Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/bSYDEk1lM3scodUU1CN_KFL4mdg.roa
File:                     bSYDEk1lM3scodUU1CN_KFL4mdg.roa (raw, json)
Hash identifier:          TjqiOyXV0I+gNGDyMJraDATpHS99XBc6tXD5a38MkGA=
Subject key identifier:   6D:26:03:12:4D:65:33:7B:1C:A1:D5:14:D4:23:7F:28:52:F8:99:D8
Certificate issuer:       /CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
Certificate serial:       018571BA32E3E44D6F51B8E3F7B617113B09
Authority key identifier: EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/bSYDEk1lM3scodUU1CN_KFL4mdg.roa
Signing time:             Mon 02 Jan 2023 09:05:06 +0000
ROA not before:           Mon 02 Jan 2023 09:05:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62579
IP address blocks:        147.185.106.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 23 Nov 2023 23:35:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:ba:32:e3:e4:4d:6f:51:b8:e3:f7:b6:17:11:3b:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
        Validity
            Not Before: Jan  2 09:05:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6d2603124d65337b1ca1d514d4237f2852f899d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:81:5e:78:f4:9a:7a:1b:68:66:d1:d0:db:f1:
                    64:ee:8d:bf:12:02:53:4a:83:b0:6b:49:09:bd:75:
                    44:19:8d:ee:93:db:b6:9b:bb:30:ef:89:bd:2d:67:
                    3f:13:f8:60:4d:b0:e8:47:c1:6b:88:32:9e:c8:31:
                    9d:d0:7b:4a:49:ff:0e:9e:54:0b:6f:5e:93:f6:3e:
                    43:fe:93:d5:41:88:fd:3e:76:66:ac:a0:4e:2b:c3:
                    2e:7e:e5:6d:4b:2e:69:5a:19:ac:de:46:5c:5d:a7:
                    54:a7:07:cb:56:94:90:fc:a3:4e:b4:d0:df:a7:6d:
                    5b:02:a3:ee:cf:93:b9:e9:a5:f3:96:9b:1b:bc:e1:
                    be:79:76:dc:da:f1:e6:30:53:60:6b:a1:38:fc:ec:
                    71:c2:d8:53:53:85:13:07:0d:b5:0c:52:85:a6:bf:
                    b8:2b:63:86:0b:5e:25:f2:13:1e:46:20:e1:c6:0c:
                    25:db:e9:44:8f:d8:38:ef:db:f5:ba:67:1a:73:25:
                    b4:5f:69:f7:ff:16:44:4d:65:96:4f:a2:d0:68:fa:
                    42:9f:c4:b4:b5:02:15:41:dc:38:e9:3f:77:86:32:
                    73:8a:04:8b:16:24:5e:21:3a:1a:3e:fc:6a:f0:cf:
                    e6:05:6b:0a:af:cb:27:90:0e:b4:44:76:49:48:af:
                    9d:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:26:03:12:4D:65:33:7B:1C:A1:D5:14:D4:23:7F:28:52:F8:99:D8
            X509v3 Authority Key Identifier:
                keyid:EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/bSYDEk1lM3scodUU1CN_KFL4mdg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/6sLBr9S97JgFBvoH33yGYtVU-kY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.185.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:b1:55:23:fa:cd:fc:7b:56:d7:63:55:01:7b:e6:d0:0a:69:
         a9:df:64:bd:f7:c9:44:5c:0c:78:9a:bf:67:d7:97:ad:ca:4c:
         79:11:05:77:8c:a0:0c:69:88:3d:ef:32:92:89:75:11:c2:cb:
         a6:d8:da:61:c8:63:6e:d6:79:55:72:ab:af:b1:e0:72:56:72:
         98:8a:84:f8:13:8f:4b:09:91:ff:e1:2a:dc:9c:73:1a:0a:44:
         08:4d:69:f1:6f:d4:9b:d8:bc:70:54:dc:21:76:df:73:01:93:
         65:40:66:9d:3c:25:77:7f:1a:93:e0:50:68:36:72:15:ff:90:
         11:4b:3c:20:9e:d1:2e:8d:4f:eb:7d:0a:ef:44:bf:81:a6:0b:
         5c:af:94:8d:d1:01:81:4f:4b:46:e1:73:0d:e2:0e:33:9c:f5:
         dd:e9:7c:7d:97:29:3a:81:fa:0d:15:f5:b9:e8:aa:59:d8:2e:
         75:29:93:70:7c:ed:12:76:71:0e:93:7b:57:96:28:95:29:5a:
         9c:8a:f2:7b:8d:da:91:b4:8a:d4:18:1b:de:18:a4:a1:fe:fd:
         8e:dd:e8:59:01:c4:0c:16:ee:37:9e:4f:9e:62:95:3f:21:e2:
         08:af:2e:a3:c5:30:df:1a:a9:2a:c4:a1:10:72:95:3e:0a:1f:
         54:c2:80:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxujLj5E1vUbjj97YXETsJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYzJjMWFmZDRiZGVjOTgwNTA2ZmEwN2RmN2M4NjYyZDU1
NGZhNDYwHhcNMjMwMTAyMDkwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDI2MDMxMjRkNjUzMzdiMWNhMWQ1MTRkNDIzN2YyODUyZjg5OWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4FeePSaehtoZtHQ2/Fk7o2/EgJT
SoOwa0kJvXVEGY3uk9u2m7sw74m9LWc/E/hgTbDoR8FriDKeyDGd0HtKSf8OnlQL
b16T9j5D/pPVQYj9PnZmrKBOK8MufuVtSy5pWhms3kZcXadUpwfLVpSQ/KNOtNDf
p21bAqPuz5O56aXzlpsbvOG+eXbc2vHmMFNga6E4/OxxwthTU4UTBw21DFKFpr+4
K2OGC14l8hMeRiDhxgwl2+lEj9g479v1umcacyW0X2n3/xZETWWWT6LQaPpCn8S0
tQIVQdw46T93hjJzigSLFiReIToaPvxq8M/mBWsKr8snkA60RHZJSK+dvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG0mAxJNZTN7HKHVFNQjfyhS+JnYMB8GA1UdIwQY
MBaAFOrCwa/UveyYBQb6B998hmLVVPpGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnNMQnI5Uzk3SmdGQnZvSDMzeUdZdFZVLWtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS81ODlhNmItNGQ3ZS00MDEyLWEwZmMt
YzBjZWIwMzdhZDQyLzEvYlNZREVrMWxNM3Njb2RVVTFDTl9LRkw0bWRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS81ODlhNmItNGQ3ZS00MDEyLWEwZmMtYzBjZWIwMzdhZDQy
LzEvNnNMQnI5Uzk3SmdGQnZvSDMzeUdZdFZVLWtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk7lqMA0G
CSqGSIb3DQEBCwUAA4IBAQAnsVUj+s38e1bXY1UBe+bQCmmp32S998lEXAx4mr9n
15etykx5EQV3jKAMaYg97zKSiXURwsum2NphyGNu1nlVcquvseByVnKYioT4E49L
CZH/4SrcnHMaCkQITWnxb9Sb2LxwVNwhdt9zAZNlQGadPCV3fxqT4FBoNnIV/5AR
SzwgntEujU/rfQrvRL+Bpgtcr5SN0QGBT0tG4XMN4g4znPXd6Xx9lyk6gfoNFfW5
6KpZ2C51KZNwfO0SdnEOk3tXliiVKVqcivJ7jdqRtIrUGBveGKSh/v2O3ehZAcQM
Fu43nk+eYpU/IeIIry6jxTDfGqkqxKEQcpU+Ch9UwoAZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:48 2024 by rpki-client on console-ams.rpki-client.org