Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/atZM_2MeUMEWn9bTdwow-E9FJ2Q.roa
File:                     atZM_2MeUMEWn9bTdwow-E9FJ2Q.roa (raw, json)
Hash identifier:          e/c9IomNBycb9ckS9qW+90zScH5WOLnDJKwkTFPO3w8=
Subject key identifier:   6A:D6:4C:FF:63:1E:50:C1:16:9F:D6:D3:77:0A:30:F8:4F:45:27:64
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       018A83A961B9FF00505800E1A246D32009AB
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/atZM_2MeUMEWn9bTdwow-E9FJ2Q.roa
Signing time:             Mon 11 Sep 2023 09:53:50 +0000
ROA not before:           Mon 11 Sep 2023 09:53:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        194.102.168.0/24 maxlen: 24
                          194.102.169.0/24 maxlen: 24
                          194.102.171.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:83:a9:61:b9:ff:00:50:58:00:e1:a2:46:d3:20:09:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Sep 11 09:53:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6ad64cff631e50c1169fd6d3770a30f84f452764
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:b3:1c:7b:69:99:e1:43:a4:d5:37:66:5b:25:
                    a3:2d:62:c5:2c:77:52:74:c7:0d:d9:47:eb:8c:35:
                    4d:a2:6b:91:e1:a4:eb:ae:72:fa:96:6e:94:c5:0c:
                    71:3d:54:76:d9:0e:b5:2c:b8:27:40:7a:1f:7f:c7:
                    d6:8b:87:62:f3:e2:bb:a8:9e:3d:a4:2f:85:97:4f:
                    4d:6d:a3:57:7a:77:9d:43:23:89:95:2d:8a:a8:96:
                    93:67:d8:86:00:62:bb:21:4c:14:b8:41:a7:b0:98:
                    49:c0:1e:b5:33:cd:c3:fc:74:33:b0:2b:a1:ac:4a:
                    30:6e:6c:9f:fc:4d:c0:8f:71:6f:93:c9:e7:4e:76:
                    1e:f3:94:22:4f:da:0f:f1:66:19:22:9f:9c:4d:19:
                    ec:c7:ee:1a:1e:b2:06:3c:75:a5:0f:67:10:c2:9c:
                    53:f3:a8:ad:e1:e2:b2:3b:64:1f:e5:1e:85:df:af:
                    9c:54:36:86:fa:d4:7d:0e:dc:53:63:cb:06:1b:7f:
                    55:20:17:0b:f4:12:f5:6a:d3:cb:d5:21:4e:bf:62:
                    45:c3:d2:0b:3b:0c:4f:f3:84:45:df:82:37:af:07:
                    e6:5b:15:77:a6:8f:c7:5f:cd:24:f1:df:59:db:2c:
                    3e:cd:34:c8:a7:5e:72:e9:ea:37:d9:ca:ad:5e:99:
                    6f:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:D6:4C:FF:63:1E:50:C1:16:9F:D6:D3:77:0A:30:F8:4F:45:27:64
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/atZM_2MeUMEWn9bTdwow-E9FJ2Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.102.168.0/23
                  194.102.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:54:cc:55:f0:27:86:36:97:76:52:eb:ff:4a:3a:df:24:63:
         75:e8:ac:e9:e9:28:ff:68:a8:bc:29:f4:97:bd:37:08:3c:18:
         37:e7:09:cd:9c:35:51:5a:90:36:82:db:1c:a9:3f:68:09:88:
         38:b9:df:fb:b1:4a:27:be:97:d1:aa:83:cc:3c:8d:56:d0:d2:
         9f:d7:3e:45:b2:3e:be:68:8b:ea:58:0c:c7:9f:33:6d:4d:bd:
         cc:7e:a6:d3:ec:f4:49:d6:e8:27:a3:aa:a9:4f:e8:6d:77:d7:
         b0:18:e8:f0:94:03:9b:05:60:05:15:4f:78:b6:b0:ab:d4:13:
         6a:75:23:f6:bc:38:44:a4:5f:09:a8:ee:c1:8a:53:92:6e:67:
         cc:af:6f:e1:cb:da:97:ed:22:5a:d9:49:c2:4f:3b:31:82:21:
         e2:ee:5c:4d:86:15:10:ed:c3:6c:81:0f:d5:8a:03:10:3d:fc:
         8b:5c:67:23:74:44:aa:b7:44:35:83:6a:76:96:7f:24:f1:79:
         15:8f:18:06:1f:27:78:d3:64:f3:54:82:8e:f2:fb:49:30:0d:
         14:b3:1e:e2:a3:3d:67:13:df:24:74:72:b4:ba:75:57:c2:a5:
         84:5a:f1:f2:3a:91:4d:e9:52:dd:56:9c:ef:cf:02:87:55:87:
         65:88:d9:75
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqDqWG5/wBQWADhokbTIAmrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwOTExMDk1MzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWQ2NGNmZjYzMWU1MGMxMTY5ZmQ2ZDM3NzBhMzBmODRmNDUyNzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37Mce2mZ4UOk1TdmWyWjLWLFLHdS
dMcN2UfrjDVNomuR4aTrrnL6lm6UxQxxPVR22Q61LLgnQHoff8fWi4di8+K7qJ49
pC+Fl09NbaNXenedQyOJlS2KqJaTZ9iGAGK7IUwUuEGnsJhJwB61M83D/HQzsCuh
rEowbmyf/E3Aj3Fvk8nnTnYe85QiT9oP8WYZIp+cTRnsx+4aHrIGPHWlD2cQwpxT
86it4eKyO2Qf5R6F36+cVDaG+tR9DtxTY8sGG39VIBcL9BL1atPL1SFOv2JFw9IL
OwxP84RF34I3rwfmWxV3po/HX80k8d9Z2yw+zTTIp15y6eo32cqtXplvfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGrWTP9jHlDBFp/W03cKMPhPRSdkMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvYXRaTV8yTWVVTUVXbjliVGR3b3ctRTlGSjJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwmaoAwQA
wmarMA0GCSqGSIb3DQEBCwUAA4IBAQAkVMxV8CeGNpd2Uuv/SjrfJGN16Kzp6Sj/
aKi8KfSXvTcIPBg35wnNnDVRWpA2gtscqT9oCYg4ud/7sUonvpfRqoPMPI1W0NKf
1z5Fsj6+aIvqWAzHnzNtTb3MfqbT7PRJ1ugno6qpT+htd9ewGOjwlAObBWAFFU94
trCr1BNqdSP2vDhEpF8JqO7BilOSbmfMr2/hy9qX7SJa2UnCTzsxgiHi7lxNhhUQ
7cNsgQ/VigMQPfyLXGcjdESqt0Q1g2p2ln8k8XkVjxgGHyd402TzVIKO8vtJMA0U
sx7ioz1nE98kdHK0unVXwqWEWvHyOpFN6VLdVpzvzwKHVYdliNl1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:22 2024 by rpki-client on console-fra.rpki-client.org