Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/s6iLglQ-jalv2uii1KwL4ou8OGc.roa
File:                     s6iLglQ-jalv2uii1KwL4ou8OGc.roa (raw, json)
Hash identifier:          MxhoOP+zqVsuB9KHd4s04HA1LRbn9t2vWPIFrbXj0W8=
Subject key identifier:   B3:A8:8B:82:54:3E:8D:A9:6F:DA:E8:A2:D4:AC:0B:E2:8B:BC:38:67
Certificate issuer:       /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial:       018F0AFB3E4DA03254C36239569518F6D731
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/s6iLglQ-jalv2uii1KwL4ou8OGc.roa
Signing time:             Tue 23 Apr 2024 12:43:08 +0000
ROA not before:           Tue 23 Apr 2024 12:43:08 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     55154
IP address blocks:        212.16.92.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 12 May 2024 10:57:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:0a:fb:3e:4d:a0:32:54:c3:62:39:56:95:18:f6:d7:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
        Validity
            Not Before: Apr 23 12:43:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b3a88b82543e8da96fdae8a2d4ac0be28bbc3867
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:90:c9:ef:2b:6b:9e:60:e0:46:be:78:67:f6:
                    0a:70:07:7f:1b:e5:da:21:40:de:42:98:2b:06:45:
                    18:7a:61:3b:a2:d7:ba:36:6a:3e:48:06:ad:a8:f6:
                    65:ef:43:95:d9:45:e6:8c:fd:4e:00:22:e8:77:eb:
                    4a:95:35:fd:47:a1:fb:82:ae:5c:26:d3:64:44:8c:
                    2a:6f:5c:b6:34:e0:67:5d:20:95:c2:e8:16:ab:52:
                    56:2e:81:69:16:3d:d4:75:06:03:f6:f6:86:a3:f3:
                    61:ac:8e:0d:4e:76:40:1f:c4:a7:22:83:d0:ef:34:
                    7d:fe:f1:aa:4f:f4:83:eb:90:83:48:f4:3f:e1:63:
                    fa:39:57:93:60:42:69:60:41:6c:a7:ce:1d:3a:05:
                    53:5f:4b:93:a8:ae:5b:89:80:ac:c1:1b:9e:b0:cd:
                    26:cb:4c:9f:90:32:ae:8d:fe:52:6d:cb:bd:fd:75:
                    93:0b:e3:89:26:b2:2e:62:a1:01:84:82:bf:c5:f8:
                    df:78:ed:a3:9b:1b:7d:22:09:ac:ac:ab:e9:e0:4c:
                    3f:ae:71:b5:d5:d8:1e:76:a3:f7:7a:27:06:8c:ad:
                    76:01:0a:74:f1:33:60:ed:96:7b:97:ba:a4:ec:56:
                    75:7a:ef:41:b5:86:2e:e9:c3:bb:05:70:73:fc:6c:
                    41:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:A8:8B:82:54:3E:8D:A9:6F:DA:E8:A2:D4:AC:0B:E2:8B:BC:38:67
            X509v3 Authority Key Identifier:
                keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/s6iLglQ-jalv2uii1KwL4ou8OGc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.16.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:17:76:48:55:05:48:e6:c7:a4:5b:56:7a:fc:18:82:be:28:
         f7:89:1c:b0:85:0d:60:25:af:92:13:ed:07:a6:dd:fc:af:92:
         2a:ca:ca:56:ae:56:97:c9:96:68:8e:40:06:e1:ee:f7:b7:50:
         b4:23:6a:6c:61:9b:0e:db:61:43:e0:de:ae:71:2c:dc:7e:a9:
         ef:d3:3c:9a:02:ce:f6:de:31:9f:43:62:92:47:1f:d6:71:01:
         d8:27:62:2e:c8:94:77:7f:1c:ab:bd:5c:69:e8:aa:32:7a:f0:
         68:2a:73:d8:28:9f:d8:fe:c0:53:a5:0a:5f:e8:b4:00:20:a9:
         0a:3f:f3:4e:f1:6e:61:67:d2:d9:2a:77:f6:3b:91:59:e2:e9:
         df:3d:dd:c2:3f:8e:8e:03:c8:8f:ab:dd:7c:66:db:02:1b:c4:
         3a:4e:e6:bd:c0:5d:67:94:a1:68:4e:f6:b9:48:50:a6:65:c1:
         4a:5a:6d:51:01:49:be:95:9c:59:18:55:9b:f9:c5:4b:04:b8:
         08:f1:bb:26:50:d3:77:69:81:ca:fe:72:1b:7c:92:e7:75:0a:
         db:73:69:25:e3:26:8c:1f:57:91:27:d6:b1:ea:14:9e:a0:f2:
         88:bf:30:90:9d:81:0b:ae:7c:5b:68:d2:28:65:e4:a9:b1:c9:
         eb:7a:1a:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8K+z5NoDJUw2I5VpUY9tcxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwNDIzMTI0MzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2E4OGI4MjU0M2U4ZGE5NmZkYWU4YTJkNGFjMGJlMjhiYmMzODY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZDJ7ytrnmDgRr54Z/YKcAd/G+Xa
IUDeQpgrBkUYemE7ote6Nmo+SAatqPZl70OV2UXmjP1OACLod+tKlTX9R6H7gq5c
JtNkRIwqb1y2NOBnXSCVwugWq1JWLoFpFj3UdQYD9vaGo/NhrI4NTnZAH8SnIoPQ
7zR9/vGqT/SD65CDSPQ/4WP6OVeTYEJpYEFsp84dOgVTX0uTqK5biYCswRuesM0m
y0yfkDKujf5Sbcu9/XWTC+OJJrIuYqEBhIK/xfjfeO2jmxt9IgmsrKvp4Ew/rnG1
1dgedqP3eicGjK12AQp08TNg7ZZ7l7qk7FZ1eu9BtYYu6cO7BXBz/GxB1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLOoi4JUPo2pb9rootSsC+KLvDhnMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvczZpTGdsUS1qYWx2MnVpaTFLd0w0b3U4T0djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BBcMA0G
CSqGSIb3DQEBCwUAA4IBAQAxF3ZIVQVI5sekW1Z6/BiCvij3iRywhQ1gJa+SE+0H
pt38r5IqyspWrlaXyZZojkAG4e73t1C0I2psYZsO22FD4N6ucSzcfqnv0zyaAs72
3jGfQ2KSRx/WcQHYJ2IuyJR3fxyrvVxp6KoyevBoKnPYKJ/Y/sBTpQpf6LQAIKkK
P/NO8W5hZ9LZKnf2O5FZ4unfPd3CP46OA8iPq918ZtsCG8Q6Tua9wF1nlKFoTva5
SFCmZcFKWm1RAUm+lZxZGFWb+cVLBLgI8bsmUNN3aYHK/nIbfJLndQrbc2kl4yaM
H1eRJ9ax6hSeoPKIvzCQnYELrnxbaNIoZeSpscnrehr7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:24 2024 by rpki-client on console-fra.rpki-client.org