Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/J6dIcSjTj2Su_FdBdxwEeuWpKw4.roa
File:                     J6dIcSjTj2Su_FdBdxwEeuWpKw4.roa (raw, json)
Hash identifier:          R/O9kjLBJSHs4efbhhlfP8mUKWFdpYLCqAQgyDivtfs=
Subject key identifier:   27:A7:48:71:28:D3:8F:64:AE:FC:57:41:77:1C:04:7A:E5:A9:2B:0E
Certificate issuer:       /CN=70b4da0f1013acdb61c2f7a26d14c4f0de8222ec
Certificate serial:       01857082B7B6F1643304864CC36596A4C5E7
Authority key identifier: 70:B4:DA:0F:10:13:AC:DB:61:C2:F7:A2:6D:14:C4:F0:DE:82:22:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cLTaDxATrNthwveibRTE8N6CIuw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/J6dIcSjTj2Su_FdBdxwEeuWpKw4.roa
Signing time:             Mon 02 Jan 2023 03:24:52 +0000
ROA not before:           Mon 02 Jan 2023 03:24:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     559
IP address blocks:        129.194.0.0/15 maxlen: 16
                          192.33.212.0/22 maxlen: 22
                          192.33.216.0/22 maxlen: 22
                          192.33.222.0/23 maxlen: 23
                          192.33.220.0/24 maxlen: 24
                          192.33.224.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:82:b7:b6:f1:64:33:04:86:4c:c3:65:96:a4:c5:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70b4da0f1013acdb61c2f7a26d14c4f0de8222ec
        Validity
            Not Before: Jan  2 03:24:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=27a7487128d38f64aefc5741771c047ae5a92b0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:ae:bd:8e:14:86:71:cf:bf:ca:ec:11:0f:f5:
                    3a:d3:9c:b2:d3:63:c5:4c:a9:0b:98:17:83:d3:2d:
                    9a:a2:63:e9:84:be:a7:a2:9d:57:66:50:7f:1b:64:
                    60:87:4d:6e:ab:2d:c2:fc:85:2c:8b:c2:f7:a8:5f:
                    be:0e:1f:be:5e:7a:52:7e:c4:7e:cc:ef:23:f4:ec:
                    28:57:e2:d4:f2:30:84:bb:e7:e7:ae:f9:ec:f1:12:
                    bb:58:ce:97:4e:d1:3b:fd:18:7e:a4:ef:b1:9a:ff:
                    70:b3:34:8e:d6:18:5f:3f:48:27:2e:98:0d:f0:4b:
                    ca:2f:0f:64:76:bc:96:cd:88:94:39:0e:c3:77:ae:
                    b1:fc:d1:78:71:18:95:3b:ca:55:b4:cb:99:7c:87:
                    37:2f:89:75:64:20:0a:9c:8c:6b:85:bd:b4:3a:aa:
                    5d:71:1f:ec:ed:47:90:6f:64:e5:7a:c3:78:94:11:
                    c7:02:2a:88:36:35:ae:2a:a2:04:37:4f:2a:e3:89:
                    08:71:06:6f:04:95:14:8d:3c:ee:e0:1b:91:85:1a:
                    ca:1e:d8:0a:b9:fc:ff:5e:09:94:94:d8:2a:88:b2:
                    b4:56:da:94:f1:84:a1:fe:17:ac:7b:95:27:0c:c4:
                    8d:9f:34:7e:d2:5c:b9:d4:57:e3:c8:12:02:3a:09:
                    38:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:A7:48:71:28:D3:8F:64:AE:FC:57:41:77:1C:04:7A:E5:A9:2B:0E
            X509v3 Authority Key Identifier:
                keyid:70:B4:DA:0F:10:13:AC:DB:61:C2:F7:A2:6D:14:C4:F0:DE:82:22:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLTaDxATrNthwveibRTE8N6CIuw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/J6dIcSjTj2Su_FdBdxwEeuWpKw4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/883fd6-c6b6-4ae1-a187-f3069ee590da/1/cLTaDxATrNthwveibRTE8N6CIuw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  129.194.0.0/15
                  192.33.212.0-192.33.220.255
                  192.33.222.0-192.33.231.255

    Signature Algorithm: sha256WithRSAEncryption
         35:94:8b:8b:cd:c9:92:8f:5a:83:9e:7c:bc:f7:27:56:34:7d:
         8c:9f:db:12:5a:6d:3f:43:23:fa:18:fa:9a:f2:fa:a3:88:b3:
         ab:ce:52:cf:50:31:11:2e:af:0d:08:bd:04:ba:f0:15:69:1f:
         19:72:bf:8b:07:e1:9c:d7:5c:ed:52:8e:db:69:4a:31:e6:da:
         ec:3d:39:4b:c6:da:c3:dd:cf:fe:75:a5:19:3b:01:45:45:05:
         e5:a5:3c:5e:a1:20:f2:66:73:9f:04:0b:6c:4a:fc:3d:f3:8e:
         dc:3a:93:2e:6d:31:8c:60:97:65:55:e7:3f:e4:ad:eb:02:62:
         22:62:41:bb:10:fe:b6:89:05:f1:15:f0:39:63:59:2c:da:88:
         33:9e:0c:66:ed:ec:06:1a:bd:43:ac:ea:47:2b:4b:26:0e:31:
         ce:29:95:20:de:d5:b7:fa:e1:8e:80:42:9b:a6:5c:a7:35:1a:
         a6:a4:0a:5f:ef:b5:e3:b4:bb:51:ce:74:c8:1e:fb:2d:0d:48:
         29:54:1c:e7:dc:82:a7:75:1d:eb:20:33:1b:01:f7:24:65:d1:
         d8:d7:64:5e:3b:9f:a8:28:b9:31:c0:3b:bc:67:62:dd:35:68:
         0e:d0:37:ef:a1:73:9b:36:e5:50:95:d0:de:69:8e:33:c9:90:
         93:8b:30:ea
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVwgre28WQzBIZMw2WWpMXnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYjRkYTBmMTAxM2FjZGI2MWMyZjdhMjZkMTRjNGYwZGU4
MjIyZWMwHhcNMjMwMTAyMDMyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2E3NDg3MTI4ZDM4ZjY0YWVmYzU3NDE3NzFjMDQ3YWU1YTkyYjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjq69jhSGcc+/yuwRD/U605yy02PF
TKkLmBeD0y2aomPphL6nop1XZlB/G2Rgh01uqy3C/IUsi8L3qF++Dh++XnpSfsR+
zO8j9OwoV+LU8jCEu+fnrvns8RK7WM6XTtE7/Rh+pO+xmv9wszSO1hhfP0gnLpgN
8EvKLw9kdryWzYiUOQ7Dd66x/NF4cRiVO8pVtMuZfIc3L4l1ZCAKnIxrhb20Oqpd
cR/s7UeQb2TlesN4lBHHAiqINjWuKqIEN08q44kIcQZvBJUUjTzu4BuRhRrKHtgK
ufz/XgmUlNgqiLK0VtqU8YSh/hese5UnDMSNnzR+0ly51FfjyBICOgk4JwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCenSHEo049krvxXQXccBHrlqSsOMB8GA1UdIwQY
MBaAFHC02g8QE6zbYcL3om0UxPDegiLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0xUYUR4QVRyTnRod3ZlaWJSVEU4TjZDSXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC84ODNmZDYtYzZiNi00YWUxLWExODct
ZjMwNjllZTU5MGRhLzEvSjZkSWNTalRqMlN1X0ZkQmR4d0VldVdwS3c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC84ODNmZDYtYzZiNi00YWUxLWExODctZjMwNjllZTU5MGRh
LzEvY0xUYUR4QVRyTnRod3ZlaWJSVEU4TjZDSXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAnBAIAATAhAwMBgcIwDAME
AsAh1AMEAMAh3DAMAwQBwCHeAwQDwCHgMA0GCSqGSIb3DQEBCwUAA4IBAQA1lIuL
zcmSj1qDnny89ydWNH2Mn9sSWm0/QyP6GPqa8vqjiLOrzlLPUDERLq8NCL0EuvAV
aR8Zcr+LB+Gc11ztUo7baUox5trsPTlLxtrD3c/+daUZOwFFRQXlpTxeoSDyZnOf
BAtsSvw9847cOpMubTGMYJdlVec/5K3rAmIiYkG7EP62iQXxFfA5Y1ks2ogzngxm
7ewGGr1DrOpHK0smDjHOKZUg3tW3+uGOgEKbplynNRqmpApf77XjtLtRznTIHvst
DUgpVBzn3IKndR3rIDMbAfckZdHY12ReO5+oKLkxwDu8Z2LdNWgO0DfvoXObNuVQ
ldDeaY4zyZCTizDq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:41 2024 by rpki-client on console-fra.rpki-client.org