Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/f50b96-630e-4379-95ca-71aedbaef48b/1/bHTneCCB4x3W5FQLvWhxH28qFLw.roa
File:                     bHTneCCB4x3W5FQLvWhxH28qFLw.roa (raw, json)
Hash identifier:          K6BVGfEBVoJXNfb9nksne394HBIelMohUHuMbQOtYdU=
Subject key identifier:   6C:74:E7:78:20:81:E3:1D:D6:E4:54:0B:BD:68:71:1F:6F:2A:14:BC
Certificate issuer:       /CN=c867f46624d481bea9d1ba8beb0c0189c9b44b5e
Certificate serial:       018819C0DBC3616A90E4CDB73D68E1404AA5
Authority key identifier: C8:67:F4:66:24:D4:81:BE:A9:D1:BA:8B:EB:0C:01:89:C9:B4:4B:5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yGf0ZiTUgb6p0bqL6wwBicm0S14.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/f50b96-630e-4379-95ca-71aedbaef48b/1/bHTneCCB4x3W5FQLvWhxH28qFLw.roa
Signing time:             Sun 14 May 2023 10:14:09 +0000
ROA not before:           Sun 14 May 2023 10:14:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34412
IP address blocks:        87.236.38.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 05 Jul 2023 09:04:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:19:c0:db:c3:61:6a:90:e4:cd:b7:3d:68:e1:40:4a:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c867f46624d481bea9d1ba8beb0c0189c9b44b5e
        Validity
            Not Before: May 14 10:14:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6c74e7782081e31dd6e4540bbd68711f6f2a14bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:7d:11:6e:1d:3b:5e:bc:70:09:91:eb:4d:de:
                    f7:61:9f:5f:17:f3:e1:60:d1:9f:57:b8:1f:46:18:
                    71:50:ff:3f:a7:78:46:f1:b1:ad:5b:e2:2e:9f:69:
                    c6:60:9f:18:3f:52:92:a7:6e:eb:c8:d6:78:b5:23:
                    01:3f:a4:82:b7:2a:48:fb:80:81:5a:14:0e:16:45:
                    7e:e1:64:9c:15:59:31:8a:81:a6:aa:1d:9a:1e:29:
                    5f:50:78:7f:d5:72:55:90:90:fe:2a:52:56:65:2f:
                    88:5c:32:fe:6a:5d:34:ce:78:db:53:07:ec:e7:92:
                    8e:ee:3e:ba:bf:36:c5:d6:56:50:ba:2e:69:e9:a1:
                    e0:a5:c3:83:2d:88:b8:ee:f6:95:9e:80:a2:5d:8b:
                    85:09:3d:e4:9f:ed:d2:5e:74:76:43:d0:08:e7:d8:
                    dd:e5:ae:51:79:26:d4:7b:d3:47:94:34:de:a1:cf:
                    a4:0f:1c:a1:cb:f0:14:d7:9d:d0:12:f1:4d:0c:77:
                    d5:80:91:86:9c:18:2d:05:78:f0:56:05:ba:36:f7:
                    44:09:6a:08:f6:fe:3c:8d:5f:be:db:ce:ef:a6:08:
                    78:9e:20:9e:81:ea:96:08:5c:32:a2:4f:5d:22:9e:
                    ab:7f:4b:a2:f9:57:ae:2a:f6:d4:df:0c:84:85:89:
                    00:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:74:E7:78:20:81:E3:1D:D6:E4:54:0B:BD:68:71:1F:6F:2A:14:BC
            X509v3 Authority Key Identifier:
                keyid:C8:67:F4:66:24:D4:81:BE:A9:D1:BA:8B:EB:0C:01:89:C9:B4:4B:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGf0ZiTUgb6p0bqL6wwBicm0S14.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/f50b96-630e-4379-95ca-71aedbaef48b/1/bHTneCCB4x3W5FQLvWhxH28qFLw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/f50b96-630e-4379-95ca-71aedbaef48b/1/yGf0ZiTUgb6p0bqL6wwBicm0S14.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.236.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:a2:ee:ce:41:d2:02:19:3f:19:98:54:18:6f:be:c0:05:ff:
         af:03:02:e3:60:74:80:54:33:3d:f7:c2:5e:02:7d:10:75:73:
         b0:56:06:d1:a3:59:21:fc:3d:5b:43:eb:8b:60:d3:d7:a1:80:
         ee:1e:34:25:48:fc:af:d5:0d:c0:ff:18:f3:00:72:ee:1f:23:
         d1:f9:98:26:95:88:88:12:7e:f6:bd:96:ae:da:dd:7e:f1:ba:
         fd:98:ec:cd:b3:5c:17:bc:e6:70:00:b4:8c:89:9b:db:2e:f1:
         61:6f:dd:03:75:86:3b:ad:72:48:10:bd:a4:12:25:95:44:b1:
         ba:5e:3b:9f:ec:88:f3:f8:0a:23:56:fa:58:08:5a:87:97:9d:
         6c:16:5e:40:53:e7:99:d4:be:30:ab:bd:81:f2:d9:f6:66:73:
         21:3f:a9:60:24:09:46:55:75:69:45:1e:9d:74:fa:87:77:69:
         e3:4e:05:b9:76:e1:f9:e7:3d:1c:11:99:50:4a:aa:6c:ed:11:
         e3:9a:60:a4:06:d8:8d:cf:4b:e6:c0:7d:52:ef:06:c3:80:f4:
         d6:87:ba:12:f7:0d:50:9e:92:2e:6d:91:4d:8e:49:d3:da:75:
         e5:a4:d7:b1:22:52:b6:54:c3:db:23:f2:46:87:9b:86:61:15:
         7c:0c:e3:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgZwNvDYWqQ5M23PWjhQEqlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NjdmNDY2MjRkNDgxYmVhOWQxYmE4YmViMGMwMTg5Yzli
NDRiNWUwHhcNMjMwNTE0MTAxNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzc0ZTc3ODIwODFlMzFkZDZlNDU0MGJiZDY4NzExZjZmMmExNGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApn0Rbh07XrxwCZHrTd73YZ9fF/Ph
YNGfV7gfRhhxUP8/p3hG8bGtW+Iun2nGYJ8YP1KSp27ryNZ4tSMBP6SCtypI+4CB
WhQOFkV+4WScFVkxioGmqh2aHilfUHh/1XJVkJD+KlJWZS+IXDL+al00znjbUwfs
55KO7j66vzbF1lZQui5p6aHgpcODLYi47vaVnoCiXYuFCT3kn+3SXnR2Q9AI59jd
5a5ReSbUe9NHlDTeoc+kDxyhy/AU153QEvFNDHfVgJGGnBgtBXjwVgW6NvdECWoI
9v48jV++287vpgh4niCegeqWCFwyok9dIp6rf0ui+VeuKvbU3wyEhYkARQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGx053gggeMd1uRUC71ocR9vKhS8MB8GA1UdIwQY
MBaAFMhn9GYk1IG+qdG6i+sMAYnJtEteMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUdmMFppVFVnYjZwMGJxTDZ3d0JpY20wUzE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9mNTBiOTYtNjMwZS00Mzc5LTk1Y2Et
NzFhZWRiYWVmNDhiLzEvYkhUbmVDQ0I0eDNXNUZRTHZXaHhIMjhxRkx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9mNTBiOTYtNjMwZS00Mzc5LTk1Y2EtNzFhZWRiYWVmNDhi
LzEveUdmMFppVFVnYjZwMGJxTDZ3d0JpY20wUzE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+wmMA0G
CSqGSIb3DQEBCwUAA4IBAQA1ou7OQdICGT8ZmFQYb77ABf+vAwLjYHSAVDM998Je
An0QdXOwVgbRo1kh/D1bQ+uLYNPXoYDuHjQlSPyv1Q3A/xjzAHLuHyPR+ZgmlYiI
En72vZau2t1+8br9mOzNs1wXvOZwALSMiZvbLvFhb90DdYY7rXJIEL2kEiWVRLG6
Xjuf7Ijz+AojVvpYCFqHl51sFl5AU+eZ1L4wq72B8tn2ZnMhP6lgJAlGVXVpRR6d
dPqHd2njTgW5duH55z0cEZlQSqps7RHjmmCkBtiNz0vmwH1S7wbDgPTWh7oS9w1Q
npIubZFNjknT2nXlpNexIlK2VMPbI/JGh5uGYRV8DOP2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:07 2024 by rpki-client on console-fra.rpki-client.org