Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/6BKQr6_sl6LmYWi5PSOU4AoVSuk.roa
File:                     6BKQr6_sl6LmYWi5PSOU4AoVSuk.roa (raw, json)
Hash identifier:          51+OJKP+K/XT7tRWznIFd1SGuSbCVkUw1IE3VH0C6yw=
Subject key identifier:   E8:12:90:AF:AF:EC:97:A2:E6:61:68:B9:3D:23:94:E0:0A:15:4A:E9
Certificate issuer:       /CN=4c911324e869bc4ca5ec8bad0d3ddff685441979
Certificate serial:       01856F9DAD147B64A5F3AC8B042612CA382C
Authority key identifier: 4C:91:13:24:E8:69:BC:4C:A5:EC:8B:AD:0D:3D:DF:F6:85:44:19:79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TJETJOhpvEyl7IutDT3f9oVEGXk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/6BKQr6_sl6LmYWi5PSOU4AoVSuk.roa
Signing time:             Sun 01 Jan 2023 23:14:42 +0000
ROA not before:           Sun 01 Jan 2023 23:14:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20539
IP address blocks:        94.199.160.0/21 maxlen: 24
                          2a02:680:8000::/36 maxlen: 36

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:9d:ad:14:7b:64:a5:f3:ac:8b:04:26:12:ca:38:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c911324e869bc4ca5ec8bad0d3ddff685441979
        Validity
            Not Before: Jan  1 23:14:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e81290afafec97a2e66168b93d2394e00a154ae9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:67:0d:a3:f1:2b:b4:a7:21:6f:6c:dd:bb:9b:
                    e6:43:69:bc:4d:81:a2:14:d0:15:c0:a9:16:82:fb:
                    0a:5f:9d:92:a8:ca:3e:74:a0:a8:1c:ad:7d:6c:5c:
                    40:da:66:2e:e0:05:a5:96:8c:4b:be:88:9c:8d:70:
                    3e:0e:80:df:d1:9d:1c:2e:93:bd:a0:49:79:d4:fe:
                    61:15:f2:1d:b9:01:65:ae:b5:8b:c2:32:82:86:5d:
                    c5:cc:4f:66:14:61:00:cf:df:bf:1c:ca:98:c0:6c:
                    01:e7:fa:49:ac:dd:6f:90:6f:c9:cf:c8:1a:fd:cd:
                    56:dc:c3:ff:46:55:72:10:38:c6:85:45:28:06:68:
                    02:36:79:e2:bb:f1:d3:ce:8e:a5:f5:12:83:ba:a4:
                    c1:e8:61:4a:56:35:a9:bd:bb:75:c8:f6:af:06:76:
                    ff:80:92:9f:23:84:4f:5d:62:9b:00:4d:a1:04:83:
                    0e:40:b9:a7:41:fc:e0:bd:1f:52:a0:3b:d2:4b:ac:
                    fd:ee:11:43:5e:a0:4a:d1:33:e5:70:26:c1:b0:df:
                    94:b3:f8:a1:86:0c:b7:0d:b5:26:e9:0c:81:ca:44:
                    9a:4f:cf:78:91:f4:b9:98:fe:b6:cb:81:cd:b0:d4:
                    ba:17:46:b8:19:5a:f9:52:ea:aa:4e:ab:f3:f6:ae:
                    eb:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:12:90:AF:AF:EC:97:A2:E6:61:68:B9:3D:23:94:E0:0A:15:4A:E9
            X509v3 Authority Key Identifier:
                keyid:4C:91:13:24:E8:69:BC:4C:A5:EC:8B:AD:0D:3D:DF:F6:85:44:19:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJETJOhpvEyl7IutDT3f9oVEGXk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/6BKQr6_sl6LmYWi5PSOU4AoVSuk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/TJETJOhpvEyl7IutDT3f9oVEGXk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.199.160.0/21
                IPv6:
                  2a02:680:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         5a:a1:69:94:c3:63:d1:ad:03:b6:2a:5f:e2:54:54:d9:ec:47:
         33:94:aa:d0:4a:f6:70:42:24:72:a0:80:6f:37:7b:1a:cd:4b:
         37:cd:5b:0d:d2:b1:90:94:b7:47:5f:fb:10:d3:e9:b3:bd:c1:
         d1:ee:0b:64:e8:56:33:0a:0d:09:d6:29:ee:05:c7:f0:66:db:
         27:71:0b:97:1d:16:bd:75:96:70:d9:f7:48:06:bf:13:76:7e:
         2c:c4:ff:55:94:74:35:9e:d3:e3:5b:9f:b1:cf:23:63:87:6b:
         21:e2:22:4d:79:5e:db:75:81:13:e1:37:0c:e7:aa:b2:a4:ce:
         18:18:f6:30:79:78:26:2f:81:d7:08:a9:d9:95:8a:fa:38:32:
         1f:c4:dd:61:b8:1d:f4:5f:cd:13:b6:3a:ae:92:6b:d7:5d:2b:
         a3:9f:f5:9b:6b:ef:a3:91:a1:de:5d:f2:d8:53:07:d8:a3:22:
         e2:ff:7d:87:78:fe:09:3b:33:2d:75:01:4b:4b:a7:7d:df:8d:
         2e:3c:9e:83:71:2b:75:f0:dd:29:27:6c:f3:f3:54:74:0d:0e:
         1a:f5:92:8a:67:ec:56:bb:cc:0b:fe:0c:55:16:aa:a2:ea:70:
         f0:40:d9:38:85:f7:93:51:0a:28:f5:26:a7:61:ce:5e:74:e1:
         4f:56:b8:6a
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVvna0Ue2Sl86yLBCYSyjgsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOTExMzI0ZTg2OWJjNGNhNWVjOGJhZDBkM2RkZmY2ODU0
NDE5NzkwHhcNMjMwMTAxMjMxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODEyOTBhZmFmZWM5N2EyZTY2MTY4YjkzZDIzOTRlMDBhMTU0YWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2cNo/ErtKchb2zdu5vmQ2m8TYGi
FNAVwKkWgvsKX52SqMo+dKCoHK19bFxA2mYu4AWlloxLvoicjXA+DoDf0Z0cLpO9
oEl51P5hFfIduQFlrrWLwjKChl3FzE9mFGEAz9+/HMqYwGwB5/pJrN1vkG/Jz8ga
/c1W3MP/RlVyEDjGhUUoBmgCNnniu/HTzo6l9RKDuqTB6GFKVjWpvbt1yPavBnb/
gJKfI4RPXWKbAE2hBIMOQLmnQfzgvR9SoDvSS6z97hFDXqBK0TPlcCbBsN+Us/ih
hgy3DbUm6QyBykSaT894kfS5mP62y4HNsNS6F0a4GVr5UuqqTqvz9q7rYQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFOgSkK+v7Jei5mFouT0jlOAKFUrpMB8GA1UdIwQY
MBaAFEyREyToabxMpeyLrQ093/aFRBl5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEpFVEpPaHB2RXlsN0l1dERUM2Y5b1ZFR1hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yYjM4YjMtMTJmMS00MjQyLWFkYWUt
YjdkMWNhYzUxZTBjLzEvNkJLUXI2X3NsNkxtWVdpNVBTT1U0QW9WU3VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yYjM4YjMtMTJmMS00MjQyLWFkYWUtYjdkMWNhYzUxZTBj
LzEvVEpFVEpPaHB2RXlsN0l1dERUM2Y5b1ZFR1hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQDXsegMA4E
AgACMAgDBgQqAgaAgDANBgkqhkiG9w0BAQsFAAOCAQEAWqFplMNj0a0Dtipf4lRU
2exHM5Sq0Er2cEIkcqCAbzd7Gs1LN81bDdKxkJS3R1/7ENPps73B0e4LZOhWMwoN
CdYp7gXH8GbbJ3ELlx0WvXWWcNn3SAa/E3Z+LMT/VZR0NZ7T41ufsc8jY4drIeIi
TXle23WBE+E3DOeqsqTOGBj2MHl4Ji+B1wip2ZWK+jgyH8TdYbgd9F/NE7Y6rpJr
110ro5/1m2vvo5Gh3l3y2FMH2KMi4v99h3j+CTszLXUBS0unfd+NLjyeg3ErdfDd
KSds8/NUdA0OGvWSimfsVrvMC/4MVRaqoupw8EDZOIX3k1EKKPUmp2HOXnThT1a4
ag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:29 2024 by rpki-client on console-ams.rpki-client.org