Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/6ErNkg4CA9xuAo5jUU80a0PjZPo.roa
File:                     6ErNkg4CA9xuAo5jUU80a0PjZPo.roa (raw, json)
Hash identifier:          vCsZ6EYVoxEMvSgq16NPPOw4sSuUdU7ANEL6/aXWbtI=
Subject key identifier:   E8:4A:CD:92:0E:02:03:DC:6E:02:8E:63:51:4F:34:6B:43:E3:64:FA
Certificate issuer:       /CN=943e3f4856dac2a005c3a52347114dec453934b8
Certificate serial:       01856D017EA87BF38EFE252AA32094566124
Authority key identifier: 94:3E:3F:48:56:DA:C2:A0:05:C3:A5:23:47:11:4D:EC:45:39:34:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lD4_SFbawqAFw6UjRxFN7EU5NLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/6ErNkg4CA9xuAo5jUU80a0PjZPo.roa
Signing time:             Sun 01 Jan 2023 11:04:52 +0000
ROA not before:           Sun 01 Jan 2023 11:04:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        176.127.0.0/17 maxlen: 17

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:01:7e:a8:7b:f3:8e:fe:25:2a:a3:20:94:56:61:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=943e3f4856dac2a005c3a52347114dec453934b8
        Validity
            Not Before: Jan  1 11:04:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e84acd920e0203dc6e028e63514f346b43e364fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:95:de:64:8c:4a:08:ee:a2:ad:d3:07:7b:39:
                    85:0f:0b:d5:0b:a8:b9:c7:8a:16:d1:06:12:ef:35:
                    49:ae:09:71:08:3e:46:db:dd:81:ad:51:05:1e:2d:
                    67:a6:dc:f2:d3:df:9d:bb:88:b8:3a:c4:f0:e0:32:
                    bb:19:2e:19:a1:84:b1:e8:1a:9a:0f:3c:29:4e:fd:
                    90:97:7a:ae:14:95:52:28:84:b5:e8:bb:21:31:78:
                    c2:24:c6:50:e1:e0:50:9e:b2:96:e4:a5:47:20:e6:
                    2c:6f:a6:6e:89:1c:f3:5f:c9:b3:d0:ca:4d:82:2b:
                    91:9c:95:9a:c1:5a:c9:1b:0e:0d:79:77:bf:44:b2:
                    a0:b3:6e:02:20:3e:6e:b9:ad:11:b5:af:01:c0:d0:
                    e6:c1:46:cb:5e:91:66:e5:f2:35:1e:a9:74:a3:be:
                    5c:69:74:11:8e:77:9c:01:eb:f3:4e:f9:c5:bb:78:
                    3b:b7:17:4a:d0:bb:4d:74:4f:fa:8f:30:5c:ad:13:
                    20:1b:a6:f2:a2:5e:e2:66:90:e4:dc:92:2d:92:aa:
                    41:eb:82:a5:e0:5e:91:a2:d2:a4:dc:f2:71:6c:07:
                    99:50:b9:5c:a6:20:b2:27:37:50:14:5a:77:c9:1e:
                    4b:83:9b:ba:dd:79:8f:c1:c2:5a:05:65:ab:70:de:
                    35:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:4A:CD:92:0E:02:03:DC:6E:02:8E:63:51:4F:34:6B:43:E3:64:FA
            X509v3 Authority Key Identifier:
                keyid:94:3E:3F:48:56:DA:C2:A0:05:C3:A5:23:47:11:4D:EC:45:39:34:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lD4_SFbawqAFw6UjRxFN7EU5NLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/6ErNkg4CA9xuAo5jUU80a0PjZPo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/lD4_SFbawqAFw6UjRxFN7EU5NLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.127.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         88:fe:17:b3:d6:46:db:50:94:9d:cd:74:38:5e:64:5f:f2:b3:
         9e:b2:74:86:a6:31:37:10:86:11:07:f2:cc:0b:2d:bd:8f:82:
         53:26:f3:0c:16:ae:5e:4f:e7:6a:66:5a:18:5d:5d:3f:54:c6:
         ca:14:4e:51:d5:f7:86:03:1d:46:75:55:d3:ca:6d:1d:53:d0:
         4e:0a:cc:a6:9b:b5:72:9f:77:6e:19:77:60:96:01:c3:65:7b:
         3f:1e:43:79:7a:0f:27:e5:2a:70:61:9b:94:2c:57:0a:e5:4e:
         f6:8c:f9:de:da:fd:73:99:db:f7:fc:d0:ef:3f:8a:f7:e5:99:
         07:e8:6a:c6:99:44:52:17:08:1c:fe:f5:f6:8b:a2:4d:2d:03:
         0e:eb:1e:9a:9c:80:95:f0:6b:fb:7f:a3:1d:19:b1:1a:57:56:
         4f:55:50:fb:63:45:40:ff:5a:78:2e:c0:38:da:d8:c5:6f:e1:
         4c:4d:d2:13:ce:23:d0:7e:b1:27:dd:30:43:07:29:11:8a:06:
         35:d4:d5:5a:fa:1c:06:36:b8:39:99:f6:88:8d:c0:05:7b:d6:
         a2:ef:d1:59:de:45:f6:29:d2:54:55:92:a4:d8:ef:66:ab:ff:
         e2:60:c1:6e:3d:ee:ca:d7:29:b1:2c:a4:67:fb:9a:e7:62:96:
         00:0d:eb:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtAX6oe/OO/iUqoyCUVmEkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0M2UzZjQ4NTZkYWMyYTAwNWMzYTUyMzQ3MTE0ZGVjNDUz
OTM0YjgwHhcNMjMwMTAxMTEwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODRhY2Q5MjBlMDIwM2RjNmUwMjhlNjM1MTRmMzQ2YjQzZTM2NGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJXeZIxKCO6irdMHezmFDwvVC6i5
x4oW0QYS7zVJrglxCD5G292BrVEFHi1nptzy09+du4i4OsTw4DK7GS4ZoYSx6Bqa
DzwpTv2Ql3quFJVSKIS16LshMXjCJMZQ4eBQnrKW5KVHIOYsb6ZuiRzzX8mz0MpN
giuRnJWawVrJGw4NeXe/RLKgs24CID5uua0Rta8BwNDmwUbLXpFm5fI1Hql0o75c
aXQRjnecAevzTvnFu3g7txdK0LtNdE/6jzBcrRMgG6byol7iZpDk3JItkqpB64Kl
4F6RotKk3PJxbAeZULlcpiCyJzdQFFp3yR5Lg5u63XmPwcJaBWWrcN41kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOhKzZIOAgPcbgKOY1FPNGtD42T6MB8GA1UdIwQY
MBaAFJQ+P0hW2sKgBcOlI0cRTexFOTS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEQ0X1NGYmF3cUFGdzZValJ4Rk43RVU1TkxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy84YzE1NDQtN2NmMi00ODcxLWExZGYt
MDI1M2QwNGZiOGZmLzEvNkVyTmtnNENBOXh1QW81alVVODBhMFBqWlBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy84YzE1NDQtN2NmMi00ODcxLWExZGYtMDI1M2QwNGZiOGZm
LzEvbEQ0X1NGYmF3cUFGdzZValJ4Rk43RVU1TkxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHsH8AMA0G
CSqGSIb3DQEBCwUAA4IBAQCI/hez1kbbUJSdzXQ4XmRf8rOesnSGpjE3EIYRB/LM
Cy29j4JTJvMMFq5eT+dqZloYXV0/VMbKFE5R1feGAx1GdVXTym0dU9BOCsymm7Vy
n3duGXdglgHDZXs/HkN5eg8n5SpwYZuULFcK5U72jPne2v1zmdv3/NDvP4r35ZkH
6GrGmURSFwgc/vX2i6JNLQMO6x6anICV8Gv7f6MdGbEaV1ZPVVD7Y0VA/1p4LsA4
2tjFb+FMTdITziPQfrEn3TBDBykRigY11NVa+hwGNrg5mfaIjcAFe9ai79FZ3kX2
KdJUVZKk2O9mq//iYMFuPe7K1ymxLKRn+5rnYpYADetB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:32 2024 by rpki-client on console-ams.rpki-client.org