Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/t0Kxnhpkd5gTBVH6HdCzSdPOCxY.roa
File:                     t0Kxnhpkd5gTBVH6HdCzSdPOCxY.roa (raw, json)
Hash identifier:          Ql94ltSLE1S5sKTYg9jiAOR/0X4yOAUECtlOP0G2hQY=
Subject key identifier:   B7:42:B1:9E:1A:64:77:98:13:05:51:FA:1D:D0:B3:49:D3:CE:0B:16
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       018B478F778C9C2614E2B3D36EF889D41DF5
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/t0Kxnhpkd5gTBVH6HdCzSdPOCxY.roa
Signing time:             Thu 19 Oct 2023 10:51:06 +0000
ROA not before:           Thu 19 Oct 2023 10:51:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     137409
IP address blocks:        86.106.97.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:47:8f:77:8c:9c:26:14:e2:b3:d3:6e:f8:89:d4:1d:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Oct 19 10:51:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b742b19e1a647798130551fa1dd0b349d3ce0b16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:ec:34:ca:9c:6f:e3:91:85:11:b5:bb:0b:fc:
                    c7:3f:4e:c2:83:5f:14:05:55:1f:ca:3a:a8:e5:ab:
                    ad:ae:42:3b:93:20:90:02:63:cd:67:23:78:c2:8c:
                    bd:c1:41:20:5b:6d:f9:31:f7:ff:a0:bb:c9:b1:58:
                    b5:d7:79:f3:87:ee:4b:5a:0e:75:11:06:ea:73:0c:
                    5d:07:8a:80:4d:b7:fe:b6:15:e9:ac:8a:27:da:36:
                    00:9c:41:21:16:39:a4:17:10:c0:07:a7:25:73:56:
                    a2:cf:c1:55:ee:94:de:e2:ad:df:e9:0d:7d:43:11:
                    5e:1c:b6:2a:d7:af:01:58:bb:d6:96:79:a0:b2:17:
                    89:2c:ef:21:6b:38:a4:cf:53:ee:b9:87:39:1b:4e:
                    b5:cf:5b:2d:32:c8:91:80:fb:ca:5a:95:29:f0:cb:
                    5c:9b:2a:cf:0e:d5:ae:e2:6e:32:cd:bc:32:f6:5e:
                    90:ea:79:06:e5:46:a2:5f:e0:94:3a:90:0e:3e:b4:
                    6d:e2:09:49:ef:24:7c:41:7e:a9:3f:cd:3e:a7:d1:
                    12:45:7b:88:3b:d6:b2:08:01:4b:7a:7c:62:99:4b:
                    eb:69:07:c6:1e:30:10:cd:5b:15:af:f5:48:a2:55:
                    0b:83:0c:1f:5b:69:12:19:e3:d4:c9:71:48:67:c5:
                    03:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:42:B1:9E:1A:64:77:98:13:05:51:FA:1D:D0:B3:49:D3:CE:0B:16
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/t0Kxnhpkd5gTBVH6HdCzSdPOCxY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.106.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a4:f6:3d:62:ab:91:f4:7e:17:42:55:f5:97:ca:c9:1f:11:c5:
         db:f6:ae:2a:48:9b:b0:bd:cf:6a:55:42:f8:87:9c:6f:00:24:
         bd:02:b4:85:47:c0:94:8a:f9:06:d0:95:a9:96:98:08:35:38:
         aa:5c:11:8f:ca:e5:34:c6:61:68:ad:7c:72:d8:99:d6:79:a8:
         73:ff:af:4b:d5:77:64:01:f9:7c:cb:22:ba:45:5d:a3:1c:7e:
         9f:c4:4a:88:d1:eb:9f:8e:ca:1d:ed:72:6d:7d:27:69:5a:a1:
         21:45:97:b9:b8:d5:6d:ee:a9:ce:06:3d:5b:9f:91:f5:fc:2d:
         50:1a:8b:a5:0f:c6:d3:03:79:f9:5b:6f:7f:dc:25:3f:3c:2b:
         fb:30:97:75:9d:08:bd:8b:7f:76:0e:90:f2:66:86:62:36:2e:
         aa:5b:7e:4e:80:19:85:d6:6d:11:17:6e:df:6e:8a:56:96:c7:
         6e:04:23:4a:9e:b1:12:7a:af:4f:bc:d4:d2:43:59:35:6c:43:
         b1:84:c9:02:99:d9:d8:33:08:32:8a:a2:0d:cd:31:6c:29:48:
         06:fe:5d:a0:0c:b2:ef:95:9c:08:85:8e:ec:77:14:6e:e8:9e:
         3c:5b:47:39:99:2c:9c:4e:95:ad:2a:6f:5b:bc:4b:ce:13:ab:
         a5:24:d4:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtHj3eMnCYU4rPTbviJ1B31MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMxMDE5MTA1MTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzQyYjE5ZTFhNjQ3Nzk4MTMwNTUxZmExZGQwYjM0OWQzY2UwYjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOw0ypxv45GFEbW7C/zHP07Cg18U
BVUfyjqo5autrkI7kyCQAmPNZyN4woy9wUEgW235Mff/oLvJsVi113nzh+5LWg51
EQbqcwxdB4qATbf+thXprIon2jYAnEEhFjmkFxDAB6clc1aiz8FV7pTe4q3f6Q19
QxFeHLYq168BWLvWlnmgsheJLO8hazikz1PuuYc5G061z1stMsiRgPvKWpUp8Mtc
myrPDtWu4m4yzbwy9l6Q6nkG5UaiX+CUOpAOPrRt4glJ7yR8QX6pP80+p9ESRXuI
O9ayCAFLenximUvraQfGHjAQzVsVr/VIolULgwwfW2kSGePUyXFIZ8UD4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLdCsZ4aZHeYEwVR+h3Qs0nTzgsWMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvdDBLeG5ocGtkNWdUQlZINkhkQ3pTZFBPQ3hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVmphMA0G
CSqGSIb3DQEBCwUAA4IBAQCk9j1iq5H0fhdCVfWXyskfEcXb9q4qSJuwvc9qVUL4
h5xvACS9ArSFR8CUivkG0JWplpgINTiqXBGPyuU0xmForXxy2JnWeahz/69L1Xdk
Afl8yyK6RV2jHH6fxEqI0eufjsod7XJtfSdpWqEhRZe5uNVt7qnOBj1bn5H1/C1Q
GoulD8bTA3n5W29/3CU/PCv7MJd1nQi9i392DpDyZoZiNi6qW35OgBmF1m0RF27f
bopWlsduBCNKnrESeq9PvNTSQ1k1bEOxhMkCmdnYMwgyiqINzTFsKUgG/l2gDLLv
lZwIhY7sdxRu6J48W0c5mSycTpWtKm9bvEvOE6ulJNRA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:29 2024 by rpki-client on console-fra.rpki-client.org