Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/606ICbDECkCm499lBIiMVxmGxGE.roa
File:                     606ICbDECkCm499lBIiMVxmGxGE.roa (raw, json)
Hash identifier:          isDRZc4sk45ZLC6wZDmUDibju69vP5VqnlpC8MRDVYQ=
Subject key identifier:   EB:4E:88:09:B0:C4:0A:40:A6:E3:DF:65:04:88:8C:57:19:86:C4:61
Certificate issuer:       /CN=99fad2527eafa95215a8fed67a27fad3cfb2d37f
Certificate serial:       018AB94A6DDC2E015C20CB8EEEBE7B26619A
Authority key identifier: 99:FA:D2:52:7E:AF:A9:52:15:A8:FE:D6:7A:27:FA:D3:CF:B2:D3:7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mfrSUn6vqVIVqP7Weif608-y038.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/606ICbDECkCm499lBIiMVxmGxGE.roa
Signing time:             Thu 21 Sep 2023 19:49:37 +0000
ROA not before:           Thu 21 Sep 2023 19:49:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        195.184.76.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 25 Sep 2023 13:17:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b9:4a:6d:dc:2e:01:5c:20:cb:8e:ee:be:7b:26:61:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99fad2527eafa95215a8fed67a27fad3cfb2d37f
        Validity
            Not Before: Sep 21 19:49:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eb4e8809b0c40a40a6e3df6504888c571986c461
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:cc:2d:01:17:0c:b9:ae:59:07:d8:19:d4:8e:
                    ed:82:82:8d:58:2e:8e:ef:53:75:2e:e8:64:66:bd:
                    d1:88:2c:2b:7a:fc:e8:9e:a8:40:83:2f:b4:80:37:
                    e8:84:9f:fe:fd:f7:95:5a:b0:a1:53:4c:85:c8:73:
                    b8:c8:87:4f:45:4e:eb:72:3c:bd:d0:56:05:3a:5c:
                    fa:ec:5b:b0:d8:02:39:01:f1:9c:d6:09:33:59:a1:
                    99:b5:12:23:f8:54:45:86:b8:9e:d4:54:59:18:0c:
                    fe:cc:e3:42:e9:0a:14:a8:71:2a:f3:f4:39:81:a3:
                    46:12:22:36:2c:1e:d6:38:28:fd:9f:00:25:f9:50:
                    88:16:2b:d8:4f:6c:3d:54:02:a8:7e:48:28:a2:fd:
                    b4:2e:95:bc:79:d4:7f:40:65:2e:f3:2d:3c:f7:52:
                    79:65:99:b8:56:eb:de:cb:40:bd:95:71:86:3f:17:
                    e0:71:6d:10:a0:89:02:05:df:b5:93:00:17:08:30:
                    59:bb:ac:02:98:7e:c9:02:81:52:73:df:34:43:fc:
                    da:43:49:7b:c5:a4:cc:28:81:7f:47:32:c5:9d:72:
                    81:df:41:fa:f2:55:c4:38:9c:84:33:3f:9a:ef:e5:
                    60:15:0d:cf:1a:23:bf:1f:c4:cc:0c:ca:99:b1:b0:
                    3a:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:4E:88:09:B0:C4:0A:40:A6:E3:DF:65:04:88:8C:57:19:86:C4:61
            X509v3 Authority Key Identifier:
                keyid:99:FA:D2:52:7E:AF:A9:52:15:A8:FE:D6:7A:27:FA:D3:CF:B2:D3:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mfrSUn6vqVIVqP7Weif608-y038.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/606ICbDECkCm499lBIiMVxmGxGE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/mfrSUn6vqVIVqP7Weif608-y038.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.184.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:c7:d3:3b:f0:c4:16:ca:26:0e:f3:66:1c:65:2a:2e:f7:26:
         69:f0:77:72:de:f1:d4:e1:98:a6:e1:52:e5:9e:fc:e3:df:cd:
         ff:59:d5:4c:91:fc:52:05:b1:e1:6b:cd:87:e8:bc:60:31:a1:
         a4:c1:23:fc:1d:f1:c8:7a:12:f2:44:22:c7:14:f6:03:19:db:
         42:7a:65:b6:f9:d5:e9:47:96:db:76:ad:a7:ee:61:13:1a:1f:
         aa:c4:20:6d:56:76:06:9f:8e:55:67:5e:a4:50:4e:0f:ee:89:
         7f:0b:18:ee:42:0d:dc:d8:5b:57:4e:0d:4c:7c:4f:1c:1a:bb:
         8b:f8:bc:13:44:d8:c3:8f:60:ba:13:54:f6:17:6e:5d:c2:7e:
         2a:bc:99:71:18:aa:5b:3d:f4:ba:ee:66:fe:bd:76:c7:a4:6b:
         85:82:a5:53:e8:12:74:0d:ff:6c:08:0c:5d:f1:09:87:ff:1e:
         6b:59:2d:61:f8:4a:31:a6:2c:fb:4f:fc:05:02:43:b5:39:60:
         89:15:3a:38:92:0b:04:7b:3c:6d:c1:dc:b4:f4:ce:55:4e:fb:
         b5:b0:f8:cb:2d:d6:3b:44:0a:8c:c2:fa:be:e0:a7:5f:3f:20:
         62:26:29:51:85:f8:50:70:ca:a7:db:66:1b:6d:69:28:24:f7:
         75:94:d6:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYq5Sm3cLgFcIMuO7r57JmGaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZmFkMjUyN2VhZmE5NTIxNWE4ZmVkNjdhMjdmYWQzY2Zi
MmQzN2YwHhcNMjMwOTIxMTk0OTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjRlODgwOWIwYzQwYTQwYTZlM2RmNjUwNDg4OGM1NzE5ODZjNDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8wtARcMua5ZB9gZ1I7tgoKNWC6O
71N1LuhkZr3RiCwrevzonqhAgy+0gDfohJ/+/feVWrChU0yFyHO4yIdPRU7rcjy9
0FYFOlz67Fuw2AI5AfGc1gkzWaGZtRIj+FRFhrie1FRZGAz+zONC6QoUqHEq8/Q5
gaNGEiI2LB7WOCj9nwAl+VCIFivYT2w9VAKofkgoov20LpW8edR/QGUu8y0891J5
ZZm4Vuvey0C9lXGGPxfgcW0QoIkCBd+1kwAXCDBZu6wCmH7JAoFSc980Q/zaQ0l7
xaTMKIF/RzLFnXKB30H68lXEOJyEMz+a7+VgFQ3PGiO/H8TMDMqZsbA6hQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOtOiAmwxApApuPfZQSIjFcZhsRhMB8GA1UdIwQY
MBaAFJn60lJ+r6lSFaj+1non+tPPstN/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWZyU1VuNnZxVklWcVA3V2VpZjYwOC15MDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi80NTZlYWMtNjVkZi00ZGQxLWJmOWMt
MDEwM2E4OTljMmRlLzEvNjA2SUNiREVDa0NtNDk5bEJJaU1WeG1HeEdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi80NTZlYWMtNjVkZi00ZGQxLWJmOWMtMDEwM2E4OTljMmRl
LzEvbWZyU1VuNnZxVklWcVA3V2VpZjYwOC15MDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw7hMMA0G
CSqGSIb3DQEBCwUAA4IBAQB8x9M78MQWyiYO82YcZSou9yZp8Hdy3vHU4Zim4VLl
nvzj383/WdVMkfxSBbHha82H6LxgMaGkwSP8HfHIehLyRCLHFPYDGdtCemW2+dXp
R5bbdq2n7mETGh+qxCBtVnYGn45VZ16kUE4P7ol/CxjuQg3c2FtXTg1MfE8cGruL
+LwTRNjDj2C6E1T2F25dwn4qvJlxGKpbPfS67mb+vXbHpGuFgqVT6BJ0Df9sCAxd
8QmH/x5rWS1h+Eoxpiz7T/wFAkO1OWCJFTo4kgsEezxtwdy09M5VTvu1sPjLLdY7
RAqMwvq+4KdfPyBiJilRhfhQcMqn22YbbWkoJPd1lNY8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:16 2024 by rpki-client on console-ams.rpki-client.org