Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/db912f-bf6d-4f24-96ae-cc7b28990b81/1/623lqH58IFN4Rt4oXuMus4gn8FU.roa
File:                     623lqH58IFN4Rt4oXuMus4gn8FU.roa (raw, json)
Hash identifier:          F0yvi13V8pIxMJwJyvBgk2J2e9nYJE/hBxvt6oNy1f0=
Subject key identifier:   EB:6D:E5:A8:7E:7C:20:53:78:46:DE:28:5E:E3:2E:B3:88:27:F0:55
Certificate issuer:       /CN=fc195bd682a8e9a124d5853dc5e908aae7339bae
Certificate serial:       018CC2DB41F50B115109B42B7ED1447BED7A
Authority key identifier: FC:19:5B:D6:82:A8:E9:A1:24:D5:85:3D:C5:E9:08:AA:E7:33:9B:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_Blb1oKo6aEk1YU9xekIquczm64.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/db912f-bf6d-4f24-96ae-cc7b28990b81/1/623lqH58IFN4Rt4oXuMus4gn8FU.roa
Signing time:             Mon 01 Jan 2024 02:29:58 +0000
ROA not before:           Mon 01 Jan 2024 02:29:58 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     9009
IP address blocks:        139.28.226.0/24 maxlen: 24
                          194.93.32.0/24 maxlen: 24
                          194.93.33.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 09 Feb 2024 08:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:41:f5:0b:11:51:09:b4:2b:7e:d1:44:7b:ed:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc195bd682a8e9a124d5853dc5e908aae7339bae
        Validity
            Not Before: Jan  1 02:29:58 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=eb6de5a87e7c20537846de285ee32eb38827f055
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:37:71:ed:30:6f:a5:b4:26:d9:05:d9:41:de:
                    73:9c:83:64:92:85:17:cc:9f:a6:5e:28:39:a5:74:
                    6d:61:2b:69:5c:2b:8b:6c:05:d3:35:22:91:4f:1c:
                    1d:7f:56:29:4f:b6:cc:ae:a2:61:c2:6d:ec:ed:62:
                    62:7e:80:7f:da:96:ff:a6:c8:7a:eb:3d:f6:ee:ee:
                    e8:2c:da:0a:cd:81:5d:62:b6:08:76:fa:47:21:2a:
                    49:b2:59:e0:40:dc:24:86:28:e3:3a:c8:e7:f0:ed:
                    82:20:fe:f9:e4:cd:a8:c5:0a:c6:b0:9a:9d:5e:94:
                    29:8b:b5:76:c6:bb:5a:f3:21:b0:9c:12:5c:39:77:
                    b5:65:1b:0b:9b:93:61:96:be:b0:9e:37:e2:f6:66:
                    28:2b:8b:77:bf:fd:f5:16:1f:03:f0:50:f2:69:a0:
                    08:2f:3b:9a:a3:4c:94:ca:4c:f1:eb:21:f3:d5:23:
                    de:6e:74:59:a3:32:cf:f9:43:21:81:ca:77:31:00:
                    78:30:9a:bc:8a:72:7a:49:e6:49:9e:0a:a8:da:a3:
                    2c:fe:a6:81:2e:06:da:cb:bb:36:24:7e:24:68:fd:
                    67:54:77:14:59:7c:7d:4b:9e:60:cc:e0:40:2e:69:
                    ed:6d:75:6d:ec:60:42:43:d4:32:74:be:b3:81:84:
                    8b:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:6D:E5:A8:7E:7C:20:53:78:46:DE:28:5E:E3:2E:B3:88:27:F0:55
            X509v3 Authority Key Identifier:
                keyid:FC:19:5B:D6:82:A8:E9:A1:24:D5:85:3D:C5:E9:08:AA:E7:33:9B:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Blb1oKo6aEk1YU9xekIquczm64.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/db912f-bf6d-4f24-96ae-cc7b28990b81/1/623lqH58IFN4Rt4oXuMus4gn8FU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/db912f-bf6d-4f24-96ae-cc7b28990b81/1/_Blb1oKo6aEk1YU9xekIquczm64.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.28.226.0/24
                  194.93.32.0/23

    Signature Algorithm: sha256WithRSAEncryption
         12:08:1c:f4:50:82:86:17:cc:dd:50:79:af:67:da:d2:15:35:
         b2:e6:ab:8c:25:ae:23:6d:01:bb:9f:b3:65:19:a3:1a:ab:dc:
         98:34:3a:bf:28:fa:06:81:0b:ed:d1:ec:24:c3:67:37:11:75:
         cf:91:ec:76:be:0d:b1:b4:a0:da:dd:c5:9f:3e:59:88:b1:68:
         6f:a5:9b:af:bb:ad:8b:5b:4e:a8:b6:54:f6:ef:af:eb:34:b6:
         6e:a4:5b:e4:2f:05:84:91:fc:ad:15:51:d6:71:c8:a9:93:43:
         3e:99:b8:42:cf:7a:fd:60:a8:10:7b:54:ac:40:cf:b9:72:e7:
         ed:ed:4b:02:fe:15:ce:cc:aa:22:77:87:85:c5:f8:13:d4:54:
         cf:63:e2:88:4d:31:1d:e6:8f:f9:66:84:36:55:37:16:ce:8c:
         6a:98:f0:4b:68:b0:6a:4f:07:4e:f4:79:bb:a4:03:66:9f:35:
         e0:58:7d:fd:e9:09:e1:77:61:bb:14:fe:e5:95:cc:73:9e:87:
         a5:ab:b5:bd:87:63:47:14:3c:d9:e4:5f:2f:29:57:10:d9:d2:
         fc:b9:80:93:f6:4c:c5:ba:27:6d:54:f5:d2:d7:03:85:44:02:
         97:89:09:e3:ba:26:29:82:ff:6a:4c:e0:70:ab:37:a7:5a:a3:
         fe:a5:4f:2f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC20H1CxFRCbQrftFEe+16MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMTk1YmQ2ODJhOGU5YTEyNGQ1ODUzZGM1ZTkwOGFhZTcz
MzliYWUwHhcNMjQwMTAxMDIyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjZkZTVhODdlN2MyMDUzNzg0NmRlMjg1ZWUzMmViMzg4MjdmMDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijdx7TBvpbQm2QXZQd5znINkkoUX
zJ+mXig5pXRtYStpXCuLbAXTNSKRTxwdf1YpT7bMrqJhwm3s7WJifoB/2pb/psh6
6z327u7oLNoKzYFdYrYIdvpHISpJslngQNwkhijjOsjn8O2CIP755M2oxQrGsJqd
XpQpi7V2xrta8yGwnBJcOXe1ZRsLm5Nhlr6wnjfi9mYoK4t3v/31Fh8D8FDyaaAI
Lzuao0yUykzx6yHz1SPebnRZozLP+UMhgcp3MQB4MJq8inJ6SeZJngqo2qMs/qaB
Lgbay7s2JH4kaP1nVHcUWXx9S55gzOBALmntbXVt7GBCQ9QydL6zgYSLswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOtt5ah+fCBTeEbeKF7jLrOIJ/BVMB8GA1UdIwQY
MBaAFPwZW9aCqOmhJNWFPcXpCKrnM5uuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0JsYjFvS282YUVrMVlVOXhla0lxdWN6bTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9kYjkxMmYtYmY2ZC00ZjI0LTk2YWUt
Y2M3YjI4OTkwYjgxLzEvNjIzbHFINThJRk40UnQ0b1h1TXVzNGduOEZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9kYjkxMmYtYmY2ZC00ZjI0LTk2YWUtY2M3YjI4OTkwYjgx
LzEvX0JsYjFvS282YUVrMVlVOXhla0lxdWN6bTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAixziAwQB
wl0gMA0GCSqGSIb3DQEBCwUAA4IBAQASCBz0UIKGF8zdUHmvZ9rSFTWy5quMJa4j
bQG7n7NlGaMaq9yYNDq/KPoGgQvt0ewkw2c3EXXPkex2vg2xtKDa3cWfPlmIsWhv
pZuvu62LW06otlT276/rNLZupFvkLwWEkfytFVHWccipk0M+mbhCz3r9YKgQe1Ss
QM+5cuft7UsC/hXOzKoid4eFxfgT1FTPY+KITTEd5o/5ZoQ2VTcWzoxqmPBLaLBq
TwdO9Hm7pANmnzXgWH396Qnhd2G7FP7llcxznoelq7W9h2NHFDzZ5F8vKVcQ2dL8
uYCT9kzFuidtVPXS1wOFRAKXiQnjuiYpgv9qTOBwqzenWqP+pU8v
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:39 2024 by rpki-client on console-ams.rpki-client.org