Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/u0onAzLzts3ohQgWZ8E89elbXfA.roa
File:                     u0onAzLzts3ohQgWZ8E89elbXfA.roa (raw, json)
Hash identifier:          equUy2XG2M4GHuPxjaHL0LxIh73BHR64WLnSubMAyn4=
Subject key identifier:   BB:4A:27:03:32:F3:B6:CD:E8:85:08:16:67:C1:3C:F5:E9:5B:5D:F0
Certificate issuer:       /CN=e61c07c951488f04cb3b0fd338af84d77e46bf52
Certificate serial:       0185723A3EEDDEDFAEE8C6758DB3C99DD7A9
Authority key identifier: E6:1C:07:C9:51:48:8F:04:CB:3B:0F:D3:38:AF:84:D7:7E:46:BF:52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/u0onAzLzts3ohQgWZ8E89elbXfA.roa
Signing time:             Mon 02 Jan 2023 11:24:57 +0000
ROA not before:           Mon 02 Jan 2023 11:24:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15507
IP address blocks:        193.201.36.0/24 maxlen: 24
                          2001:678:b18::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:3a:3e:ed:de:df:ae:e8:c6:75:8d:b3:c9:9d:d7:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e61c07c951488f04cb3b0fd338af84d77e46bf52
        Validity
            Not Before: Jan  2 11:24:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bb4a270332f3b6cde885081667c13cf5e95b5df0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:f3:3a:66:8e:58:ff:b5:41:d4:6d:25:71:32:
                    64:bb:60:29:c6:b2:05:b6:dd:94:d3:25:60:c4:df:
                    e0:8d:2f:e9:6b:d3:31:f2:ed:f1:a7:2a:ec:f4:f7:
                    bf:fe:bf:53:48:c5:8a:05:c8:a3:a8:32:b5:65:ae:
                    8f:5f:61:f5:26:a4:51:61:68:4e:75:6a:ee:db:9f:
                    c5:3f:5b:2c:b2:71:3c:49:21:6d:75:31:7f:2f:1c:
                    96:50:41:0a:b8:b6:7f:9b:d6:40:97:78:3f:44:ff:
                    72:11:65:67:6c:ca:ff:de:2d:7f:1e:0c:f0:ce:2b:
                    e6:b2:33:39:99:64:66:ce:b1:63:14:2f:81:9c:c8:
                    9f:16:1e:73:db:b8:d5:08:c6:c1:a9:56:d3:d5:af:
                    11:86:55:0d:08:fa:ab:a2:08:3f:7b:80:ef:57:0a:
                    d3:ec:7b:4b:6b:65:97:1a:58:13:8f:69:ff:a4:e4:
                    cb:eb:8c:b4:86:36:2a:ae:3f:20:e5:d7:02:8e:94:
                    24:70:bc:8a:b2:52:ec:2e:14:7a:db:2b:f7:20:df:
                    6e:00:70:84:aa:33:07:9c:87:f5:20:dd:62:ee:bc:
                    35:5c:9a:bc:41:4b:b1:79:3c:aa:ff:bd:cb:62:94:
                    28:f5:7b:d6:a9:a0:6e:be:94:f5:2e:fc:a3:4f:7b:
                    21:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:4A:27:03:32:F3:B6:CD:E8:85:08:16:67:C1:3C:F5:E9:5B:5D:F0
            X509v3 Authority Key Identifier:
                keyid:E6:1C:07:C9:51:48:8F:04:CB:3B:0F:D3:38:AF:84:D7:7E:46:BF:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/u0onAzLzts3ohQgWZ8E89elbXfA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5hwHyVFIjwTLOw_TOK-E135Gv1I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.201.36.0/24
                IPv6:
                  2001:678:b18::/48

    Signature Algorithm: sha256WithRSAEncryption
         5b:5c:7e:44:6d:a2:03:12:91:0f:93:93:ea:61:41:20:a4:8e:
         c8:d7:72:ec:23:1d:f6:92:d0:d8:65:36:de:ec:24:58:29:2c:
         06:f7:d7:66:6d:a1:c2:11:62:05:4a:dc:b7:60:87:1e:27:52:
         9c:ef:95:52:e5:e1:8e:35:2a:ed:b3:fa:dd:1a:45:db:fc:16:
         97:6a:15:c9:eb:36:15:bd:ec:c4:4c:3e:80:99:b7:a9:18:27:
         42:55:e3:5b:ca:5b:16:8a:4f:06:04:2e:d9:e3:2e:69:e6:97:
         0b:5a:04:a0:cc:1e:41:ed:73:33:4f:21:d8:98:aa:5f:1c:9e:
         89:b4:b7:8b:81:85:38:ae:0f:54:b2:7c:2c:6c:06:92:8b:73:
         cf:8b:2a:10:b5:cc:73:2f:11:37:a8:83:17:a7:f1:f9:09:52:
         fd:06:7b:e7:fa:9a:41:ad:cf:89:8d:53:c3:53:ad:46:da:24:
         8d:38:17:62:ae:c8:bd:a1:85:3f:45:89:c0:3a:26:84:92:b0:
         9f:08:d5:ec:26:38:a8:ca:ee:c7:bf:3a:2d:53:19:01:ec:5a:
         03:05:e5:ea:49:3d:e9:1a:b2:14:7a:12:99:2a:6d:c8:6e:d8:
         4e:f5:8f:10:e4:e2:24:68:2c:db:f1:fa:29:a3:e2:e3:78:ed:
         76:2f:6e:73
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyOj7t3t+u6MZ1jbPJndepMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MWMwN2M5NTE0ODhmMDRjYjNiMGZkMzM4YWY4NGQ3N2U0
NmJmNTIwHhcNMjMwMTAyMTEyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjRhMjcwMzMyZjNiNmNkZTg4NTA4MTY2N2MxM2NmNWU5NWI1ZGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvM6Zo5Y/7VB1G0lcTJku2ApxrIF
tt2U0yVgxN/gjS/pa9Mx8u3xpyrs9Pe//r9TSMWKBcijqDK1Za6PX2H1JqRRYWhO
dWru25/FP1sssnE8SSFtdTF/LxyWUEEKuLZ/m9ZAl3g/RP9yEWVnbMr/3i1/Hgzw
zivmsjM5mWRmzrFjFC+BnMifFh5z27jVCMbBqVbT1a8RhlUNCPqrogg/e4DvVwrT
7HtLa2WXGlgTj2n/pOTL64y0hjYqrj8g5dcCjpQkcLyKslLsLhR62yv3IN9uAHCE
qjMHnIf1IN1i7rw1XJq8QUuxeTyq/73LYpQo9XvWqaBuvpT1LvyjT3shxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLtKJwMy87bN6IUIFmfBPPXpW13wMB8GA1UdIwQY
MBaAFOYcB8lRSI8EyzsP0zivhNd+Rr9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWh3SHlWRklqd1RMT3dfVE9LLUUxMzVHdjFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yZGJhNWMtOWE5MC00MDUyLWExZWIt
NmE4NDc3Y2I2YzJhLzEvdTBvbkF6THp0czNvaFFnV1o4RTg5ZWxiWGZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8yZGJhNWMtOWE5MC00MDUyLWExZWItNmE4NDc3Y2I2YzJh
LzEvNWh3SHlWRklqd1RMT3dfVE9LLUUxMzVHdjFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwckkMA8E
AgACMAkDBwAgAQZ4CxgwDQYJKoZIhvcNAQELBQADggEBAFtcfkRtogMSkQ+Tk+ph
QSCkjsjXcuwjHfaS0NhlNt7sJFgpLAb312ZtocIRYgVK3Ldghx4nUpzvlVLl4Y41
Ku2z+t0aRdv8FpdqFcnrNhW97MRMPoCZt6kYJ0JV41vKWxaKTwYELtnjLmnmlwta
BKDMHkHtczNPIdiYql8cnom0t4uBhTiuD1SyfCxsBpKLc8+LKhC1zHMvETeogxen
8fkJUv0Ge+f6mkGtz4mNU8NTrUbaJI04F2KuyL2hhT9FicA6JoSSsJ8I1ewmOKjK
7se/Oi1TGQHsWgMF5epJPekashR6Epkqbchu2E71jxDk4iRoLNvx+imj4uN47XYv
bnM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:40 2024 by rpki-client on console-fra.rpki-client.org