Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Bxpyxh6KkxczRspx3vPAn-ns0Wk.roa
File:                     Bxpyxh6KkxczRspx3vPAn-ns0Wk.roa (raw, json)
Hash identifier:          1p1ogw+cnieddjsGRWO4whH2/4vWkalTKn/GGB5BN9M=
Subject key identifier:   07:1A:72:C6:1E:8A:93:17:33:46:CA:71:DE:F3:C0:9F:E9:EC:D1:69
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       0186C7FF248AA4DFFF5ECC5B523ADB1BC161
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Bxpyxh6KkxczRspx3vPAn-ns0Wk.roa
Signing time:             Thu 09 Mar 2023 20:10:32 +0000
ROA not before:           Thu 09 Mar 2023 20:10:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199565
IP address blocks:        188.255.221.0/24 maxlen: 24
                          188.255.224.0/24 maxlen: 24
                          188.255.146.0/24 maxlen: 24
                          188.255.169.0/24 maxlen: 24
                          188.255.173.0/24 maxlen: 24
                          188.255.184.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:c7:ff:24:8a:a4:df:ff:5e:cc:5b:52:3a:db:1b:c1:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Mar  9 20:10:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=071a72c61e8a93173346ca71def3c09fe9ecd169
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:06:94:c1:9b:40:31:1e:7e:bd:a4:0c:59:18:
                    c8:56:5d:ea:c8:0e:72:a8:ce:68:5e:0a:1d:be:28:
                    15:c5:57:b6:79:e3:3e:e7:6c:dd:1d:f3:be:31:9a:
                    65:e3:08:e7:8e:30:c8:4b:fe:88:99:b9:01:26:fb:
                    2f:e3:33:4e:2a:1a:f1:e1:36:9c:31:61:30:81:e8:
                    b4:f9:a6:14:6b:4f:f7:d3:06:b1:7d:3e:e1:02:04:
                    ef:fa:27:35:ab:9b:89:02:d4:ba:1f:77:74:9c:bf:
                    88:a3:62:74:03:cc:a9:8d:18:1b:05:df:a4:a8:78:
                    40:6b:2d:6b:0e:3b:8c:0b:f6:a5:bd:e7:da:b1:8c:
                    1d:d4:b2:4d:91:99:15:e8:8b:5b:d8:98:87:71:23:
                    25:a1:da:7c:6c:41:74:fd:c2:d7:c4:85:46:20:71:
                    3d:50:e7:95:79:7e:0f:13:2d:e5:c2:bc:d2:be:21:
                    b3:a9:66:20:9f:31:8f:5f:ef:3c:bb:8f:17:85:66:
                    b5:e9:da:a4:e8:ad:a8:ff:97:c1:ac:9f:0f:0a:31:
                    97:20:3c:a1:9c:3c:fa:65:35:a0:5d:88:a6:36:a2:
                    0c:5c:69:14:d2:ed:64:61:c3:95:50:29:d8:f3:b1:
                    6a:76:4f:dc:1f:fc:09:9d:df:d8:48:cc:76:41:4b:
                    5d:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:1A:72:C6:1E:8A:93:17:33:46:CA:71:DE:F3:C0:9F:E9:EC:D1:69
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Bxpyxh6KkxczRspx3vPAn-ns0Wk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.255.146.0/24
                  188.255.169.0/24
                  188.255.173.0/24
                  188.255.184.0/24
                  188.255.221.0/24
                  188.255.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:2f:46:e0:a8:36:2a:0e:98:5e:e5:c3:8c:e4:b1:03:74:cf:
         18:e4:19:98:53:98:60:f2:fa:79:92:dd:94:6b:33:e4:20:79:
         12:ce:a1:50:a0:2b:9a:b8:44:61:a4:3d:9f:63:29:ce:cf:10:
         1f:5d:49:52:c0:92:2a:a0:a4:87:10:30:dc:cf:96:fa:42:6c:
         9e:9f:08:5f:a5:82:b9:51:26:c9:5b:93:6c:93:4c:44:4a:24:
         e0:bd:df:07:2c:47:86:e5:dd:92:29:35:fe:2b:1b:b5:f9:c4:
         8f:c1:17:75:3e:f4:65:2d:fe:da:bd:21:a0:ef:65:bc:95:44:
         02:34:9c:38:90:29:46:b4:56:72:c1:d5:86:5a:70:52:e9:5e:
         37:01:29:2c:57:2a:4f:50:73:19:b7:62:81:9f:43:6d:ec:9e:
         94:54:41:c8:92:11:ec:e7:cd:de:5c:eb:28:ce:40:68:17:e6:
         ed:8f:db:ca:2f:c9:09:2d:3c:6e:a6:6d:d5:ec:7b:03:8d:fd:
         14:a0:44:a3:6e:82:28:58:72:95:f3:3d:a9:bc:f2:7b:ea:82:
         9a:86:a0:a7:33:38:50:dd:e1:09:19:7c:eb:b4:01:c9:4d:4b:
         44:91:1e:ec:a9:b5:be:26:12:a5:fa:2a:65:58:6d:9d:03:1d:
         6d:a0:30:97
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYbH/ySKpN//XsxbUjrbG8FhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwMzA5MjAxMDMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzFhNzJjNjFlOGE5MzE3MzM0NmNhNzFkZWYzYzA5ZmU5ZWNkMTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAaUwZtAMR5+vaQMWRjIVl3qyA5y
qM5oXgodvigVxVe2eeM+52zdHfO+MZpl4wjnjjDIS/6ImbkBJvsv4zNOKhrx4Tac
MWEwgei0+aYUa0/30waxfT7hAgTv+ic1q5uJAtS6H3d0nL+Io2J0A8ypjRgbBd+k
qHhAay1rDjuMC/alvefasYwd1LJNkZkV6Itb2JiHcSMlodp8bEF0/cLXxIVGIHE9
UOeVeX4PEy3lwrzSviGzqWYgnzGPX+88u48XhWa16dqk6K2o/5fBrJ8PCjGXIDyh
nDz6ZTWgXYimNqIMXGkU0u1kYcOVUCnY87Fqdk/cH/wJnd/YSMx2QUtdvwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAcacsYeipMXM0bKcd7zwJ/p7NFpMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvQnhweXhoNktreGN6UnNweDN2UEFuLW5zMFdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAvP+SAwQA
vP+pAwQAvP+tAwQAvP+4AwQAvP/dAwQAvP/gMA0GCSqGSIb3DQEBCwUAA4IBAQAE
L0bgqDYqDphe5cOM5LEDdM8Y5BmYU5hg8vp5kt2UazPkIHkSzqFQoCuauERhpD2f
YynOzxAfXUlSwJIqoKSHEDDcz5b6QmyenwhfpYK5USbJW5Nsk0xESiTgvd8HLEeG
5d2SKTX+Kxu1+cSPwRd1PvRlLf7avSGg72W8lUQCNJw4kClGtFZywdWGWnBS6V43
ASksVypPUHMZt2KBn0Nt7J6UVEHIkhHs583eXOsozkBoF+btj9vKL8kJLTxupm3V
7HsDjf0UoESjboIoWHKV8z2pvPJ76oKahqCnMzhQ3eEJGXzrtAHJTUtEkR7sqbW+
JhKl+iplWG2dAx1toDCX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:25 2024 by rpki-client on console-fra.rpki-client.org