Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/8a94b9-70fe-46ff-a4e6-019e1f8403dd/1/BMSU2nmVmjs6R9_s3B3xhHncTpE.roa
File:                     BMSU2nmVmjs6R9_s3B3xhHncTpE.roa (raw, json)
Hash identifier:          xO3WX1LV2ymUQcCl10h6NovKMKt8mkNhEKhYFlYAq6M=
Subject key identifier:   04:C4:94:DA:79:95:9A:3B:3A:47:DF:EC:DC:1D:F1:84:79:DC:4E:91
Certificate issuer:       /CN=153d757b77067befd9446694748ad2b04e97b38c
Certificate serial:       01889AB2845E8E1D1786C2B4FE2663774365
Authority key identifier: 15:3D:75:7B:77:06:7B:EF:D9:44:66:94:74:8A:D2:B0:4E:97:B3:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FT11e3cGe-_ZRGaUdIrSsE6Xs4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/8a94b9-70fe-46ff-a4e6-019e1f8403dd/1/BMSU2nmVmjs6R9_s3B3xhHncTpE.roa
Signing time:             Thu 08 Jun 2023 11:09:30 +0000
ROA not before:           Thu 08 Jun 2023 11:09:30 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201193
IP address blocks:        185.76.233.0/24 maxlen: 24
                          185.76.232.0/22 maxlen: 24
                          185.76.232.0/24 maxlen: 24
                          185.76.232.0/23 maxlen: 24
                          185.76.234.0/24 maxlen: 24
                          185.76.234.0/23 maxlen: 24
                          185.76.235.0/24 maxlen: 24
                          2a05:5dc0::/29 maxlen: 30
                          2a05:5dc4::/30 maxlen: 30
                          2a05:5dc0::/30 maxlen: 30

Validation:               Failed, certificate revoked on Thu 27 Jul 2023 10:24:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:9a:b2:84:5e:8e:1d:17:86:c2:b4:fe:26:63:77:43:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=153d757b77067befd9446694748ad2b04e97b38c
        Validity
            Not Before: Jun  8 11:09:30 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=04c494da79959a3b3a47dfecdc1df18479dc4e91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:39:f8:6b:ae:13:a3:ce:95:28:89:8c:db:ed:
                    31:e4:a3:17:19:fe:65:69:8c:68:96:14:8f:10:f8:
                    5f:d2:ef:fc:e1:95:06:95:00:7f:96:d6:18:a6:76:
                    24:92:6f:50:41:6a:41:ea:a0:68:0e:cc:2b:33:32:
                    8b:e1:ed:9b:07:e7:4a:8a:a9:bf:43:0d:b1:da:7a:
                    d5:d6:95:0c:ea:3e:c1:18:98:1b:33:46:5b:14:cc:
                    0f:74:a4:52:81:53:e0:e7:8d:a7:0d:1b:9d:58:ac:
                    b6:a3:46:4a:7e:77:b6:81:1d:3a:8b:1a:4a:75:85:
                    3e:81:0f:9c:33:83:10:43:32:e1:9f:07:9c:38:c7:
                    7d:05:e6:96:db:70:51:da:a3:41:6b:59:0f:02:ff:
                    0a:3f:72:c6:de:26:7b:36:a1:0b:40:df:99:9a:8b:
                    18:7d:f7:28:78:c4:44:8d:1a:f1:f7:37:3b:c6:d5:
                    c5:35:0b:6a:91:ee:07:6b:81:9f:3b:f7:a8:83:92:
                    0f:d3:aa:31:7d:78:23:09:56:24:c8:ac:42:65:e3:
                    50:14:f9:7d:30:10:8d:e1:c9:7a:59:06:ee:9c:2c:
                    b3:87:c3:d1:8a:33:3e:1f:15:79:67:c6:88:c8:31:
                    aa:84:00:57:1e:86:67:87:7b:ad:f2:b7:cc:05:87:
                    e9:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:C4:94:DA:79:95:9A:3B:3A:47:DF:EC:DC:1D:F1:84:79:DC:4E:91
            X509v3 Authority Key Identifier:
                keyid:15:3D:75:7B:77:06:7B:EF:D9:44:66:94:74:8A:D2:B0:4E:97:B3:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FT11e3cGe-_ZRGaUdIrSsE6Xs4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8a94b9-70fe-46ff-a4e6-019e1f8403dd/1/BMSU2nmVmjs6R9_s3B3xhHncTpE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8a94b9-70fe-46ff-a4e6-019e1f8403dd/1/FT11e3cGe-_ZRGaUdIrSsE6Xs4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.76.232.0/22
                IPv6:
                  2a05:5dc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         53:20:02:07:f6:de:6b:5c:fc:50:48:86:1a:6f:b4:58:30:18:
         e9:76:86:e2:5f:45:f8:b3:3e:7f:a6:52:b2:c7:6f:b8:cd:c4:
         04:00:73:c5:bb:7a:73:df:47:33:6a:88:65:d7:ff:76:2d:40:
         53:c7:ca:6d:bb:4a:5b:68:d6:c6:d6:11:2f:f3:f0:8e:2d:ef:
         f0:00:fa:8b:a6:11:96:bc:3e:6d:12:85:e9:91:de:ff:48:8d:
         5b:76:24:c9:35:be:d3:f5:9f:84:06:0f:95:2a:ba:db:10:14:
         04:0a:db:c0:47:61:95:42:b1:3a:0e:7a:47:7f:00:08:ab:5f:
         6a:f1:12:51:58:e2:ce:34:62:84:81:78:ce:88:95:58:99:68:
         35:5f:44:a3:53:f5:7a:26:91:90:6a:dc:78:6b:fe:bc:c3:75:
         1c:53:ad:9f:86:b5:e2:82:e2:16:76:3e:29:4e:3c:c1:b0:26:
         c3:2e:86:0d:fd:e3:cb:1a:87:00:75:0d:eb:75:28:80:b5:42:
         37:a5:cd:07:b8:3b:dc:92:a3:a9:49:f4:21:25:0f:c8:0e:bd:
         f6:bb:8d:b3:b3:79:7a:0a:ee:55:a4:5f:42:52:b0:cd:26:d3:
         a6:b3:ef:2a:d7:65:8b:93:4b:c9:d4:3c:b9:ec:65:15:8b:5c:
         7b:81:2b:e8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYiasoRejh0XhsK0/iZjd0NlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1M2Q3NTdiNzcwNjdiZWZkOTQ0NjY5NDc0OGFkMmIwNGU5
N2IzOGMwHhcNMjMwNjA4MTEwOTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGM0OTRkYTc5OTU5YTNiM2E0N2RmZWNkYzFkZjE4NDc5ZGM0ZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTn4a64To86VKImM2+0x5KMXGf5l
aYxolhSPEPhf0u/84ZUGlQB/ltYYpnYkkm9QQWpB6qBoDswrMzKL4e2bB+dKiqm/
Qw2x2nrV1pUM6j7BGJgbM0ZbFMwPdKRSgVPg542nDRudWKy2o0ZKfne2gR06ixpK
dYU+gQ+cM4MQQzLhnwecOMd9BeaW23BR2qNBa1kPAv8KP3LG3iZ7NqELQN+ZmosY
ffcoeMREjRrx9zc7xtXFNQtqke4Ha4GfO/eog5IP06oxfXgjCVYkyKxCZeNQFPl9
MBCN4cl6WQbunCyzh8PRijM+HxV5Z8aIyDGqhABXHoZnh3ut8rfMBYfpVwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFATElNp5lZo7Okff7Nwd8YR53E6RMB8GA1UdIwQY
MBaAFBU9dXt3Bnvv2URmlHSK0rBOl7OMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlQxMWUzY0dlLV9aUkdhVWRJclNzRTZYczR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi84YTk0YjktNzBmZS00NmZmLWE0ZTYt
MDE5ZTFmODQwM2RkLzEvQk1TVTJubVZtanM2UjlfczNCM3hoSG5jVHBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi84YTk0YjktNzBmZS00NmZmLWE0ZTYtMDE5ZTFmODQwM2Rk
LzEvRlQxMWUzY0dlLV9aUkdhVWRJclNzRTZYczR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUzoMA0E
AgACMAcDBQMqBV3AMA0GCSqGSIb3DQEBCwUAA4IBAQBTIAIH9t5rXPxQSIYab7RY
MBjpdobiX0X4sz5/plKyx2+4zcQEAHPFu3pz30czaohl1/92LUBTx8ptu0pbaNbG
1hEv8/COLe/wAPqLphGWvD5tEoXpkd7/SI1bdiTJNb7T9Z+EBg+VKrrbEBQECtvA
R2GVQrE6DnpHfwAIq19q8RJRWOLONGKEgXjOiJVYmWg1X0SjU/V6JpGQatx4a/68
w3UcU62fhrXiguIWdj4pTjzBsCbDLoYN/ePLGocAdQ3rdSiAtUI3pc0HuDvckqOp
SfQhJQ/IDr32u42zs3l6Cu5VpF9CUrDNJtOms+8q12WLk0vJ1Dy57GUVi1x7gSvo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:25 2024 by rpki-client on console-ams.rpki-client.org