Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/6YoL5_76wK9fqRm_xzFIpWHKXw0.roa
File:                     6YoL5_76wK9fqRm_xzFIpWHKXw0.roa (raw, json)
Hash identifier:          MFFwY/qVDhE1gVwUMrF1yQIyqNS+1ivaqOYeyaglEKA=
Subject key identifier:   E9:8A:0B:E7:FE:FA:C0:AF:5F:A9:19:BF:C7:31:48:A5:61:CA:5F:0D
Certificate issuer:       /CN=1120a0ce013e2d52a6ff354a270894bb998e4547
Certificate serial:       018572557D96FDDECAC3C38F69A5D0E1CDAF
Authority key identifier: 11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/6YoL5_76wK9fqRm_xzFIpWHKXw0.roa
Signing time:             Mon 02 Jan 2023 11:54:43 +0000
ROA not before:           Mon 02 Jan 2023 11:54:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61153
IP address blocks:        193.17.120.0/21 maxlen: 24
                          193.17.96.0/21 maxlen: 24
                          193.17.104.0/21 maxlen: 24
                          193.17.112.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:29:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:55:7d:96:fd:de:ca:c3:c3:8f:69:a5:d0:e1:cd:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1120a0ce013e2d52a6ff354a270894bb998e4547
        Validity
            Not Before: Jan  2 11:54:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e98a0be7fefac0af5fa919bfc73148a561ca5f0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:1b:96:17:8e:c2:ef:94:b7:b0:b5:33:e4:b5:
                    8a:af:52:bf:7b:fb:60:6b:45:70:27:c6:5c:25:8f:
                    bf:bf:e1:bb:b2:8c:b2:9a:84:78:3a:95:0c:52:8b:
                    c6:cb:5e:0f:97:65:ec:1f:a4:6d:0c:52:be:c2:f9:
                    d4:c8:3f:c2:db:e2:07:47:95:b6:27:c6:35:9e:da:
                    de:76:2f:a8:75:1b:84:7d:45:32:4e:1d:38:c0:db:
                    00:5b:f2:2e:f7:b3:34:73:19:f7:c3:08:bf:4e:d1:
                    7e:99:92:43:c0:33:d7:19:ba:e4:f9:05:fc:14:2c:
                    63:f1:1e:06:89:04:db:94:a2:cb:fb:19:d1:ba:d1:
                    41:52:94:fa:62:4b:5e:83:53:69:c9:34:b5:76:be:
                    d7:1f:2f:2d:60:45:3a:ce:63:c6:4c:31:d2:16:40:
                    ee:87:d1:51:2a:96:5f:82:24:be:d3:c6:81:c5:4b:
                    01:ec:b4:ab:94:6c:00:fd:59:57:35:21:06:57:ba:
                    91:98:61:d9:52:35:ea:48:a9:0c:79:50:da:39:d6:
                    46:bf:67:90:01:2b:cf:05:04:a8:20:88:dc:17:68:
                    31:bb:21:7d:7a:f5:0b:6d:7f:b8:fd:e0:1d:41:38:
                    20:89:5f:1d:bc:c0:19:28:54:e3:b7:07:fa:e7:50:
                    40:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:8A:0B:E7:FE:FA:C0:AF:5F:A9:19:BF:C7:31:48:A5:61:CA:5F:0D
            X509v3 Authority Key Identifier:
                keyid:11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/6YoL5_76wK9fqRm_xzFIpWHKXw0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/ESCgzgE-LVKm_zVKJwiUu5mORUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.17.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         6d:a4:67:74:d3:8d:59:05:e2:8b:29:4d:ff:e4:e3:d7:f5:ae:
         35:c2:d1:9d:44:9e:cd:9e:21:ef:1c:88:1d:a0:b2:f2:10:9b:
         61:ef:31:58:fc:32:77:4b:6d:be:29:51:60:80:0d:00:96:00:
         f4:88:1b:47:a3:5a:6d:d7:57:65:aa:7a:f4:9b:48:d9:8c:cb:
         62:3e:9a:03:f0:a4:81:2c:69:b5:02:3f:30:4a:5e:84:a6:f5:
         a3:a8:8e:22:92:50:9c:5c:8d:0b:5f:b8:0a:dc:8c:50:9e:44:
         a8:68:b2:3d:e3:84:ef:fd:82:4d:d1:22:7b:75:b6:a1:12:80:
         10:a9:f9:6a:cd:ae:90:b6:07:87:34:3f:ca:64:1a:ee:87:9f:
         a0:f4:ea:c7:10:77:6e:39:84:81:60:1a:ec:9e:cc:91:77:58:
         79:33:85:93:c6:4c:7e:fc:4a:25:27:a7:b6:e0:24:0e:05:8d:
         b8:89:cf:37:bc:ba:33:85:82:60:35:e7:50:bd:07:3f:a0:6b:
         e3:8e:5e:0a:9d:07:ac:60:d2:be:e4:78:65:c6:da:07:a0:36:
         cd:50:7a:3f:68:a4:6b:ce:51:02:f5:f2:85:02:24:54:fa:49:
         57:63:8e:c5:f4:67:6d:54:ea:83:41:ac:22:bd:d0:92:1c:13:
         63:44:e9:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyVX2W/d7Kw8OPaaXQ4c2vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjBhMGNlMDEzZTJkNTJhNmZmMzU0YTI3MDg5NGJiOTk4
ZTQ1NDcwHhcNMjMwMTAyMTE1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOThhMGJlN2ZlZmFjMGFmNWZhOTE5YmZjNzMxNDhhNTYxY2E1ZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBuWF47C75S3sLUz5LWKr1K/e/tg
a0VwJ8ZcJY+/v+G7soyymoR4OpUMUovGy14Pl2XsH6RtDFK+wvnUyD/C2+IHR5W2
J8Y1ntredi+odRuEfUUyTh04wNsAW/Iu97M0cxn3wwi/TtF+mZJDwDPXGbrk+QX8
FCxj8R4GiQTblKLL+xnRutFBUpT6Ykteg1NpyTS1dr7XHy8tYEU6zmPGTDHSFkDu
h9FRKpZfgiS+08aBxUsB7LSrlGwA/VlXNSEGV7qRmGHZUjXqSKkMeVDaOdZGv2eQ
ASvPBQSoIIjcF2gxuyF9evULbX+4/eAdQTggiV8dvMAZKFTjtwf651BA+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOmKC+f++sCvX6kZv8cxSKVhyl8NMB8GA1UdIwQY
MBaAFBEgoM4BPi1Spv81SicIlLuZjkVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNDZ3pnRS1MVkttX3pWS0p3aVV1NW1PUlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MjE0OTgtMjhkMy00Mzc2LWI2MjUt
MzFhZjNlMjk0NjcxLzEvNllvTDVfNzZ3SzlmcVJtX3h6RklwV0hLWHcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MjE0OTgtMjhkMy00Mzc2LWI2MjUtMzFhZjNlMjk0Njcx
LzEvRVNDZ3pnRS1MVkttX3pWS0p3aVV1NW1PUlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFwRFgMA0G
CSqGSIb3DQEBCwUAA4IBAQBtpGd0041ZBeKLKU3/5OPX9a41wtGdRJ7NniHvHIgd
oLLyEJth7zFY/DJ3S22+KVFggA0AlgD0iBtHo1pt11dlqnr0m0jZjMtiPpoD8KSB
LGm1Aj8wSl6EpvWjqI4iklCcXI0LX7gK3IxQnkSoaLI944Tv/YJN0SJ7dbahEoAQ
qflqza6QtgeHND/KZBruh5+g9OrHEHduOYSBYBrsnsyRd1h5M4WTxkx+/EolJ6e2
4CQOBY24ic83vLozhYJgNedQvQc/oGvjjl4KnQesYNK+5HhlxtoHoDbNUHo/aKRr
zlEC9fKFAiRU+klXY47F9GdtVOqDQawivdCSHBNjROkU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:54 2024 by rpki-client on console-ams.rpki-client.org