Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/6dbgXd3FiybO-YDT1KzCkR7T20k.roa
File:                     6dbgXd3FiybO-YDT1KzCkR7T20k.roa (raw, json)
Hash identifier:          Qk1K9xDNon7vry0NzMse0HmUNy1Lz47kyitbdc8jMFE=
Subject key identifier:   E9:D6:E0:5D:DD:C5:8B:26:CE:F9:80:D3:D4:AC:C2:91:1E:D3:DB:49
Certificate issuer:       /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial:       01856CB851C0E265CE0B06FBA8A0B5709A88
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/6dbgXd3FiybO-YDT1KzCkR7T20k.roa
Signing time:             Sun 01 Jan 2023 09:44:56 +0000
ROA not before:           Sun 01 Jan 2023 09:44:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47818
IP address blocks:        217.109.108.0/24 maxlen: 24
                          194.2.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:b8:51:c0:e2:65:ce:0b:06:fb:a8:a0:b5:70:9a:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
        Validity
            Not Before: Jan  1 09:44:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e9d6e05dddc58b26cef980d3d4acc2911ed3db49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:0d:97:01:ed:db:2a:91:1d:b7:9a:77:da:ca:
                    0a:1f:89:a5:6b:3b:c6:7c:23:70:74:e9:0b:c5:f2:
                    85:92:3b:d4:77:01:98:b9:e7:05:29:88:06:77:fc:
                    35:c4:43:68:dd:77:e9:4c:cb:c7:64:a0:fe:74:c3:
                    93:bd:9e:18:14:2f:6e:f1:4f:d5:e2:e8:71:77:93:
                    ba:80:b4:c2:88:2a:1f:56:45:d1:f9:e0:9f:cb:76:
                    be:6b:a3:eb:92:11:93:78:db:6a:87:ae:d3:48:0b:
                    e1:a1:7e:41:dd:43:c5:e9:95:c7:60:d8:64:6a:1d:
                    bb:04:f4:4d:f6:9f:a7:97:03:2f:e1:b9:d9:f7:06:
                    32:c2:f3:d2:8f:62:6c:4f:9e:00:e0:93:79:21:3f:
                    3b:9e:28:f1:3e:c5:e4:dc:14:b9:12:14:32:9f:f4:
                    94:c0:4c:49:7a:3b:2b:84:40:4c:fe:3a:d0:bf:ef:
                    53:c1:0d:39:74:66:62:4a:9a:07:73:21:eb:bd:ee:
                    64:20:76:1a:e5:98:9a:c5:28:c0:25:45:bd:70:02:
                    a1:c0:d8:d0:9c:2e:27:93:0f:84:62:2e:3b:fd:01:
                    95:95:2c:3f:c6:dc:31:4d:67:7b:47:8b:ee:00:bb:
                    fc:13:96:de:5f:9e:c0:3e:bf:48:79:0b:b0:2b:f1:
                    0d:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:D6:E0:5D:DD:C5:8B:26:CE:F9:80:D3:D4:AC:C2:91:1E:D3:DB:49
            X509v3 Authority Key Identifier:
                keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/6dbgXd3FiybO-YDT1KzCkR7T20k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.2.42.0/24
                  217.109.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:ee:48:e1:60:f7:a6:80:21:66:38:05:98:c4:44:14:cc:94:
         80:3b:d0:b8:16:09:f7:63:86:aa:32:b3:3f:6e:c9:02:c2:ff:
         52:58:7a:49:d1:ce:77:a5:a4:12:db:88:92:6a:07:e2:fb:21:
         44:8f:7c:c0:0f:13:5c:fc:51:c5:c5:23:c6:92:cc:ca:06:a3:
         16:25:6a:65:ca:8f:2f:97:17:e8:c0:0f:96:74:3f:47:6c:27:
         ef:37:48:20:fb:d1:bb:a4:cc:9d:4e:a8:53:de:fe:2f:e0:29:
         71:31:55:fc:f0:7d:b2:79:05:a2:a8:75:46:24:b0:f0:1d:14:
         75:77:83:d4:e6:ce:df:94:64:24:20:e2:61:9b:25:03:eb:d4:
         19:6b:30:a8:40:3f:ca:76:c9:f7:80:86:fc:df:a1:9f:de:69:
         4d:b0:d2:12:f4:cb:a6:cb:76:c0:a2:27:b3:06:16:b3:5c:3f:
         fb:d8:91:51:87:4e:9f:1a:70:6e:d4:25:af:ea:42:4f:39:8b:
         bd:4f:bb:06:05:f0:0f:75:02:ed:9e:3c:de:d1:c7:e6:c0:cb:
         2d:cd:4f:71:c0:85:5b:25:6c:80:bf:d8:e5:c2:5e:85:8c:66:
         1b:94:e6:8a:ae:5c:e7:cd:d8:79:0c:b6:ef:b5:2c:f5:12:1a:
         36:ec:ea:88
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsuFHA4mXOCwb7qKC1cJqIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWQ2ZTA1ZGRkYzU4YjI2Y2VmOTgwZDNkNGFjYzI5MTFlZDNkYjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnA2XAe3bKpEdt5p32soKH4mlazvG
fCNwdOkLxfKFkjvUdwGYuecFKYgGd/w1xENo3XfpTMvHZKD+dMOTvZ4YFC9u8U/V
4uhxd5O6gLTCiCofVkXR+eCfy3a+a6PrkhGTeNtqh67TSAvhoX5B3UPF6ZXHYNhk
ah27BPRN9p+nlwMv4bnZ9wYywvPSj2JsT54A4JN5IT87nijxPsXk3BS5EhQyn/SU
wExJejsrhEBM/jrQv+9TwQ05dGZiSpoHcyHrve5kIHYa5ZiaxSjAJUW9cAKhwNjQ
nC4nkw+EYi47/QGVlSw/xtwxTWd7R4vuALv8E5beX57APr9IeQuwK/ENAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOnW4F3dxYsmzvmA09SswpEe09tJMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvNmRiZ1hkM0ZpeWJPLVlEVDFLekNrUjdUMjBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwgIqAwQA
2W1sMA0GCSqGSIb3DQEBCwUAA4IBAQB+7kjhYPemgCFmOAWYxEQUzJSAO9C4Fgn3
Y4aqMrM/bskCwv9SWHpJ0c53paQS24iSagfi+yFEj3zADxNc/FHFxSPGkszKBqMW
JWplyo8vlxfowA+WdD9HbCfvN0gg+9G7pMydTqhT3v4v4ClxMVX88H2yeQWiqHVG
JLDwHRR1d4PU5s7flGQkIOJhmyUD69QZazCoQD/Kdsn3gIb836Gf3mlNsNIS9Mum
y3bAoiezBhazXD/72JFRh06fGnBu1CWv6kJPOYu9T7sGBfAPdQLtnjze0cfmwMst
zU9xwIVbJWyAv9jlwl6FjGYblOaKrlznzdh5DLbvtSz1Eho27OqI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:19 2024 by rpki-client on console-ams.rpki-client.org