Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f55b57-ecba-4d3d-9a81-bd802fc4aa94/1/b3uu4VG5mRgM5hYu6TtbcnvDoYU.roa
File:                     b3uu4VG5mRgM5hYu6TtbcnvDoYU.roa (raw, json)
Hash identifier:          K35BKay4m6U3dObm0hU3hS2q+lcbm9nWIZSqrK7NKIQ=
Subject key identifier:   6F:7B:AE:E1:51:B9:99:18:0C:E6:16:2E:E9:3B:5B:72:7B:C3:A1:85
Certificate issuer:       /CN=5c5d86974a7b624192ec8d834cf2906e1302e431
Certificate serial:       01856B00B88BA5C2752D974535B4E2994BC2
Authority key identifier: 5C:5D:86:97:4A:7B:62:41:92:EC:8D:83:4C:F2:90:6E:13:02:E4:31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XF2Gl0p7YkGS7I2DTPKQbhMC5DE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/f55b57-ecba-4d3d-9a81-bd802fc4aa94/1/b3uu4VG5mRgM5hYu6TtbcnvDoYU.roa
Signing time:             Sun 01 Jan 2023 01:44:47 +0000
ROA not before:           Sun 01 Jan 2023 01:44:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60460
IP address blocks:        176.227.170.0/23 maxlen: 23
                          176.227.172.0/22 maxlen: 22
                          46.231.24.0/24 maxlen: 24
                          46.231.28.0/24 maxlen: 24
                          46.231.29.0/24 maxlen: 24
                          46.231.27.0/24 maxlen: 24
                          46.231.25.0/24 maxlen: 24
                          46.231.26.0/24 maxlen: 24
                          46.231.30.0/24 maxlen: 24
                          46.231.31.0/24 maxlen: 24
                          185.88.240.0/23 maxlen: 23
                          2a04:2640::/29 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:00:b8:8b:a5:c2:75:2d:97:45:35:b4:e2:99:4b:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c5d86974a7b624192ec8d834cf2906e1302e431
        Validity
            Not Before: Jan  1 01:44:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6f7baee151b999180ce6162ee93b5b727bc3a185
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:6b:fb:7b:ca:d3:5b:97:83:89:d1:20:e5:e3:
                    c8:06:5c:1a:89:f5:cb:5b:ac:1b:cb:d2:ae:7b:b1:
                    86:17:e9:a9:3c:09:2d:86:47:43:47:47:84:4d:d7:
                    5f:57:4e:bd:b4:60:1a:5b:13:c5:58:a9:04:8a:a0:
                    55:28:d6:91:e0:a9:2a:0d:ea:c5:35:09:21:e6:39:
                    f2:bb:b3:81:76:b6:e0:eb:f1:45:36:23:91:f0:a3:
                    bb:cf:06:96:2c:1a:f2:2d:3b:a1:e0:06:34:57:aa:
                    2e:ce:aa:ef:c2:95:1f:29:fd:ad:9f:c0:91:05:01:
                    76:85:b1:8f:fc:b1:a0:33:91:50:03:1c:29:26:81:
                    64:b6:ab:fd:b1:28:42:a2:3b:1e:e0:2b:5b:bd:eb:
                    ab:9c:2d:33:b9:41:7e:ee:5a:75:d3:45:65:cb:b9:
                    dd:83:03:b0:b5:37:6a:01:e3:28:6c:48:16:ae:91:
                    8f:00:d4:2c:a4:b7:ae:c7:b1:f9:8d:c1:5c:c6:94:
                    4c:33:25:da:0a:f8:45:f4:ec:82:93:64:37:44:7a:
                    c6:72:d9:41:66:0a:37:2b:a8:67:f9:32:83:22:ef:
                    ec:f7:26:c7:40:78:c3:49:b9:7c:6f:42:1e:fc:0f:
                    0b:8c:ba:8b:6c:85:94:cd:a9:ef:f0:9c:9a:b9:de:
                    ba:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:7B:AE:E1:51:B9:99:18:0C:E6:16:2E:E9:3B:5B:72:7B:C3:A1:85
            X509v3 Authority Key Identifier:
                keyid:5C:5D:86:97:4A:7B:62:41:92:EC:8D:83:4C:F2:90:6E:13:02:E4:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XF2Gl0p7YkGS7I2DTPKQbhMC5DE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f55b57-ecba-4d3d-9a81-bd802fc4aa94/1/b3uu4VG5mRgM5hYu6TtbcnvDoYU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f55b57-ecba-4d3d-9a81-bd802fc4aa94/1/XF2Gl0p7YkGS7I2DTPKQbhMC5DE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.231.24.0/21
                  176.227.170.0-176.227.175.255
                  185.88.240.0/23
                IPv6:
                  2a04:2640::/29

    Signature Algorithm: sha256WithRSAEncryption
         20:58:e1:b1:84:dd:87:90:f4:ba:08:b9:d4:ac:e2:39:97:16:
         13:93:f2:b8:62:c9:00:ee:21:7f:bd:57:3a:96:34:e4:a8:fb:
         e3:b6:c6:18:40:4d:fb:59:10:6c:45:c4:ac:ef:2a:e6:5c:91:
         ce:56:43:12:35:e3:d7:65:50:d5:17:b7:fb:69:17:71:d6:16:
         62:17:39:98:08:ab:31:95:38:8c:43:dc:8c:8e:c8:2a:c0:7d:
         7d:0f:64:4c:73:e0:16:21:0f:92:99:36:11:54:4b:66:ba:35:
         51:ba:90:71:4d:d2:ed:2b:09:fa:94:f7:ee:2c:6b:c2:1b:29:
         52:84:2d:34:3f:6e:1f:83:3c:db:d9:1d:ce:7b:22:25:49:38:
         a5:1c:cd:40:c9:77:ce:29:46:d6:b2:a1:1a:37:83:16:21:2a:
         67:72:0e:8e:3c:8e:c8:9b:f8:5b:35:01:0f:15:fb:ec:d4:46:
         a7:f5:e8:65:8a:1f:8a:c2:6d:bf:a8:7c:19:40:1f:06:8c:69:
         cc:1f:9f:03:f9:67:a4:ca:e2:d4:55:70:1e:1a:87:0c:2c:d9:
         54:47:c6:04:85:e5:7b:67:b3:5a:1e:e8:d0:fc:0b:d4:d8:35:
         4e:06:d4:58:62:45:09:bf:f3:5c:63:af:f1:8f:d0:8a:be:0e:
         0b:0e:9b:03
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVrALiLpcJ1LZdFNbTimUvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNWQ4Njk3NGE3YjYyNDE5MmVjOGQ4MzRjZjI5MDZlMTMw
MmU0MzEwHhcNMjMwMTAxMDE0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjdiYWVlMTUxYjk5OTE4MGNlNjE2MmVlOTNiNWI3MjdiYzNhMTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmv7e8rTW5eDidEg5ePIBlwaifXL
W6wby9Kue7GGF+mpPAkthkdDR0eETddfV069tGAaWxPFWKkEiqBVKNaR4KkqDerF
NQkh5jnyu7OBdrbg6/FFNiOR8KO7zwaWLBryLTuh4AY0V6ouzqrvwpUfKf2tn8CR
BQF2hbGP/LGgM5FQAxwpJoFktqv9sShCojse4CtbveurnC0zuUF+7lp100Vly7nd
gwOwtTdqAeMobEgWrpGPANQspLeux7H5jcFcxpRMMyXaCvhF9OyCk2Q3RHrGctlB
Zgo3K6hn+TKDIu/s9ybHQHjDSbl8b0Ie/A8LjLqLbIWUzanv8Jyaud66vwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFG97ruFRuZkYDOYWLuk7W3J7w6GFMB8GA1UdIwQY
MBaAFFxdhpdKe2JBkuyNg0zykG4TAuQxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEYyR2wwcDdZa0dTN0kyRFRQS1FiaE1DNURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTViNTctZWNiYS00ZDNkLTlhODEt
YmQ4MDJmYzRhYTk0LzEvYjN1dTRWRzVtUmdNNWhZdTZUdGJjbnZEb1lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTViNTctZWNiYS00ZDNkLTlhODEtYmQ4MDJmYzRhYTk0
LzEvWEYyR2wwcDdZa0dTN0kyRFRQS1FiaE1DNURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQDLucYMAwD
BAGw46oDBASw46ADBAG5WPAwDQQCAAIwBwMFAyoEJkAwDQYJKoZIhvcNAQELBQAD
ggEBACBY4bGE3YeQ9LoIudSs4jmXFhOT8rhiyQDuIX+9VzqWNOSo++O2xhhATftZ
EGxFxKzvKuZckc5WQxI149dlUNUXt/tpF3HWFmIXOZgIqzGVOIxD3IyOyCrAfX0P
ZExz4BYhD5KZNhFUS2a6NVG6kHFN0u0rCfqU9+4sa8IbKVKELTQ/bh+DPNvZHc57
IiVJOKUczUDJd84pRtayoRo3gxYhKmdyDo48jsib+Fs1AQ8V++zURqf16GWKH4rC
bb+ofBlAHwaMacwfnwP5Z6TK4tRVcB4ahwws2VRHxgSF5Xtns1oe6ND8C9TYNU4G
1FhiRQm/81xjr/GP0Iq+DgsOmwM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:45 2024 by rpki-client on console-fra.rpki-client.org