Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/LcWvupamdlDdfsLY383k31TyW9Y.roa
File:                     LcWvupamdlDdfsLY383k31TyW9Y.roa (raw, json)
Hash identifier:          rAlxEnyAMB2vF4mju6lAqYKvIuAKsh73ydMiBCDGJJA=
Subject key identifier:   2D:C5:AF:BA:96:A6:76:50:DD:7E:C2:D8:DF:CD:E4:DF:54:F2:5B:D6
Certificate issuer:       /CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Certificate serial:       018C82CC753861391A843A34FFA8CD13C643
Authority key identifier: BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/LcWvupamdlDdfsLY383k31TyW9Y.roa
Signing time:             Tue 19 Dec 2023 15:58:06 +0000
ROA not before:           Tue 19 Dec 2023 15:58:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206995
IP address blocks:        176.42.9.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:82:cc:75:38:61:39:1a:84:3a:34:ff:a8:cd:13:c6:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba9d30e6035be8b8386061f271481c707e04ce2b
        Validity
            Not Before: Dec 19 15:58:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2dc5afba96a67650dd7ec2d8dfcde4df54f25bd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:ff:6e:4b:72:8b:6b:97:40:6e:11:72:ec:0f:
                    54:39:99:89:05:b3:33:cd:15:d0:00:83:c8:18:6a:
                    a2:1e:3e:ee:7f:46:83:b2:02:2f:7b:55:4b:14:a1:
                    c2:98:81:69:9b:c2:1a:ce:de:80:5e:12:4f:a7:d5:
                    26:1b:38:38:ab:67:69:42:be:cb:b0:dc:78:9b:97:
                    20:e6:70:aa:2e:b6:25:c1:e6:ba:53:62:57:6b:55:
                    e5:6d:e3:c4:35:03:93:10:4f:a5:7a:c4:f3:8f:d0:
                    f5:74:bc:37:6e:01:67:96:c9:a1:20:c9:e7:60:6e:
                    95:02:5f:4e:25:5f:02:d2:e4:6c:54:1b:74:af:1e:
                    fe:7c:83:ad:f3:ae:53:9d:61:aa:8f:ae:42:08:2f:
                    19:e1:09:08:2b:39:67:be:82:4e:8a:3d:c9:de:dd:
                    db:9c:fa:9c:14:40:82:5a:fe:26:1b:b6:fc:84:48:
                    16:8b:cc:57:7f:45:60:75:73:39:8d:4e:e0:4c:19:
                    29:68:fd:74:b9:be:2a:4c:e6:0d:f9:b8:ac:5e:0f:
                    90:48:cd:47:90:3a:8d:e0:26:2d:f5:27:c7:df:62:
                    8e:d6:6b:6f:e9:08:f6:d6:2a:da:0d:36:ba:87:81:
                    71:b1:d3:ed:2b:2a:c4:95:fe:7e:2b:23:36:99:dc:
                    91:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:C5:AF:BA:96:A6:76:50:DD:7E:C2:D8:DF:CD:E4:DF:54:F2:5B:D6
            X509v3 Authority Key Identifier:
                keyid:BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/LcWvupamdlDdfsLY383k31TyW9Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.42.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:fe:0f:17:fc:8e:c4:b1:4a:74:a5:ce:3d:c1:14:1f:bd:e6:
         d2:67:5f:dd:00:52:c1:54:2b:31:73:cb:80:ad:ae:5b:5c:b4:
         73:75:b6:c1:ca:f7:16:2f:84:49:2d:7f:52:d0:1c:7c:45:35:
         50:9d:01:7c:64:44:c9:03:8c:29:49:b1:76:dd:bd:26:9e:25:
         63:38:75:a5:2b:6b:88:ca:f8:f2:62:69:84:5f:fc:34:03:5e:
         ad:f2:04:76:6c:69:0b:13:9b:df:82:9f:b4:30:be:61:8a:3c:
         09:87:02:4a:10:9f:4a:56:5b:ae:60:44:0d:30:2b:c8:61:6c:
         e5:6a:99:8f:86:2f:09:9e:05:6a:30:cb:6d:82:e8:c5:77:16:
         48:41:27:28:13:e2:55:2f:31:6e:10:64:89:ad:d4:6c:b4:99:
         dc:46:c0:dc:45:8c:b2:a3:a0:e8:a9:1c:64:66:8e:85:23:c4:
         17:5a:b1:7b:3b:51:84:a2:fb:cc:d7:01:e9:ae:aa:b0:ba:59:
         04:88:1f:35:0f:1d:6d:16:01:a3:0f:eb:a4:79:8e:69:93:e9:
         6d:f7:4f:70:21:8f:66:6e:44:66:c9:e1:6d:ca:11:f7:6f:8d:
         3d:2d:67:71:77:db:6a:92:e0:48:17:17:8e:00:d1:81:d5:e7:
         cb:e9:12:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyCzHU4YTkahDo0/6jNE8ZDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOWQzMGU2MDM1YmU4YjgzODYwNjFmMjcxNDgxYzcwN2Uw
NGNlMmIwHhcNMjMxMjE5MTU1ODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGM1YWZiYTk2YTY3NjUwZGQ3ZWMyZDhkZmNkZTRkZjU0ZjI1YmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwv9uS3KLa5dAbhFy7A9UOZmJBbMz
zRXQAIPIGGqiHj7uf0aDsgIve1VLFKHCmIFpm8Iazt6AXhJPp9UmGzg4q2dpQr7L
sNx4m5cg5nCqLrYlwea6U2JXa1XlbePENQOTEE+lesTzj9D1dLw3bgFnlsmhIMnn
YG6VAl9OJV8C0uRsVBt0rx7+fIOt865TnWGqj65CCC8Z4QkIKzlnvoJOij3J3t3b
nPqcFECCWv4mG7b8hEgWi8xXf0VgdXM5jU7gTBkpaP10ub4qTOYN+bisXg+QSM1H
kDqN4CYt9SfH32KO1mtv6Qj21iraDTa6h4FxsdPtKyrElf5+KyM2mdyRZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC3Fr7qWpnZQ3X7C2N/N5N9U8lvWMB8GA1UdIwQY
MBaAFLqdMOYDW+i4OGBh8nFIHHB+BM4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgt
NWQ1ODRmYmM1ZDI3LzEvTGNXdnVwYW1kbERkZnNMWTM4M2szMVR5VzlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgtNWQ1ODRmYmM1ZDI3
LzEvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsCoJMA0G
CSqGSIb3DQEBCwUAA4IBAQAN/g8X/I7EsUp0pc49wRQfvebSZ1/dAFLBVCsxc8uA
ra5bXLRzdbbByvcWL4RJLX9S0Bx8RTVQnQF8ZETJA4wpSbF23b0mniVjOHWlK2uI
yvjyYmmEX/w0A16t8gR2bGkLE5vfgp+0ML5hijwJhwJKEJ9KVluuYEQNMCvIYWzl
apmPhi8JngVqMMttgujFdxZIQScoE+JVLzFuEGSJrdRstJncRsDcRYyyo6DoqRxk
Zo6FI8QXWrF7O1GEovvM1wHprqqwulkEiB81Dx1tFgGjD+ukeY5pk+lt909wIY9m
bkRmyeFtyhH3b409LWdxd9tqkuBIFxeOANGB1efL6RIt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:23 2024 by rpki-client on console-fra.rpki-client.org