Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/3JOGRqutOZAZ8ga6iuZ35gWoUBQ.roa
File:                     3JOGRqutOZAZ8ga6iuZ35gWoUBQ.roa (raw, json)
Hash identifier:          T/nSmcphqtRL5AFdryq63ObB29PFvldP8fvRYzmQHU0=
Subject key identifier:   DC:93:86:46:AB:AD:39:90:19:F2:06:BA:8A:E6:77:E6:05:A8:50:14
Certificate issuer:       /CN=4b01b0851b7f89ea4bb132a7f5395b9d2aca1c02
Certificate serial:       018982E4EA01ECBC7912CF6C57F1EB69072E
Authority key identifier: 4B:01:B0:85:1B:7F:89:EA:4B:B1:32:A7:F5:39:5B:9D:2A:CA:1C:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SwGwhRt_iepLsTKn9TlbnSrKHAI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/3JOGRqutOZAZ8ga6iuZ35gWoUBQ.roa
Signing time:             Sun 23 Jul 2023 13:16:27 +0000
ROA not before:           Sun 23 Jul 2023 13:16:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207605
IP address blocks:        176.119.205.0/24 maxlen: 24
                          195.189.141.0/24 maxlen: 24
                          2a05:4500::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:30:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:82:e4:ea:01:ec:bc:79:12:cf:6c:57:f1:eb:69:07:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b01b0851b7f89ea4bb132a7f5395b9d2aca1c02
        Validity
            Not Before: Jul 23 13:16:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dc938646abad399019f206ba8ae677e605a85014
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:21:51:4b:f0:d0:ef:ec:94:1f:1f:86:cf:99:
                    98:a8:15:65:9e:83:5c:75:ee:56:5a:e1:f1:b0:f2:
                    dc:60:d3:64:78:80:41:63:fe:34:db:ca:6a:7a:91:
                    9c:f8:4c:ed:5d:f3:4f:42:f2:3e:4b:1d:1e:e8:55:
                    be:8b:1e:de:56:1c:5a:e9:cf:4e:9a:90:9a:77:41:
                    c6:2a:d6:ef:c9:04:ce:a5:85:f2:a4:bb:af:b3:d5:
                    54:01:a4:5d:f5:35:9b:21:bf:fd:b0:6f:17:9a:4d:
                    ac:63:3a:42:b7:52:f1:64:13:f9:bf:71:10:c2:e0:
                    fe:f3:40:f6:10:bb:0c:a9:2e:c1:f9:94:ee:1f:1a:
                    bd:02:78:ee:e7:ed:ce:52:f7:d0:72:ad:0b:07:5f:
                    91:1f:e7:18:ca:7c:9a:92:5d:27:ee:35:2c:5a:1a:
                    ab:c7:12:c3:a1:ac:46:51:74:53:aa:c9:6b:8b:bd:
                    51:e5:af:47:5a:e4:9f:fc:71:0b:c4:9b:45:81:db:
                    12:76:c1:b7:79:83:90:e2:30:3a:ce:71:75:ac:4d:
                    00:42:7c:cb:9c:9c:c5:3c:25:f8:15:73:94:4d:fa:
                    b6:09:c2:b7:43:46:6f:cd:f5:bf:01:f4:28:44:04:
                    06:5b:1c:97:84:5a:00:f0:d5:38:0c:ef:d0:28:2e:
                    ea:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:93:86:46:AB:AD:39:90:19:F2:06:BA:8A:E6:77:E6:05:A8:50:14
            X509v3 Authority Key Identifier:
                keyid:4B:01:B0:85:1B:7F:89:EA:4B:B1:32:A7:F5:39:5B:9D:2A:CA:1C:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SwGwhRt_iepLsTKn9TlbnSrKHAI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/3JOGRqutOZAZ8ga6iuZ35gWoUBQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cb9d7f-afdf-4487-9e08-bd5043c0d1fb/1/SwGwhRt_iepLsTKn9TlbnSrKHAI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.119.205.0/24
                  195.189.141.0/24
                IPv6:
                  2a05:4500::/29

    Signature Algorithm: sha256WithRSAEncryption
         92:96:1a:c7:a5:0c:e8:87:5a:2a:f5:09:2d:4e:68:fe:37:fd:
         4d:e5:f2:38:dc:82:89:6b:cc:1c:f6:6c:8d:81:08:15:c5:fc:
         aa:36:f1:57:21:d7:3c:d6:44:86:38:f2:43:96:56:25:5a:b8:
         80:b6:35:29:0b:7a:df:78:4a:55:a4:fe:1f:12:f5:1a:30:df:
         48:bd:2b:c4:9c:82:9a:38:2d:d6:40:fd:0f:e7:d9:96:98:9f:
         a6:d1:f2:18:79:87:e0:7f:ca:f6:d5:3b:17:32:d4:8c:93:42:
         e5:6f:8d:d8:4f:99:cc:a1:89:c4:c1:43:c8:6f:63:b2:34:2f:
         8a:3c:f7:ab:b4:9d:fa:4e:37:bb:9c:63:15:e5:c3:8d:bc:02:
         b1:cb:ab:0c:ea:ff:f8:2d:11:d7:50:f6:42:8b:91:02:63:5a:
         6f:ce:df:da:2b:59:e8:55:15:3b:51:a8:a4:5a:06:b5:6d:b3:
         8e:90:3c:d8:c2:9b:94:90:f6:be:f1:a0:c0:3e:ba:22:4f:81:
         29:fa:3b:45:d3:87:0a:e8:2c:10:f0:fc:3a:ec:88:52:e5:95:
         6f:25:30:7d:b4:7e:0e:b5:67:4e:f3:b3:f9:1c:61:44:81:05:
         1b:b2:c7:39:e4:a3:d9:fc:21:1b:69:08:75:46:ef:45:ae:12:
         3c:5d:37:62
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYmC5OoB7Lx5Es9sV/HraQcuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMDFiMDg1MWI3Zjg5ZWE0YmIxMzJhN2Y1Mzk1YjlkMmFj
YTFjMDIwHhcNMjMwNzIzMTMxNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzkzODY0NmFiYWQzOTkwMTlmMjA2YmE4YWU2NzdlNjA1YTg1MDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSFRS/DQ7+yUHx+Gz5mYqBVlnoNc
de5WWuHxsPLcYNNkeIBBY/4028pqepGc+EztXfNPQvI+Sx0e6FW+ix7eVhxa6c9O
mpCad0HGKtbvyQTOpYXypLuvs9VUAaRd9TWbIb/9sG8Xmk2sYzpCt1LxZBP5v3EQ
wuD+80D2ELsMqS7B+ZTuHxq9Anju5+3OUvfQcq0LB1+RH+cYynyakl0n7jUsWhqr
xxLDoaxGUXRTqslri71R5a9HWuSf/HELxJtFgdsSdsG3eYOQ4jA6znF1rE0AQnzL
nJzFPCX4FXOUTfq2CcK3Q0ZvzfW/AfQoRAQGWxyXhFoA8NU4DO/QKC7qPwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNyThkarrTmQGfIGuormd+YFqFAUMB8GA1UdIwQY
MBaAFEsBsIUbf4nqS7Eyp/U5W50qyhwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3dHd2hSdF9pZXBMc1RLbjlUbGJuU3JLSEFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jYjlkN2YtYWZkZi00NDg3LTllMDgt
YmQ1MDQzYzBkMWZiLzEvM0pPR1JxdXRPWkFaOGdhNml1WjM1Z1dvVUJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jYjlkN2YtYWZkZi00NDg3LTllMDgtYmQ1MDQzYzBkMWZi
LzEvU3dHd2hSdF9pZXBMc1RLbjlUbGJuU3JLSEFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAsHfNAwQA
w72NMA0EAgACMAcDBQMqBUUAMA0GCSqGSIb3DQEBCwUAA4IBAQCSlhrHpQzoh1oq
9QktTmj+N/1N5fI43IKJa8wc9myNgQgVxfyqNvFXIdc81kSGOPJDllYlWriAtjUp
C3rfeEpVpP4fEvUaMN9IvSvEnIKaOC3WQP0P59mWmJ+m0fIYeYfgf8r21TsXMtSM
k0Llb43YT5nMoYnEwUPIb2OyNC+KPPertJ36Tje7nGMV5cONvAKxy6sM6v/4LRHX
UPZCi5ECY1pvzt/aK1noVRU7UaikWga1bbOOkDzYwpuUkPa+8aDAProiT4Ep+jtF
04cK6CwQ8Pw67IhS5ZVvJTB9tH4OtWdO87P5HGFEgQUbssc55KPZ/CEbaQh1Ru9F
rhI8XTdi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:54 2024 by rpki-client on console-ams.rpki-client.org