Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/bHnO6nEAXydG2pntwgMcWI1jfaU.roa
File:                     bHnO6nEAXydG2pntwgMcWI1jfaU.roa (raw, json)
Hash identifier:          d2AIypLi+hu9gh8pKDKigMET/fYCn7G83DLdpGNbcUw=
Subject key identifier:   6C:79:CE:EA:71:00:5F:27:46:DA:99:ED:C2:03:1C:58:8D:63:7D:A5
Certificate issuer:       /CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Certificate serial:       0185AA533C5D17392CA25C3FC359B5C73A2F
Authority key identifier: 94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/bHnO6nEAXydG2pntwgMcWI1jfaU.roa
Signing time:             Fri 13 Jan 2023 08:50:59 +0000
ROA not before:           Fri 13 Jan 2023 08:50:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211895
IP address blocks:        185.39.18.0/24 maxlen: 24
                          194.61.120.0/24 maxlen: 24
                          2a10:1fc0:c::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:aa:53:3c:5d:17:39:2c:a2:5c:3f:c3:59:b5:c7:3a:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=947320d030930178e6f7ceef91d2ab8784d3dc16
        Validity
            Not Before: Jan 13 08:50:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6c79ceea71005f2746da99edc2031c588d637da5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:27:49:a8:81:07:fb:ff:f9:7e:41:5c:66:09:
                    77:9c:24:1b:b1:76:00:d2:54:7b:d6:2e:17:22:6a:
                    64:6f:b9:b0:4c:ed:b2:95:01:38:7f:5f:25:ba:66:
                    78:c4:22:b7:1b:24:fd:47:50:38:99:38:79:fd:1f:
                    f2:1b:ed:9f:bf:82:99:41:1f:75:0b:30:4b:99:11:
                    9e:da:74:26:6f:f9:f3:3b:1c:64:69:f3:51:18:dd:
                    3a:6c:51:ac:b7:08:ba:e9:b7:d3:e2:7d:00:d4:02:
                    de:a6:c7:55:fb:05:f1:7f:d7:1e:1e:d5:1e:d5:b4:
                    a9:1f:24:bf:84:d9:08:3d:55:01:36:ff:05:4e:2e:
                    b9:05:00:1b:16:78:08:7d:10:1b:69:84:f2:29:ce:
                    15:f9:c8:52:ab:d6:50:01:1c:59:b4:2e:bb:4e:fc:
                    3d:27:46:63:08:ae:37:84:f8:d7:5a:3c:9d:64:36:
                    41:1b:c1:d4:08:10:ad:8b:f8:81:a9:3a:65:1a:f9:
                    ea:4a:c9:76:6a:91:75:0f:88:c7:a1:8a:21:68:80:
                    d8:0b:09:51:78:cc:fe:77:3f:99:19:ba:f8:a3:71:
                    56:81:7b:f8:95:8d:51:b7:13:f0:f2:ba:63:88:6f:
                    68:c2:ec:32:6d:a9:ef:ab:23:0e:5f:5d:88:c5:b3:
                    de:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:79:CE:EA:71:00:5F:27:46:DA:99:ED:C2:03:1C:58:8D:63:7D:A5
            X509v3 Authority Key Identifier:
                keyid:94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/bHnO6nEAXydG2pntwgMcWI1jfaU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.39.18.0/24
                  194.61.120.0/24
                IPv6:
                  2a10:1fc0:c::/48

    Signature Algorithm: sha256WithRSAEncryption
         58:db:73:57:e3:4f:c5:fa:09:5b:29:10:d6:15:8d:31:eb:3b:
         f8:3a:04:4c:af:16:65:c7:d6:a4:0c:53:1a:62:71:c9:14:e7:
         e7:bc:81:01:43:f3:9b:cd:9c:16:ed:c1:38:93:4e:31:07:b0:
         cb:71:85:bf:40:d4:d2:16:08:23:48:27:d1:20:dc:3c:0a:29:
         8f:7c:b3:e8:7a:a1:64:99:c0:2e:58:e5:8f:f1:7e:e2:3d:a3:
         a0:3e:5a:08:a4:5f:c0:d5:70:a1:15:6b:2e:ad:00:bd:81:3d:
         5f:c9:17:2c:75:eb:fa:13:fe:f3:60:0c:1b:f8:d0:7c:06:59:
         f9:84:0f:f4:97:14:e3:57:e0:bd:65:ce:ec:34:c0:63:1c:e7:
         eb:d2:4a:15:8e:60:66:10:f9:56:30:45:c8:9f:4a:49:6a:7c:
         70:ac:16:72:d2:9d:ef:12:e9:9c:60:f0:97:0e:cd:b0:22:18:
         b7:7e:aa:03:5e:f9:bf:e6:1f:66:4f:0d:71:f3:b7:44:c7:d9:
         7f:3d:f6:e2:27:6b:3c:1d:18:48:54:71:d8:0b:d6:37:e9:e5:
         22:9b:34:16:1a:93:df:cf:69:79:cd:7c:e1:bb:fa:30:f4:a2:
         05:4c:46:e5:58:25:dd:26:c1:10:df:83:69:8f:7e:62:40:2c:
         ca:b7:89:3e
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYWqUzxdFzksolw/w1m1xzovMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzMyMGQwMzA5MzAxNzhlNmY3Y2VlZjkxZDJhYjg3ODRk
M2RjMTYwHhcNMjMwMTEzMDg1MDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzc5Y2VlYTcxMDA1ZjI3NDZkYTk5ZWRjMjAzMWM1ODhkNjM3ZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtydJqIEH+//5fkFcZgl3nCQbsXYA
0lR71i4XImpkb7mwTO2ylQE4f18lumZ4xCK3GyT9R1A4mTh5/R/yG+2fv4KZQR91
CzBLmRGe2nQmb/nzOxxkafNRGN06bFGstwi66bfT4n0A1ALepsdV+wXxf9ceHtUe
1bSpHyS/hNkIPVUBNv8FTi65BQAbFngIfRAbaYTyKc4V+chSq9ZQARxZtC67Tvw9
J0ZjCK43hPjXWjydZDZBG8HUCBCti/iBqTplGvnqSsl2apF1D4jHoYohaIDYCwlR
eMz+dz+ZGbr4o3FWgXv4lY1RtxPw8rpjiG9owuwybanvqyMOX12IxbPeawIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGx5zupxAF8nRtqZ7cIDHFiNY32lMB8GA1UdIwQY
MBaAFJRzINAwkwF45vfO75HSq4eE09wWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEt
OGFjNGEyMTkzOGI0LzEvYkhuTzZuRUFYeWRHMnBudHdnTWNXSTFqZmFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEtOGFjNGEyMTkzOGI0
LzEvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuScSAwQA
wj14MA8EAgACMAkDBwAqEB/AAAwwDQYJKoZIhvcNAQELBQADggEBAFjbc1fjT8X6
CVspENYVjTHrO/g6BEyvFmXH1qQMUxpicckU5+e8gQFD85vNnBbtwTiTTjEHsMtx
hb9A1NIWCCNIJ9Eg3DwKKY98s+h6oWSZwC5Y5Y/xfuI9o6A+WgikX8DVcKEVay6t
AL2BPV/JFyx16/oT/vNgDBv40HwGWfmED/SXFONX4L1lzuw0wGMc5+vSShWOYGYQ
+VYwRcifSklqfHCsFnLSne8S6Zxg8JcOzbAiGLd+qgNe+b/mH2ZPDXHzt0TH2X89
9uInazwdGEhUcdgL1jfp5SKbNBYak9/PaXnNfOG7+jD0ogVMRuVYJd0mwRDfg2mP
fmJALMq3iT4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:13 2024 by rpki-client on console-ams.rpki-client.org