Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/bsmBvalz2mK-KD5IESxhgZwVY8c.roa
File:                     bsmBvalz2mK-KD5IESxhgZwVY8c.roa (raw, json)
Hash identifier:          a21VYTiO6KnchobHpiflMZoP2qxCIkSXXXGk+waV198=
Subject key identifier:   6E:C9:81:BD:A9:73:DA:62:BE:28:3E:48:11:2C:61:81:9C:15:63:C7
Certificate issuer:       /CN=c946c4befe0fbbe3624bd748296b5fe2e7ec2d68
Certificate serial:       018CC56DF071D0BBCAE5C0AF9162723B78BA
Authority key identifier: C9:46:C4:BE:FE:0F:BB:E3:62:4B:D7:48:29:6B:5F:E2:E7:EC:2D:68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/bsmBvalz2mK-KD5IESxhgZwVY8c.roa
Signing time:             Mon 01 Jan 2024 14:29:25 +0000
ROA not before:           Mon 01 Jan 2024 14:29:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     58007
IP address blocks:        82.117.245.0/24 maxlen: 24
                          194.8.28.0/24 maxlen: 24
                          2a13:4380::/32 maxlen: 48

Validation:               Failed, certificate revoked on Tue 09 Jan 2024 13:50:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6d:f0:71:d0:bb:ca:e5:c0:af:91:62:72:3b:78:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c946c4befe0fbbe3624bd748296b5fe2e7ec2d68
        Validity
            Not Before: Jan  1 14:29:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6ec981bda973da62be283e48112c61819c1563c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:e1:84:4a:3e:83:37:03:56:b0:89:6e:fb:f9:
                    6e:8b:a6:df:b6:38:c1:4f:5c:57:da:89:e0:e0:84:
                    05:4c:b7:23:70:2d:39:59:d7:00:0c:e8:04:71:53:
                    b0:71:50:a2:43:73:a4:ed:17:f1:88:33:e1:bd:bc:
                    e2:86:24:84:c3:24:4a:ea:a1:c8:39:cd:8a:d6:f7:
                    b3:ed:ff:39:be:dc:eb:62:ba:7e:1e:0e:31:a8:08:
                    75:2d:a2:1a:da:1d:16:1b:3c:74:b7:1f:91:02:59:
                    82:d3:11:41:aa:da:99:21:34:5e:d2:21:18:8f:3b:
                    9c:63:dd:34:64:94:6a:75:5f:7b:40:7e:1b:ae:50:
                    13:29:c6:30:13:22:1c:5f:70:d9:37:c0:e2:83:da:
                    44:68:3e:89:63:0e:d1:0b:2d:20:b1:69:da:0e:02:
                    7f:29:6b:81:db:a1:8e:c0:e9:59:45:39:da:27:24:
                    72:bf:4a:1f:3b:9d:b5:ed:80:70:29:05:6c:b0:0e:
                    98:bc:ca:2d:4c:1f:6d:b7:d8:4c:d7:98:82:33:98:
                    36:97:9c:e2:c8:16:01:36:8e:f0:08:1c:a9:38:5a:
                    ef:31:5b:46:b3:c4:d4:a2:b8:50:b6:4e:e1:e3:17:
                    ff:b9:7b:a8:8c:cb:94:cb:60:c2:a3:63:f1:70:c2:
                    86:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:C9:81:BD:A9:73:DA:62:BE:28:3E:48:11:2C:61:81:9C:15:63:C7
            X509v3 Authority Key Identifier:
                keyid:C9:46:C4:BE:FE:0F:BB:E3:62:4B:D7:48:29:6B:5F:E2:E7:EC:2D:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/bsmBvalz2mK-KD5IESxhgZwVY8c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.117.245.0/24
                  194.8.28.0/24
                IPv6:
                  2a13:4380::/32

    Signature Algorithm: sha256WithRSAEncryption
         3b:f9:61:09:3a:98:14:60:38:c8:22:28:79:aa:6d:91:bc:56:
         d9:fb:47:82:a4:2e:30:ba:48:18:35:cd:ca:62:d6:74:66:39:
         af:85:46:dc:51:c8:f7:05:d1:b8:56:ee:9c:2c:ca:af:5f:d6:
         12:1f:cd:ef:39:41:60:23:61:ae:54:1c:8e:9d:87:ba:7b:41:
         5c:12:04:e4:ef:df:df:35:93:85:1e:9c:99:98:68:41:1c:f9:
         e6:78:dd:fe:af:25:a4:c5:56:c8:35:6f:bb:2b:cc:15:21:5b:
         d4:90:e4:36:28:69:01:3f:c3:31:1a:12:e2:8f:56:9c:c1:03:
         53:d0:a3:2f:e6:5b:41:9d:e3:21:1d:a6:53:e5:95:ff:18:4a:
         9e:3e:10:aa:96:92:97:72:6f:3a:d7:35:f1:a1:12:c4:6a:0f:
         c5:c1:52:31:69:d7:f3:f6:f1:d8:39:a8:ff:2e:98:e3:e4:75:
         1c:86:70:3a:cf:9c:88:b8:bd:a2:eb:a5:f5:8e:a1:ee:8d:09:
         30:62:1b:84:88:92:91:18:da:c1:7a:11:7f:6d:58:45:00:35:
         67:60:e7:88:86:48:d2:c5:e4:3c:4a:8e:9d:9e:d0:49:85:fd:
         4f:a5:cd:a6:75:2a:06:91:2c:6f:ef:6a:b7:2c:c5:9b:27:75:
         ae:de:3f:a7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFbfBx0LvK5cCvkWJyO3i6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NDZjNGJlZmUwZmJiZTM2MjRiZDc0ODI5NmI1ZmUyZTdl
YzJkNjgwHhcNMjQwMTAxMTQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWM5ODFiZGE5NzNkYTYyYmUyODNlNDgxMTJjNjE4MTljMTU2M2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uGESj6DNwNWsIlu+/lui6bftjjB
T1xX2ong4IQFTLcjcC05WdcADOgEcVOwcVCiQ3Ok7RfxiDPhvbzihiSEwyRK6qHI
Oc2K1vez7f85vtzrYrp+Hg4xqAh1LaIa2h0WGzx0tx+RAlmC0xFBqtqZITRe0iEY
jzucY900ZJRqdV97QH4brlATKcYwEyIcX3DZN8Dig9pEaD6JYw7RCy0gsWnaDgJ/
KWuB26GOwOlZRTnaJyRyv0ofO5217YBwKQVssA6YvMotTB9tt9hM15iCM5g2l5zi
yBYBNo7wCBypOFrvMVtGs8TUorhQtk7h4xf/uXuojMuUy2DCo2PxcMKGlwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFG7Jgb2pc9pivig+SBEsYYGcFWPHMB8GA1UdIwQY
MBaAFMlGxL7+D7vjYkvXSClrX+Ln7C1oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVViRXZ2NFB1LU5pUzlkSUtXdGY0dWZzTFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9mMmQ5ZTktZWVmZi00NjMzLWExODkt
NmJiYjI3MDgxZGUyLzEvYnNtQnZhbHoybUstS0Q1SUVTeGhnWndWWThjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9mMmQ5ZTktZWVmZi00NjMzLWExODktNmJiYjI3MDgxZGUy
LzEveVViRXZ2NFB1LU5pUzlkSUtXdGY0dWZzTFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAUnX1AwQA
wggcMA0EAgACMAcDBQAqE0OAMA0GCSqGSIb3DQEBCwUAA4IBAQA7+WEJOpgUYDjI
Iih5qm2RvFbZ+0eCpC4wukgYNc3KYtZ0ZjmvhUbcUcj3BdG4Vu6cLMqvX9YSH83v
OUFgI2GuVByOnYe6e0FcEgTk79/fNZOFHpyZmGhBHPnmeN3+ryWkxVbINW+7K8wV
IVvUkOQ2KGkBP8MxGhLij1acwQNT0KMv5ltBneMhHaZT5ZX/GEqePhCqlpKXcm86
1zXxoRLEag/FwVIxadfz9vHYOaj/Lpjj5HUchnA6z5yIuL2i66X1jqHujQkwYhuE
iJKRGNrBehF/bVhFADVnYOeIhkjSxeQ8So6dntBJhf1Ppc2mdSoGkSxv72q3LMWb
J3Wu3j+n
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:38 2024 by rpki-client on console-fra.rpki-client.org