Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/bBOV6BtMhduq0lkLdf0yM5hDbhE.roa
File:                     bBOV6BtMhduq0lkLdf0yM5hDbhE.roa (raw, json)
Hash identifier:          q8s0ME5gw4dU2Vz72iBh1A/GGFIG1nF1ZeGJA9QMb3g=
Subject key identifier:   6C:13:95:E8:1B:4C:85:DB:AA:D2:59:0B:75:FD:32:33:98:43:6E:11
Certificate issuer:       /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial:       018CEF1D8EC57850CDACA3AA7023001497C6
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/bBOV6BtMhduq0lkLdf0yM5hDbhE.roa
Signing time:             Tue 09 Jan 2024 16:45:40 +0000
ROA not before:           Tue 09 Jan 2024 16:45:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        194.79.15.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 10 Jan 2024 07:06:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ef:1d:8e:c5:78:50:cd:ac:a3:aa:70:23:00:14:97:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
        Validity
            Not Before: Jan  9 16:45:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6c1395e81b4c85dbaad2590b75fd323398436e11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:e4:24:be:a9:b6:be:77:db:87:a8:27:2f:a0:
                    a1:9e:5c:46:7f:1a:60:6a:49:00:b4:3c:f5:08:34:
                    cb:bf:8d:50:f5:80:70:ea:73:c1:93:d3:c5:fa:f7:
                    66:21:f8:09:bf:cf:5f:59:d3:e1:17:b6:3b:46:74:
                    64:bb:cd:e7:5b:f6:8b:79:fa:8a:1a:cf:82:a7:c5:
                    1d:54:54:af:d7:9e:53:5a:6b:d5:f7:2d:3b:67:20:
                    c8:a1:e6:18:1c:b1:e8:d9:28:c6:5f:d4:fb:dd:7a:
                    e2:9d:cd:65:d4:aa:6d:0b:50:56:0c:61:e6:d8:84:
                    06:2d:3e:22:dc:30:b0:cc:ca:ee:f0:22:bd:12:6c:
                    da:ee:1f:97:9a:ab:f7:d3:86:1a:cb:9d:e8:92:5a:
                    55:01:a9:43:d3:7f:08:f0:60:ce:6f:de:58:16:f7:
                    ce:7a:be:03:ad:b7:cb:98:dc:30:18:2c:54:9a:9c:
                    ec:77:14:43:5f:97:46:d5:95:5a:ae:1f:4c:6a:99:
                    b2:5c:d3:5c:dc:93:d4:6b:4e:65:b8:f4:0e:00:09:
                    6b:6b:51:ab:29:df:69:e0:11:09:6c:2b:a8:c5:88:
                    44:7c:ed:8d:f2:04:bd:30:ec:35:db:cf:7f:2a:74:
                    78:51:fc:29:47:32:a5:0d:41:46:9b:09:9b:2f:2e:
                    b1:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:13:95:E8:1B:4C:85:DB:AA:D2:59:0B:75:FD:32:33:98:43:6E:11
            X509v3 Authority Key Identifier:
                keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/bBOV6BtMhduq0lkLdf0yM5hDbhE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.79.15.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:d8:bf:9f:a4:7b:95:8f:37:7f:51:ca:35:7e:7f:2c:a3:ab:
         61:48:fc:7d:6f:f8:c7:38:ee:06:a5:9d:7f:a2:6d:09:23:a5:
         30:ee:7e:48:50:d6:25:83:7a:4c:2c:d4:c2:22:32:ca:db:f0:
         ab:e9:da:ba:e3:42:53:fd:d1:90:10:f6:d0:a6:7e:08:42:00:
         c5:99:10:79:e3:25:62:00:a0:d5:a0:87:71:28:75:b6:7c:e7:
         97:54:65:43:a8:f0:95:16:0f:56:8e:dd:4d:d0:ac:82:5c:3e:
         24:32:64:b0:cb:53:7e:15:11:26:7c:d6:e4:ef:32:87:eb:eb:
         d6:79:4e:e2:f9:d7:52:4b:02:0e:5b:72:57:3c:db:32:c6:f1:
         6e:3e:6e:23:32:63:11:41:68:f8:d8:37:bd:82:cc:6b:00:40:
         8c:f2:cb:bd:04:1b:1b:47:be:9c:95:d7:02:11:75:b9:97:3e:
         a4:8b:00:10:bf:a3:2e:df:1f:2b:79:46:ce:14:27:70:7a:e4:
         81:b9:ee:0c:af:5c:0d:4f:0a:80:cb:c9:d9:da:ba:89:0c:58:
         e8:74:e4:45:7d:3f:d8:56:38:52:3a:f1:00:1f:3f:36:4d:b2:
         aa:25:93:e8:46:31:0a:ea:4c:26:a3:da:11:65:ce:b0:88:db:
         d8:db:d0:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzvHY7FeFDNrKOqcCMAFJfGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjQwMTA5MTY0NTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzEzOTVlODFiNGM4NWRiYWFkMjU5MGI3NWZkMzIzMzk4NDM2ZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+Qkvqm2vnfbh6gnL6ChnlxGfxpg
akkAtDz1CDTLv41Q9YBw6nPBk9PF+vdmIfgJv89fWdPhF7Y7RnRku83nW/aLefqK
Gs+Cp8UdVFSv155TWmvV9y07ZyDIoeYYHLHo2SjGX9T73Xrinc1l1KptC1BWDGHm
2IQGLT4i3DCwzMru8CK9Emza7h+Xmqv304Yay53oklpVAalD038I8GDOb95YFvfO
er4DrbfLmNwwGCxUmpzsdxRDX5dG1ZVarh9MapmyXNNc3JPUa05luPQOAAlra1Gr
Kd9p4BEJbCuoxYhEfO2N8gS9MOw1289/KnR4UfwpRzKlDUFGmwmbLy6xSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGwTlegbTIXbqtJZC3X9MjOYQ24RMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvYkJPVjZCdE1oZHVxMGxrTGRmMHlNNWhEYmhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwk8PMA0G
CSqGSIb3DQEBCwUAA4IBAQAQ2L+fpHuVjzd/Uco1fn8so6thSPx9b/jHOO4GpZ1/
om0JI6Uw7n5IUNYlg3pMLNTCIjLK2/Cr6dq640JT/dGQEPbQpn4IQgDFmRB54yVi
AKDVoIdxKHW2fOeXVGVDqPCVFg9Wjt1N0KyCXD4kMmSwy1N+FREmfNbk7zKH6+vW
eU7i+ddSSwIOW3JXPNsyxvFuPm4jMmMRQWj42De9gsxrAECM8su9BBsbR76cldcC
EXW5lz6kiwAQv6Mu3x8reUbOFCdweuSBue4Mr1wNTwqAy8nZ2rqJDFjodORFfT/Y
VjhSOvEAHz82TbKqJZPoRjEK6kwmo9oRZc6wiNvY29A+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:20 2024 by rpki-client on console-ams.rpki-client.org