Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/eeab9a-d207-4b2e-a525-e823e17bb5cc/1/gWYmBhsA5q0xdAdzTYQnGPIEwYs.roa
File:                     gWYmBhsA5q0xdAdzTYQnGPIEwYs.roa (raw, json)
Hash identifier:          6Bp3R0lfdA8XLLl6xqtJ1VXOl5LMY6UKJikfWiJl/5I=
Subject key identifier:   81:66:26:06:1B:00:E6:AD:31:74:07:73:4D:84:27:18:F2:04:C1:8B
Certificate issuer:       /CN=bccd52a6a7f957171b15f7be5e20916428369401
Certificate serial:       01857169A099F67A18267FDCF09BC3F5988A
Authority key identifier: BC:CD:52:A6:A7:F9:57:17:1B:15:F7:BE:5E:20:91:64:28:36:94:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vM1Spqf5VxcbFfe-XiCRZCg2lAE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/eeab9a-d207-4b2e-a525-e823e17bb5cc/1/gWYmBhsA5q0xdAdzTYQnGPIEwYs.roa
Signing time:             Mon 02 Jan 2023 07:37:05 +0000
ROA not before:           Mon 02 Jan 2023 07:37:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8405
IP address blocks:        193.36.3.0/24 maxlen: 24
                          193.36.42.0/24 maxlen: 24
                          193.35.216.0/24 maxlen: 24
                          193.36.74.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:69:a0:99:f6:7a:18:26:7f:dc:f0:9b:c3:f5:98:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bccd52a6a7f957171b15f7be5e20916428369401
        Validity
            Not Before: Jan  2 07:37:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=816626061b00e6ad317407734d842718f204c18b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:cc:6c:25:49:3d:58:31:1d:33:36:11:da:1f:
                    8e:38:00:cc:ca:33:42:16:9e:20:a0:71:8c:c1:24:
                    a2:6a:f4:4a:40:6f:03:3f:6b:82:50:45:13:ba:f2:
                    dc:0c:89:61:46:e6:cc:03:84:f8:8e:ee:13:1f:c6:
                    7d:ef:3d:dd:93:ce:8c:0b:c0:36:6d:e2:00:6f:72:
                    f2:82:32:7e:c5:f1:61:7b:4b:40:98:93:de:cc:d7:
                    93:fe:98:10:6e:db:de:ae:e3:b0:16:5f:b2:26:dd:
                    0d:33:9b:f5:68:a2:08:d0:1b:15:11:52:40:1a:1f:
                    7f:1c:da:3e:cf:6b:87:ba:2f:00:59:6a:d5:c7:da:
                    a3:f5:b3:35:88:bd:55:66:81:08:af:ce:a8:c6:89:
                    2e:61:a6:26:1f:0d:e6:c6:e4:55:08:15:a0:8c:89:
                    b0:18:0b:c3:fb:11:00:01:f7:74:cb:0d:62:ef:73:
                    bd:f0:eb:f4:95:50:a6:84:fc:10:4e:84:a7:f4:0e:
                    c7:7e:58:86:93:8a:bc:36:70:29:cb:e1:ed:c9:48:
                    71:e3:14:e5:45:c5:5d:85:f9:00:ad:e2:ef:15:62:
                    9e:c4:fa:26:d1:9f:6b:88:0f:ab:ab:4a:22:d1:bb:
                    2d:11:3b:69:08:e9:e9:6e:7c:8d:f7:d7:47:6e:d1:
                    84:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:66:26:06:1B:00:E6:AD:31:74:07:73:4D:84:27:18:F2:04:C1:8B
            X509v3 Authority Key Identifier:
                keyid:BC:CD:52:A6:A7:F9:57:17:1B:15:F7:BE:5E:20:91:64:28:36:94:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vM1Spqf5VxcbFfe-XiCRZCg2lAE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/eeab9a-d207-4b2e-a525-e823e17bb5cc/1/gWYmBhsA5q0xdAdzTYQnGPIEwYs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/eeab9a-d207-4b2e-a525-e823e17bb5cc/1/vM1Spqf5VxcbFfe-XiCRZCg2lAE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.35.216.0/24
                  193.36.3.0/24
                  193.36.42.0/24
                  193.36.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:4e:92:32:cb:be:c1:7a:49:3e:7a:ef:54:64:07:e5:e1:0b:
         17:47:30:c4:ff:52:a1:49:ab:02:36:de:9f:1d:9a:67:21:97:
         aa:58:50:58:78:18:3c:33:96:a4:77:8f:ba:e5:af:a5:45:f9:
         56:7b:21:8e:a7:86:a1:a2:34:e4:73:64:e1:cc:59:d1:b1:68:
         90:a7:ba:33:eb:f4:88:e0:1b:d4:a6:2f:a5:ef:69:31:74:0b:
         cc:32:56:af:de:b4:2b:1b:15:8a:5a:f3:ce:18:82:7c:eb:46:
         96:98:80:85:bf:c4:54:a1:9e:e1:7c:18:d7:c7:59:6e:47:e3:
         d0:71:f9:31:e2:18:1e:d1:ce:bc:2c:f0:ec:27:bb:0a:7b:e2:
         d7:ef:46:b7:80:00:50:4d:f7:b1:25:c3:db:7b:8f:86:8a:96:
         3e:6e:c8:5b:45:95:ac:fc:93:27:6f:96:3e:c5:0a:ce:b2:20:
         14:89:62:2a:3d:52:9b:fc:68:98:a1:2d:d9:f0:c8:61:9c:97:
         60:48:30:0d:61:65:c4:6a:6f:28:e4:d7:f0:65:c2:45:0d:e9:
         ff:33:18:09:01:88:ee:7d:1d:24:c5:c0:35:e3:75:fa:72:ea:
         a5:5c:9a:dc:66:85:c2:02:90:6d:af:42:59:8e:f8:cc:20:6b:
         a7:63:36:b1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVxaaCZ9noYJn/c8JvD9ZiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjY2Q1MmE2YTdmOTU3MTcxYjE1ZjdiZTVlMjA5MTY0Mjgz
Njk0MDEwHhcNMjMwMTAyMDczNzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTY2MjYwNjFiMDBlNmFkMzE3NDA3NzM0ZDg0MjcxOGYyMDRjMThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcxsJUk9WDEdMzYR2h+OOADMyjNC
Fp4goHGMwSSiavRKQG8DP2uCUEUTuvLcDIlhRubMA4T4ju4TH8Z97z3dk86MC8A2
beIAb3LygjJ+xfFhe0tAmJPezNeT/pgQbtveruOwFl+yJt0NM5v1aKII0BsVEVJA
Gh9/HNo+z2uHui8AWWrVx9qj9bM1iL1VZoEIr86oxokuYaYmHw3mxuRVCBWgjImw
GAvD+xEAAfd0yw1i73O98Ov0lVCmhPwQToSn9A7HfliGk4q8NnApy+HtyUhx4xTl
RcVdhfkAreLvFWKexPom0Z9riA+rq0oi0bstETtpCOnpbnyN99dHbtGE7QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIFmJgYbAOatMXQHc02EJxjyBMGLMB8GA1UdIwQY
MBaAFLzNUqan+VcXGxX3vl4gkWQoNpQBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk0xU3BxZjVWeGNiRmZlLVhpQ1JaQ2cybEFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9lZWFiOWEtZDIwNy00YjJlLWE1MjUt
ZTgyM2UxN2JiNWNjLzEvZ1dZbUJoc0E1cTB4ZEFkelRZUW5HUElFd1lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9lZWFiOWEtZDIwNy00YjJlLWE1MjUtZTgyM2UxN2JiNWNj
LzEvdk0xU3BxZjVWeGNiRmZlLVhpQ1JaQ2cybEFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwSPYAwQA
wSQDAwQAwSQqAwQAwSRKMA0GCSqGSIb3DQEBCwUAA4IBAQANTpIyy77Bekk+eu9U
ZAfl4QsXRzDE/1KhSasCNt6fHZpnIZeqWFBYeBg8M5akd4+65a+lRflWeyGOp4ah
ojTkc2ThzFnRsWiQp7oz6/SI4BvUpi+l72kxdAvMMlav3rQrGxWKWvPOGIJ860aW
mICFv8RUoZ7hfBjXx1luR+PQcfkx4hge0c68LPDsJ7sKe+LX70a3gABQTfexJcPb
e4+GipY+bshbRZWs/JMnb5Y+xQrOsiAUiWIqPVKb/GiYoS3Z8MhhnJdgSDANYWXE
am8o5NfwZcJFDen/MxgJAYjufR0kxcA143X6cuqlXJrcZoXCApBtr0JZjvjMIGun
Yzax
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:04 2024 by rpki-client on console-fra.rpki-client.org