Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/sdt1mBkFuvai9CYTiLAH8Iv9q8s.roa
File:                     sdt1mBkFuvai9CYTiLAH8Iv9q8s.roa (raw, json)
Hash identifier:          UdXBiWbMJlCCMJ1URhfdsBY546gQBmBmbeaTtbCUQkw=
Subject key identifier:   B1:DB:75:98:19:05:BA:F6:A2:F4:26:13:88:B0:07:F0:8B:FD:AB:CB
Certificate issuer:       /CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Certificate serial:       018B3E23F7C7FE99E4D5C76C7F3C0838578D
Authority key identifier: A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/sdt1mBkFuvai9CYTiLAH8Iv9q8s.roa
Signing time:             Tue 17 Oct 2023 14:57:06 +0000
ROA not before:           Tue 17 Oct 2023 14:57:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216139
IP address blocks:        217.144.102.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 24 Oct 2023 13:16:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:3e:23:f7:c7:fe:99:e4:d5:c7:6c:7f:3c:08:38:57:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a952d0d266557385836aab7ae3fdced4ca74ad89
        Validity
            Not Before: Oct 17 14:57:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b1db75981905baf6a2f4261388b007f08bfdabcb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:f6:c3:b2:25:6c:21:41:0b:28:fa:b9:d3:b6:
                    92:65:cb:3a:9e:28:e4:06:fe:62:ea:3e:91:0e:40:
                    3a:22:7b:ef:ee:a8:d1:08:cb:2b:9f:8a:23:29:2f:
                    91:4b:4b:1b:11:10:da:f5:32:65:6a:1d:76:a0:1e:
                    68:34:b9:95:a5:8d:82:51:e5:99:d6:3a:c0:35:1e:
                    83:5e:af:ef:81:dd:7e:27:f9:d9:67:b6:ae:89:68:
                    25:9a:a3:84:f0:0e:7e:15:96:e3:f6:08:50:02:e8:
                    35:2c:49:92:e1:0b:f0:c5:52:59:87:75:81:35:28:
                    20:61:84:3d:10:48:18:a1:51:bc:f9:ca:b5:12:4d:
                    c6:33:fc:e8:d6:14:68:4c:f7:a5:1e:cd:6d:5c:84:
                    42:4e:fb:bd:da:f9:07:1a:e9:22:03:41:50:eb:4d:
                    a2:79:ba:3b:fc:78:72:73:83:87:3f:77:15:71:92:
                    43:9e:df:40:42:39:37:f6:97:f8:2d:a3:2f:12:60:
                    35:5e:89:95:1c:90:24:12:af:22:be:0a:2c:24:8e:
                    24:95:b2:5e:39:eb:f4:c4:1d:bb:ca:3b:a4:58:d5:
                    6b:e2:e1:7a:14:e0:46:c2:ae:55:06:92:2d:51:12:
                    95:f6:e6:e0:b6:be:7a:5a:71:c3:79:68:20:01:e0:
                    cc:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:DB:75:98:19:05:BA:F6:A2:F4:26:13:88:B0:07:F0:8B:FD:AB:CB
            X509v3 Authority Key Identifier:
                keyid:A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/sdt1mBkFuvai9CYTiLAH8Iv9q8s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.144.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:6d:53:34:41:4a:7f:92:70:b4:98:bd:89:20:db:0f:65:9a:
         ab:55:46:b6:b9:88:5d:0b:3a:8b:7a:c6:3b:3e:c7:80:1d:64:
         fd:3c:a2:d1:a5:ab:19:ec:3c:d2:bd:e7:5a:d4:92:be:02:b9:
         7a:e5:da:42:84:20:de:a1:52:6c:ef:1a:71:c9:0b:14:2f:95:
         cc:f2:b2:e3:cc:c0:a3:c3:a0:10:da:96:7f:87:0c:5d:ef:af:
         fe:0a:39:09:28:55:c5:2d:d2:d3:45:06:fb:93:50:73:80:68:
         83:29:e8:8d:d9:06:e3:6d:d4:f0:0e:2a:5d:c2:cc:ad:d8:56:
         ff:16:f7:bf:63:6f:0c:85:bb:f3:de:fe:30:7e:cb:d9:4e:9b:
         cf:2d:ec:bf:ca:18:f8:8d:ff:69:38:e2:64:70:5c:de:a3:f9:
         c2:27:c9:27:2d:68:9f:bc:ad:3b:00:a2:28:dd:49:1c:49:8d:
         c3:b5:be:df:76:4f:dc:39:2f:0d:04:24:52:d7:01:27:e0:83:
         1b:1c:9c:08:8b:b2:2d:07:e8:eb:99:47:f8:c9:40:53:ee:0c:
         6f:34:cc:7b:b9:e0:f9:72:12:f9:77:5e:61:e6:ef:af:18:5c:
         f9:4a:56:c7:ad:3e:55:3d:8c:e3:fb:bc:cc:1d:0f:6f:c6:4a:
         e3:8b:bb:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs+I/fH/pnk1cdsfzwIOFeNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NTJkMGQyNjY1NTczODU4MzZhYWI3YWUzZmRjZWQ0Y2E3
NGFkODkwHhcNMjMxMDE3MTQ1NzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWRiNzU5ODE5MDViYWY2YTJmNDI2MTM4OGIwMDdmMDhiZmRhYmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovbDsiVsIUELKPq507aSZcs6nijk
Bv5i6j6RDkA6Invv7qjRCMsrn4ojKS+RS0sbERDa9TJlah12oB5oNLmVpY2CUeWZ
1jrANR6DXq/vgd1+J/nZZ7auiWglmqOE8A5+FZbj9ghQAug1LEmS4QvwxVJZh3WB
NSggYYQ9EEgYoVG8+cq1Ek3GM/zo1hRoTPelHs1tXIRCTvu92vkHGukiA0FQ602i
ebo7/Hhyc4OHP3cVcZJDnt9AQjk39pf4LaMvEmA1XomVHJAkEq8ivgosJI4klbJe
Oev0xB27yjukWNVr4uF6FOBGwq5VBpItURKV9ubgtr56WnHDeWggAeDMkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLHbdZgZBbr2ovQmE4iwB/CL/avLMB8GA1UdIwQY
MBaAFKlS0NJmVXOFg2qreuP9ztTKdK2JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAt
NGMyMWE1MDVmMzQ2LzEvc2R0MW1Ca0Z1dmFpOUNZVGlMQUg4SXY5cThzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAtNGMyMWE1MDVmMzQ2
LzEvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZBmMA0G
CSqGSIb3DQEBCwUAA4IBAQAwbVM0QUp/knC0mL2JINsPZZqrVUa2uYhdCzqLesY7
PseAHWT9PKLRpasZ7DzSveda1JK+Arl65dpChCDeoVJs7xpxyQsUL5XM8rLjzMCj
w6AQ2pZ/hwxd76/+CjkJKFXFLdLTRQb7k1BzgGiDKeiN2QbjbdTwDipdwsyt2Fb/
Fve/Y28Mhbvz3v4wfsvZTpvPLey/yhj4jf9pOOJkcFzeo/nCJ8knLWifvK07AKIo
3UkcSY3Dtb7fdk/cOS8NBCRS1wEn4IMbHJwIi7ItB+jrmUf4yUBT7gxvNMx7ueD5
chL5d15h5u+vGFz5SlbHrT5VPYzj+7zMHQ9vxkrji7vH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:09 2024 by rpki-client on console-fra.rpki-client.org