Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/vMVzC2RgZcsefDV8vrOzQIRpbUs.roa
File:                     vMVzC2RgZcsefDV8vrOzQIRpbUs.roa (raw, json)
Hash identifier:          6zouhJszZ+DAv81XOgB9YYWnkfja0WtbNLPa26/SeXI=
Subject key identifier:   BC:C5:73:0B:64:60:65:CB:1E:7C:35:7C:BE:B3:B3:40:84:69:6D:4B
Certificate issuer:       /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial:       018D31541A463C310050B52BD22916348371
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/vMVzC2RgZcsefDV8vrOzQIRpbUs.roa
Signing time:             Mon 22 Jan 2024 13:20:11 +0000
ROA not before:           Mon 22 Jan 2024 13:20:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     47757
IP address blocks:        194.120.171.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 29 Jan 2024 02:22:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:31:54:1a:46:3c:31:00:50:b5:2b:d2:29:16:34:83:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
        Validity
            Not Before: Jan 22 13:20:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bcc5730b646065cb1e7c357cbeb3b34084696d4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:0b:13:79:69:7f:a8:48:b3:4e:3c:1d:14:49:
                    79:d2:53:d6:38:02:c4:58:0b:ac:49:e1:67:2a:82:
                    04:1e:1d:9a:ac:82:a1:27:ec:df:15:db:49:70:4b:
                    b0:95:e8:78:c1:56:b8:a1:4a:e7:a0:8a:20:1a:10:
                    e2:b4:26:d7:2c:a2:f7:ca:f9:5a:81:04:11:5e:8c:
                    28:45:43:61:a0:21:4d:dc:1c:96:fa:cf:63:8a:90:
                    ce:49:ce:35:be:51:c5:73:8c:b0:b6:15:f5:28:b8:
                    93:f3:94:bd:a8:5c:9f:4a:10:9f:d1:74:35:c7:c3:
                    22:42:ed:5c:ae:ec:68:28:2f:9a:b2:5a:f7:1e:10:
                    8e:28:85:e5:d9:b3:25:a0:23:e8:7c:16:af:18:d0:
                    49:b0:5b:97:58:8d:e4:13:d7:45:24:9d:17:65:5d:
                    21:7b:00:ce:d6:ff:04:79:af:de:19:2f:f2:db:6d:
                    fd:a1:ff:3e:07:f1:e1:0e:66:d6:76:a8:17:ff:73:
                    07:e6:ab:dc:5c:7e:9f:c5:99:58:be:b5:8d:11:73:
                    38:d7:2b:f2:90:d2:73:be:5f:df:77:94:dd:e2:8a:
                    80:fa:2c:81:cc:74:98:f8:8c:79:cd:82:60:0b:ed:
                    b7:cc:14:a6:98:96:c2:44:62:28:92:bd:0a:72:53:
                    17:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:C5:73:0B:64:60:65:CB:1E:7C:35:7C:BE:B3:B3:40:84:69:6D:4B
            X509v3 Authority Key Identifier:
                keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/vMVzC2RgZcsefDV8vrOzQIRpbUs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.120.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:2a:b7:21:82:68:f1:8e:33:ae:1f:04:59:47:69:ef:f2:7a:
         6c:5f:fc:b8:a2:35:7c:bb:d9:6f:4f:01:50:98:60:23:28:ff:
         76:9e:2d:06:3e:e9:79:55:f4:55:86:bb:60:c0:86:c3:b9:12:
         11:05:7a:db:47:ac:ad:b4:86:18:67:f5:16:41:e1:8c:98:8c:
         b1:f0:3d:7c:9f:31:99:25:f9:53:45:2b:d3:47:8c:7d:7f:0b:
         69:dd:88:e9:78:f9:33:dc:a2:dc:a3:c2:1f:52:57:29:64:ae:
         76:f0:6e:58:cc:f0:1a:24:a2:b0:09:ec:d4:f9:3c:9e:ec:bb:
         7b:e0:26:b9:16:5c:9c:6e:a7:54:4b:44:5b:60:81:56:5c:7c:
         2d:15:12:1e:d5:47:7d:8d:f2:7e:ad:42:6a:e1:f7:24:76:c7:
         6d:b3:ac:c2:ac:54:bf:2f:ab:5c:67:92:72:7f:66:61:71:35:
         d5:18:c2:87:6c:00:c1:f9:d1:9c:1f:c0:60:d8:ee:cf:fc:f2:
         f7:39:aa:6b:70:b3:95:04:e2:09:fd:65:64:97:d0:d8:ac:d7:
         fe:f5:66:7e:24:67:51:ad:ff:32:f2:5c:34:c0:19:34:b0:8d:
         7c:cd:cf:7a:60:c2:5d:b0:6c:5e:5c:11:a6:a7:5a:f3:64:d6:
         6d:d3:8c:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0xVBpGPDEAULUr0ikWNINxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwMTIyMTMyMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2M1NzMwYjY0NjA2NWNiMWU3YzM1N2NiZWIzYjM0MDg0Njk2ZDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAsTeWl/qEizTjwdFEl50lPWOALE
WAusSeFnKoIEHh2arIKhJ+zfFdtJcEuwleh4wVa4oUrnoIogGhDitCbXLKL3yvla
gQQRXowoRUNhoCFN3ByW+s9jipDOSc41vlHFc4ywthX1KLiT85S9qFyfShCf0XQ1
x8MiQu1cruxoKC+aslr3HhCOKIXl2bMloCPofBavGNBJsFuXWI3kE9dFJJ0XZV0h
ewDO1v8Eea/eGS/y2239of8+B/HhDmbWdqgX/3MH5qvcXH6fxZlYvrWNEXM41yvy
kNJzvl/fd5Td4oqA+iyBzHSY+Ix5zYJgC+23zBSmmJbCRGIokr0KclMXLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLzFcwtkYGXLHnw1fL6zs0CEaW1LMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvdk1WekMyUmdaY3NlZkRWOHZyT3pRSVJwYlVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnirMA0G
CSqGSIb3DQEBCwUAA4IBAQAQKrchgmjxjjOuHwRZR2nv8npsX/y4ojV8u9lvTwFQ
mGAjKP92ni0GPul5VfRVhrtgwIbDuRIRBXrbR6yttIYYZ/UWQeGMmIyx8D18nzGZ
JflTRSvTR4x9fwtp3YjpePkz3KLco8IfUlcpZK528G5YzPAaJKKwCezU+Tye7Lt7
4Ca5FlycbqdUS0RbYIFWXHwtFRIe1Ud9jfJ+rUJq4fckdsdts6zCrFS/L6tcZ5Jy
f2ZhcTXVGMKHbADB+dGcH8Bg2O7P/PL3OaprcLOVBOIJ/WVkl9DYrNf+9WZ+JGdR
rf8y8lw0wBk0sI18zc96YMJdsGxeXBGmp1rzZNZt04z9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:04 2024 by rpki-client on console-ams.rpki-client.org