Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/60e51f-b803-474d-b27a-f2990ceb94ec/1/_aZubEUttnDNf6nTKVFSmEzliRU.roa
File:                     _aZubEUttnDNf6nTKVFSmEzliRU.roa (raw, json)
Hash identifier:          aKD4STy96hVlrEFNS1PZu+yLxDi0OL/6pcj80u+4BwA=
Subject key identifier:   FD:A6:6E:6C:45:2D:B6:70:CD:7F:A9:D3:29:51:52:98:4C:E5:89:15
Certificate issuer:       /CN=9df185e99ffe611527a0e94331151ffe2ee72ae9
Certificate serial:       01881EFB60B7D3056C9E932C30EE5E63119A
Authority key identifier: 9D:F1:85:E9:9F:FE:61:15:27:A0:E9:43:31:15:1F:FE:2E:E7:2A:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nfGF6Z_-YRUnoOlDMRUf_i7nKuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/60e51f-b803-474d-b27a-f2990ceb94ec/1/_aZubEUttnDNf6nTKVFSmEzliRU.roa
Signing time:             Mon 15 May 2023 10:36:10 +0000
ROA not before:           Mon 15 May 2023 10:36:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201990
IP address blocks:        217.197.102.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 30 May 2023 14:30:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:1e:fb:60:b7:d3:05:6c:9e:93:2c:30:ee:5e:63:11:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9df185e99ffe611527a0e94331151ffe2ee72ae9
        Validity
            Not Before: May 15 10:36:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fda66e6c452db670cd7fa9d3295152984ce58915
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:4f:ca:cd:dc:2b:e4:ed:4e:e0:26:f1:d7:fc:
                    36:25:0d:3e:7f:d7:1d:01:e5:56:a3:23:dd:22:be:
                    e5:26:6b:c3:11:9b:dc:40:e8:42:36:f9:0c:76:12:
                    97:d7:d3:8b:89:88:1f:da:8e:52:d2:31:2b:bd:68:
                    85:57:34:21:32:15:dc:ee:46:e7:03:2d:72:42:4d:
                    f2:e1:b4:d2:a2:98:5f:c4:3a:16:db:5f:0f:19:63:
                    54:6d:4b:20:37:85:ae:30:f2:4a:54:53:f8:19:aa:
                    4b:55:14:27:86:96:30:a8:fa:96:bf:67:0f:40:16:
                    68:8e:15:16:05:8c:60:4a:c3:ff:fe:8c:c6:4f:6c:
                    a1:e4:c3:79:bb:f2:2b:39:6e:db:9a:ac:f2:46:d9:
                    64:f1:29:ff:31:58:7e:a4:36:22:3b:bd:67:f7:0a:
                    b0:ed:5a:0e:04:35:ec:1e:96:f5:f0:a4:c6:8a:4f:
                    b9:c4:d6:80:ff:1b:fc:f1:6a:63:8d:85:dd:e4:95:
                    3b:81:fb:e5:8e:93:b6:b3:29:e2:2c:3d:ae:f6:e5:
                    04:70:e6:ea:50:23:b0:05:ec:29:0f:a0:76:67:65:
                    d1:25:92:bf:9a:ed:24:39:35:76:ae:43:e7:eb:35:
                    56:d7:0b:c4:f0:da:62:15:40:d3:ae:8b:a1:0d:1f:
                    a8:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:A6:6E:6C:45:2D:B6:70:CD:7F:A9:D3:29:51:52:98:4C:E5:89:15
            X509v3 Authority Key Identifier:
                keyid:9D:F1:85:E9:9F:FE:61:15:27:A0:E9:43:31:15:1F:FE:2E:E7:2A:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfGF6Z_-YRUnoOlDMRUf_i7nKuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/60e51f-b803-474d-b27a-f2990ceb94ec/1/_aZubEUttnDNf6nTKVFSmEzliRU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/60e51f-b803-474d-b27a-f2990ceb94ec/1/nfGF6Z_-YRUnoOlDMRUf_i7nKuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.197.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:f2:b1:db:19:d9:fe:1a:e3:31:7c:02:ce:09:2a:36:2e:c9:
         9c:7d:0c:f2:cc:d5:55:62:3b:56:be:a5:4a:0c:57:63:54:0c:
         ab:9c:27:7d:19:84:37:49:c2:d0:73:f0:e3:d4:49:5c:23:ce:
         9f:53:c2:da:b4:1d:ba:77:b9:59:c7:71:f8:0a:f0:60:8e:fb:
         b8:0a:93:f4:47:4b:8d:e7:95:07:a9:af:0a:87:2a:52:90:8d:
         90:75:25:da:9f:0b:ae:b2:2b:87:28:5d:45:59:64:1f:8b:b9:
         69:69:5d:0b:73:ac:99:6e:24:a7:17:7c:c1:9f:19:9e:e5:5f:
         a8:5d:ba:d2:49:a1:7f:0e:fa:23:41:59:c8:86:0f:cf:23:03:
         bc:09:18:70:a2:b9:bb:49:b4:91:b2:ec:08:15:e3:08:1d:bd:
         36:1c:64:cc:32:3c:39:eb:aa:53:ea:33:dd:9f:40:5c:92:cc:
         57:48:28:37:21:dd:43:3c:53:ff:ce:cf:60:65:f5:fa:99:8e:
         98:f7:90:58:54:91:df:39:f3:ca:45:e6:30:62:3c:e6:0e:78:
         f1:86:57:c9:2e:96:59:9d:57:14:ca:39:e4:fa:94:4b:72:66:
         73:28:c8:a3:76:25:28:0d:0f:ff:1e:c6:8c:24:7b:5a:11:4d:
         e9:5f:d8:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYge+2C30wVsnpMsMO5eYxGaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZjE4NWU5OWZmZTYxMTUyN2EwZTk0MzMxMTUxZmZlMmVl
NzJhZTkwHhcNMjMwNTE1MTAzNjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGE2NmU2YzQ1MmRiNjcwY2Q3ZmE5ZDMyOTUxNTI5ODRjZTU4OTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoE/Kzdwr5O1O4Cbx1/w2JQ0+f9cd
AeVWoyPdIr7lJmvDEZvcQOhCNvkMdhKX19OLiYgf2o5S0jErvWiFVzQhMhXc7kbn
Ay1yQk3y4bTSophfxDoW218PGWNUbUsgN4WuMPJKVFP4GapLVRQnhpYwqPqWv2cP
QBZojhUWBYxgSsP//ozGT2yh5MN5u/IrOW7bmqzyRtlk8Sn/MVh+pDYiO71n9wqw
7VoOBDXsHpb18KTGik+5xNaA/xv88WpjjYXd5JU7gfvljpO2syniLD2u9uUEcObq
UCOwBewpD6B2Z2XRJZK/mu0kOTV2rkPn6zVW1wvE8NpiFUDTrouhDR+okQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP2mbmxFLbZwzX+p0ylRUphM5YkVMB8GA1UdIwQY
MBaAFJ3xhemf/mEVJ6DpQzEVH/4u5yrpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmZHRjZaXy1ZUlVub09sRE1SVWZfaTduS3VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy82MGU1MWYtYjgwMy00NzRkLWIyN2Et
ZjI5OTBjZWI5NGVjLzEvX2FadWJFVXR0bkROZjZuVEtWRlNtRXpsaVJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy82MGU1MWYtYjgwMy00NzRkLWIyN2EtZjI5OTBjZWI5NGVj
LzEvbmZHRjZaXy1ZUlVub09sRE1SVWZfaTduS3VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2cVmMA0G
CSqGSIb3DQEBCwUAA4IBAQCF8rHbGdn+GuMxfALOCSo2LsmcfQzyzNVVYjtWvqVK
DFdjVAyrnCd9GYQ3ScLQc/Dj1ElcI86fU8LatB26d7lZx3H4CvBgjvu4CpP0R0uN
55UHqa8KhypSkI2QdSXanwuusiuHKF1FWWQfi7lpaV0Lc6yZbiSnF3zBnxme5V+o
XbrSSaF/DvojQVnIhg/PIwO8CRhworm7SbSRsuwIFeMIHb02HGTMMjw566pT6jPd
n0BcksxXSCg3Id1DPFP/zs9gZfX6mY6Y95BYVJHfOfPKReYwYjzmDnjxhlfJLpZZ
nVcUyjnk+pRLcmZzKMijdiUoDQ//HsaMJHtaEU3pX9jZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:41 2024 by rpki-client on console-fra.rpki-client.org