Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/062ee4-5186-40c3-a02f-802510945c42/1/byTCo9bCdEkUAxgz8IFCXQeJtf0.roa
File:                     byTCo9bCdEkUAxgz8IFCXQeJtf0.roa (raw, json)
Hash identifier:          KhHGG2uA09eplKqo7MLwYUAsharlNiKFNFr0byrG+yw=
Subject key identifier:   6F:24:C2:A3:D6:C2:74:49:14:03:18:33:F0:81:42:5D:07:89:B5:FD
Certificate issuer:       /CN=06d093a1776c085a2648ff78b4ce1fe417c5635d
Certificate serial:       01856CC16D4ADDE4BAF9C50EFF690694F6C5
Authority key identifier: 06:D0:93:A1:77:6C:08:5A:26:48:FF:78:B4:CE:1F:E4:17:C5:63:5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BtCToXdsCFomSP94tM4f5BfFY10.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/062ee4-5186-40c3-a02f-802510945c42/1/byTCo9bCdEkUAxgz8IFCXQeJtf0.roa
Signing time:             Sun 01 Jan 2023 09:54:53 +0000
ROA not before:           Sun 01 Jan 2023 09:54:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5603
IP address blocks:        195.5.164.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:c1:6d:4a:dd:e4:ba:f9:c5:0e:ff:69:06:94:f6:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06d093a1776c085a2648ff78b4ce1fe417c5635d
        Validity
            Not Before: Jan  1 09:54:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6f24c2a3d6c2744914031833f081425d0789b5fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:93:4c:ef:3f:80:c4:e0:54:17:a7:6c:67:52:
                    c9:04:78:17:ef:f7:46:ff:d4:72:54:c2:e7:47:dd:
                    06:a2:57:6a:c7:83:1b:86:4f:e9:eb:c1:58:80:ef:
                    74:9c:11:98:f5:8e:74:c9:e9:dd:e6:c6:f8:e8:23:
                    0e:76:e6:62:30:8b:fc:e6:c1:cf:a6:2e:0b:5d:c3:
                    3b:24:40:27:fa:42:86:02:04:f4:52:31:d0:85:aa:
                    3d:e9:c2:cd:64:20:e2:b8:d6:dd:bc:e5:9f:55:86:
                    0c:08:c1:f3:87:25:ec:bd:03:ae:bb:f5:94:ca:07:
                    97:45:1d:05:e6:6f:33:76:da:13:a1:f7:e6:87:8d:
                    9f:c6:53:d7:ba:6d:42:b6:1b:7d:be:97:f5:fa:02:
                    e8:dd:d5:32:36:17:a2:27:43:77:72:a7:4d:85:be:
                    e0:b5:02:4e:31:12:17:5f:56:a7:52:01:68:b9:35:
                    2f:95:56:db:45:0c:36:c4:ba:ff:24:79:9e:10:85:
                    83:65:3f:da:d4:4b:0c:f8:76:9c:67:fc:08:98:1b:
                    4b:5b:ff:bf:bc:17:2a:d9:14:63:47:37:27:83:6a:
                    47:d6:e0:f3:2d:3a:34:e3:43:16:98:0c:b2:0e:4d:
                    b4:16:2e:70:31:09:d6:4f:11:78:9f:14:ad:fd:a6:
                    85:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:24:C2:A3:D6:C2:74:49:14:03:18:33:F0:81:42:5D:07:89:B5:FD
            X509v3 Authority Key Identifier:
                keyid:06:D0:93:A1:77:6C:08:5A:26:48:FF:78:B4:CE:1F:E4:17:C5:63:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BtCToXdsCFomSP94tM4f5BfFY10.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/062ee4-5186-40c3-a02f-802510945c42/1/byTCo9bCdEkUAxgz8IFCXQeJtf0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/062ee4-5186-40c3-a02f-802510945c42/1/BtCToXdsCFomSP94tM4f5BfFY10.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.5.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:a4:cc:c1:3e:c8:35:d2:5d:f6:4b:2a:d6:e3:ff:ca:0c:50:
         8a:e8:52:30:c0:0b:82:da:2d:0a:c7:15:b5:87:d3:7d:25:01:
         89:a1:c1:49:6e:5a:06:a8:a2:73:98:0f:2b:a1:5a:ee:4d:53:
         be:2a:4c:e9:89:04:9f:64:46:ea:88:7d:95:c2:de:ec:9e:d5:
         3d:d1:b7:37:66:57:ef:84:15:70:82:d0:62:57:fd:7b:68:7f:
         93:29:0b:c0:6b:df:03:32:df:60:42:e7:7b:8b:3c:07:ce:ef:
         35:f1:e3:03:ea:b0:33:ba:9e:6c:6e:f5:65:71:9a:1b:59:2d:
         26:ae:64:18:f6:97:ee:62:5a:91:32:c9:1d:49:83:a1:c2:29:
         d3:65:65:9c:b0:04:3b:fb:0f:b2:71:1a:29:6c:02:d1:db:22:
         f0:8a:67:f5:c1:b2:29:f2:e4:60:2a:1d:e5:88:2a:58:57:d6:
         1d:57:33:f8:6f:d9:31:c4:db:6a:ae:21:47:d3:22:84:d5:72:
         ac:e8:b5:70:ce:59:39:a7:f0:b5:84:0c:e0:87:35:ca:32:4d:
         7f:dc:6c:5c:c9:59:d9:cc:3b:0e:66:f8:4a:df:3a:aa:e1:6b:
         ea:18:df:03:ad:6d:a3:89:2c:c3:09:13:b2:94:9c:ef:55:b6:
         e8:13:1b:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVswW1K3eS6+cUO/2kGlPbFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZDA5M2ExNzc2YzA4NWEyNjQ4ZmY3OGI0Y2UxZmU0MTdj
NTYzNWQwHhcNMjMwMTAxMDk1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjI0YzJhM2Q2YzI3NDQ5MTQwMzE4MzNmMDgxNDI1ZDA3ODliNWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZNM7z+AxOBUF6dsZ1LJBHgX7/dG
/9RyVMLnR90Goldqx4Mbhk/p68FYgO90nBGY9Y50yend5sb46CMOduZiMIv85sHP
pi4LXcM7JEAn+kKGAgT0UjHQhao96cLNZCDiuNbdvOWfVYYMCMHzhyXsvQOuu/WU
ygeXRR0F5m8zdtoToffmh42fxlPXum1Ctht9vpf1+gLo3dUyNheiJ0N3cqdNhb7g
tQJOMRIXX1anUgFouTUvlVbbRQw2xLr/JHmeEIWDZT/a1EsM+HacZ/wImBtLW/+/
vBcq2RRjRzcng2pH1uDzLTo040MWmAyyDk20Fi5wMQnWTxF4nxSt/aaFIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG8kwqPWwnRJFAMYM/CBQl0HibX9MB8GA1UdIwQY
MBaAFAbQk6F3bAhaJkj/eLTOH+QXxWNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnRDVG9YZHNDRm9tU1A5NHRNNGY1QmZGWTEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8wNjJlZTQtNTE4Ni00MGMzLWEwMmYt
ODAyNTEwOTQ1YzQyLzEvYnlUQ285YkNkRWtVQXhnejhJRkNYUWVKdGYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8wNjJlZTQtNTE4Ni00MGMzLWEwMmYtODAyNTEwOTQ1YzQy
LzEvQnRDVG9YZHNDRm9tU1A5NHRNNGY1QmZGWTEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwWkMA0G
CSqGSIb3DQEBCwUAA4IBAQBRpMzBPsg10l32SyrW4//KDFCK6FIwwAuC2i0KxxW1
h9N9JQGJocFJbloGqKJzmA8roVruTVO+KkzpiQSfZEbqiH2Vwt7sntU90bc3Zlfv
hBVwgtBiV/17aH+TKQvAa98DMt9gQud7izwHzu818eMD6rAzup5sbvVlcZobWS0m
rmQY9pfuYlqRMskdSYOhwinTZWWcsAQ7+w+ycRopbALR2yLwimf1wbIp8uRgKh3l
iCpYV9YdVzP4b9kxxNtqriFH0yKE1XKs6LVwzlk5p/C1hAzghzXKMk1/3GxcyVnZ
zDsOZvhK3zqq4WvqGN8DrW2jiSzDCROylJzvVbboExvf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:49 2024 by rpki-client on console-ams.rpki-client.org