Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/nLjScpZiN0bCO2PsWfWpRPA4Upo.roa
File:                     nLjScpZiN0bCO2PsWfWpRPA4Upo.roa (raw, json)
Hash identifier:          Oha2evRpoEJG1VQ1L70FTCjhJykSdY48m13gV6dXKIs=
Subject key identifier:   9C:B8:D2:72:96:62:37:46:C2:3B:63:EC:59:F5:A9:44:F0:38:52:9A
Certificate issuer:       /CN=bd4e6edd26ef1b16d848e98130e6fc4450b32752
Certificate serial:       01856FC267AA7EF034B953836ACC76FBF704
Authority key identifier: BD:4E:6E:DD:26:EF:1B:16:D8:48:E9:81:30:E6:FC:44:50:B3:27:52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vU5u3SbvGxbYSOmBMOb8RFCzJ1I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/nLjScpZiN0bCO2PsWfWpRPA4Upo.roa
Signing time:             Sun 01 Jan 2023 23:54:49 +0000
ROA not before:           Sun 01 Jan 2023 23:54:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9051
IP address blocks:        194.26.4.0/22 maxlen: 24
                          80.89.176.0/20 maxlen: 24
                          2a06:b940::/29 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:31:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:c2:67:aa:7e:f0:34:b9:53:83:6a:cc:76:fb:f7:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bd4e6edd26ef1b16d848e98130e6fc4450b32752
        Validity
            Not Before: Jan  1 23:54:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9cb8d27296623746c23b63ec59f5a944f038529a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:95:da:3e:37:04:20:ce:cc:49:6f:f0:36:0f:
                    70:38:eb:eb:5e:9f:ee:54:bc:d4:28:fd:aa:83:f9:
                    ab:7f:7c:a2:b8:51:81:8d:aa:53:8f:70:32:fe:34:
                    91:34:7b:e2:4d:e7:1f:2b:54:d3:08:cf:71:a7:22:
                    69:4f:ec:f4:0f:8a:19:a7:65:dc:40:e1:24:35:26:
                    f1:b5:d6:d1:f1:9b:b3:a5:a5:e1:28:71:12:0d:48:
                    2d:58:37:1c:27:27:8a:c1:91:c8:d9:3c:3b:ca:73:
                    8c:7b:0f:53:ae:92:d6:e5:a5:68:9f:01:bb:b1:96:
                    db:b6:37:ae:06:a0:15:a5:96:0b:d6:f4:1d:ae:fc:
                    9c:ca:78:a3:e5:16:1e:95:ed:42:5e:18:5a:c9:88:
                    b5:58:33:9c:06:40:cf:2f:fa:e8:6f:1e:13:1b:c3:
                    d5:00:27:f1:85:10:d5:40:58:81:9d:eb:9e:4b:c8:
                    33:ac:01:5b:5b:a9:e6:fd:66:45:e9:22:68:44:a5:
                    e7:9b:75:21:de:e1:fd:38:7e:01:13:74:11:12:11:
                    23:a5:3e:72:77:66:ca:32:c0:9d:20:f5:dc:e1:2e:
                    0e:38:7a:50:90:b3:63:46:0c:af:29:86:2f:44:af:
                    3e:2b:ff:30:b8:1c:3f:af:1f:fc:66:45:c7:2f:2f:
                    54:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:B8:D2:72:96:62:37:46:C2:3B:63:EC:59:F5:A9:44:F0:38:52:9A
            X509v3 Authority Key Identifier:
                keyid:BD:4E:6E:DD:26:EF:1B:16:D8:48:E9:81:30:E6:FC:44:50:B3:27:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vU5u3SbvGxbYSOmBMOb8RFCzJ1I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/nLjScpZiN0bCO2PsWfWpRPA4Upo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/vU5u3SbvGxbYSOmBMOb8RFCzJ1I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.89.176.0/20
                  194.26.4.0/22
                IPv6:
                  2a06:b940::/29

    Signature Algorithm: sha256WithRSAEncryption
         0e:3b:67:8a:b3:1e:8c:61:12:eb:41:ab:27:ba:07:e9:bf:5b:
         38:ca:f9:3c:6e:04:bd:8c:46:19:51:e4:48:f5:f4:31:fb:2d:
         c1:53:ea:e7:49:2e:cd:0c:13:cc:e9:50:0b:18:56:31:ff:e6:
         87:d3:fa:d1:54:b3:7d:4a:59:c2:0d:26:f1:16:d7:97:4f:ed:
         40:61:1d:d6:8b:f4:16:e4:76:c5:48:5f:1e:e8:21:dd:c4:94:
         1d:c5:28:d3:75:9b:8b:ed:cf:de:e6:de:a1:0b:cf:da:de:dd:
         b4:61:0e:93:a0:eb:be:80:c6:41:87:1b:45:f3:e8:84:86:aa:
         42:48:51:51:67:06:80:9b:ab:be:91:d4:09:f1:28:a4:31:a8:
         34:f9:c0:bf:b5:33:e3:0a:2a:e1:69:fc:e1:59:d7:00:e6:00:
         c0:c6:34:61:d7:db:aa:34:18:49:a4:5f:a4:8f:b2:17:5b:18:
         94:49:5c:cf:9a:b0:a2:f7:16:7b:b4:0c:e7:3d:29:bf:57:59:
         c7:82:3c:7b:b1:4c:d8:06:af:40:78:0d:06:14:c1:7a:69:35:
         77:91:7e:89:fc:be:92:87:ac:1a:b8:db:40:71:1d:15:e9:db:
         d4:81:59:42:5e:74:e7:8f:1e:55:63:13:97:cd:d9:08:82:32:
         d7:21:24:02
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvwmeqfvA0uVODasx2+/cEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNGU2ZWRkMjZlZjFiMTZkODQ4ZTk4MTMwZTZmYzQ0NTBi
MzI3NTIwHhcNMjMwMTAxMjM1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2I4ZDI3Mjk2NjIzNzQ2YzIzYjYzZWM1OWY1YTk0NGYwMzg1MjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpXaPjcEIM7MSW/wNg9wOOvrXp/u
VLzUKP2qg/mrf3yiuFGBjapTj3Ay/jSRNHviTecfK1TTCM9xpyJpT+z0D4oZp2Xc
QOEkNSbxtdbR8ZuzpaXhKHESDUgtWDccJyeKwZHI2Tw7ynOMew9TrpLW5aVonwG7
sZbbtjeuBqAVpZYL1vQdrvycynij5RYele1CXhhayYi1WDOcBkDPL/robx4TG8PV
ACfxhRDVQFiBneueS8gzrAFbW6nm/WZF6SJoRKXnm3Uh3uH9OH4BE3QREhEjpT5y
d2bKMsCdIPXc4S4OOHpQkLNjRgyvKYYvRK8+K/8wuBw/rx/8ZkXHLy9UfQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJy40nKWYjdGwjtj7Fn1qUTwOFKaMB8GA1UdIwQY
MBaAFL1Obt0m7xsW2EjpgTDm/ERQsydSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlU1dTNTYnZHeGJZU09tQk1PYjhSRkN6SjFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9hY2UzNzMtYjgxYi00MDBjLTg0NWMt
OTYyOGY1MjY2NTQyLzEvbkxqU2NwWmlOMGJDTzJQc1dmV3BSUEE0VXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9hY2UzNzMtYjgxYi00MDBjLTg0NWMtOTYyOGY1MjY2NTQy
LzEvdlU1dTNTYnZHeGJZU09tQk1PYjhSRkN6SjFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUFmwAwQC
whoEMA0EAgACMAcDBQMqBrlAMA0GCSqGSIb3DQEBCwUAA4IBAQAOO2eKsx6MYRLr
Qasnugfpv1s4yvk8bgS9jEYZUeRI9fQx+y3BU+rnSS7NDBPM6VALGFYx/+aH0/rR
VLN9SlnCDSbxFteXT+1AYR3Wi/QW5HbFSF8e6CHdxJQdxSjTdZuL7c/e5t6hC8/a
3t20YQ6ToOu+gMZBhxtF8+iEhqpCSFFRZwaAm6u+kdQJ8SikMag0+cC/tTPjCirh
afzhWdcA5gDAxjRh19uqNBhJpF+kj7IXWxiUSVzPmrCi9xZ7tAznPSm/V1nHgjx7
sUzYBq9AeA0GFMF6aTV3kX6J/L6Sh6wauNtAcR0V6dvUgVlCXnTnjx5VYxOXzdkI
gjLXISQC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:52 2024 by rpki-client on console-fra.rpki-client.org