Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/bnbXE0LB2sJ-3xPp9gl0zqeYVdg.roa
File:                     bnbXE0LB2sJ-3xPp9gl0zqeYVdg.roa (raw, json)
Hash identifier:          lXm2LQ5WwZ2z7IUjIQHsBfFUMjbDD822KeQ1jjdetK4=
Subject key identifier:   6E:76:D7:13:42:C1:DA:C2:7E:DF:13:E9:F6:09:74:CE:A7:98:55:D8
Certificate issuer:       /CN=4c911324e869bc4ca5ec8bad0d3ddff685441979
Certificate serial:       01856F9DAEB953AF629101E41CED26291F0F
Authority key identifier: 4C:91:13:24:E8:69:BC:4C:A5:EC:8B:AD:0D:3D:DF:F6:85:44:19:79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TJETJOhpvEyl7IutDT3f9oVEGXk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/bnbXE0LB2sJ-3xPp9gl0zqeYVdg.roa
Signing time:             Sun 01 Jan 2023 23:14:42 +0000
ROA not before:           Sun 01 Jan 2023 23:14:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     24995
IP address blocks:        185.194.188.0/22 maxlen: 24
                          193.201.60.0/22 maxlen: 24
                          94.199.160.0/22 maxlen: 22
                          94.199.160.0/21 maxlen: 24
                          2a02:680::/36 maxlen: 36

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:9d:ae:b9:53:af:62:91:01:e4:1c:ed:26:29:1f:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c911324e869bc4ca5ec8bad0d3ddff685441979
        Validity
            Not Before: Jan  1 23:14:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6e76d71342c1dac27edf13e9f60974cea79855d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:15:b5:14:7c:1e:36:4a:9e:76:40:2a:1f:ae:
                    4f:38:23:19:5a:18:66:62:c7:5d:42:88:63:d8:b0:
                    e2:0e:02:9c:05:ce:aa:96:67:77:46:17:92:20:c3:
                    02:3d:86:60:cf:a0:47:da:d2:e5:24:ae:d0:de:da:
                    61:20:db:ae:03:c7:6e:e5:16:a4:00:93:9a:6b:80:
                    cf:64:4a:dd:43:2b:82:fa:87:73:03:96:23:59:eb:
                    1b:2e:03:b0:8f:ab:c5:d0:f4:09:58:a4:72:4b:46:
                    c1:93:8c:5b:ac:46:c5:43:ac:84:90:79:61:94:21:
                    f4:47:6f:b9:24:cc:55:61:0e:c1:39:6b:59:3d:4c:
                    02:64:43:e2:23:63:ae:d9:7f:0c:54:ad:84:f9:64:
                    bc:87:50:df:3f:f1:23:62:b0:f4:70:7e:d2:27:93:
                    db:da:ee:03:75:34:21:85:85:46:4c:c7:49:d3:d3:
                    0c:d5:50:41:c0:ed:7c:25:55:14:94:eb:60:32:77:
                    21:28:fd:3f:36:8f:ec:a8:e6:26:95:a1:65:01:94:
                    62:ac:08:47:9d:ad:4a:76:64:b2:cd:66:cf:bc:9a:
                    e7:20:38:d0:cb:b4:bc:80:7d:ae:03:e0:4d:7a:bd:
                    17:8b:14:e8:06:ca:29:61:74:d1:f7:18:b3:95:09:
                    c7:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:76:D7:13:42:C1:DA:C2:7E:DF:13:E9:F6:09:74:CE:A7:98:55:D8
            X509v3 Authority Key Identifier:
                keyid:4C:91:13:24:E8:69:BC:4C:A5:EC:8B:AD:0D:3D:DF:F6:85:44:19:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJETJOhpvEyl7IutDT3f9oVEGXk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/bnbXE0LB2sJ-3xPp9gl0zqeYVdg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/TJETJOhpvEyl7IutDT3f9oVEGXk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.199.160.0/21
                  185.194.188.0/22
                  193.201.60.0/22
                IPv6:
                  2a02:680::/36

    Signature Algorithm: sha256WithRSAEncryption
         af:7d:18:3e:51:cc:75:91:71:bc:e2:de:88:6c:2e:90:17:f3:
         f0:3f:6b:e4:a3:92:eb:99:61:54:18:dd:56:2b:ab:41:b3:35:
         e6:f7:32:1c:dc:c3:57:e4:af:00:6f:25:2c:70:08:60:d0:9b:
         b7:03:d5:94:81:69:c5:9f:60:4a:55:07:3d:38:c3:c0:d5:77:
         f2:eb:66:57:bd:a8:74:d0:f5:5b:85:9f:01:6f:18:2f:83:3b:
         ba:e1:ee:57:04:87:52:bd:6a:ce:eb:8b:e5:3d:ea:bc:0d:08:
         25:ed:a1:72:f7:bd:d4:ef:7e:f7:22:95:a9:38:e6:b0:df:2f:
         08:bc:f1:0f:14:f7:bf:c6:a5:be:7f:79:9c:30:7e:70:9f:ee:
         df:72:e4:01:80:93:26:c9:37:e4:ed:04:c5:be:44:18:bb:dd:
         f6:45:9d:19:fd:7f:15:4b:16:9b:8d:11:4b:94:a4:80:1f:8d:
         d0:c2:62:cc:d6:56:68:d3:6c:01:f2:3b:40:ba:8d:6c:1c:79:
         90:ff:10:54:da:6d:20:f6:e8:23:be:41:e9:5c:68:5b:37:14:
         f6:e9:8f:4f:28:e0:bd:2e:4e:e9:74:46:94:9e:b2:07:01:f8:
         9a:fc:ac:de:f9:c8:b2:46:dd:7a:d3:8e:45:c9:4c:54:8b:f8:
         75:49:fa:0c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVvna65U69ikQHkHO0mKR8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOTExMzI0ZTg2OWJjNGNhNWVjOGJhZDBkM2RkZmY2ODU0
NDE5NzkwHhcNMjMwMTAxMjMxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTc2ZDcxMzQyYzFkYWMyN2VkZjEzZTlmNjA5NzRjZWE3OTg1NWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBW1FHweNkqedkAqH65POCMZWhhm
YsddQohj2LDiDgKcBc6qlmd3RheSIMMCPYZgz6BH2tLlJK7Q3tphINuuA8du5Rak
AJOaa4DPZErdQyuC+odzA5YjWesbLgOwj6vF0PQJWKRyS0bBk4xbrEbFQ6yEkHlh
lCH0R2+5JMxVYQ7BOWtZPUwCZEPiI2Ou2X8MVK2E+WS8h1DfP/EjYrD0cH7SJ5Pb
2u4DdTQhhYVGTMdJ09MM1VBBwO18JVUUlOtgMnchKP0/No/sqOYmlaFlAZRirAhH
na1KdmSyzWbPvJrnIDjQy7S8gH2uA+BNer0XixToBsopYXTR9xizlQnHBQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFG521xNCwdrCft8T6fYJdM6nmFXYMB8GA1UdIwQY
MBaAFEyREyToabxMpeyLrQ093/aFRBl5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEpFVEpPaHB2RXlsN0l1dERUM2Y5b1ZFR1hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yYjM4YjMtMTJmMS00MjQyLWFkYWUt
YjdkMWNhYzUxZTBjLzEvYm5iWEUwTEIyc0otM3hQcDlnbDB6cWVZVmRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yYjM4YjMtMTJmMS00MjQyLWFkYWUtYjdkMWNhYzUxZTBj
LzEvVEpFVEpPaHB2RXlsN0l1dERUM2Y5b1ZFR1hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQDXsegAwQC
ucK8AwQCwck8MA4EAgACMAgDBgQqAgaAADANBgkqhkiG9w0BAQsFAAOCAQEAr30Y
PlHMdZFxvOLeiGwukBfz8D9r5KOS65lhVBjdViurQbM15vcyHNzDV+SvAG8lLHAI
YNCbtwPVlIFpxZ9gSlUHPTjDwNV38utmV72odND1W4WfAW8YL4M7uuHuVwSHUr1q
zuuL5T3qvA0IJe2hcve91O9+9yKVqTjmsN8vCLzxDxT3v8alvn95nDB+cJ/u33Lk
AYCTJsk35O0Exb5EGLvd9kWdGf1/FUsWm40RS5SkgB+N0MJizNZWaNNsAfI7QLqN
bBx5kP8QVNptIPboI75B6VxoWzcU9umPTyjgvS5O6XRGlJ6yBwH4mvys3vnIskbd
etOORclMVIv4dUn6DA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:29 2024 by rpki-client on console-ams.rpki-client.org