Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/632e89-8842-48b1-9dcf-2aeadb966b76/1/P9sA9lazdeB81HezDrYV3_eUAZA.roa
File:                     P9sA9lazdeB81HezDrYV3_eUAZA.roa (raw, json)
Hash identifier:          8rCPDubtuoj3hjI/JeFSmNMgKaqhwEM8QbkNyNEkliY=
Subject key identifier:   3F:DB:00:F6:56:B3:75:E0:7C:D4:77:B3:0E:B6:15:DF:F7:94:01:90
Certificate issuer:       /CN=6bba6d0f0f9b19f7f43ceb43e7359a3d84e99d99
Certificate serial:       018890EED8454CBD7728D55327B7646AD4C3
Authority key identifier: 6B:BA:6D:0F:0F:9B:19:F7:F4:3C:EB:43:E7:35:9A:3D:84:E9:9D:99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a7ptDw-bGff0POtD5zWaPYTpnZk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/632e89-8842-48b1-9dcf-2aeadb966b76/1/P9sA9lazdeB81HezDrYV3_eUAZA.roa
Signing time:             Tue 06 Jun 2023 13:39:11 +0000
ROA not before:           Tue 06 Jun 2023 13:39:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201502
IP address blocks:        185.25.139.0/24 maxlen: 24
                          185.25.138.0/24 maxlen: 24
                          185.25.137.0/24 maxlen: 24
                          185.25.136.0/24 maxlen: 24
                          185.13.220.0/22 maxlen: 24
                          188.208.19.0/24 maxlen: 24
                          185.253.80.0/22 maxlen: 24
                          185.203.172.0/24 maxlen: 24
                          185.203.175.0/24 maxlen: 24
                          185.203.174.0/24 maxlen: 24
                          185.203.173.0/24 maxlen: 24
                          46.255.240.0/24 maxlen: 24
                          46.255.246.0/24 maxlen: 24
                          46.255.245.0/24 maxlen: 24
                          46.255.244.0/24 maxlen: 24
                          46.255.243.0/24 maxlen: 24
                          46.255.242.0/24 maxlen: 24
                          46.255.241.0/24 maxlen: 24
                          46.255.247.0/24 maxlen: 24
                          188.214.82.0/24 maxlen: 24
                          188.214.83.0/24 maxlen: 24
                          2a03:a6c0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 10 Oct 2023 09:04:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:90:ee:d8:45:4c:bd:77:28:d5:53:27:b7:64:6a:d4:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6bba6d0f0f9b19f7f43ceb43e7359a3d84e99d99
        Validity
            Not Before: Jun  6 13:39:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3fdb00f656b375e07cd477b30eb615dff7940190
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:e1:e0:8b:82:03:47:88:5c:cd:c0:ed:66:66:
                    da:2c:c4:4f:d8:1e:09:a8:24:78:16:13:cc:63:91:
                    69:b8:33:bb:2e:0c:c5:99:d5:55:de:c8:e0:1b:7d:
                    80:68:a0:c2:7b:2f:c8:13:4d:45:b2:48:98:37:90:
                    35:9f:96:4c:07:d1:9f:f1:eb:4b:ec:85:41:30:27:
                    55:28:d5:92:33:c7:30:b9:f8:ce:47:ab:21:69:b7:
                    76:aa:4c:ef:00:2f:74:81:5e:b4:f5:6f:de:8c:aa:
                    1d:b7:4f:31:ec:29:d0:16:60:1f:bc:04:b9:72:7a:
                    77:a9:e5:94:05:9e:dc:ca:fd:64:2d:4f:cd:47:66:
                    84:f0:30:bb:41:b8:f9:1d:a4:1b:8f:85:16:bb:d8:
                    f8:5d:54:2e:25:72:96:35:4c:ff:8e:d4:b0:66:05:
                    8c:da:e0:51:29:d8:fa:02:d7:a8:fd:e1:cc:d8:08:
                    b1:49:35:70:0c:d3:9c:a5:2f:af:e3:83:52:bd:66:
                    e3:02:ea:39:24:9a:69:bf:d3:ef:8e:36:5d:ef:f9:
                    7e:04:9f:89:e3:03:f4:ea:f7:32:6d:31:6e:9d:d8:
                    5f:51:77:95:69:c9:7e:aa:d7:5c:5c:e4:2b:1f:e5:
                    b0:47:18:fc:b4:ff:6d:b6:cf:63:61:8a:77:ee:8e:
                    0f:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:DB:00:F6:56:B3:75:E0:7C:D4:77:B3:0E:B6:15:DF:F7:94:01:90
            X509v3 Authority Key Identifier:
                keyid:6B:BA:6D:0F:0F:9B:19:F7:F4:3C:EB:43:E7:35:9A:3D:84:E9:9D:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7ptDw-bGff0POtD5zWaPYTpnZk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/632e89-8842-48b1-9dcf-2aeadb966b76/1/P9sA9lazdeB81HezDrYV3_eUAZA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/632e89-8842-48b1-9dcf-2aeadb966b76/1/a7ptDw-bGff0POtD5zWaPYTpnZk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.255.240.0/21
                  185.13.220.0/22
                  185.25.136.0/22
                  185.203.172.0/22
                  185.253.80.0/22
                  188.208.19.0/24
                  188.214.82.0/23
                IPv6:
                  2a03:a6c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         aa:ce:3b:75:d6:f9:3e:28:cb:10:9c:67:1e:3d:20:fb:a0:2c:
         c1:5f:1f:6b:a7:fc:4a:c6:e2:ac:3d:1a:99:e4:fc:3d:df:32:
         4f:2b:92:41:2e:2f:69:9a:a1:de:fc:cc:c9:86:8d:de:63:cd:
         af:4e:db:b8:c2:7a:5c:d6:9c:ec:c2:f3:b5:67:b4:1c:a5:19:
         30:e8:66:66:54:e6:f9:fa:a0:24:81:bd:e2:1e:39:27:46:84:
         d6:b6:31:f9:11:87:8f:2f:b4:5f:25:ea:1e:3f:86:05:9b:76:
         10:d2:4e:09:49:df:e5:05:0b:b8:97:12:a6:62:46:94:85:b6:
         7f:aa:8b:18:a5:a3:a6:a9:e2:21:e6:3c:6e:ac:68:1b:72:54:
         7a:99:b5:c9:3f:64:a6:a9:e0:de:c1:b5:bf:4f:76:46:3b:52:
         f6:13:d7:6d:9e:c0:fd:7f:a1:f3:51:37:86:35:d4:25:f9:7c:
         a0:7c:c7:43:5b:86:9e:e7:14:05:bd:fd:a5:ef:12:3f:b0:c6:
         84:22:bd:22:1a:1b:cc:80:cf:93:ba:b8:71:39:ca:ce:f1:6f:
         66:3b:60:a9:c3:04:38:75:92:51:f4:49:9e:7b:af:63:71:82:
         81:22:97:2e:79:0c:15:a4:ad:7a:39:be:24:3e:84:e1:80:8f:
         f8:1d:01:d1
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYiQ7thFTL13KNVTJ7dkatTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYmE2ZDBmMGY5YjE5ZjdmNDNjZWI0M2U3MzU5YTNkODRl
OTlkOTkwHhcNMjMwNjA2MTMzOTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmRiMDBmNjU2YjM3NWUwN2NkNDc3YjMwZWI2MTVkZmY3OTQwMTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOHgi4IDR4hczcDtZmbaLMRP2B4J
qCR4FhPMY5FpuDO7LgzFmdVV3sjgG32AaKDCey/IE01FskiYN5A1n5ZMB9Gf8etL
7IVBMCdVKNWSM8cwufjOR6shabd2qkzvAC90gV609W/ejKodt08x7CnQFmAfvAS5
cnp3qeWUBZ7cyv1kLU/NR2aE8DC7Qbj5HaQbj4UWu9j4XVQuJXKWNUz/jtSwZgWM
2uBRKdj6Ateo/eHM2AixSTVwDNOcpS+v44NSvWbjAuo5JJppv9PvjjZd7/l+BJ+J
4wP06vcybTFundhfUXeVacl+qtdcXOQrH+WwRxj8tP9tts9jYYp37o4PaQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFD/bAPZWs3XgfNR3sw62Fd/3lAGQMB8GA1UdIwQY
MBaAFGu6bQ8Pmxn39DzrQ+c1mj2E6Z2ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTdwdER3LWJHZmYwUE90RDV6V2FQWVRwblprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi82MzJlODktODg0Mi00OGIxLTlkY2Yt
MmFlYWRiOTY2Yjc2LzEvUDlzQTlsYXpkZUI4MUhlekRyWVYzX2VVQVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi82MzJlODktODg0Mi00OGIxLTlkY2YtMmFlYWRiOTY2Yjc2
LzEvYTdwdER3LWJHZmYwUE90RDV6V2FQWVRwblprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDLv/wAwQC
uQ3cAwQCuRmIAwQCucusAwQCuf1QAwQAvNATAwQBvNZSMA0EAgACMAcDBQAqA6bA
MA0GCSqGSIb3DQEBCwUAA4IBAQCqzjt11vk+KMsQnGcePSD7oCzBXx9rp/xKxuKs
PRqZ5Pw93zJPK5JBLi9pmqHe/MzJho3eY82vTtu4wnpc1pzswvO1Z7QcpRkw6GZm
VOb5+qAkgb3iHjknRoTWtjH5EYePL7RfJeoeP4YFm3YQ0k4JSd/lBQu4lxKmYkaU
hbZ/qosYpaOmqeIh5jxurGgbclR6mbXJP2SmqeDewbW/T3ZGO1L2E9dtnsD9f6Hz
UTeGNdQl+XygfMdDW4ae5xQFvf2l7xI/sMaEIr0iGhvMgM+TurhxOcrO8W9mO2Cp
wwQ4dZJR9Emee69jcYKBIpcueQwVpK16Ob4kPoThgI/4HQHR
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:14 2024 by rpki-client on console-ams.rpki-client.org