Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Byu24Wr7-PzqyfZCZCU9QTlt-rU.roa
File:                     Byu24Wr7-PzqyfZCZCU9QTlt-rU.roa (raw, json)
Hash identifier:          8H1cYnTRKDFtz/rA/GG1LoL1ig5o1PRZdPbMEo/Zdok=
Subject key identifier:   07:2B:B6:E1:6A:FB:F8:FC:EA:C9:F6:42:64:25:3D:41:39:6D:FA:B5
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018D69DEA92CC5732953A74B6D150F921AFC
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Byu24Wr7-PzqyfZCZCU9QTlt-rU.roa
Signing time:             Fri 02 Feb 2024 12:50:16 +0000
ROA not before:           Fri 02 Feb 2024 12:50:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        178.239.204.0/24 maxlen: 24
                          203.0.8.0/24 maxlen: 24
                          203.0.9.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 03 Feb 2024 10:31:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:69:de:a9:2c:c5:73:29:53:a7:4b:6d:15:0f:92:1a:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Feb  2 12:50:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=072bb6e16afbf8fceac9f64264253d41396dfab5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:85:56:08:c0:13:54:35:a0:0c:27:35:2b:e2:
                    f1:1b:3b:ed:2e:97:78:d2:aa:a5:39:32:e2:e7:4f:
                    a6:f8:e7:02:14:9f:e2:11:55:64:f1:c1:68:43:f6:
                    a8:76:a4:13:44:e1:71:40:b0:da:f9:6d:d0:4f:02:
                    dd:21:89:df:a2:5b:3c:fd:4d:69:10:2a:ec:14:6d:
                    6b:aa:5f:62:3f:35:98:e0:55:a4:55:72:da:5a:e6:
                    6f:e9:16:69:49:20:59:41:99:f4:62:5e:ea:51:85:
                    ed:17:1b:5c:94:f9:e9:84:d0:e4:ae:47:aa:cd:e0:
                    e9:fc:ab:4c:7e:49:f0:b3:ec:7f:be:52:41:9a:7b:
                    64:0c:c1:15:41:84:43:2e:be:c0:3e:88:bb:35:e0:
                    83:06:d5:86:a4:35:73:51:cf:f1:80:af:c6:cf:c3:
                    58:0f:d0:9f:da:1e:de:ce:0d:75:ff:47:f3:bf:a1:
                    98:2e:74:1f:56:be:96:24:76:b5:83:2e:eb:17:f9:
                    c7:d6:f7:a3:39:32:05:89:8a:44:cb:83:cd:52:5c:
                    f7:d7:2a:32:02:ac:c4:56:5f:7f:c9:e8:15:be:26:
                    1f:37:40:5c:14:3d:39:9e:27:f3:45:0f:18:7b:18:
                    ee:06:7e:9a:04:bd:5f:ae:26:21:51:ba:69:69:7e:
                    47:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:2B:B6:E1:6A:FB:F8:FC:EA:C9:F6:42:64:25:3D:41:39:6D:FA:B5
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Byu24Wr7-PzqyfZCZCU9QTlt-rU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.239.204.0/24
                  203.0.8.0/23

    Signature Algorithm: sha256WithRSAEncryption
         72:e8:6c:50:5c:da:5f:d3:c4:6d:c3:19:bd:62:d5:58:94:9a:
         98:80:cb:84:14:8a:90:3b:62:4b:d3:00:09:d6:20:bc:e5:ee:
         f6:93:9a:b3:b6:0e:b4:ad:15:b2:69:7c:ff:c0:00:69:fb:56:
         7f:77:39:cf:12:7c:c9:bd:3e:7c:6a:48:09:b8:fb:71:f5:fc:
         8f:af:e1:61:ba:3d:1c:0e:78:a7:8b:4d:d5:7e:72:de:70:4c:
         3e:ba:cd:6a:53:ea:2f:c5:17:8d:f0:ab:c2:a1:b8:44:76:51:
         b3:53:3e:66:b8:ca:73:c5:b7:a8:1b:72:a0:af:8f:b3:ac:14:
         e6:46:9e:4c:1b:31:8e:26:ce:a5:db:80:0c:1a:0a:ab:a3:cb:
         6f:01:66:2a:eb:18:2d:b7:f7:0f:46:20:7a:a6:78:78:64:a6:
         3e:ac:83:5b:83:ec:d2:1a:9b:d8:b7:e6:71:eb:ee:81:46:26:
         a7:22:48:bb:0b:6f:bf:4c:e2:c8:e9:aa:32:ee:29:c6:8f:25:
         b9:fa:42:98:ce:42:2e:3a:ba:15:cc:fd:33:02:05:1b:ae:27:
         0b:59:3f:ac:f2:93:0e:e7:12:d5:44:62:83:57:3d:c7:bd:83:
         09:2f:92:e2:9e:62:07:ae:d5:8e:04:1e:4a:ac:59:b3:ae:26:
         e6:c9:9d:e6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1p3qksxXMpU6dLbRUPkhr8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMjAyMTI1MDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzJiYjZlMTZhZmJmOGZjZWFjOWY2NDI2NDI1M2Q0MTM5NmRmYWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYVWCMATVDWgDCc1K+LxGzvtLpd4
0qqlOTLi50+m+OcCFJ/iEVVk8cFoQ/aodqQTROFxQLDa+W3QTwLdIYnfols8/U1p
ECrsFG1rql9iPzWY4FWkVXLaWuZv6RZpSSBZQZn0Yl7qUYXtFxtclPnphNDkrkeq
zeDp/KtMfknws+x/vlJBmntkDMEVQYRDLr7APoi7NeCDBtWGpDVzUc/xgK/Gz8NY
D9Cf2h7ezg11/0fzv6GYLnQfVr6WJHa1gy7rF/nH1vejOTIFiYpEy4PNUlz31yoy
AqzEVl9/yegVviYfN0BcFD05nifzRQ8YexjuBn6aBL1friYhUbppaX5HrwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAcrtuFq+/j86sn2QmQlPUE5bfq1MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQnl1MjRXcjctUHpxeWZaQ1pDVTlRVGx0LXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsu/MAwQB
ywAIMA0GCSqGSIb3DQEBCwUAA4IBAQBy6GxQXNpf08Rtwxm9YtVYlJqYgMuEFIqQ
O2JL0wAJ1iC85e72k5qztg60rRWyaXz/wABp+1Z/dznPEnzJvT58akgJuPtx9fyP
r+Fhuj0cDnini03VfnLecEw+us1qU+ovxReN8KvCobhEdlGzUz5muMpzxbeoG3Kg
r4+zrBTmRp5MGzGOJs6l24AMGgqro8tvAWYq6xgtt/cPRiB6pnh4ZKY+rINbg+zS
GpvYt+Zx6+6BRianIki7C2+/TOLI6aoy7inGjyW5+kKYzkIuOroVzP0zAgUbricL
WT+s8pMO5xLVRGKDVz3HvYMJL5LinmIHrtWOBB5KrFmzribmyZ3m
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:09 2024 by rpki-client on console-ams.rpki-client.org