Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/493985-c270-429e-91b2-d570483c368b/1/nCKEL4951voB9gZJ_PKy4TVLKlQ.roa
File:                     nCKEL4951voB9gZJ_PKy4TVLKlQ.roa (raw, json)
Hash identifier:          P4/LzbkQCfg65bXPnqPiYF6pgk1ILKSIciDExySdZBU=
Subject key identifier:   9C:22:84:2F:8F:79:D6:FA:01:F6:06:49:FC:F2:B2:E1:35:4B:2A:54
Certificate issuer:       /CN=6516844d245d4124a22a536b046da86332d0b911
Certificate serial:       018BC80E39AA2C5B778645A22E782492308F
Authority key identifier: 65:16:84:4D:24:5D:41:24:A2:2A:53:6B:04:6D:A8:63:32:D0:B9:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZRaETSRdQSSiKlNrBG2oYzLQuRE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/493985-c270-429e-91b2-d570483c368b/1/nCKEL4951voB9gZJ_PKy4TVLKlQ.roa
Signing time:             Mon 13 Nov 2023 09:40:57 +0000
ROA not before:           Mon 13 Nov 2023 09:40:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15525
IP address blocks:        192.188.10.0/24 maxlen: 24
                          193.236.121.0/24 maxlen: 24
                          193.236.123.0/24 maxlen: 24
                          193.236.120.0/24 maxlen: 24
                          193.236.122.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:c8:0e:39:aa:2c:5b:77:86:45:a2:2e:78:24:92:30:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6516844d245d4124a22a536b046da86332d0b911
        Validity
            Not Before: Nov 13 09:40:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9c22842f8f79d6fa01f60649fcf2b2e1354b2a54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:dd:06:4a:fa:6f:84:11:72:b8:3f:7b:6a:ac:
                    8a:00:69:96:e9:2d:e9:9a:af:55:2f:53:85:f4:79:
                    3b:8b:46:69:67:64:15:bd:e5:1a:d2:5a:8d:da:c0:
                    10:68:ea:a6:5a:fb:0f:68:79:30:e9:42:25:19:93:
                    11:23:bf:c3:c7:aa:28:2d:1a:a3:7e:71:2a:39:49:
                    5f:8c:e2:7b:17:a3:99:1b:63:5d:ba:50:fc:a5:72:
                    5c:e9:4b:eb:fd:91:d2:3d:e4:17:dd:ae:00:e5:e7:
                    ee:63:91:16:a9:2f:f9:2e:99:7c:0d:c9:a7:44:6c:
                    69:b5:3d:19:a5:23:a7:51:82:71:5b:dd:b4:ad:8b:
                    a4:74:50:ac:a1:bb:22:67:fc:24:c8:ba:65:30:c5:
                    8b:4a:01:c0:91:22:76:b3:c5:7f:03:38:d0:0d:ed:
                    d4:74:c0:b9:25:9c:e5:c7:34:9f:37:9b:55:3b:ae:
                    a4:9e:7f:2f:69:8b:1a:d7:8b:5f:20:8e:27:51:0f:
                    fb:82:00:f4:06:e9:7c:bb:64:ac:b2:e1:70:69:f6:
                    28:9d:0b:c4:b2:4e:07:a9:73:d2:f4:f5:f8:e3:00:
                    28:f5:2a:e3:7f:d5:55:c8:9a:15:62:0f:27:40:74:
                    4d:b6:ed:27:3f:64:21:49:97:2b:67:aa:60:b2:b3:
                    15:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:22:84:2F:8F:79:D6:FA:01:F6:06:49:FC:F2:B2:E1:35:4B:2A:54
            X509v3 Authority Key Identifier:
                keyid:65:16:84:4D:24:5D:41:24:A2:2A:53:6B:04:6D:A8:63:32:D0:B9:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZRaETSRdQSSiKlNrBG2oYzLQuRE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/493985-c270-429e-91b2-d570483c368b/1/nCKEL4951voB9gZJ_PKy4TVLKlQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/493985-c270-429e-91b2-d570483c368b/1/ZRaETSRdQSSiKlNrBG2oYzLQuRE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.188.10.0/24
                  193.236.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         70:0f:b1:7b:34:bc:77:9b:b2:0b:a6:87:bb:9b:bd:99:0c:c5:
         a0:4c:e8:f2:0a:d6:2d:c0:a7:f0:01:7b:3b:eb:6a:4d:d4:de:
         6b:c4:26:a4:48:9d:44:86:04:a7:68:fd:79:98:eb:8b:91:60:
         ff:af:36:6d:20:82:af:87:24:37:a9:14:9f:2c:ff:5c:52:a5:
         71:fb:a2:1f:ec:ed:7e:a2:08:f9:fd:ff:c2:eb:17:fe:6b:65:
         4b:04:ef:74:0b:be:e0:2d:d1:0f:73:9f:57:2d:be:d9:0c:43:
         59:7f:73:1a:ac:31:6e:67:d1:e1:2d:f6:43:85:d4:c4:a9:f7:
         af:c0:b0:eb:68:5c:c3:03:53:1e:2e:6b:4c:b5:f8:2d:3e:4e:
         fb:be:18:3a:73:34:97:22:32:6d:83:ce:86:63:ab:29:de:c7:
         6b:60:ec:89:2e:ec:c0:9c:c7:e4:e2:94:9f:c1:63:31:af:a7:
         a2:67:c6:b2:75:75:9d:1e:b2:dc:b1:60:8a:66:c3:34:1b:2a:
         08:fc:cd:f4:aa:22:ab:8c:aa:54:32:95:af:e1:32:31:2a:38:
         d5:30:9c:dd:1c:d2:cb:c0:8c:1d:f4:a5:b3:e3:40:25:a2:be:
         29:99:d1:55:59:7a:5c:4e:8a:6e:25:58:a4:f5:2a:4e:6d:15:
         72:b1:6c:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvIDjmqLFt3hkWiLngkkjCPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTY4NDRkMjQ1ZDQxMjRhMjJhNTM2YjA0NmRhODYzMzJk
MGI5MTEwHhcNMjMxMTEzMDk0MDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzIyODQyZjhmNzlkNmZhMDFmNjA2NDlmY2YyYjJlMTM1NGIyYTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2d0GSvpvhBFyuD97aqyKAGmW6S3p
mq9VL1OF9Hk7i0ZpZ2QVveUa0lqN2sAQaOqmWvsPaHkw6UIlGZMRI7/Dx6ooLRqj
fnEqOUlfjOJ7F6OZG2NdulD8pXJc6Uvr/ZHSPeQX3a4A5efuY5EWqS/5Lpl8Dcmn
RGxptT0ZpSOnUYJxW920rYukdFCsobsiZ/wkyLplMMWLSgHAkSJ2s8V/AzjQDe3U
dMC5JZzlxzSfN5tVO66knn8vaYsa14tfII4nUQ/7ggD0Bul8u2SssuFwafYonQvE
sk4HqXPS9PX44wAo9Srjf9VVyJoVYg8nQHRNtu0nP2QhSZcrZ6pgsrMVYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJwihC+Pedb6AfYGSfzysuE1SypUMB8GA1UdIwQY
MBaAFGUWhE0kXUEkoipTawRtqGMy0LkRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJhRVRTUmRRU1NpS2xOckJHMm9ZekxRdVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80OTM5ODUtYzI3MC00MjllLTkxYjIt
ZDU3MDQ4M2MzNjhiLzEvbkNLRUw0OTUxdm9COWdaSl9QS3k0VFZMS2xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80OTM5ODUtYzI3MC00MjllLTkxYjItZDU3MDQ4M2MzNjhi
LzEvWlJhRVRTUmRRU1NpS2xOckJHMm9ZekxRdVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwLwKAwQC
wex4MA0GCSqGSIb3DQEBCwUAA4IBAQBwD7F7NLx3m7ILpoe7m72ZDMWgTOjyCtYt
wKfwAXs762pN1N5rxCakSJ1EhgSnaP15mOuLkWD/rzZtIIKvhyQ3qRSfLP9cUqVx
+6If7O1+ogj5/f/C6xf+a2VLBO90C77gLdEPc59XLb7ZDENZf3MarDFuZ9HhLfZD
hdTEqfevwLDraFzDA1MeLmtMtfgtPk77vhg6czSXIjJtg86GY6sp3sdrYOyJLuzA
nMfk4pSfwWMxr6eiZ8aydXWdHrLcsWCKZsM0GyoI/M30qiKrjKpUMpWv4TIxKjjV
MJzdHNLLwIwd9KWz40Alor4pmdFVWXpcTopuJVik9SpObRVysWzX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:16 2024 by rpki-client on console-ams.rpki-client.org