Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/5c2e36-a9db-4522-a63e-455ddc7d9e38/1/vUJgyijDV5Bu0rm0ZsoKj9mjnVM.roa
File:                     vUJgyijDV5Bu0rm0ZsoKj9mjnVM.roa (raw, json)
Hash identifier:          1Ac7iucCeERN4T0lRtr9z5i+H5W3zop85omZO5VhFCI=
Subject key identifier:   BD:42:60:CA:28:C3:57:90:6E:D2:B9:B4:66:CA:0A:8F:D9:A3:9D:53
Certificate issuer:       /CN=3f56231e7ef53181b630260f5739a939980bce0f
Certificate serial:       018CC9BCAECCD89D8A89FF21129896AC4177
Authority key identifier: 3F:56:23:1E:7E:F5:31:81:B6:30:26:0F:57:39:A9:39:98:0B:CE:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P1YjHn71MYG2MCYPVzmpOZgLzg8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/5c2e36-a9db-4522-a63e-455ddc7d9e38/1/vUJgyijDV5Bu0rm0ZsoKj9mjnVM.roa
Signing time:             Tue 02 Jan 2024 10:33:55 +0000
ROA not before:           Tue 02 Jan 2024 10:33:55 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     58030
IP address blocks:        193.106.191.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 26 Feb 2024 20:53:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:ae:cc:d8:9d:8a:89:ff:21:12:98:96:ac:41:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f56231e7ef53181b630260f5739a939980bce0f
        Validity
            Not Before: Jan  2 10:33:55 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bd4260ca28c357906ed2b9b466ca0a8fd9a39d53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:f2:fc:8f:de:fc:5e:10:5b:ce:a6:d9:ce:52:
                    db:90:54:d5:63:21:42:9f:dc:ec:5d:4f:1b:01:6f:
                    60:2e:c9:c5:49:11:7d:d2:00:03:89:c9:1e:a4:f1:
                    83:89:b4:10:57:e7:a5:aa:94:d0:db:ba:06:39:5b:
                    92:22:b1:ea:d5:1e:ad:b2:cd:80:c6:fe:c0:da:f9:
                    da:22:d1:89:7a:87:07:1e:79:04:ad:69:c3:75:e8:
                    6b:b5:e8:3a:dd:4f:e9:63:c3:c1:dc:82:ba:91:dd:
                    02:c9:b9:55:ca:c0:2a:4c:c2:33:01:09:83:9b:f5:
                    6a:57:c4:88:01:f5:77:82:92:62:88:b0:b3:eb:d2:
                    f5:58:36:04:7e:21:38:9e:8d:09:86:f2:db:8a:a7:
                    85:22:0b:dd:4f:a9:eb:5f:9e:3f:80:c6:6c:de:de:
                    a9:fc:22:ef:e6:d7:d4:42:4f:55:a6:62:6e:80:c9:
                    dc:01:b4:16:7a:7c:6d:e3:55:69:8a:5e:d9:d5:b6:
                    3a:70:c1:ec:b4:c7:2f:51:6d:54:37:51:5c:1e:87:
                    87:bf:10:db:84:eb:bd:a8:83:21:9e:8d:ce:2c:9a:
                    f6:9a:ad:81:92:08:9e:e2:1a:70:8f:3d:76:1e:49:
                    a1:fe:00:f4:a4:89:6b:88:3d:3e:0b:4c:57:38:c6:
                    5b:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:42:60:CA:28:C3:57:90:6E:D2:B9:B4:66:CA:0A:8F:D9:A3:9D:53
            X509v3 Authority Key Identifier:
                keyid:3F:56:23:1E:7E:F5:31:81:B6:30:26:0F:57:39:A9:39:98:0B:CE:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P1YjHn71MYG2MCYPVzmpOZgLzg8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/5c2e36-a9db-4522-a63e-455ddc7d9e38/1/vUJgyijDV5Bu0rm0ZsoKj9mjnVM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/5c2e36-a9db-4522-a63e-455ddc7d9e38/1/P1YjHn71MYG2MCYPVzmpOZgLzg8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.106.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:51:f6:cd:16:db:24:98:75:90:22:fa:77:79:fa:92:20:7d:
         ae:c2:34:51:c4:a2:9f:3f:40:67:7c:1b:97:f4:37:b4:40:92:
         16:b5:c4:f9:40:5f:38:1a:3f:79:7a:36:07:14:88:87:38:38:
         a4:3b:bc:ec:bf:97:85:3f:2b:e4:d6:ea:30:a4:2b:b1:4f:d3:
         c0:d2:38:ec:73:ca:ca:db:a8:de:fb:68:a1:15:82:5f:f1:c0:
         49:e6:d9:96:41:ee:41:40:9f:11:37:51:0b:db:57:43:04:d6:
         de:d2:3e:f3:fe:d6:a0:26:f0:17:60:db:71:55:2d:ae:22:28:
         71:fa:40:a5:14:51:aa:76:02:55:49:6a:ea:9c:ef:44:21:c6:
         2e:1d:a2:da:5d:b1:dd:13:d7:07:e3:93:48:43:60:cb:bd:a4:
         94:87:c9:bb:6d:b5:2c:40:36:00:5b:91:3d:11:d1:3c:53:b4:
         df:75:09:25:80:49:d2:5d:98:c9:27:17:46:03:8b:ea:d2:e1:
         34:dc:6d:de:3c:5e:72:ec:7a:cc:9d:b0:74:a8:f5:e7:d8:b0:
         4a:dc:be:e8:4b:a5:50:2d:d3:3f:81:47:72:0e:02:19:88:c1:
         c2:03:ed:e1:c7:9e:46:46:ed:ca:10:9d:2d:2e:f1:aa:dc:29:
         b5:79:dd:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvK7M2J2Kif8hEpiWrEF3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNTYyMzFlN2VmNTMxODFiNjMwMjYwZjU3MzlhOTM5OTgw
YmNlMGYwHhcNMjQwMTAyMTAzMzU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDQyNjBjYTI4YzM1NzkwNmVkMmI5YjQ2NmNhMGE4ZmQ5YTM5ZDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPL8j978XhBbzqbZzlLbkFTVYyFC
n9zsXU8bAW9gLsnFSRF90gADickepPGDibQQV+elqpTQ27oGOVuSIrHq1R6tss2A
xv7A2vnaItGJeocHHnkErWnDdehrteg63U/pY8PB3IK6kd0CyblVysAqTMIzAQmD
m/VqV8SIAfV3gpJiiLCz69L1WDYEfiE4no0JhvLbiqeFIgvdT6nrX54/gMZs3t6p
/CLv5tfUQk9VpmJugMncAbQWenxt41Vpil7Z1bY6cMHstMcvUW1UN1FcHoeHvxDb
hOu9qIMhno3OLJr2mq2Bkgie4hpwjz12Hkmh/gD0pIlriD0+C0xXOMZbHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL1CYMoow1eQbtK5tGbKCo/Zo51TMB8GA1UdIwQY
MBaAFD9WIx5+9TGBtjAmD1c5qTmYC84PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDFZakhuNzFNWUcyTUNZUFZ6bXBPWmdMemc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi81YzJlMzYtYTlkYi00NTIyLWE2M2Ut
NDU1ZGRjN2Q5ZTM4LzEvdlVKZ3lpakRWNUJ1MHJtMFpzb0tqOW1qblZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi81YzJlMzYtYTlkYi00NTIyLWE2M2UtNDU1ZGRjN2Q5ZTM4
LzEvUDFZakhuNzFNWUcyTUNZUFZ6bXBPWmdMemc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWq/MA0G
CSqGSIb3DQEBCwUAA4IBAQChUfbNFtskmHWQIvp3efqSIH2uwjRRxKKfP0BnfBuX
9De0QJIWtcT5QF84Gj95ejYHFIiHODikO7zsv5eFPyvk1uowpCuxT9PA0jjsc8rK
26je+2ihFYJf8cBJ5tmWQe5BQJ8RN1EL21dDBNbe0j7z/tagJvAXYNtxVS2uIihx
+kClFFGqdgJVSWrqnO9EIcYuHaLaXbHdE9cH45NIQ2DLvaSUh8m7bbUsQDYAW5E9
EdE8U7TfdQklgEnSXZjJJxdGA4vq0uE03G3ePF5y7HrMnbB0qPXn2LBK3L7oS6VQ
LdM/gUdyDgIZiMHCA+3hx55GRu3KEJ0tLvGq3Cm1ed31
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:00 2024 by rpki-client on console-ams.rpki-client.org