Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/3b33e7-30b4-4149-9045-a0564c9d6fde/1/B5yMA3Sj6u4m81KfrLevN2Agyck.roa
File:                     B5yMA3Sj6u4m81KfrLevN2Agyck.roa (raw, json)
Hash identifier:          UoXBp4EKszL+ODRwr6ym/qPxExtZ8Vcp28xTz7yKJq0=
Subject key identifier:   07:9C:8C:03:74:A3:EA:EE:26:F3:52:9F:AC:B7:AF:37:60:20:C9:C9
Certificate issuer:       /CN=c11909548695f18c04cb895e2aceeb1103e03e12
Certificate serial:       018AAC1DD324F23BB4679B308308974B1A71
Authority key identifier: C1:19:09:54:86:95:F1:8C:04:CB:89:5E:2A:CE:EB:11:03:E0:3E:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wRkJVIaV8YwEy4leKs7rEQPgPhI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/3b33e7-30b4-4149-9045-a0564c9d6fde/1/B5yMA3Sj6u4m81KfrLevN2Agyck.roa
Signing time:             Tue 19 Sep 2023 06:25:50 +0000
ROA not before:           Tue 19 Sep 2023 06:25:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        84.252.106.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:ac:1d:d3:24:f2:3b:b4:67:9b:30:83:08:97:4b:1a:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c11909548695f18c04cb895e2aceeb1103e03e12
        Validity
            Not Before: Sep 19 06:25:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=079c8c0374a3eaee26f3529facb7af376020c9c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:cc:ee:7e:d8:2f:75:c6:dc:01:6a:cf:71:6e:
                    8d:ea:36:9c:33:b2:cf:9f:d6:32:00:58:37:3f:1b:
                    34:42:1e:60:9b:da:bc:6d:d1:1f:74:ff:fd:00:79:
                    b7:96:6e:9c:40:da:81:99:17:e3:ad:28:3e:14:8c:
                    f8:54:df:26:b1:7c:d5:4c:6d:db:1b:23:fe:5f:55:
                    b0:50:aa:91:11:fb:9c:c9:ac:11:c7:06:c5:86:5a:
                    42:f3:c4:64:0f:26:6f:70:98:27:c2:e4:48:11:0d:
                    9b:1c:0a:5f:ec:01:ff:79:26:c1:85:71:5f:b7:87:
                    cb:f1:1a:54:b4:52:40:27:8e:bd:ae:7a:13:5a:d5:
                    04:0e:a1:db:87:42:65:9a:16:4f:07:34:29:e1:98:
                    9d:94:0e:6a:2c:48:2f:e9:13:3e:f6:ca:06:54:76:
                    20:17:7b:21:12:e6:02:70:5d:18:80:16:99:f3:2b:
                    10:76:61:ba:e4:69:7a:f9:20:3a:dd:f6:fd:2e:e8:
                    05:e7:46:8f:7f:ac:59:d4:00:83:ae:a9:6d:05:db:
                    ff:a2:07:a3:b2:d3:7c:a4:23:80:f7:bb:be:aa:41:
                    53:ad:51:80:19:f2:01:9b:e9:93:ac:cf:2c:76:de:
                    0e:cf:7f:12:91:37:3a:9a:16:e0:1d:26:d1:73:01:
                    5c:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:9C:8C:03:74:A3:EA:EE:26:F3:52:9F:AC:B7:AF:37:60:20:C9:C9
            X509v3 Authority Key Identifier:
                keyid:C1:19:09:54:86:95:F1:8C:04:CB:89:5E:2A:CE:EB:11:03:E0:3E:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wRkJVIaV8YwEy4leKs7rEQPgPhI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/3b33e7-30b4-4149-9045-a0564c9d6fde/1/B5yMA3Sj6u4m81KfrLevN2Agyck.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/3b33e7-30b4-4149-9045-a0564c9d6fde/1/wRkJVIaV8YwEy4leKs7rEQPgPhI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.252.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:d7:4f:58:05:ca:5d:2e:e4:14:34:66:c6:e3:99:1e:a8:5e:
         da:77:52:ce:15:7b:d3:92:0f:e9:a9:8d:da:4d:df:b3:a5:17:
         ed:18:3c:e9:67:65:70:da:55:93:04:fa:9a:37:ec:b1:c6:21:
         0d:e4:95:c5:a2:0a:13:28:4f:52:bc:12:72:55:b4:a9:b1:49:
         63:db:bc:7c:21:9d:c8:bc:dd:53:17:e8:e6:be:77:36:d4:c1:
         96:a0:04:cb:23:fc:12:f7:77:22:58:4a:b4:85:07:45:94:87:
         db:8c:0c:81:6b:e9:3d:3a:8b:ac:de:ab:dc:dd:8c:eb:af:6e:
         4a:36:64:57:47:00:2a:d2:09:f0:c0:98:fe:98:bb:7d:98:3a:
         16:c9:c9:00:91:70:5a:3e:d4:84:33:d8:64:50:74:f6:5f:4d:
         e0:ce:8c:93:5a:91:91:95:7b:75:8f:b7:f8:64:c5:b2:7f:4e:
         e7:90:c1:41:99:3d:67:dd:c9:56:79:67:f9:b9:bd:af:4b:a5:
         84:75:f9:99:2f:ac:fe:33:6c:09:be:e6:b8:13:46:42:83:fb:
         bf:d6:b9:83:8b:56:93:a8:6f:d3:3e:76:63:63:f3:39:5a:1b:
         1b:6f:d7:fc:96:6a:2c:4c:43:ab:02:b9:df:a5:f9:15:6a:26:
         40:d3:89:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqsHdMk8ju0Z5swgwiXSxpxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMTkwOTU0ODY5NWYxOGMwNGNiODk1ZTJhY2VlYjExMDNl
MDNlMTIwHhcNMjMwOTE5MDYyNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzljOGMwMzc0YTNlYWVlMjZmMzUyOWZhY2I3YWYzNzYwMjBjOWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMzuftgvdcbcAWrPcW6N6jacM7LP
n9YyAFg3Pxs0Qh5gm9q8bdEfdP/9AHm3lm6cQNqBmRfjrSg+FIz4VN8msXzVTG3b
GyP+X1WwUKqREfucyawRxwbFhlpC88RkDyZvcJgnwuRIEQ2bHApf7AH/eSbBhXFf
t4fL8RpUtFJAJ469rnoTWtUEDqHbh0JlmhZPBzQp4ZidlA5qLEgv6RM+9soGVHYg
F3shEuYCcF0YgBaZ8ysQdmG65Gl6+SA63fb9LugF50aPf6xZ1ACDrqltBdv/ogej
stN8pCOA97u+qkFTrVGAGfIBm+mTrM8sdt4Oz38SkTc6mhbgHSbRcwFcWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAecjAN0o+ruJvNSn6y3rzdgIMnJMB8GA1UdIwQY
MBaAFMEZCVSGlfGMBMuJXirO6xED4D4SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1JrSlZJYVY4WXdFeTRsZUtzN3JFUVBnUGhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8zYjMzZTctMzBiNC00MTQ5LTkwNDUt
YTA1NjRjOWQ2ZmRlLzEvQjV5TUEzU2o2dTRtODFLZnJMZXZOMkFneWNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8zYjMzZTctMzBiNC00MTQ5LTkwNDUtYTA1NjRjOWQ2ZmRl
LzEvd1JrSlZJYVY4WXdFeTRsZUtzN3JFUVBnUGhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVPxqMA0G
CSqGSIb3DQEBCwUAA4IBAQCV109YBcpdLuQUNGbG45keqF7ad1LOFXvTkg/pqY3a
Td+zpRftGDzpZ2Vw2lWTBPqaN+yxxiEN5JXFogoTKE9SvBJyVbSpsUlj27x8IZ3I
vN1TF+jmvnc21MGWoATLI/wS93ciWEq0hQdFlIfbjAyBa+k9Oous3qvc3Yzrr25K
NmRXRwAq0gnwwJj+mLt9mDoWyckAkXBaPtSEM9hkUHT2X03gzoyTWpGRlXt1j7f4
ZMWyf07nkMFBmT1n3clWeWf5ub2vS6WEdfmZL6z+M2wJvua4E0ZCg/u/1rmDi1aT
qG/TPnZjY/M5Whsbb9f8lmosTEOrArnfpfkVaiZA04kV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:53 2024 by rpki-client on console-ams.rpki-client.org