Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/buOAj7pgy6_I1upZiH1zAZGmWKU.roa
File:                     buOAj7pgy6_I1upZiH1zAZGmWKU.roa (raw, json)
Hash identifier:          FPfBuebBP11e4yK0wseF84hKPLtbF0KesN9BxFm8j40=
Subject key identifier:   6E:E3:80:8F:BA:60:CB:AF:C8:D6:EA:59:88:7D:73:01:91:A6:58:A5
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       01856CE6246CA184F6230F2143A49C2F0F2D
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/buOAj7pgy6_I1upZiH1zAZGmWKU.roa
Signing time:             Sun 01 Jan 2023 10:34:59 +0000
ROA not before:           Sun 01 Jan 2023 10:34:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203363
IP address blocks:        2.58.203.0/24 maxlen: 24
                          45.67.84.0/24 maxlen: 24
                          45.67.85.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 03 Apr 2023 08:28:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e6:24:6c:a1:84:f6:23:0f:21:43:a4:9c:2f:0f:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Jan  1 10:34:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6ee3808fba60cbafc8d6ea59887d730191a658a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:b4:08:d8:fd:0d:eb:66:6a:e7:c5:69:83:c1:
                    9b:05:e3:38:d2:b9:fd:06:d1:1e:cd:97:53:6d:01:
                    a4:74:14:47:a5:4d:cb:b8:15:c4:40:a6:c0:6a:84:
                    9b:6f:9f:b1:5d:1f:2b:60:3d:aa:82:b0:01:66:00:
                    1f:42:ed:15:e8:c2:93:56:b6:0e:be:58:aa:7a:c1:
                    08:34:0b:b0:f8:d5:cc:be:74:0f:3f:5b:44:70:dd:
                    61:37:c8:1c:6f:81:9a:8d:14:d1:31:f5:18:c9:2e:
                    4b:0f:5b:dc:a6:59:6c:4d:c2:22:1a:94:9f:6e:47:
                    c3:eb:23:20:76:a0:92:d6:92:a6:a8:90:51:f5:eb:
                    1f:e2:9c:74:d0:d6:a3:f3:a4:d3:a3:2e:c9:38:c8:
                    b5:41:4a:3e:d3:e5:62:e1:96:61:30:1c:cf:1f:9f:
                    7e:67:eb:1a:3c:d9:d7:f4:ed:04:98:9c:57:85:27:
                    2a:c1:3d:51:47:0c:a4:10:80:6a:bf:67:31:cd:39:
                    5b:30:74:93:0f:9d:0b:f7:f0:93:b7:e1:04:44:95:
                    0b:0b:e4:2f:1d:a4:ea:e6:58:eb:a7:52:9b:7e:a4:
                    c5:03:28:93:71:82:e1:38:32:a0:16:3d:67:b3:75:
                    d6:ae:01:e2:27:da:80:4c:49:19:aa:67:9c:4f:57:
                    39:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:E3:80:8F:BA:60:CB:AF:C8:D6:EA:59:88:7D:73:01:91:A6:58:A5
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/buOAj7pgy6_I1upZiH1zAZGmWKU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.203.0/24
                  45.67.84.0/23

    Signature Algorithm: sha256WithRSAEncryption
         08:39:79:01:e7:1a:64:99:c6:4f:27:de:c8:e8:dd:29:4c:12:
         31:02:d7:ae:b8:76:45:83:e4:89:08:b0:35:34:d0:32:bc:b2:
         d9:2d:7f:b0:1d:26:36:8c:55:14:63:f8:28:ea:da:4d:fd:06:
         e5:46:a0:85:7a:c8:54:79:8a:9e:b7:d3:bf:9c:0f:92:59:06:
         a6:f0:b0:93:45:3e:9a:a4:b4:c8:0b:0d:c8:2b:89:fa:02:c5:
         b2:13:63:e2:77:41:0d:68:e6:84:b4:01:c6:58:30:ba:3a:19:
         0e:f7:5e:7f:62:d3:8a:59:c3:22:bb:45:d5:4c:9d:21:dc:d6:
         88:7a:ef:d1:05:fc:be:77:b7:27:be:6b:19:34:74:bd:c7:83:
         0c:c0:11:3e:81:6a:4e:78:9f:6a:6f:19:02:e1:19:bd:58:ae:
         b6:00:7b:74:dd:ce:8c:30:8c:cc:b2:9e:e6:d9:e0:93:20:e9:
         5f:00:33:3b:64:09:b2:94:16:4c:74:23:4b:58:01:73:89:ac:
         ca:5b:21:f8:bd:4b:70:7a:df:6f:ac:16:5e:21:f1:a8:d4:13:
         d2:43:31:12:0b:30:96:92:9e:05:74:57:9e:a0:04:9d:c7:37:
         c7:9c:77:d5:0d:37:9e:51:8a:32:f4:65:0b:aa:2c:ca:2b:88:
         97:78:02:3d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVs5iRsoYT2Iw8hQ6ScLw8tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwMTAxMTAzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWUzODA4ZmJhNjBjYmFmYzhkNmVhNTk4ODdkNzMwMTkxYTY1OGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLQI2P0N62Zq58Vpg8GbBeM40rn9
BtEezZdTbQGkdBRHpU3LuBXEQKbAaoSbb5+xXR8rYD2qgrABZgAfQu0V6MKTVrYO
vliqesEINAuw+NXMvnQPP1tEcN1hN8gcb4GajRTRMfUYyS5LD1vcpllsTcIiGpSf
bkfD6yMgdqCS1pKmqJBR9esf4px00Naj86TToy7JOMi1QUo+0+Vi4ZZhMBzPH59+
Z+saPNnX9O0EmJxXhScqwT1RRwykEIBqv2cxzTlbMHSTD50L9/CTt+EERJULC+Qv
HaTq5ljrp1KbfqTFAyiTcYLhODKgFj1ns3XWrgHiJ9qATEkZqmecT1c5ewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG7jgI+6YMuvyNbqWYh9cwGRplilMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvYnVPQWo3cGd5Nl9JMXVwWmlIMXpBWkdtV0tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjrLAwQB
LUNUMA0GCSqGSIb3DQEBCwUAA4IBAQAIOXkB5xpkmcZPJ97I6N0pTBIxAteuuHZF
g+SJCLA1NNAyvLLZLX+wHSY2jFUUY/go6tpN/QblRqCFeshUeYqet9O/nA+SWQam
8LCTRT6apLTICw3IK4n6AsWyE2Pid0ENaOaEtAHGWDC6OhkO915/YtOKWcMiu0XV
TJ0h3NaIeu/RBfy+d7cnvmsZNHS9x4MMwBE+gWpOeJ9qbxkC4Rm9WK62AHt03c6M
MIzMsp7m2eCTIOlfADM7ZAmylBZMdCNLWAFziazKWyH4vUtwet9vrBZeIfGo1BPS
QzESCzCWkp4FdFeeoASdxzfHnHfVDTeeUYoy9GULqizKK4iXeAI9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org