Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/6719cd-864a-42f0-818f-dd4804840dd6/1/dXGrcUQYaFwdFlNSthgH39qUTFc.roa
File:                     dXGrcUQYaFwdFlNSthgH39qUTFc.roa (raw, json)
Hash identifier:          Z0SLoNsrLFNa4jWrrhH8HbJ5ibusQv2PhSVl6zXHoIc=
Subject key identifier:   75:71:AB:71:44:18:68:5C:1D:16:53:52:B6:18:07:DF:DA:94:4C:57
Certificate issuer:       /CN=16655e5595f5a3c071c12b179db9279dc7db0913
Certificate serial:       01856F7958BD8AB73CE0FD37436F8771DE45
Authority key identifier: 16:65:5E:55:95:F5:A3:C0:71:C1:2B:17:9D:B9:27:9D:C7:DB:09:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FmVeVZX1o8BxwSsXnbknncfbCRM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/6719cd-864a-42f0-818f-dd4804840dd6/1/dXGrcUQYaFwdFlNSthgH39qUTFc.roa
Signing time:             Sun 01 Jan 2023 22:35:01 +0000
ROA not before:           Sun 01 Jan 2023 22:35:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42
IP address blocks:        194.26.237.0/24 maxlen: 24
                          2a11:c7c1:deec::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:79:58:bd:8a:b7:3c:e0:fd:37:43:6f:87:71:de:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16655e5595f5a3c071c12b179db9279dc7db0913
        Validity
            Not Before: Jan  1 22:35:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7571ab714418685c1d165352b61807dfda944c57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:b9:01:d4:e6:49:91:c9:aa:66:76:1e:3c:b7:
                    ba:ce:2c:ec:d4:8b:1f:b3:4a:fa:92:60:44:51:ae:
                    90:f2:36:4a:3f:d8:01:50:e0:41:6a:3f:b2:28:f3:
                    d4:7d:9a:45:18:06:2d:88:72:e1:56:d2:6c:d2:de:
                    b3:b5:ac:18:bd:d1:8f:14:d7:25:40:89:45:40:1f:
                    f6:cb:7c:7b:83:94:b4:1d:d1:aa:c8:a9:c4:d1:d4:
                    30:f0:5a:da:26:06:eb:37:d2:56:04:a2:44:01:5c:
                    49:be:06:85:5c:90:74:5a:3e:d0:04:40:3b:c3:78:
                    63:3b:9d:8a:f8:f0:db:b5:d2:e4:6d:b5:d9:55:56:
                    d8:b6:da:b6:5f:dd:e8:2a:eb:92:ad:27:51:41:11:
                    63:e2:8f:89:68:04:2f:b5:28:36:44:ed:9d:03:b7:
                    9f:21:90:ee:85:00:83:32:72:17:e5:57:35:65:21:
                    d1:52:18:97:fc:e0:83:52:06:bb:a5:d6:77:82:6a:
                    04:fc:12:11:03:e0:f9:b8:4e:74:78:45:c1:f8:b1:
                    31:60:91:2e:50:fc:99:6e:2d:71:43:d1:3b:df:64:
                    a7:01:29:70:73:c9:23:e7:d5:39:40:b8:a1:92:12:
                    f3:c6:fa:92:13:b8:aa:67:82:ad:07:ad:b2:61:e0:
                    ab:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:71:AB:71:44:18:68:5C:1D:16:53:52:B6:18:07:DF:DA:94:4C:57
            X509v3 Authority Key Identifier:
                keyid:16:65:5E:55:95:F5:A3:C0:71:C1:2B:17:9D:B9:27:9D:C7:DB:09:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FmVeVZX1o8BxwSsXnbknncfbCRM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/6719cd-864a-42f0-818f-dd4804840dd6/1/dXGrcUQYaFwdFlNSthgH39qUTFc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/6719cd-864a-42f0-818f-dd4804840dd6/1/FmVeVZX1o8BxwSsXnbknncfbCRM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.26.237.0/24
                IPv6:
                  2a11:c7c1:deec::/48

    Signature Algorithm: sha256WithRSAEncryption
         5b:da:56:86:e8:29:12:86:b8:ca:cc:94:6f:d9:96:47:5e:5c:
         27:c9:81:f8:36:cc:42:f1:df:0e:f3:95:4a:a1:70:a8:6d:ae:
         49:dc:40:3a:a3:cd:4b:ef:18:17:41:6e:34:d0:1f:d8:f8:60:
         89:68:ed:d9:9c:ab:e7:ae:dc:d7:c4:bb:5a:4b:51:d7:2c:f7:
         9a:99:f0:a4:4e:d9:e2:d6:6a:0a:e4:ea:8c:99:ae:37:83:73:
         68:55:0e:1f:2a:60:90:21:ed:bc:83:40:dd:5f:86:06:49:fb:
         3e:58:49:4d:12:7d:6c:a6:b2:b6:64:bd:72:7c:f3:f8:60:c9:
         cb:85:64:f7:7a:af:d9:d7:eb:7a:34:b6:0c:c2:01:b0:8d:ce:
         c4:d6:da:a3:9a:a1:1d:1e:81:cf:d9:42:8f:ce:a8:9f:4a:39:
         fa:c4:51:f8:bb:9d:65:bc:48:7a:89:bc:82:55:7d:fe:a9:35:
         5a:ce:ce:57:a9:bb:8d:9c:a9:62:3e:4f:2b:5c:1b:57:b9:40:
         74:46:34:32:5f:08:a7:21:6b:55:3f:f0:ae:18:a6:2c:b5:30:
         b2:10:a5:a9:85:93:c9:f3:36:4c:69:98:cf:22:2d:63:e5:a3:
         dd:2a:36:fd:24:6f:86:99:89:ef:36:c7:0f:4f:0f:1d:ef:ed:
         ac:cc:0e:bf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVveVi9irc84P03Q2+Hcd5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NjU1ZTU1OTVmNWEzYzA3MWMxMmIxNzlkYjkyNzlkYzdk
YjA5MTMwHhcNMjMwMTAxMjIzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTcxYWI3MTQ0MTg2ODVjMWQxNjUzNTJiNjE4MDdkZmRhOTQ0YzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrkB1OZJkcmqZnYePLe6zizs1Isf
s0r6kmBEUa6Q8jZKP9gBUOBBaj+yKPPUfZpFGAYtiHLhVtJs0t6ztawYvdGPFNcl
QIlFQB/2y3x7g5S0HdGqyKnE0dQw8FraJgbrN9JWBKJEAVxJvgaFXJB0Wj7QBEA7
w3hjO52K+PDbtdLkbbXZVVbYttq2X93oKuuSrSdRQRFj4o+JaAQvtSg2RO2dA7ef
IZDuhQCDMnIX5Vc1ZSHRUhiX/OCDUga7pdZ3gmoE/BIRA+D5uE50eEXB+LExYJEu
UPyZbi1xQ9E732SnASlwc8kj59U5QLihkhLzxvqSE7iqZ4KtB62yYeCrNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHVxq3FEGGhcHRZTUrYYB9/alExXMB8GA1UdIwQY
MBaAFBZlXlWV9aPAccErF525J53H2wkTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm1WZVZaWDFvOEJ4d1NzWG5ia25uY2ZiQ1JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC82NzE5Y2QtODY0YS00MmYwLTgxOGYt
ZGQ0ODA0ODQwZGQ2LzEvZFhHcmNVUVlhRndkRmxOU3RoZ0gzOXFVVEZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC82NzE5Y2QtODY0YS00MmYwLTgxOGYtZGQ0ODA0ODQwZGQ2
LzEvRm1WZVZaWDFvOEJ4d1NzWG5ia25uY2ZiQ1JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwhrtMA8E
AgACMAkDBwAqEcfB3uwwDQYJKoZIhvcNAQELBQADggEBAFvaVoboKRKGuMrMlG/Z
lkdeXCfJgfg2zELx3w7zlUqhcKhtrkncQDqjzUvvGBdBbjTQH9j4YIlo7dmcq+eu
3NfEu1pLUdcs95qZ8KRO2eLWagrk6oyZrjeDc2hVDh8qYJAh7byDQN1fhgZJ+z5Y
SU0SfWymsrZkvXJ88/hgycuFZPd6r9nX63o0tgzCAbCNzsTW2qOaoR0egc/ZQo/O
qJ9KOfrEUfi7nWW8SHqJvIJVff6pNVrOzlepu42cqWI+TytcG1e5QHRGNDJfCKch
a1U/8K4Ypiy1MLIQpamFk8nzNkxpmM8iLWPlo90qNv0kb4aZie82xw9PDx3v7azM
Dr8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:20 2024 by rpki-client on console-fra.rpki-client.org