Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/kqaY66a6rZIFtxXLBTycetEtCsc.roa
File:                     kqaY66a6rZIFtxXLBTycetEtCsc.roa (raw, json)
Hash identifier:          KfAKcuOqldYTd7Xp9iRsnb+sfayO1A3BkY87rNN8kMQ=
Subject key identifier:   92:A6:98:EB:A6:BA:AD:92:05:B7:15:CB:05:3C:9C:7A:D1:2D:0A:C7
Certificate issuer:       /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial:       018CC801370D0EA4948EBF1208D00FB3B030
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/kqaY66a6rZIFtxXLBTycetEtCsc.roa
Signing time:             Tue 02 Jan 2024 02:29:31 +0000
ROA not before:           Tue 02 Jan 2024 02:29:31 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     56884
IP address blocks:        194.26.223.0/24 maxlen: 24
                          84.246.111.0/24 maxlen: 24
                          91.247.178.0/24 maxlen: 24
                          213.232.252.0/24 maxlen: 24
                          178.23.188.0/24 maxlen: 24
                          2a13:e400::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 05 Mar 2024 16:44:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:37:0d:0e:a4:94:8e:bf:12:08:d0:0f:b3:b0:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
        Validity
            Not Before: Jan  2 02:29:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=92a698eba6baad9205b715cb053c9c7ad12d0ac7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:28:91:69:2b:9d:25:07:49:65:53:78:52:47:
                    dc:ce:b0:34:5b:32:99:1f:21:bf:4f:e3:c2:be:9c:
                    3d:c8:0a:2c:b5:a6:44:5a:5d:bd:9a:6b:67:ff:61:
                    7f:cf:c6:ec:70:e3:80:91:3d:a7:6f:75:3b:83:a8:
                    24:80:08:08:30:0e:0f:a8:de:ef:cc:44:3f:53:03:
                    9b:06:9b:93:08:39:4e:ed:37:a3:ea:97:f7:67:c6:
                    84:0e:63:0f:f7:57:7a:80:39:bd:e4:6b:77:9f:27:
                    55:17:c8:d1:90:6d:f5:e6:d3:b8:d9:84:76:0b:cf:
                    07:fd:87:a9:52:7a:8b:77:0a:18:cb:d5:04:af:55:
                    41:c6:8f:ae:6d:c1:10:ca:ae:66:fc:5e:08:84:58:
                    a1:d3:55:b6:e4:ac:93:26:25:5f:bb:e3:b0:e4:68:
                    43:ea:ba:84:05:95:89:a8:0f:5f:d6:42:d0:b4:db:
                    1e:7d:b1:db:5f:5c:3b:bc:85:04:52:d2:12:66:87:
                    80:6e:fb:4a:6b:cc:58:57:59:1b:86:5a:f7:2c:04:
                    73:25:8b:28:f4:d6:25:fd:99:1a:64:71:42:8a:2f:
                    6e:be:87:44:b7:28:b9:14:2e:9c:11:b0:13:18:e6:
                    6d:da:3a:e7:9a:9a:eb:22:49:44:92:3c:26:9b:62:
                    93:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:A6:98:EB:A6:BA:AD:92:05:B7:15:CB:05:3C:9C:7A:D1:2D:0A:C7
            X509v3 Authority Key Identifier:
                keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/kqaY66a6rZIFtxXLBTycetEtCsc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.246.111.0/24
                  91.247.178.0/24
                  178.23.188.0/24
                  194.26.223.0/24
                  213.232.252.0/24
                IPv6:
                  2a13:e400::/29

    Signature Algorithm: sha256WithRSAEncryption
         73:61:f1:3b:57:c6:6d:3d:0f:59:ce:17:97:a9:d5:2d:b0:42:
         d8:8e:4b:04:f6:d1:f7:15:41:e2:6d:64:b5:25:da:2c:2b:85:
         cc:1e:20:8b:87:86:51:1e:d0:2f:12:18:b0:eb:34:53:a7:e6:
         bc:7b:09:9e:e4:b3:ec:04:9f:e1:2d:23:06:b0:43:af:a0:15:
         00:b3:19:d1:84:32:48:6e:c5:60:f2:18:e4:e7:13:7e:29:03:
         c4:7f:19:95:14:47:28:18:a3:65:d0:fe:52:6d:e6:f9:90:6d:
         3b:d5:9f:65:6d:20:d4:8f:15:d5:81:42:91:5e:f6:ad:c4:37:
         af:4c:dc:3a:f0:4b:30:2d:65:12:8b:26:9f:d6:e0:4a:87:eb:
         e6:8e:08:f9:8d:54:ca:70:f3:9f:7f:91:47:eb:9a:6b:23:08:
         e8:48:9d:1a:1a:7f:e7:c5:15:36:8b:e5:b9:0c:03:88:b3:44:
         00:8f:65:cf:0c:47:e1:05:fe:b5:20:48:a4:75:49:52:a5:b5:
         e9:9d:a1:a7:9e:9b:e5:c6:c1:b3:8b:fe:61:3e:5c:ea:e9:5e:
         e3:29:26:5c:a5:5a:4d:5b:fc:0e:2d:68:91:34:15:04:e7:78:
         4a:41:83:08:62:dc:b1:9b:79:1a:8d:50:ab:d7:f7:0e:c4:a2:
         33:a0:05:dc
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzIATcNDqSUjr8SCNAPs7AwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjQwMTAyMDIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmE2OThlYmE2YmFhZDkyMDViNzE1Y2IwNTNjOWM3YWQxMmQwYWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriiRaSudJQdJZVN4UkfczrA0WzKZ
HyG/T+PCvpw9yAostaZEWl29mmtn/2F/z8bscOOAkT2nb3U7g6gkgAgIMA4PqN7v
zEQ/UwObBpuTCDlO7Tej6pf3Z8aEDmMP91d6gDm95Gt3nydVF8jRkG315tO42YR2
C88H/YepUnqLdwoYy9UEr1VBxo+ubcEQyq5m/F4IhFih01W25KyTJiVfu+Ow5GhD
6rqEBZWJqA9f1kLQtNsefbHbX1w7vIUEUtISZoeAbvtKa8xYV1kbhlr3LARzJYso
9NYl/ZkaZHFCii9uvodEtyi5FC6cEbATGOZt2jrnmprrIklEkjwmm2KTQQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJKmmOumuq2SBbcVywU8nHrRLQrHMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEva3FhWTY2YTZyWklGdHhYTEJUeWNldEV0Q3NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAVPZvAwQA
W/eyAwQAshe8AwQAwhrfAwQA1ej8MA0EAgACMAcDBQMqE+QAMA0GCSqGSIb3DQEB
CwUAA4IBAQBzYfE7V8ZtPQ9ZzheXqdUtsELYjksE9tH3FUHibWS1JdosK4XMHiCL
h4ZRHtAvEhiw6zRTp+a8ewme5LPsBJ/hLSMGsEOvoBUAsxnRhDJIbsVg8hjk5xN+
KQPEfxmVFEcoGKNl0P5Sbeb5kG071Z9lbSDUjxXVgUKRXvatxDevTNw68EswLWUS
iyaf1uBKh+vmjgj5jVTKcPOff5FH65prIwjoSJ0aGn/nxRU2i+W5DAOIs0QAj2XP
DEfhBf61IEikdUlSpbXpnaGnnpvlxsGzi/5hPlzq6V7jKSZcpVpNW/wOLWiRNBUE
53hKQYMIYtyxm3kajVCr1/cOxKIzoAXc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:01 2024 by rpki-client on console-fra.rpki-client.org