Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/0e6f4a-fd57-411b-a94b-6b6fdb54ba31/1/BcEgme3o5q7GgtYMPdHvX-r1Hpw.roa
File:                     BcEgme3o5q7GgtYMPdHvX-r1Hpw.roa (raw, json)
Hash identifier:          SUWQBDH4gHUWhCahdgyh0nFMHNajyy/n5gvJtbfAvRA=
Subject key identifier:   05:C1:20:99:ED:E8:E6:AE:C6:82:D6:0C:3D:D1:EF:5F:EA:F5:1E:9C
Certificate issuer:       /CN=e1a9fe3c8a69d50935a1f749666e08dc754594dd
Certificate serial:       0188FDE894299DD032B68F1C205DDC8AF55E
Authority key identifier: E1:A9:FE:3C:8A:69:D5:09:35:A1:F7:49:66:6E:08:DC:75:45:94:DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4an-PIpp1Qk1ofdJZm4I3HVFlN0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/0e6f4a-fd57-411b-a94b-6b6fdb54ba31/1/BcEgme3o5q7GgtYMPdHvX-r1Hpw.roa
Signing time:             Tue 27 Jun 2023 17:30:57 +0000
ROA not before:           Tue 27 Jun 2023 17:30:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200345
IP address blocks:        194.147.24.0/22 maxlen: 24
                          2a0d:840::/29 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:fd:e8:94:29:9d:d0:32:b6:8f:1c:20:5d:dc:8a:f5:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1a9fe3c8a69d50935a1f749666e08dc754594dd
        Validity
            Not Before: Jun 27 17:30:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=05c12099ede8e6aec682d60c3dd1ef5feaf51e9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:01:c6:36:36:68:20:ba:15:c3:a8:7d:06:09:
                    d8:bc:53:25:5f:87:54:ab:7a:3e:72:f2:de:26:c0:
                    9f:78:da:4e:c6:e8:9d:0e:88:ab:39:6b:6c:19:4b:
                    7a:81:48:c7:21:7b:6f:6b:4d:33:60:78:c9:c8:19:
                    c2:76:40:38:49:be:87:d1:a0:91:ee:6f:4f:7a:d9:
                    a1:f2:b8:0e:6a:91:1a:08:9a:2c:20:47:48:f4:87:
                    c0:05:49:86:71:f0:65:5f:e7:fa:ff:6f:84:34:61:
                    f2:e2:b0:7a:28:a0:d8:47:9b:0b:8d:95:f5:53:8e:
                    de:80:81:9f:3b:03:66:e1:2d:50:8c:b0:01:7f:28:
                    de:e3:67:a7:6f:63:1b:b5:f8:e6:21:6f:92:57:de:
                    15:24:f5:78:6a:e1:2c:5e:e2:64:46:88:4f:82:cc:
                    47:7d:f6:74:63:f8:07:9f:a5:5d:3f:92:22:df:9b:
                    4f:f7:df:4f:c8:82:d8:d0:38:e9:58:11:d5:d7:1f:
                    6d:fc:e1:7e:c5:e5:0f:18:9c:64:a9:97:c8:e9:8e:
                    98:bd:29:00:be:e9:0c:b9:26:9d:c6:ee:c0:6e:c7:
                    43:b8:ee:6b:30:40:48:96:05:5a:64:07:32:b1:37:
                    41:99:fd:33:74:1a:62:85:fa:8f:f5:fd:35:4b:bb:
                    6b:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:C1:20:99:ED:E8:E6:AE:C6:82:D6:0C:3D:D1:EF:5F:EA:F5:1E:9C
            X509v3 Authority Key Identifier:
                keyid:E1:A9:FE:3C:8A:69:D5:09:35:A1:F7:49:66:6E:08:DC:75:45:94:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4an-PIpp1Qk1ofdJZm4I3HVFlN0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0e6f4a-fd57-411b-a94b-6b6fdb54ba31/1/BcEgme3o5q7GgtYMPdHvX-r1Hpw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0e6f4a-fd57-411b-a94b-6b6fdb54ba31/1/4an-PIpp1Qk1ofdJZm4I3HVFlN0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.147.24.0/22
                IPv6:
                  2a0d:840::/29

    Signature Algorithm: sha256WithRSAEncryption
         12:4c:bd:27:4d:fa:a6:b2:17:db:6f:74:dd:b2:dd:fd:bd:e9:
         ac:64:04:30:61:e8:5e:eb:de:a3:53:a4:92:53:4f:5b:7a:72:
         bb:17:da:cc:bf:09:bf:69:ca:68:86:26:29:41:3c:c0:72:45:
         19:2f:2e:14:25:b7:e5:1b:5b:6d:00:8e:57:8c:e6:49:76:ae:
         68:10:9b:f6:72:68:18:24:16:3f:dd:6c:0e:ca:57:31:08:31:
         cb:bb:82:ca:ae:94:fe:4b:7d:05:7d:52:25:fa:a8:80:f2:60:
         b7:0f:6d:0c:9c:92:69:0d:4c:1b:5b:2e:32:ed:f0:1c:04:16:
         e2:11:08:d4:6d:68:7d:72:c2:f7:35:9e:0f:b9:d7:f0:41:ef:
         06:f2:ae:d0:81:3f:91:98:20:ac:1a:10:9a:30:ec:77:c7:31:
         2b:28:7c:75:76:7f:47:d1:18:1c:4f:4d:9c:8b:ff:a7:e4:2b:
         97:f6:48:bf:67:7d:0d:e6:2a:05:ad:9d:2d:fa:07:49:1b:58:
         70:bc:93:02:d9:ea:6a:6e:ef:b5:0c:13:be:eb:96:fd:13:f0:
         dc:a0:f7:fb:15:79:7e:0a:ee:0d:03:a8:ee:64:66:2a:71:82:
         0c:ed:ae:c9:8f:81:fa:4b:a5:44:3f:c5:e8:71:6d:ad:45:3c:
         d3:25:60:67
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYj96JQpndAyto8cIF3civVeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYTlmZTNjOGE2OWQ1MDkzNWExZjc0OTY2NmUwOGRjNzU0
NTk0ZGQwHhcNMjMwNjI3MTczMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWMxMjA5OWVkZThlNmFlYzY4MmQ2MGMzZGQxZWY1ZmVhZjUxZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwHGNjZoILoVw6h9BgnYvFMlX4dU
q3o+cvLeJsCfeNpOxuidDoirOWtsGUt6gUjHIXtva00zYHjJyBnCdkA4Sb6H0aCR
7m9Petmh8rgOapEaCJosIEdI9IfABUmGcfBlX+f6/2+ENGHy4rB6KKDYR5sLjZX1
U47egIGfOwNm4S1QjLABfyje42enb2MbtfjmIW+SV94VJPV4auEsXuJkRohPgsxH
ffZ0Y/gHn6VdP5Ii35tP999PyILY0DjpWBHV1x9t/OF+xeUPGJxkqZfI6Y6YvSkA
vukMuSadxu7AbsdDuO5rMEBIlgVaZAcysTdBmf0zdBpihfqP9f01S7trMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAXBIJnt6OauxoLWDD3R71/q9R6cMB8GA1UdIwQY
MBaAFOGp/jyKadUJNaH3SWZuCNx1RZTdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGFuLVBJcHAxUWsxb2ZkSlptNEkzSFZGbE4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wZTZmNGEtZmQ1Ny00MTFiLWE5NGIt
NmI2ZmRiNTRiYTMxLzEvQmNFZ21lM281cTdHZ3RZTVBkSHZYLXIxSHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wZTZmNGEtZmQ1Ny00MTFiLWE5NGItNmI2ZmRiNTRiYTMx
LzEvNGFuLVBJcHAxUWsxb2ZkSlptNEkzSFZGbE4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwpMYMA0E
AgACMAcDBQMqDQhAMA0GCSqGSIb3DQEBCwUAA4IBAQASTL0nTfqmshfbb3Tdst39
vemsZAQwYehe696jU6SSU09benK7F9rMvwm/acpohiYpQTzAckUZLy4UJbflG1tt
AI5XjOZJdq5oEJv2cmgYJBY/3WwOylcxCDHLu4LKrpT+S30FfVIl+qiA8mC3D20M
nJJpDUwbWy4y7fAcBBbiEQjUbWh9csL3NZ4PudfwQe8G8q7QgT+RmCCsGhCaMOx3
xzErKHx1dn9H0RgcT02ci/+n5CuX9ki/Z30N5ioFrZ0t+gdJG1hwvJMC2epqbu+1
DBO+65b9E/DcoPf7FXl+Cu4NA6juZGYqcYIM7a7Jj4H6S6VEP8XocW2tRTzTJWBn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:30 2024 by rpki-client on console-fra.rpki-client.org