Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/6lESymErTVNEKiAmOhrZK6MjIco.roa
File:                     6lESymErTVNEKiAmOhrZK6MjIco.roa (raw, json)
Hash identifier:          B6OPijXDmAGqsNf0z2FVprDyOTeTUasnZY/xumAaZ+Q=
Subject key identifier:   EA:51:12:CA:61:2B:4D:53:44:2A:20:26:3A:1A:D9:2B:A3:23:21:CA
Certificate issuer:       /CN=c7c24de99101fafdf74bca293fd6d95060d50a63
Certificate serial:       018B60ED72C9AFE70AE5AC9E92B85CEE633E
Authority key identifier: C7:C2:4D:E9:91:01:FA:FD:F7:4B:CA:29:3F:D6:D9:50:60:D5:0A:63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x8JN6ZEB-v33S8opP9bZUGDVCmM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/6lESymErTVNEKiAmOhrZK6MjIco.roa
Signing time:             Tue 24 Oct 2023 09:04:16 +0000
ROA not before:           Tue 24 Oct 2023 09:04:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5410
IP address blocks:        31.32.0.0/13 maxlen: 24
                          213.44.0.0/16 maxlen: 24
                          62.201.128.0/19 maxlen: 24
                          80.214.248.0/21 maxlen: 24
                          195.36.128.0/17 maxlen: 24
                          80.215.0.0/16 maxlen: 24
                          62.34.0.0/15 maxlen: 24
                          212.194.0.0/15 maxlen: 24
                          176.128.0.0/10 maxlen: 24
                          80.214.192.0/19 maxlen: 24
                          194.158.96.0/19 maxlen: 24
                          5.48.0.0/14 maxlen: 24
                          80.214.0.0/17 maxlen: 24
                          164.177.0.0/17 maxlen: 24
                          194.117.192.0/20 maxlen: 24
                          128.78.0.0/15 maxlen: 24
                          80.214.128.0/18 maxlen: 24

Validation:               Failed, certificate revoked on Mon 06 Nov 2023 10:12:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:60:ed:72:c9:af:e7:0a:e5:ac:9e:92:b8:5c:ee:63:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c7c24de99101fafdf74bca293fd6d95060d50a63
        Validity
            Not Before: Oct 24 09:04:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ea5112ca612b4d53442a20263a1ad92ba32321ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:e9:e9:31:eb:99:3d:25:cf:03:bc:4e:af:b1:
                    59:42:da:8a:46:5c:57:b5:0d:7d:c5:e2:22:9e:88:
                    51:de:04:46:73:63:cc:22:43:32:01:49:83:b1:15:
                    8a:b8:ab:40:16:0f:22:1d:3d:e8:7c:4a:84:60:f9:
                    c0:cb:0e:1c:0b:aa:3f:e8:5b:ba:fd:dc:12:c5:c0:
                    7d:99:39:eb:cb:04:7e:e2:93:0b:ff:d7:c8:d3:8d:
                    e0:f3:93:d7:29:21:71:92:11:14:fb:53:bc:30:ee:
                    e0:f7:aa:69:91:81:5d:a1:df:77:2a:ea:a2:47:4e:
                    96:8d:79:10:19:8f:b0:39:f8:0d:10:36:c8:fc:c7:
                    0a:ea:36:13:d5:4c:b4:98:5f:a9:1c:2a:68:f0:4c:
                    a5:d9:8f:9c:90:a8:cd:9c:5b:79:c9:1d:09:98:47:
                    a1:d9:d4:39:da:df:63:66:58:18:ac:59:11:4a:48:
                    c3:46:f0:5d:6f:ed:7f:5b:ce:63:b1:8d:3e:6a:09:
                    f8:04:b0:f6:ec:ee:25:8d:c6:18:c6:ec:1d:24:80:
                    66:33:57:57:de:3a:fc:b7:38:34:b1:1d:a7:39:36:
                    9a:d3:e2:ca:1a:8d:07:62:71:b5:54:65:52:2a:13:
                    f8:1e:cf:c6:77:dd:55:99:bc:a7:e1:c4:53:72:19:
                    c8:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:51:12:CA:61:2B:4D:53:44:2A:20:26:3A:1A:D9:2B:A3:23:21:CA
            X509v3 Authority Key Identifier:
                keyid:C7:C2:4D:E9:91:01:FA:FD:F7:4B:CA:29:3F:D6:D9:50:60:D5:0A:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x8JN6ZEB-v33S8opP9bZUGDVCmM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/6lESymErTVNEKiAmOhrZK6MjIco.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/x8JN6ZEB-v33S8opP9bZUGDVCmM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.48.0.0/14
                  31.32.0.0/13
                  62.34.0.0/15
                  62.201.128.0/19
                  80.214.0.0-80.214.223.255
                  80.214.248.0-80.215.255.255
                  128.78.0.0/15
                  164.177.0.0/17
                  176.128.0.0/10
                  194.117.192.0/20
                  194.158.96.0/19
                  195.36.128.0/17
                  212.194.0.0/15
                  213.44.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b1:cf:34:86:f0:55:22:6f:cb:f5:f7:32:2d:db:f6:c4:f3:a9:
         07:70:c3:08:42:fe:dc:37:a5:eb:eb:38:08:02:ee:93:e6:e4:
         dd:96:cd:56:7f:95:10:41:1b:49:23:5b:f3:ed:10:8a:30:e9:
         07:5e:75:e9:b8:ed:91:c0:86:0b:e1:f1:8a:16:42:f2:53:00:
         33:0f:11:60:29:79:8c:32:5b:6b:e8:ee:cf:4b:2e:7c:c3:b2:
         da:45:8a:fa:1f:ca:1c:87:de:50:0b:1b:ae:64:ad:4f:ae:e5:
         f1:c3:f2:48:ca:91:29:e5:16:b9:ab:f0:94:51:91:bd:d0:ee:
         a5:b6:09:64:ef:82:b3:e8:7d:33:40:18:ad:bc:9c:01:87:ca:
         a3:60:06:ee:65:b8:30:53:35:ec:3e:52:1f:53:6c:a4:7f:f3:
         6c:58:e7:c9:75:e5:7f:c4:51:28:69:4a:22:f5:0a:86:f2:1e:
         1f:29:5b:d9:02:91:ba:e0:2c:e1:04:13:7f:d9:1b:86:51:2f:
         df:f3:32:39:e6:85:0e:59:53:76:50:b7:ad:97:4f:4b:28:c6:
         9d:1d:54:07:14:2b:32:a4:22:d6:c2:89:6d:e3:76:16:92:7f:
         27:44:40:ef:e2:e9:55:5b:58:70:69:0f:fc:8f:45:ac:ae:59:
         ae:c2:2f:32
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYtg7XLJr+cK5ayekrhc7mM+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3YzI0ZGU5OTEwMWZhZmRmNzRiY2EyOTNmZDZkOTUwNjBk
NTBhNjMwHhcNMjMxMDI0MDkwNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTUxMTJjYTYxMmI0ZDUzNDQyYTIwMjYzYTFhZDkyYmEzMjMyMWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwunpMeuZPSXPA7xOr7FZQtqKRlxX
tQ19xeIinohR3gRGc2PMIkMyAUmDsRWKuKtAFg8iHT3ofEqEYPnAyw4cC6o/6Fu6
/dwSxcB9mTnrywR+4pML/9fI043g85PXKSFxkhEU+1O8MO7g96ppkYFdod93Kuqi
R06WjXkQGY+wOfgNEDbI/McK6jYT1Uy0mF+pHCpo8Eyl2Y+ckKjNnFt5yR0JmEeh
2dQ52t9jZlgYrFkRSkjDRvBdb+1/W85jsY0+agn4BLD27O4ljcYYxuwdJIBmM1dX
3jr8tzg0sR2nOTaa0+LKGo0HYnG1VGVSKhP4Hs/Gd91Vmbyn4cRTchnIfQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFOpREsphK01TRCogJjoa2SujIyHKMB8GA1UdIwQY
MBaAFMfCTemRAfr990vKKT/W2VBg1QpjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDhKTjZaRUItdjMzUzhvcFA5YlpVR0RWQ21NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9lYjAxM2YtNTc3NC00ZTA2LWE1ZDQt
ZWQ1ZDZjZThkN2U4LzEvNmxFU3ltRXJUVk5FS2lBbU9oclpLNk1qSWNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9lYjAxM2YtNTc3NC00ZTA2LWE1ZDQtZWQ1ZDZjZThkN2U4
LzEveDhKTjZaRUItdjMzUzhvcFA5YlpVR0RWQ21NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBhBAIAATBbAwMCBTADAwMf
IAMDAT4iAwQFPsmAMAsDAwFQ1gMEBVDWwDALAwQDUNb4AwMDUNADAwGATgMEB6Sx
AAMDBrCAAwQEwnXAAwQFwp5gAwQHwySAAwMB1MIDAwDVLDANBgkqhkiG9w0BAQsF
AAOCAQEAsc80hvBVIm/L9fcyLdv2xPOpB3DDCEL+3Del6+s4CALuk+bk3ZbNVn+V
EEEbSSNb8+0QijDpB1516bjtkcCGC+HxihZC8lMAMw8RYCl5jDJba+juz0sufMOy
2kWK+h/KHIfeUAsbrmStT67l8cPySMqRKeUWuavwlFGRvdDupbYJZO+Cs+h9M0AY
rbycAYfKo2AG7mW4MFM17D5SH1NspH/zbFjnyXXlf8RRKGlKIvUKhvIeHylb2QKR
uuAs4QQTf9kbhlEv3/MyOeaFDllTdlC3rZdPSyjGnR1UBxQrMqQi1sKJbeN2FpJ/
J0RA7+LpVVtYcGkP/I9FrK5ZrsIvMg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:38 2024 by rpki-client on console-fra.rpki-client.org