cb:61:b3:e0:86:41:6a:d5:23:eb:2f:bb:bb:1b:a8:d5:
         1b:42:ab:b8:8e:bd:77:5c:8f:cb:6b:f5:f0:fd:cd:56:0d:c4:
         d6:6e:a7:5d:ee:43:48:9b:b2:49:de:db:9e:08:ce:fc:09:d8:
         71:b0:75:01:c6:60:2a:cf:bf:78:26:ba:94:55:ce:64:a5:3b:
         53:75:74:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvNQHyjrlByUbS7iNHYTcYVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjMxMTE0MDk1MzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODhkNWZmMjM5NDE5YjAwZWM1MTAzY2I2MThmZTc1NDI2YTQyMWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoJ91dMXa3xqPxIUcgU/LngEGI8X
6nT4azQUDXDsqf6YHZMMiUPHxZMgYRmyzk+jaXePCnCYRI9GT5jIXh4lEQg1wThv
ke8Rl8vy/ldINNJLmGFaLg2clX1i3eorUkPi510Nno+LNTgOlpIN24xTvYjx1LpT
I7sbWCHZCAw0SyZztKr9T6XTqNgOZtBrtI4/jPrL3on+KXNImJ0LMJ0RHV1/4gtL
eU+cj/sQWLOz0M3m7M2vSXhQfTwxSNWnlQzFVqzzps9T08X0WiLt791PcdkSnhfC
Y5kBPgiv/u9vuxW8LsJypXPUOwoJDNLGTNpH39RBLCh9f6zsG1Xh7BNLywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOiNX/I5QZsA7FEDy2GP51QmpCGyMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvNkkxZjhqbEJtd0RzVVFQTFlZX25WQ2FrSWJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXporMA0G
CSqGSIb3DQEBCwUAA4IBAQCKnzE4rYPI7s7I46256oxIykp4mxGtcFHg5PEe0xss
kaVMbAi+5bYOSG34KQh2wZHkwZZA8pFSKxsrkmvLKc6hTmC5eIyV+oRGoQyKJ2ei
NX+Mpb27VP9qJvbK0CBzEAGzXaby2pNwa4yVaksFueZrxbWXMy1z78xll2XU13DX
CXBIxc+bBc2WFwuvmQBJ8h1S1+LbsMK0w2ZJyAgaTJQVdOZ/xXQ7comFWj71ZzCL
2na/z+i01cths+CGQWrVI+svu7sbqNUbQqu4jr13XI/La/Xw/c1WDcTWbqdd7kNI
m7JJ3tueCM78CdhxsHUBxmAqz794JrqUVc5kpTtTdXSQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:31 2024 by rpki-client on console-fra.rpki-client.org