Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/BNBCsru5U9BLyJhpCSKWJIcwPMA.roa
File:                     BNBCsru5U9BLyJhpCSKWJIcwPMA.roa (raw, json)
Hash identifier:          30/9/+mPOJQ76Yv/5A/PYZad4J/ovL0vcg9boL4+LKU=
Subject key identifier:   04:D0:42:B2:BB:B9:53:D0:4B:C8:98:69:09:22:96:24:87:30:3C:C0
Certificate issuer:       /CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Certificate serial:       018C1BD3E828190D2A9099E0BBEC9C698944
Authority key identifier: B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/BNBCsru5U9BLyJhpCSKWJIcwPMA.roa
Signing time:             Wed 29 Nov 2023 16:05:21 +0000
ROA not before:           Wed 29 Nov 2023 16:05:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44901
IP address blocks:        46.253.0.0/24 maxlen: 24
                          91.132.63.0/24 maxlen: 24
                          185.243.213.0/24 maxlen: 24
                          91.132.62.0/24 maxlen: 24
                          91.132.60.0/24 maxlen: 24
                          2a09:be80::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 29 Nov 2023 16:28:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:1b:d3:e8:28:19:0d:2a:90:99:e0:bb:ec:9c:69:89:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b62d4cec783305923e3497ed884f1c445b4e78fb
        Validity
            Not Before: Nov 29 16:05:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=04d042b2bbb953d04bc898690922962487303cc0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:6a:14:cf:6f:ba:21:6b:a4:9d:49:c7:8e:4c:
                    6b:a1:64:2c:de:d6:5e:60:65:c6:b9:34:1d:a2:fe:
                    07:a6:0e:32:1d:2a:2a:78:b8:09:cc:36:25:9f:8a:
                    b7:f2:32:6d:8c:bb:3e:4a:20:2f:e4:2b:9f:d4:a1:
                    17:f7:cc:b9:73:72:69:bf:0c:3d:1f:54:5c:c1:1e:
                    e2:1b:20:6f:12:e7:cf:39:81:9f:8c:22:7b:bb:6c:
                    90:a6:77:ec:39:82:50:6a:49:dd:a6:07:4b:73:e0:
                    d9:3b:94:9f:4f:26:ed:48:d4:90:15:84:67:14:be:
                    42:8d:82:41:f9:1d:7d:bb:d2:4a:a2:e1:5d:65:5b:
                    87:32:06:c4:f0:ff:85:a4:15:90:e9:ed:47:b0:4e:
                    97:87:b7:06:24:aa:da:e4:4d:92:b0:e3:e6:01:f7:
                    d2:8a:db:de:d5:cb:04:ca:99:89:b4:90:2d:03:38:
                    ba:6e:ed:6a:a1:50:0e:04:46:5b:e7:d3:11:0c:60:
                    28:59:28:22:b5:d1:68:cb:72:9f:24:8e:05:1d:30:
                    37:b3:6a:c5:67:bf:c1:8f:e4:dd:a7:9e:8f:2b:52:
                    78:d8:b7:03:19:e2:6c:16:35:22:d6:27:ac:0a:7c:
                    8c:43:17:4f:13:9b:87:c7:c1:6a:10:bf:57:99:d7:
                    b8:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:D0:42:B2:BB:B9:53:D0:4B:C8:98:69:09:22:96:24:87:30:3C:C0
            X509v3 Authority Key Identifier:
                keyid:B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/BNBCsru5U9BLyJhpCSKWJIcwPMA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.253.0.0/24
                  91.132.60.0/24
                  91.132.62.0/23
                  185.243.213.0/24
                IPv6:
                  2a09:be80::/32

    Signature Algorithm: sha256WithRSAEncryption
         7b:80:28:c4:44:f0:9f:6f:13:15:79:fe:b2:33:3a:69:ab:e5:
         64:13:e2:4a:bf:9b:b4:53:50:61:e9:3d:80:96:34:f8:fb:b1:
         d4:a9:ac:ea:a8:2f:55:09:8d:34:9e:cb:77:7c:f6:e4:53:5b:
         78:eb:d5:20:c9:2c:72:c8:52:79:97:4b:56:6b:aa:c8:e9:75:
         31:1e:93:79:d5:dd:15:34:b1:f3:fa:af:67:82:c2:3d:92:be:
         37:a8:77:d4:5d:69:28:1f:62:57:b2:4d:d3:c9:82:29:1e:55:
         e9:3b:65:82:da:9d:0a:49:ee:1e:38:0c:b2:2d:b5:76:e9:65:
         eb:83:df:27:74:21:a8:6a:8d:fd:3b:60:6a:4e:bc:a4:0d:5a:
         48:7d:a6:6c:74:06:aa:26:a7:12:9e:89:25:74:2d:e8:ae:bc:
         e5:51:c2:8b:f2:85:95:16:55:ab:e2:a3:bd:fc:7b:0e:8d:c2:
         c9:4f:af:17:3d:2d:56:ee:94:b8:da:35:27:fa:cd:99:aa:2f:
         6c:62:9f:cd:e8:5a:8a:c3:87:19:0f:4c:77:8a:2a:09:e7:32:
         5a:63:13:2c:15:f6:09:ba:96:40:3c:b9:22:95:b2:b4:ce:4d:
         94:c5:1e:9a:a3:ec:6f:07:ff:b6:7f:36:df:65:73:ac:7c:44:
         17:26:5a:a3
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYwb0+goGQ0qkJngu+ycaYlEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MmQ0Y2VjNzgzMzA1OTIzZTM0OTdlZDg4NGYxYzQ0NWI0
ZTc4ZmIwHhcNMjMxMTI5MTYwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGQwNDJiMmJiYjk1M2QwNGJjODk4NjkwOTIyOTYyNDg3MzAzY2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGoUz2+6IWuknUnHjkxroWQs3tZe
YGXGuTQdov4Hpg4yHSoqeLgJzDYln4q38jJtjLs+SiAv5Cuf1KEX98y5c3Jpvww9
H1RcwR7iGyBvEufPOYGfjCJ7u2yQpnfsOYJQakndpgdLc+DZO5SfTybtSNSQFYRn
FL5CjYJB+R19u9JKouFdZVuHMgbE8P+FpBWQ6e1HsE6Xh7cGJKra5E2SsOPmAffS
itve1csEypmJtJAtAzi6bu1qoVAOBEZb59MRDGAoWSgitdFoy3KfJI4FHTA3s2rF
Z7/Bj+Tdp56PK1J42LcDGeJsFjUi1iesCnyMQxdPE5uHx8FqEL9Xmde4GQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFATQQrK7uVPQS8iYaQkiliSHMDzAMB8GA1UdIwQY
MBaAFLYtTOx4MwWSPjSX7YhPHERbTnj7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTIt
ZDMyZTI3ZmI3ZTU5LzEvQk5CQ3NydTVVOUJMeUpocENTS1dKSWN3UE1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTItZDMyZTI3ZmI3ZTU5
LzEvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQALv0AAwQA
W4Q8AwQBW4Q+AwQAufPVMA0EAgACMAcDBQAqCb6AMA0GCSqGSIb3DQEBCwUAA4IB
AQB7gCjERPCfbxMVef6yMzppq+VkE+JKv5u0U1Bh6T2AljT4+7HUqazqqC9VCY00
nst3fPbkU1t469UgySxyyFJ5l0tWa6rI6XUxHpN51d0VNLHz+q9ngsI9kr43qHfU
XWkoH2JXsk3TyYIpHlXpO2WC2p0KSe4eOAyyLbV26WXrg98ndCGoao39O2BqTryk
DVpIfaZsdAaqJqcSnokldC3orrzlUcKL8oWVFlWr4qO9/HsOjcLJT68XPS1W7pS4
2jUn+s2Zqi9sYp/N6FqKw4cZD0x3iioJ5zJaYxMsFfYJupZAPLkilbK0zk2UxR6a
o+xvB/+2fzbfZXOsfEQXJlqj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:16 2024 by rpki-client on console-fra.rpki-client.org