Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/utqVqWn7BAHExo15dEABUiOKd0Y.roa
File:                     utqVqWn7BAHExo15dEABUiOKd0Y.roa (raw, json)
Hash identifier:          q7ZtwPzD7w6k1N3CaklERWY90wLTJoraEKHa5HMCKzY=
Subject key identifier:   BA:DA:95:A9:69:FB:04:01:C4:C6:8D:79:74:40:01:52:23:8A:77:46
Certificate issuer:       /CN=ba0d738dd28ff2549456ce66e744898372fc503d
Certificate serial:       01856EB8E2A6FA4AC4CB6D1D94C46CEA3911
Authority key identifier: BA:0D:73:8D:D2:8F:F2:54:94:56:CE:66:E7:44:89:83:72:FC:50:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ug1zjdKP8lSUVs5m50SJg3L8UD0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/utqVqWn7BAHExo15dEABUiOKd0Y.roa
Signing time:             Sun 01 Jan 2023 19:04:48 +0000
ROA not before:           Sun 01 Jan 2023 19:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60217
IP address blocks:        193.187.71.0/24 maxlen: 24
                          193.187.70.0/24 maxlen: 24
                          2a02:957::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:b8:e2:a6:fa:4a:c4:cb:6d:1d:94:c4:6c:ea:39:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba0d738dd28ff2549456ce66e744898372fc503d
        Validity
            Not Before: Jan  1 19:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bada95a969fb0401c4c68d7974400152238a7746
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:83:13:52:0b:d7:a5:54:b2:e8:ba:ea:46:10:
                    8b:f3:53:39:19:10:a7:fa:8d:10:ca:a0:4c:ba:ca:
                    29:ab:de:a1:ee:8e:0e:04:7f:c3:0b:1c:8a:4e:8d:
                    62:33:fd:0d:d3:3e:ee:c9:48:19:09:29:99:2e:d2:
                    8e:16:20:6f:e7:74:b3:1d:0f:c5:44:0f:16:37:b9:
                    95:b5:9e:4f:6e:f0:98:93:2c:95:00:b8:bf:f9:07:
                    54:90:ca:a2:57:b7:9c:5e:a7:4f:bd:89:6f:c2:1e:
                    1c:ff:f3:5d:44:f2:42:d6:cc:ec:26:1a:28:99:9c:
                    ec:84:d1:b0:22:db:0e:77:5a:af:66:3f:87:95:15:
                    b3:90:56:f2:89:b6:6c:41:6b:a8:99:a7:c7:e8:11:
                    51:aa:08:ec:f6:c5:98:30:03:70:13:90:e6:e5:94:
                    5e:3f:40:a8:a1:93:cc:8f:b4:97:ce:25:28:f5:c4:
                    4b:f5:65:e3:4d:53:4d:5c:b4:32:ec:a4:e6:10:9e:
                    c3:99:b9:0a:9a:c0:2b:41:c3:02:96:d2:0c:f2:9c:
                    a6:3e:c8:db:ac:49:a3:27:cb:2a:91:33:50:61:ef:
                    6a:f6:55:16:4e:38:e9:c0:74:eb:56:89:a0:d0:a0:
                    a1:4b:c3:31:9c:a9:d7:be:de:d1:00:52:a3:14:6b:
                    5d:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:DA:95:A9:69:FB:04:01:C4:C6:8D:79:74:40:01:52:23:8A:77:46
            X509v3 Authority Key Identifier:
                keyid:BA:0D:73:8D:D2:8F:F2:54:94:56:CE:66:E7:44:89:83:72:FC:50:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ug1zjdKP8lSUVs5m50SJg3L8UD0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/utqVqWn7BAHExo15dEABUiOKd0Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/ug1zjdKP8lSUVs5m50SJg3L8UD0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.187.70.0/23
                IPv6:
                  2a02:957::/48

    Signature Algorithm: sha256WithRSAEncryption
         9c:85:7d:77:1d:77:13:b0:f0:78:b7:b4:1d:23:13:7f:77:b3:
         72:1c:7c:06:f9:86:7e:80:0c:44:d8:e6:6b:91:63:8e:73:c8:
         3f:40:cf:53:5c:cd:f9:92:f9:d5:d8:6f:4d:fa:7e:b0:f0:37:
         98:f0:6f:ac:7f:0d:a9:78:ff:78:39:0f:07:63:d4:ea:cb:23:
         20:71:06:d7:94:6b:43:99:6c:bc:9a:56:44:b0:01:25:91:64:
         7b:04:bb:dd:48:05:67:7f:5f:b6:dc:54:3c:b1:91:87:bf:17:
         da:2d:4d:3d:39:f5:1e:4f:a5:68:35:31:b7:1f:b3:f9:ca:b8:
         c0:02:23:01:96:8b:13:ef:fc:a3:1e:12:f0:91:2c:f2:f0:9c:
         0a:29:32:3c:3b:8a:ea:3a:06:93:e0:8a:ec:5c:fb:19:cf:86:
         ea:3d:d9:e3:d6:ab:e9:bf:7a:ff:6a:05:06:5c:f4:b4:f3:16:
         05:1a:a4:7c:e2:06:e7:a7:87:17:b7:9c:4f:00:c8:58:55:2c:
         75:c6:d0:a4:32:7b:02:56:99:e7:4c:af:ca:b6:a1:9b:b3:ec:
         b3:e8:70:ef:bc:8f:fc:d0:01:b0:d1:c4:c6:d9:be:58:f5:b2:
         e9:9a:77:bb:94:2d:ac:53:e8:a4:70:43:68:85:c1:7f:13:a6:
         a9:98:4a:4e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVuuOKm+krEy20dlMRs6jkRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMGQ3MzhkZDI4ZmYyNTQ5NDU2Y2U2NmU3NDQ4OTgzNzJm
YzUwM2QwHhcNMjMwMTAxMTkwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWRhOTVhOTY5ZmIwNDAxYzRjNjhkNzk3NDQwMDE1MjIzOGE3NzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloMTUgvXpVSy6LrqRhCL81M5GRCn
+o0QyqBMusopq96h7o4OBH/DCxyKTo1iM/0N0z7uyUgZCSmZLtKOFiBv53SzHQ/F
RA8WN7mVtZ5PbvCYkyyVALi/+QdUkMqiV7ecXqdPvYlvwh4c//NdRPJC1szsJhoo
mZzshNGwItsOd1qvZj+HlRWzkFbyibZsQWuomafH6BFRqgjs9sWYMANwE5Dm5ZRe
P0CooZPMj7SXziUo9cRL9WXjTVNNXLQy7KTmEJ7DmbkKmsArQcMCltIM8pymPsjb
rEmjJ8sqkTNQYe9q9lUWTjjpwHTrVomg0KChS8MxnKnXvt7RAFKjFGtdKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLralalp+wQBxMaNeXRAAVIjindGMB8GA1UdIwQY
MBaAFLoNc43Sj/JUlFbOZudEiYNy/FA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWcxempkS1A4bFNVVnM1bTUwU0pnM0w4VUQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8xY2Q3NmMtMDIwMS00NzAzLThlZDYt
YmViNmRhMDM3NTVlLzEvdXRxVnFXbjdCQUhFeG8xNWRFQUJVaU9LZDBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8xY2Q3NmMtMDIwMS00NzAzLThlZDYtYmViNmRhMDM3NTVl
LzEvdWcxempkS1A4bFNVVnM1bTUwU0pnM0w4VUQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwbtGMA8E
AgACMAkDBwAqAglXAAAwDQYJKoZIhvcNAQELBQADggEBAJyFfXcddxOw8Hi3tB0j
E393s3IcfAb5hn6ADETY5muRY45zyD9Az1NczfmS+dXYb036frDwN5jwb6x/Dal4
/3g5Dwdj1OrLIyBxBteUa0OZbLyaVkSwASWRZHsEu91IBWd/X7bcVDyxkYe/F9ot
TT059R5PpWg1Mbcfs/nKuMACIwGWixPv/KMeEvCRLPLwnAopMjw7iuo6BpPgiuxc
+xnPhuo92ePWq+m/ev9qBQZc9LTzFgUapHziBuenhxe3nE8AyFhVLHXG0KQyewJW
medMr8q2oZuz7LPocO+8j/zQAbDRxMbZvlj1sumad7uULaxT6KRwQ2iFwX8TpqmY
Sk4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:02 2024 by rpki-client on console-fra.rpki-client.org