Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/e16cb6-b454-48d6-bdc8-3516191a9d68/1/2sUsdn2GTKwKdMOyuWj4Kn6bpqM.roa
File:                     2sUsdn2GTKwKdMOyuWj4Kn6bpqM.roa (raw, json)
Hash identifier:          rpHCvYn/S4HdEjIIl/HrEbxxJC7yt1rpKcOxGV0fuMg=
Subject key identifier:   DA:C5:2C:76:7D:86:4C:AC:0A:74:C3:B2:B9:68:F8:2A:7E:9B:A6:A3
Certificate issuer:       /CN=bdf7a0a048b68eccfa4d49eab4f16dc792c0d318
Certificate serial:       01856F549E013F06D89C0E1A0F220BE69687
Authority key identifier: BD:F7:A0:A0:48:B6:8E:CC:FA:4D:49:EA:B4:F1:6D:C7:92:C0:D3:18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vfegoEi2jsz6TUnqtPFtx5LA0xg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/e16cb6-b454-48d6-bdc8-3516191a9d68/1/2sUsdn2GTKwKdMOyuWj4Kn6bpqM.roa
Signing time:             Sun 01 Jan 2023 21:54:54 +0000
ROA not before:           Sun 01 Jan 2023 21:54:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41887
IP address blocks:        194.140.230.0/24 maxlen: 24
                          2001:67c:144::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:54:9e:01:3f:06:d8:9c:0e:1a:0f:22:0b:e6:96:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bdf7a0a048b68eccfa4d49eab4f16dc792c0d318
        Validity
            Not Before: Jan  1 21:54:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dac52c767d864cac0a74c3b2b968f82a7e9ba6a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e7:69:0d:4c:9e:14:0f:1b:ce:ef:8d:fe:43:
                    5a:e6:3c:6b:be:d1:61:e0:ba:36:2a:79:89:af:e6:
                    dd:fe:c2:5d:0c:ea:be:f1:60:20:70:48:33:ce:92:
                    a3:56:e9:50:1d:a1:e1:bd:d7:cd:b8:31:43:67:60:
                    ca:46:00:f8:06:5b:81:76:41:99:af:72:8a:ea:3c:
                    95:c7:74:b8:f7:29:f4:f3:ea:1a:d7:23:cd:34:05:
                    a4:b3:a7:cf:30:ec:95:2e:b3:35:3e:55:42:4a:27:
                    e9:c6:29:9e:5b:a4:43:e4:f9:c8:3e:01:fe:ea:4f:
                    ec:74:a9:11:80:e7:6c:2d:f5:6b:3a:b4:92:a0:92:
                    4d:5c:1f:e1:ea:65:b3:f9:c0:07:e3:fe:4f:ad:69:
                    e1:27:be:13:da:80:c9:a7:55:01:da:e0:95:71:d3:
                    93:77:53:28:37:fd:20:ea:66:a1:25:db:63:f0:6f:
                    df:e2:c8:51:77:fa:3c:dc:05:2f:79:7f:08:1d:8d:
                    e0:ea:82:24:6b:90:04:9a:fa:c5:32:2d:e8:55:af:
                    37:44:64:c0:c0:8b:23:e1:d8:14:ce:66:97:09:05:
                    7c:13:77:4e:e3:28:ea:5c:34:d8:2a:fb:dd:4c:d5:
                    85:db:b1:9a:3f:05:fe:95:f1:c4:7f:b0:29:ad:fa:
                    d5:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:C5:2C:76:7D:86:4C:AC:0A:74:C3:B2:B9:68:F8:2A:7E:9B:A6:A3
            X509v3 Authority Key Identifier:
                keyid:BD:F7:A0:A0:48:B6:8E:CC:FA:4D:49:EA:B4:F1:6D:C7:92:C0:D3:18

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfegoEi2jsz6TUnqtPFtx5LA0xg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/e16cb6-b454-48d6-bdc8-3516191a9d68/1/2sUsdn2GTKwKdMOyuWj4Kn6bpqM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/e16cb6-b454-48d6-bdc8-3516191a9d68/1/vfegoEi2jsz6TUnqtPFtx5LA0xg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.140.230.0/24
                IPv6:
                  2001:67c:144::/48

    Signature Algorithm: sha256WithRSAEncryption
         ad:fb:d2:ed:56:b7:18:79:7c:38:f0:31:58:9f:ab:b0:1b:33:
         1f:c7:b3:1b:6b:ea:ba:14:71:4b:87:94:75:5b:21:90:47:2b:
         91:66:80:ef:a7:2e:8b:b8:34:ad:63:9e:60:01:a9:6f:1c:11:
         e1:76:40:99:ab:0e:4e:4c:62:57:2d:18:53:4f:0c:1c:e4:2d:
         22:7d:85:d8:ee:dd:82:40:2e:af:fe:a1:58:fc:ed:d9:41:49:
         5a:86:5d:38:23:cd:2f:fb:25:aa:82:d5:03:4a:53:6c:de:f9:
         a8:02:89:67:0b:46:d6:a0:bf:35:76:b4:b2:89:85:62:f2:a3:
         e3:44:9f:57:bf:3f:85:35:a9:51:1e:08:30:28:ec:97:ba:24:
         2b:67:ac:bf:f5:ec:0e:35:a8:ce:1a:c7:38:9e:f3:97:60:ea:
         64:cd:12:16:09:26:5e:6c:9f:83:42:d1:f8:b7:d9:cb:93:56:
         89:c0:95:ea:c2:b6:ea:f4:17:ff:e5:ad:f9:94:59:1d:85:4b:
         a8:39:46:dc:6e:63:01:12:66:ae:bd:45:13:ca:68:d8:7b:f6:
         c5:82:f4:b8:f6:0b:12:9e:3c:a2:a6:37:ac:5c:db:b3:e4:3a:
         d8:fb:24:3d:ac:9c:c7:d2:42:4a:81:71:4e:ba:bd:4c:b0:ac:
         4d:30:d9:c9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvVJ4BPwbYnA4aDyIL5paHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZjdhMGEwNDhiNjhlY2NmYTRkNDllYWI0ZjE2ZGM3OTJj
MGQzMTgwHhcNMjMwMTAxMjE1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWM1MmM3NjdkODY0Y2FjMGE3NGMzYjJiOTY4ZjgyYTdlOWJhNmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOdpDUyeFA8bzu+N/kNa5jxrvtFh
4Lo2KnmJr+bd/sJdDOq+8WAgcEgzzpKjVulQHaHhvdfNuDFDZ2DKRgD4BluBdkGZ
r3KK6jyVx3S49yn08+oa1yPNNAWks6fPMOyVLrM1PlVCSifpximeW6RD5PnIPgH+
6k/sdKkRgOdsLfVrOrSSoJJNXB/h6mWz+cAH4/5PrWnhJ74T2oDJp1UB2uCVcdOT
d1MoN/0g6mahJdtj8G/f4shRd/o83AUveX8IHY3g6oIka5AEmvrFMi3oVa83RGTA
wIsj4dgUzmaXCQV8E3dO4yjqXDTYKvvdTNWF27GaPwX+lfHEf7AprfrVLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNrFLHZ9hkysCnTDsrlo+Cp+m6ajMB8GA1UdIwQY
MBaAFL33oKBIto7M+k1J6rTxbceSwNMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZlZ29FaTJqc3o2VFVucXRQRnR4NUxBMHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9lMTZjYjYtYjQ1NC00OGQ2LWJkYzgt
MzUxNjE5MWE5ZDY4LzEvMnNVc2RuMkdUS3dLZE1PeXVXajRLbjZicHFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9lMTZjYjYtYjQ1NC00OGQ2LWJkYzgtMzUxNjE5MWE5ZDY4
LzEvdmZlZ29FaTJqc3o2VFVucXRQRnR4NUxBMHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwozmMA8E
AgACMAkDBwAgAQZ8AUQwDQYJKoZIhvcNAQELBQADggEBAK370u1Wtxh5fDjwMVif
q7AbMx/Hsxtr6roUcUuHlHVbIZBHK5FmgO+nLou4NK1jnmABqW8cEeF2QJmrDk5M
YlctGFNPDBzkLSJ9hdju3YJALq/+oVj87dlBSVqGXTgjzS/7JaqC1QNKU2ze+agC
iWcLRtagvzV2tLKJhWLyo+NEn1e/P4U1qVEeCDAo7Je6JCtnrL/17A41qM4axzie
85dg6mTNEhYJJl5sn4NC0fi32cuTVonAlerCtur0F//lrfmUWR2FS6g5RtxuYwES
Zq69RRPKaNh79sWC9Lj2CxKePKKmN6xc27PkOtj7JD2snMfSQkqBcU66vUywrE0w
2ck=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:42 2024 by rpki-client on console-ams.rpki-client.org