Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/_6uZ9Pgz34Is7apAwN7YpG-PpZ0.roa
File:                     _6uZ9Pgz34Is7apAwN7YpG-PpZ0.roa (raw, json)
Hash identifier:          uWELG+VIxUW4ozXwNZFT5dDsYwAtLpw4/kFMvU4O718=
Subject key identifier:   FF:AB:99:F4:F8:33:DF:82:2C:ED:AA:40:C0:DE:D8:A4:6F:8F:A5:9D
Certificate issuer:       /CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
Certificate serial:       018E82A9B9C8FA9C87D32ACB10DECE58AD9F
Authority key identifier: 57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/_6uZ9Pgz34Is7apAwN7YpG-PpZ0.roa
Signing time:             Thu 28 Mar 2024 01:25:44 +0000
ROA not before:           Thu 28 Mar 2024 01:25:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16509
IP address blocks:        178.236.224.0/23 maxlen: 24
                          178.236.226.0/24 maxlen: 24
                          178.236.227.0/24 maxlen: 24
                          178.236.235.0/24 maxlen: 24
                          178.236.236.0/24 maxlen: 24
                          178.236.238.0/23 maxlen: 24
                          185.2.49.0/24 maxlen: 24
                          185.2.50.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 16 Apr 2024 07:28:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:82:a9:b9:c8:fa:9c:87:d3:2a:cb:10:de:ce:58:ad:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
        Validity
            Not Before: Mar 28 01:25:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ffab99f4f833df822cedaa40c0ded8a46f8fa59d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:d4:dd:38:14:82:d2:be:8a:f8:8c:f6:1a:0e:
                    fc:0c:62:db:7a:5c:93:82:e7:de:14:f3:7f:0c:b4:
                    1c:0c:30:f0:7f:92:77:ad:9c:e5:47:c7:95:c3:22:
                    74:6e:25:8f:16:a9:5c:ac:65:6b:bc:90:af:6b:22:
                    6f:95:d9:cf:18:2a:c2:4d:2b:3a:da:74:d3:98:0a:
                    9e:36:30:71:53:db:ab:4d:f8:92:36:a7:a0:b7:84:
                    c4:40:3a:1b:ef:be:9c:d3:6b:55:88:7a:f6:e0:82:
                    09:be:e9:e8:7c:43:e4:b2:d1:23:6f:05:36:1c:c8:
                    27:0e:59:d5:25:15:b6:70:d0:f8:07:f2:69:fd:a9:
                    37:80:ee:f5:c6:e6:c1:cd:36:18:d1:fc:2c:a3:d3:
                    75:60:17:c2:d4:b9:a7:70:6e:54:6a:8c:10:18:0d:
                    4e:97:8f:f6:01:e8:dd:5e:b9:19:65:19:1e:6e:18:
                    1e:89:01:68:42:a8:ad:c3:62:07:92:8f:c4:1f:ae:
                    6b:0f:80:7c:ba:b4:12:1b:ba:01:77:1b:69:91:91:
                    fa:f9:91:df:6b:9d:4d:24:d2:47:13:23:21:1e:f2:
                    26:7d:5f:07:6b:87:28:3f:d0:47:c1:cf:ff:87:29:
                    76:c7:37:df:75:69:9b:bf:27:2a:c3:6d:09:e3:76:
                    ae:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:AB:99:F4:F8:33:DF:82:2C:ED:AA:40:C0:DE:D8:A4:6F:8F:A5:9D
            X509v3 Authority Key Identifier:
                keyid:57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/_6uZ9Pgz34Is7apAwN7YpG-PpZ0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/V5Sv215qGIV4CSClT_qCQI6oW6E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.236.224.0/22
                  178.236.235.0-178.236.236.255
                  178.236.238.0/23
                  185.2.49.0-185.2.51.255

    Signature Algorithm: sha256WithRSAEncryption
         09:21:4a:41:fc:92:6b:d0:64:6f:f0:ea:6b:ad:f1:60:c7:9c:
         da:a3:88:b5:23:3e:42:e7:d1:97:34:74:42:b8:71:20:4b:7b:
         6d:3f:49:be:bd:57:55:27:fa:75:84:1d:51:03:25:42:7a:dd:
         8a:91:ff:e3:aa:c6:d7:c3:bc:60:2a:8a:df:c8:33:23:e6:48:
         1d:7e:65:e3:78:47:69:fd:1c:5c:19:71:f4:fd:0e:f2:c6:1b:
         00:d7:16:b4:d0:90:ff:b5:c3:9b:fd:43:0e:5c:2f:4a:08:bc:
         9c:9f:99:5f:79:f1:78:29:d1:44:b2:7d:02:f1:0c:21:5b:e6:
         8d:69:ba:0f:23:8a:f3:63:6f:e6:25:38:32:28:7d:8d:8c:ef:
         0a:e0:4e:ef:e2:be:b6:04:ba:80:f2:c0:70:42:66:3e:da:ee:
         c2:4f:d3:6b:f7:a7:d2:38:8a:e0:c6:ba:0c:c5:5e:98:65:c2:
         e5:e4:1d:4d:08:d5:0e:03:d3:50:cb:8f:2e:c4:9e:ef:ed:00:
         75:53:3c:dd:85:0f:46:78:d5:94:da:01:46:e7:c0:15:b5:d0:
         45:42:c2:5d:cc:82:c3:2b:1e:b8:b9:81:9d:95:72:a1:09:a3:
         e8:b1:5b:2a:3a:7b:07:64:f3:27:1d:b3:91:5b:00:86:3d:fa:
         9d:b7:1d:58
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAY6CqbnI+pyH0yrLEN7OWK2fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OTRhZmRiNWU2YTE4ODU3ODA5MjBhNTRmZmE4MjQwOGVh
ODViYTEwHhcNMjQwMzI4MDEyNTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmFiOTlmNGY4MzNkZjgyMmNlZGFhNDBjMGRlZDhhNDZmOGZhNTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNTdOBSC0r6K+Iz2Gg78DGLbelyT
gufeFPN/DLQcDDDwf5J3rZzlR8eVwyJ0biWPFqlcrGVrvJCvayJvldnPGCrCTSs6
2nTTmAqeNjBxU9urTfiSNqegt4TEQDob776c02tViHr24IIJvunofEPkstEjbwU2
HMgnDlnVJRW2cND4B/Jp/ak3gO71xubBzTYY0fwso9N1YBfC1LmncG5UaowQGA1O
l4/2AejdXrkZZRkebhgeiQFoQqitw2IHko/EH65rD4B8urQSG7oBdxtpkZH6+ZHf
a51NJNJHEyMhHvImfV8Ha4coP9BHwc//hyl2xzffdWmbvycqw20J43aulQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFP+rmfT4M9+CLO2qQMDe2KRvj6WdMB8GA1UdIwQY
MBaAFFeUr9teahiFeAkgpU/6gkCOqFuhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVTdjIxNXFHSVY0Q1NDbFRfcUNRSTZvVzZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kZGNlNGQtOTkxMi00ODdkLWI1NWQt
NDdkODJhNDFhOGYzLzEvXzZ1WjlQZ3ozNElzN2FwQXdON1lwRy1QcFowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9kZGNlNGQtOTkxMi00ODdkLWI1NWQtNDdkODJhNDFhOGYz
LzEvVjVTdjIxNXFHSVY0Q1NDbFRfcUNRSTZvVzZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCsuzgMAwD
BACy7OsDBACy7OwDBAGy7O4wDAMEALkCMQMEArkCMDANBgkqhkiG9w0BAQsFAAOC
AQEACSFKQfySa9Bkb/Dqa63xYMec2qOItSM+QufRlzR0QrhxIEt7bT9Jvr1XVSf6
dYQdUQMlQnrdipH/46rG18O8YCqK38gzI+ZIHX5l43hHaf0cXBlx9P0O8sYbANcW
tNCQ/7XDm/1DDlwvSgi8nJ+ZX3nxeCnRRLJ9AvEMIVvmjWm6DyOK82Nv5iU4Mih9
jYzvCuBO7+K+tgS6gPLAcEJmPtruwk/Ta/en0jiK4Ma6DMVemGXC5eQdTQjVDgPT
UMuPLsSe7+0AdVM83YUPRnjVlNoBRufAFbXQRULCXcyCwyseuLmBnZVyoQmj6LFb
Kjp7B2TzJx2zkVsAhj36nbcdWA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:19 2024 by rpki-client on console-fra.rpki-client.org