Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/06uVUw1KUZerMwVO4wL-YKjmMnE.roa
File:                     06uVUw1KUZerMwVO4wL-YKjmMnE.roa (raw, json)
Hash identifier:          n3jhSGmk3YeSmKwcJxdNPg/Y/KWShpmblsvrjaq6HlE=
Subject key identifier:   D3:AB:95:53:0D:4A:51:97:AB:33:05:4E:E3:02:FE:60:A8:E6:32:71
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       018BFFE68E6EFB2B6D5F28283FC7E814771E
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/06uVUw1KUZerMwVO4wL-YKjmMnE.roa
Signing time:             Fri 24 Nov 2023 05:56:21 +0000
ROA not before:           Fri 24 Nov 2023 05:56:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62816
IP address blocks:        178.253.55.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:31:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:ff:e6:8e:6e:fb:2b:6d:5f:28:28:3f:c7:e8:14:77:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Nov 24 05:56:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d3ab95530d4a5197ab33054ee302fe60a8e63271
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:79:de:48:54:b7:e5:f3:7a:2a:a1:37:c6:92:
                    0d:71:92:74:15:83:89:1f:1f:5c:a7:e6:7d:64:ab:
                    d5:5a:14:81:43:0b:24:f8:c4:9b:4d:f8:39:af:82:
                    f5:07:c7:37:24:81:c1:db:0e:37:0c:4d:8c:87:ec:
                    c5:31:5e:94:67:be:e2:43:57:a3:da:09:d8:1d:bd:
                    37:1a:e1:56:88:b1:36:01:6b:39:0d:e1:75:ed:50:
                    76:f8:da:17:fd:6d:f9:aa:72:b1:06:99:40:41:a8:
                    fe:97:ad:ad:b3:96:f4:2d:17:a2:ee:fb:67:ea:5e:
                    36:1c:b1:d2:da:21:cb:ba:7d:ff:ba:b5:46:7a:83:
                    77:52:36:fa:79:24:0c:8d:1a:11:3d:3b:2d:88:32:
                    4c:4f:d5:fb:af:6a:4d:c9:11:39:65:07:62:52:fa:
                    93:fa:04:64:21:87:17:27:06:65:df:1b:1c:8c:e8:
                    d8:2d:f9:7b:90:16:e3:25:77:35:e4:4d:b3:a2:a3:
                    bc:e5:a0:39:33:17:7c:21:40:e1:bc:61:81:27:e2:
                    ba:da:14:81:f1:fd:e4:4b:23:36:48:01:19:4a:e6:
                    50:b2:32:56:8c:4a:f0:6e:eb:1b:f4:43:33:11:59:
                    6c:0b:66:aa:76:b8:bb:b1:9a:42:d6:87:a3:4d:d2:
                    76:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:AB:95:53:0D:4A:51:97:AB:33:05:4E:E3:02:FE:60:A8:E6:32:71
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/06uVUw1KUZerMwVO4wL-YKjmMnE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.253.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:79:94:00:6b:05:61:de:b2:a9:79:27:ab:84:6a:9e:39:6c:
         de:58:ec:d9:0a:cd:2e:d8:3b:1a:56:46:bf:b1:90:ee:52:08:
         66:30:31:df:77:dc:9c:8a:38:29:0a:4d:d0:04:52:17:6f:cb:
         ad:a9:36:44:cd:41:b4:dd:de:18:de:16:33:eb:ed:8c:9c:1c:
         e8:d2:18:62:c5:8c:c9:01:27:a7:8f:64:67:d6:a8:66:fe:cb:
         2d:7e:3f:32:2e:26:09:57:ca:55:09:04:64:1f:b9:c5:eb:a2:
         ba:f3:77:43:ce:80:bd:b3:03:21:8f:bd:a6:f6:be:2f:bb:dd:
         d4:64:09:f8:19:1f:ba:d2:b4:d8:76:26:6f:14:25:8a:f4:66:
         0a:40:ef:4b:db:9e:70:ff:a1:69:99:e9:38:d4:31:73:e9:d2:
         ca:4a:2d:b2:ea:c2:88:44:8f:60:a5:fe:57:10:e3:a4:e9:0d:
         81:7b:1b:d2:ad:4b:22:d6:ec:1e:cd:cf:68:bd:34:69:94:7c:
         cc:1d:9f:a2:50:08:06:3e:54:86:79:11:24:ef:08:49:0c:36:
         58:e9:0f:1a:e4:bf:90:02:c7:de:fa:dd:0d:03:ec:90:4d:b3:
         84:19:a2:1d:e0:da:a6:98:88:6e:99:a2:df:49:b3:6b:5a:0d:
         c4:86:37:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYv/5o5u+yttXygoP8foFHceMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMxMTI0MDU1NjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2FiOTU1MzBkNGE1MTk3YWIzMzA1NGVlMzAyZmU2MGE4ZTYzMjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3neSFS35fN6KqE3xpINcZJ0FYOJ
Hx9cp+Z9ZKvVWhSBQwsk+MSbTfg5r4L1B8c3JIHB2w43DE2Mh+zFMV6UZ77iQ1ej
2gnYHb03GuFWiLE2AWs5DeF17VB2+NoX/W35qnKxBplAQaj+l62ts5b0LRei7vtn
6l42HLHS2iHLun3/urVGeoN3Ujb6eSQMjRoRPTstiDJMT9X7r2pNyRE5ZQdiUvqT
+gRkIYcXJwZl3xscjOjYLfl7kBbjJXc15E2zoqO85aA5Mxd8IUDhvGGBJ+K62hSB
8f3kSyM2SAEZSuZQsjJWjErwbusb9EMzEVlsC2aqdri7sZpC1oejTdJ26wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNOrlVMNSlGXqzMFTuMC/mCo5jJxMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvMDZ1VlV3MUtVWmVyTXdWTzR3TC1ZS2ptTW5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsv03MA0G
CSqGSIb3DQEBCwUAA4IBAQALeZQAawVh3rKpeSerhGqeOWzeWOzZCs0u2DsaVka/
sZDuUghmMDHfd9ycijgpCk3QBFIXb8utqTZEzUG03d4Y3hYz6+2MnBzo0hhixYzJ
ASenj2Rn1qhm/sstfj8yLiYJV8pVCQRkH7nF66K683dDzoC9swMhj72m9r4vu93U
ZAn4GR+60rTYdiZvFCWK9GYKQO9L255w/6Fpmek41DFz6dLKSi2y6sKIRI9gpf5X
EOOk6Q2BexvSrUsi1uwezc9ovTRplHzMHZ+iUAgGPlSGeREk7whJDDZY6Q8a5L+Q
Asfe+t0NA+yQTbOEGaId4NqmmIhumaLfSbNrWg3EhjcY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:18 2024 by rpki-client on console-ams.rpki-client.org