Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/3e7210-0528-4456-b68e-a713a1915c90/1/vEbk4ZcCPEY97zgF_QtDTLrij5I.roa
File:                     vEbk4ZcCPEY97zgF_QtDTLrij5I.roa (raw, json)
Hash identifier:          uth1JJY3gauWIA/9Z6lzjtePFYmIM05ralciqYzWTSo=
Subject key identifier:   BC:46:E4:E1:97:02:3C:46:3D:EF:38:05:FD:0B:43:4C:BA:E2:8F:92
Certificate issuer:       /CN=9c1394768c9a39a6112674d7375972a6696b4680
Certificate serial:       018CC801A22F0E50BF5BA19A9288CC4250DA
Authority key identifier: 9C:13:94:76:8C:9A:39:A6:11:26:74:D7:37:59:72:A6:69:6B:46:80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nBOUdoyaOaYRJnTXN1lypmlrRoA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/3e7210-0528-4456-b68e-a713a1915c90/1/vEbk4ZcCPEY97zgF_QtDTLrij5I.roa
Signing time:             Tue 02 Jan 2024 02:29:59 +0000
ROA not before:           Tue 02 Jan 2024 02:29:59 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     207083
IP address blocks:        194.146.104.0/24 maxlen: 24
                          194.146.114.0/24 maxlen: 24
                          194.146.116.0/24 maxlen: 24
                          194.146.124.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 05 Jul 2024 08:24:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:a2:2f:0e:50:bf:5b:a1:9a:92:88:cc:42:50:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9c1394768c9a39a6112674d7375972a6696b4680
        Validity
            Not Before: Jan  2 02:29:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bc46e4e197023c463def3805fd0b434cbae28f92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:67:09:ec:c3:b7:56:95:72:a1:9e:02:af:b2:
                    83:dd:41:c4:ac:92:d3:94:2a:d9:ab:5b:a8:40:9f:
                    36:2f:02:20:b0:cc:2c:82:82:c6:f6:a7:f1:ab:a9:
                    cc:a1:37:0e:b5:c3:88:0c:de:84:c4:83:2d:55:8c:
                    19:e1:2e:85:f7:c6:3d:5e:59:32:07:bc:26:26:3d:
                    15:2e:e9:99:cb:76:91:59:e6:25:7a:c2:47:5d:28:
                    9b:b7:bf:63:ab:30:9d:7c:f9:31:ec:2d:1e:88:cd:
                    b9:f3:c8:dc:07:86:71:4f:ab:d5:0a:a4:07:76:dc:
                    c3:f4:f0:9b:2d:aa:9c:21:c6:68:0c:8f:a8:a5:07:
                    c2:00:18:ea:52:e3:dd:dd:ce:7b:d2:be:cf:a5:be:
                    12:7f:fc:23:5b:82:19:1b:6e:5f:22:c4:4a:08:2b:
                    32:dd:35:6e:5d:01:34:40:88:d2:67:48:54:6d:87:
                    ec:7f:07:b5:58:53:3b:c3:df:bd:1a:4c:c6:f6:90:
                    ab:7f:d5:61:2e:3d:a9:2f:37:c5:b1:22:30:58:73:
                    0d:2e:4d:88:93:f4:82:6e:49:c3:f6:51:a1:49:f9:
                    17:88:b0:87:fc:de:37:90:42:5d:bb:6e:99:1c:40:
                    e3:4a:15:84:b7:77:e2:48:a5:9e:1b:c7:00:cd:16:
                    dd:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:46:E4:E1:97:02:3C:46:3D:EF:38:05:FD:0B:43:4C:BA:E2:8F:92
            X509v3 Authority Key Identifier:
                keyid:9C:13:94:76:8C:9A:39:A6:11:26:74:D7:37:59:72:A6:69:6B:46:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nBOUdoyaOaYRJnTXN1lypmlrRoA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/3e7210-0528-4456-b68e-a713a1915c90/1/vEbk4ZcCPEY97zgF_QtDTLrij5I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/3e7210-0528-4456-b68e-a713a1915c90/1/nBOUdoyaOaYRJnTXN1lypmlrRoA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.146.104.0/24
                  194.146.114.0/24
                  194.146.116.0/24
                  194.146.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:db:ce:e7:f8:51:80:d8:16:14:c7:e3:4e:fe:b6:76:2a:f1:
         93:31:ad:11:73:84:ea:07:02:24:96:f6:80:0f:20:0a:14:13:
         42:2e:ce:fe:da:05:40:d4:81:62:e4:4f:ae:2d:46:d7:ee:2a:
         c2:93:5c:b5:f1:08:9d:15:cb:8d:de:0f:f8:30:a5:d5:7d:e6:
         d6:3c:fd:6d:9e:2f:11:14:8c:aa:27:88:88:41:67:6e:97:12:
         0a:46:7a:89:7c:b5:0e:bd:10:4e:e2:aa:f2:4b:9c:d1:14:17:
         03:0c:50:d6:d5:cc:81:d4:c5:2f:42:69:26:92:e8:3d:0a:e3:
         a2:cd:ca:b9:3a:c7:2b:86:b2:7b:0a:8d:a0:76:59:7d:6f:b6:
         96:54:7c:a4:6a:da:96:30:37:e9:f5:0f:aa:c7:65:86:36:5e:
         e6:c2:22:eb:0d:f3:35:08:97:8d:23:45:2f:65:f5:9d:88:39:
         49:5f:28:0f:fd:ce:b1:cd:fc:c6:16:d6:05:1a:36:29:21:e7:
         d9:bf:56:8e:fc:3f:f3:f3:e0:5f:5b:f1:f9:39:34:ff:a1:b1:
         57:ba:b1:ac:06:25:83:73:cf:b5:65:28:70:4a:a5:d5:8b:5b:
         c7:d0:60:7d:0a:40:f4:dd:09:22:aa:8f:2c:b8:96:26:3f:aa:
         03:0b:b2:4b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIAaIvDlC/W6GakojMQlDaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMTM5NDc2OGM5YTM5YTYxMTI2NzRkNzM3NTk3MmE2Njk2
YjQ2ODAwHhcNMjQwMTAyMDIyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzQ2ZTRlMTk3MDIzYzQ2M2RlZjM4MDVmZDBiNDM0Y2JhZTI4ZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmcJ7MO3VpVyoZ4Cr7KD3UHErJLT
lCrZq1uoQJ82LwIgsMwsgoLG9qfxq6nMoTcOtcOIDN6ExIMtVYwZ4S6F98Y9Xlky
B7wmJj0VLumZy3aRWeYlesJHXSibt79jqzCdfPkx7C0eiM2588jcB4ZxT6vVCqQH
dtzD9PCbLaqcIcZoDI+opQfCABjqUuPd3c570r7Ppb4Sf/wjW4IZG25fIsRKCCsy
3TVuXQE0QIjSZ0hUbYfsfwe1WFM7w9+9GkzG9pCrf9VhLj2pLzfFsSIwWHMNLk2I
k/SCbknD9lGhSfkXiLCH/N43kEJdu26ZHEDjShWEt3fiSKWeG8cAzRbdhQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLxG5OGXAjxGPe84Bf0LQ0y64o+SMB8GA1UdIwQY
MBaAFJwTlHaMmjmmESZ01zdZcqZpa0aAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkJPVWRveWFPYVlSSm5UWE4xbHlwbWxyUm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zZTcyMTAtMDUyOC00NDU2LWI2OGUt
YTcxM2ExOTE1YzkwLzEvdkViazRaY0NQRVk5N3pnRl9RdERUTHJpajVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zZTcyMTAtMDUyOC00NDU2LWI2OGUtYTcxM2ExOTE1Yzkw
LzEvbkJPVWRveWFPYVlSSm5UWE4xbHlwbWxyUm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwpJoAwQA
wpJyAwQAwpJ0AwQAwpJ8MA0GCSqGSIb3DQEBCwUAA4IBAQBW287n+FGA2BYUx+NO
/rZ2KvGTMa0Rc4TqBwIklvaADyAKFBNCLs7+2gVA1IFi5E+uLUbX7irCk1y18Qid
FcuN3g/4MKXVfebWPP1tni8RFIyqJ4iIQWdulxIKRnqJfLUOvRBO4qryS5zRFBcD
DFDW1cyB1MUvQmkmkug9CuOizcq5OscrhrJ7Co2gdll9b7aWVHykatqWMDfp9Q+q
x2WGNl7mwiLrDfM1CJeNI0UvZfWdiDlJXygP/c6xzfzGFtYFGjYpIefZv1aO/D/z
8+BfW/H5OTT/obFXurGsBiWDc8+1ZShwSqXVi1vH0GB9CkD03Qkiqo8suJYmP6oD
C7JL
-----END CERTIFICATE-----
Generated at Fri Jul 5 10:30:55 2024 by rpki-client on console-ams.rpki-client.org