Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/bU9BD2Ms6gd9fRZibMZ3AdhQc2Y.roa
File:                     bU9BD2Ms6gd9fRZibMZ3AdhQc2Y.roa (raw, json)
Hash identifier:          NrWLoEoqeAMYU3jUip2MMoAXj8q7bvD0HSIBOcS9jaU=
Subject key identifier:   6D:4F:41:0F:63:2C:EA:07:7D:7D:16:62:6C:C6:77:01:D8:50:73:66
Certificate issuer:       /CN=6c73a04a7d0eb2df47daf0c39fba75e365c8853d
Certificate serial:       018CC2DAEA730F23EAF735DDE06B50B1CF6B
Authority key identifier: 6C:73:A0:4A:7D:0E:B2:DF:47:DA:F0:C3:9F:BA:75:E3:65:C8:85:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bHOgSn0Ost9H2vDDn7p142XIhT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/bU9BD2Ms6gd9fRZibMZ3AdhQc2Y.roa
Signing time:             Mon 01 Jan 2024 02:29:35 +0000
ROA not before:           Mon 01 Jan 2024 02:29:35 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15806
IP address blocks:        193.178.96.0/20 maxlen: 24
                          193.178.64.0/19 maxlen: 24
                          2a01:88::/32 maxlen: 32

Validation:               Failed, certificate revoked on Fri 23 Feb 2024 11:01:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:da:ea:73:0f:23:ea:f7:35:dd:e0:6b:50:b1:cf:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c73a04a7d0eb2df47daf0c39fba75e365c8853d
        Validity
            Not Before: Jan  1 02:29:35 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6d4f410f632cea077d7d16626cc67701d8507366
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:27:d0:1a:f6:d3:72:8d:35:1f:bb:13:41:f6:
                    56:d6:79:a1:36:60:48:db:8d:6e:e4:e1:9c:db:5d:
                    5d:21:85:8f:51:be:05:b6:ee:9e:1d:96:34:dc:20:
                    29:af:a5:91:06:67:f4:93:30:3d:2e:c3:94:4c:b6:
                    f4:02:0e:24:d5:b7:b9:1b:06:52:fc:7d:0f:df:23:
                    bb:ea:34:5f:09:f1:33:10:c4:73:48:54:56:56:00:
                    4e:e5:e0:3f:2c:48:ba:23:18:f4:46:dd:f9:85:23:
                    a4:49:4e:72:de:40:2b:17:3e:0d:52:19:9f:65:7e:
                    4a:d5:a0:f6:fe:4d:23:42:91:9e:52:0e:19:0e:25:
                    2c:42:3f:8e:92:46:23:bd:56:d1:e7:be:80:a1:b6:
                    e3:45:ef:92:2f:f6:0f:9e:cd:6a:21:53:2f:5c:8f:
                    bf:c2:71:2a:bf:41:0d:97:7c:d9:aa:9d:5c:bd:2f:
                    cd:66:18:9a:e7:cd:fc:2a:2b:89:52:9a:8c:d2:cc:
                    a9:1c:10:f9:12:81:1a:7b:a7:ef:f8:31:5b:95:f2:
                    cc:d8:c8:8d:ac:32:53:1b:c0:8b:65:72:a2:52:14:
                    53:d4:60:2c:1f:6e:f3:3c:7c:af:41:a6:ad:fb:34:
                    0a:75:e7:25:82:d3:f2:62:24:6c:e4:7f:d5:ad:c1:
                    f4:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:4F:41:0F:63:2C:EA:07:7D:7D:16:62:6C:C6:77:01:D8:50:73:66
            X509v3 Authority Key Identifier:
                keyid:6C:73:A0:4A:7D:0E:B2:DF:47:DA:F0:C3:9F:BA:75:E3:65:C8:85:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHOgSn0Ost9H2vDDn7p142XIhT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/bU9BD2Ms6gd9fRZibMZ3AdhQc2Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/bHOgSn0Ost9H2vDDn7p142XIhT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.178.64.0-193.178.111.255
                IPv6:
                  2a01:88::/32

    Signature Algorithm: sha256WithRSAEncryption
         ac:47:c7:83:c4:7c:2f:2d:8a:f5:29:61:0c:55:1f:78:46:f8:
         50:46:88:7d:55:a8:3d:2a:89:dd:c5:b3:8c:40:38:de:a5:0f:
         75:58:42:5c:d4:a1:c1:4c:f7:b4:b9:d7:65:f2:83:00:34:6f:
         e5:dd:f7:81:6f:a4:a2:c8:7f:3b:bb:0d:12:9d:48:dc:32:73:
         d8:68:64:10:1b:ea:8e:d8:50:8a:ac:96:ae:6e:00:c6:17:ad:
         ae:c4:6f:bc:d9:44:78:a2:16:47:5d:7c:ab:d0:15:75:d5:35:
         d7:f5:39:61:e7:a7:b7:c0:d4:52:98:f6:e7:08:7e:80:92:c4:
         e0:9f:b8:91:be:5b:fd:61:c4:88:09:6c:f9:ab:15:9f:27:ed:
         c5:a1:58:09:de:07:91:89:7e:b9:31:78:29:83:99:14:6a:17:
         12:08:d3:ca:da:fa:e5:34:0f:27:71:06:e3:b0:a6:da:48:28:
         3c:45:b1:5f:b2:1f:6f:ae:75:df:36:8a:46:a1:cb:64:bc:a6:
         52:7e:3d:95:d6:61:4e:9a:ef:4e:ba:d4:16:67:ba:ad:54:3f:
         f6:33:1e:06:fa:58:35:28:9d:36:7f:de:0d:6a:2a:f0:f6:b6:
         e8:4b:42:c9:bd:f0:73:26:5e:86:a7:05:98:87:44:40:2a:54:
         d2:9d:d8:f5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzC2upzDyPq9zXd4GtQsc9rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNzNhMDRhN2QwZWIyZGY0N2RhZjBjMzlmYmE3NWUzNjVj
ODg1M2QwHhcNMjQwMTAxMDIyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDRmNDEwZjYzMmNlYTA3N2Q3ZDE2NjI2Y2M2NzcwMWQ4NTA3MzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyfQGvbTco01H7sTQfZW1nmhNmBI
241u5OGc211dIYWPUb4Ftu6eHZY03CApr6WRBmf0kzA9LsOUTLb0Ag4k1be5GwZS
/H0P3yO76jRfCfEzEMRzSFRWVgBO5eA/LEi6Ixj0Rt35hSOkSU5y3kArFz4NUhmf
ZX5K1aD2/k0jQpGeUg4ZDiUsQj+OkkYjvVbR576AobbjRe+SL/YPns1qIVMvXI+/
wnEqv0ENl3zZqp1cvS/NZhia5838KiuJUpqM0sypHBD5EoEae6fv+DFblfLM2MiN
rDJTG8CLZXKiUhRT1GAsH27zPHyvQaat+zQKdeclgtPyYiRs5H/VrcH08wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFG1PQQ9jLOoHfX0WYmzGdwHYUHNmMB8GA1UdIwQY
MBaAFGxzoEp9DrLfR9rww5+6deNlyIU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkhPZ1NuME9zdDlIMnZERG43cDE0MlhJaFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi80MmFmMWUtZDU1My00ZmU2LTlmYzMt
Zjk2MzMyOTJjOTc3LzEvYlU5QkQyTXM2Z2Q5ZlJaaWJNWjNBZGhRYzJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi80MmFmMWUtZDU1My00ZmU2LTlmYzMtZjk2MzMyOTJjOTc3
LzEvYkhPZ1NuME9zdDlIMnZERG43cDE0MlhJaFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAbBskAD
BATBsmAwDQQCAAIwBwMFACoBAIgwDQYJKoZIhvcNAQELBQADggEBAKxHx4PEfC8t
ivUpYQxVH3hG+FBGiH1VqD0qid3Fs4xAON6lD3VYQlzUocFM97S512XygwA0b+Xd
94FvpKLIfzu7DRKdSNwyc9hoZBAb6o7YUIqslq5uAMYXra7Eb7zZRHiiFkddfKvQ
FXXVNdf1OWHnp7fA1FKY9ucIfoCSxOCfuJG+W/1hxIgJbPmrFZ8n7cWhWAneB5GJ
frkxeCmDmRRqFxII08ra+uU0DydxBuOwptpIKDxFsV+yH2+udd82ikahy2S8plJ+
PZXWYU6a70661BZnuq1UP/YzHgb6WDUonTZ/3g1qKvD2tuhLQsm98HMmXoanBZiH
REAqVNKd2PU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:16 2024 by rpki-client on console-fra.rpki-client.org