Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/Hz73Hyc7aHzCSJm2JrPiXHIo0Ig.roa
File:                     Hz73Hyc7aHzCSJm2JrPiXHIo0Ig.roa (raw, json)
Hash identifier:          sP8pw+78AHvCKnV7lNfE+ijWHxhr0zBMkXx7RnSE3ZY=
Subject key identifier:   1F:3E:F7:1F:27:3B:68:7C:C2:48:99:B6:26:B3:E2:5C:72:28:D0:88
Certificate issuer:       /CN=4eef6aae6fba5c61a61739afcab55a62266e89ee
Certificate serial:       018A1D3AFE321BFA712599904F9D13D39684
Authority key identifier: 4E:EF:6A:AE:6F:BA:5C:61:A6:17:39:AF:CA:B5:5A:62:26:6E:89:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Tu9qrm-6XGGmFzmvyrVaYiZuie4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/Hz73Hyc7aHzCSJm2JrPiXHIo0Ig.roa
Signing time:             Tue 22 Aug 2023 12:32:00 +0000
ROA not before:           Tue 22 Aug 2023 12:32:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206873
IP address blocks:        185.173.178.0/24 maxlen: 24
                          185.173.179.0/24 maxlen: 24
                          185.173.176.0/24 maxlen: 24
                          185.173.177.0/24 maxlen: 24
                          194.150.214.0/24 maxlen: 24
                          194.150.215.0/24 maxlen: 24
                          194.150.214.0/23 maxlen: 23
                          194.150.235.0/24 maxlen: 24
                          194.150.234.0/24 maxlen: 24
                          2a0b:6900:7::/48 maxlen: 48
                          2a0b:6903:fdb::/48 maxlen: 48
                          2a0b:6900:2::/48 maxlen: 48
                          2a0b:6903::/48 maxlen: 48
                          2a0b:6900:185d::/48 maxlen: 48
                          2a0b:6900::/48 maxlen: 48
                          2a0b:6900:10::/48 maxlen: 48
                          2a0b:6900:1::/48 maxlen: 48
                          2a0b:6900:4::/48 maxlen: 48
                          2a0b:6900:daf::/48 maxlen: 48
                          2a0b:6900:5::/48 maxlen: 48
                          2a0b:6900:8::/48 maxlen: 48
                          2a0b:6900:3::/48 maxlen: 48
                          2a0b:6900:9::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:1d:3a:fe:32:1b:fa:71:25:99:90:4f:9d:13:d3:96:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4eef6aae6fba5c61a61739afcab55a62266e89ee
        Validity
            Not Before: Aug 22 12:32:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1f3ef71f273b687cc24899b626b3e25c7228d088
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:7f:b3:be:7c:2e:16:e1:c7:e9:9b:34:ec:02:
                    2c:0a:2c:81:4f:61:da:36:b3:02:48:4e:c6:c3:94:
                    9a:51:09:f1:a7:26:1e:6e:10:94:dd:1b:5e:35:29:
                    9f:fb:81:97:86:02:aa:b1:83:bc:d9:30:9f:7a:a2:
                    f3:f6:7f:e9:35:57:f0:8b:94:9c:c6:1e:4b:b8:86:
                    42:0a:68:3d:9a:e6:2f:67:a4:31:ed:15:73:f3:c4:
                    5e:3c:96:17:2a:3f:50:64:fb:fe:1f:8a:5a:f2:1d:
                    dd:2f:18:98:7f:f7:b0:fc:87:f5:52:0e:cc:c6:76:
                    9a:57:c1:3f:28:13:55:aa:5a:14:af:57:79:f6:3f:
                    29:9d:e9:cc:89:c7:c8:12:5f:b0:41:05:2c:6d:de:
                    07:b4:ce:c3:1c:6d:f0:00:d5:cb:de:7b:f2:72:8d:
                    91:b6:da:a8:b8:ba:bd:a7:e0:5f:0a:b2:72:1e:bc:
                    93:12:a4:0f:ad:9d:bc:4a:03:a9:35:a3:59:71:06:
                    e0:6b:11:cc:59:83:8f:05:61:9d:aa:b5:62:f0:3d:
                    cb:36:7f:88:e5:02:17:5b:35:78:0d:a5:22:e2:20:
                    08:33:31:31:db:8e:09:4e:44:f8:38:48:b8:e3:e1:
                    da:46:fc:4d:a1:b6:aa:5a:34:4c:a0:7e:c8:fd:e0:
                    7d:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:3E:F7:1F:27:3B:68:7C:C2:48:99:B6:26:B3:E2:5C:72:28:D0:88
            X509v3 Authority Key Identifier:
                keyid:4E:EF:6A:AE:6F:BA:5C:61:A6:17:39:AF:CA:B5:5A:62:26:6E:89:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tu9qrm-6XGGmFzmvyrVaYiZuie4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/Hz73Hyc7aHzCSJm2JrPiXHIo0Ig.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/Tu9qrm-6XGGmFzmvyrVaYiZuie4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.173.176.0/22
                  194.150.214.0/23
                  194.150.234.0/23
                IPv6:
                  2a0b:6900::-2a0b:6900:5:ffff:ffff:ffff:ffff:ffff
                  2a0b:6900:7::-2a0b:6900:9:ffff:ffff:ffff:ffff:ffff
                  2a0b:6900:10::/48
                  2a0b:6900:daf::/48
                  2a0b:6900:185d::/48
                  2a0b:6903::/48
                  2a0b:6903:fdb::/48

    Signature Algorithm: sha256WithRSAEncryption
         3b:bb:98:fe:d7:67:54:14:33:ba:d7:af:a9:c8:2b:d0:43:b9:
         34:fa:fe:29:30:41:04:55:a3:ce:44:81:99:24:0d:de:38:26:
         4e:a6:8e:ed:54:e3:ad:20:0f:ca:73:ee:61:63:9c:eb:49:b0:
         1f:34:68:3f:2b:ea:b5:a3:0e:a0:ee:e6:51:24:9d:01:99:dd:
         7c:63:e0:e9:53:ca:fe:e8:f5:e8:12:cb:7b:80:98:d4:47:5d:
         72:be:2a:23:6b:d9:de:a1:e5:31:57:50:66:d5:94:7d:c8:87:
         d9:9f:89:b0:a2:44:ef:0d:fc:32:2a:df:86:41:eb:2a:39:72:
         61:08:d5:ae:5e:69:23:11:b8:e4:ab:53:ed:35:4c:b0:1b:79:
         7a:a0:1c:31:2c:75:60:32:84:02:d0:08:c0:2e:eb:d3:3a:bb:
         0f:98:55:c2:a5:8a:a0:12:a6:76:2b:38:da:55:05:0f:a6:09:
         50:2c:25:4f:9a:0c:9d:37:31:2e:32:5c:81:6b:35:d0:15:9b:
         09:d9:c2:ce:36:21:49:96:87:ad:d4:19:53:d7:37:73:a6:09:
         c0:4b:b2:f1:a1:c5:09:ba:9e:6b:10:da:0f:cc:07:ee:f0:d4:
         92:c5:bc:33:cb:ce:05:7c:0b:14:52:85:8b:d4:3d:da:0e:d2:
         fa:91:d0:d0
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYodOv4yG/pxJZmQT50T05aEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZWY2YWFlNmZiYTVjNjFhNjE3MzlhZmNhYjU1YTYyMjY2
ZTg5ZWUwHhcNMjMwODIyMTIzMjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjNlZjcxZjI3M2I2ODdjYzI0ODk5YjYyNmIzZTI1YzcyMjhkMDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgH+zvnwuFuHH6Zs07AIsCiyBT2Ha
NrMCSE7Gw5SaUQnxpyYebhCU3RteNSmf+4GXhgKqsYO82TCfeqLz9n/pNVfwi5Sc
xh5LuIZCCmg9muYvZ6Qx7RVz88RePJYXKj9QZPv+H4pa8h3dLxiYf/ew/If1Ug7M
xnaaV8E/KBNVqloUr1d59j8pnenMicfIEl+wQQUsbd4HtM7DHG3wANXL3nvyco2R
ttqouLq9p+BfCrJyHryTEqQPrZ28SgOpNaNZcQbgaxHMWYOPBWGdqrVi8D3LNn+I
5QIXWzV4DaUi4iAIMzEx244JTkT4OEi44+HaRvxNobaqWjRMoH7I/eB9JQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFB8+9x8nO2h8wkiZtiaz4lxyKNCIMB8GA1UdIwQY
MBaAFE7vaq5vulxhphc5r8q1WmImbonuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHU5cXJtLTZYR0dtRnptdnlyVmFZaVp1aWU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iOGU1YzQtMzhlYi00NDVmLWIwMzYt
YzM3NzkwZTZkNDgyLzEvSHo3M0h5YzdhSHpDU0ptMkpyUGlYSElvMElnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iOGU1YzQtMzhlYi00NDVmLWIwMzYtYzM3NzkwZTZkNDgy
LzEvVHU5cXJtLTZYR0dtRnptdnlyVmFZaVp1aWU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwGAQCAAEwEgMEArmtsAME
AcKW1gMEAcKW6jBYBAIAAjBSMA8DBAAqC2kDBwEqC2kAAAQwEgMHACoLaQAABwMH
ASoLaQAACAMHACoLaQAAEAMHACoLaQANrwMHACoLaQAYXQMHACoLaQMAAAMHACoL
aQMP2zANBgkqhkiG9w0BAQsFAAOCAQEAO7uY/tdnVBQzutevqcgr0EO5NPr+KTBB
BFWjzkSBmSQN3jgmTqaO7VTjrSAPynPuYWOc60mwHzRoPyvqtaMOoO7mUSSdAZnd
fGPg6VPK/uj16BLLe4CY1Eddcr4qI2vZ3qHlMVdQZtWUfciH2Z+JsKJE7w38Mirf
hkHrKjlyYQjVrl5pIxG45KtT7TVMsBt5eqAcMSx1YDKEAtAIwC7r0zq7D5hVwqWK
oBKmdis42lUFD6YJUCwlT5oMnTcxLjJcgWs10BWbCdnCzjYhSZaHrdQZU9c3c6YJ
wEuy8aHFCbqeaxDaD8wH7vDUksW8M8vOBXwLFFKFi9Q92g7S+pHQ0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:51 2024 by rpki-client on console-fra.rpki-client.org