Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/BghQntOMen5t4YlxTMl79L2LwSI.roa
File:                     BghQntOMen5t4YlxTMl79L2LwSI.roa (raw, json)
Hash identifier:          0uYvi1Am+vtZ1BKBgjfue31nyEJh3RNoX7jscezheAE=
Subject key identifier:   06:08:50:9E:D3:8C:7A:7E:6D:E1:89:71:4C:C9:7B:F4:BD:8B:C1:22
Certificate issuer:       /CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Certificate serial:       018CCA287F394B3951BE81E2985FCE3A4792
Authority key identifier: E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/BghQntOMen5t4YlxTMl79L2LwSI.roa
Signing time:             Tue 02 Jan 2024 12:31:40 +0000
ROA not before:           Tue 02 Jan 2024 12:31:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     56414
IP address blocks:        194.26.217.0/24 maxlen: 24
                          2a12:7807::/32 maxlen: 32
                          2a12:7800::/32 maxlen: 32

Validation:               Failed, certificate revoked on Sun 10 Nov 2024 05:50:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:28:7f:39:4b:39:51:be:81:e2:98:5f:ce:3a:47:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
        Validity
            Not Before: Jan  2 12:31:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0608509ed38c7a7e6de189714cc97bf4bd8bc122
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:b1:6c:09:a0:76:42:1a:fa:e7:34:a1:ba:76:
                    5d:a6:63:62:90:c2:61:f7:e3:99:47:15:9c:d3:86:
                    c7:ad:01:82:9f:d4:b2:53:e1:18:e1:a9:b1:6c:63:
                    f5:67:1c:13:35:71:a9:dc:0a:20:f3:e6:92:f1:19:
                    b8:de:86:9e:2a:23:50:b7:e6:1e:aa:d5:9f:ce:56:
                    5e:e7:5c:67:63:48:54:c6:90:81:8b:0c:b5:ab:3c:
                    da:77:cb:df:13:fb:61:e2:ff:6c:14:42:2a:a3:f1:
                    65:66:95:4e:3d:8e:cd:d5:24:b4:ab:82:67:4b:59:
                    3f:43:fc:01:a8:67:05:2f:39:80:3c:94:4c:c8:b1:
                    63:d4:4b:7f:d3:a6:f0:1c:b7:e2:7e:13:6c:a1:fa:
                    72:8d:be:7f:9c:af:d6:9e:16:ab:8e:10:d9:fe:0f:
                    2f:cc:29:87:ab:77:ab:00:44:a4:df:fc:13:68:ed:
                    61:e1:4f:22:a9:62:d9:4a:71:bd:b2:9e:63:e4:ba:
                    b4:26:e4:42:71:89:5b:1c:55:f0:2d:48:30:8c:eb:
                    9f:8d:90:cf:7d:f8:c6:61:9b:15:bf:b8:ec:5e:ed:
                    c5:b7:ad:e8:39:d3:f6:5e:34:90:94:e8:52:82:a5:
                    e4:5c:14:fa:f2:a2:7d:84:bc:53:48:45:5c:30:23:
                    0d:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:08:50:9E:D3:8C:7A:7E:6D:E1:89:71:4C:C9:7B:F4:BD:8B:C1:22
            X509v3 Authority Key Identifier:
                keyid:E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/BghQntOMen5t4YlxTMl79L2LwSI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.26.217.0/24
                IPv6:
                  2a12:7800::/32
                  2a12:7807::/32

    Signature Algorithm: sha256WithRSAEncryption
         87:d4:59:21:98:7e:cf:d2:c8:ba:1e:d0:9b:81:df:72:ea:84:
         62:12:7d:2b:08:0f:65:00:41:f6:33:11:70:93:10:15:0f:11:
         c0:bd:20:53:24:d8:b8:39:fd:22:1d:60:47:df:81:87:ef:0f:
         75:40:1c:22:25:79:15:ea:14:5f:16:76:63:53:dd:d7:d2:45:
         28:bd:47:33:aa:6e:0f:22:38:8a:fe:4f:6e:60:56:04:0f:3b:
         54:46:7e:03:b2:b0:d7:f2:58:69:e6:92:f4:c7:7f:66:28:b2:
         10:1e:f1:9e:14:1d:51:d7:a6:75:d2:20:c7:38:ea:17:f3:06:
         95:d2:36:91:65:9d:4a:70:1b:0a:95:4f:2c:62:01:5d:c2:ff:
         d8:54:d1:cc:71:bb:07:32:90:59:c3:7d:73:d2:4a:a3:04:c4:
         cb:49:0d:25:ed:fd:cb:1a:09:4c:fe:a6:6a:da:1d:08:36:fc:
         8c:11:d8:3f:db:50:c1:81:e6:7e:cc:b6:0f:a7:59:4b:94:3a:
         4e:66:1e:b9:e6:19:8e:24:5a:7a:0e:bf:68:c4:93:19:bb:fd:
         7d:81:33:5e:c7:8e:be:79:88:72:ec:57:15:15:87:69:c5:12:
         12:7d:51:81:df:f6:00:99:f3:15:54:cb:bc:7d:48:6b:82:6e:
         e7:b3:14:f9
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzKKH85SzlRvoHimF/OOkeSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmYzYTcyY2FkNmY0YjNkYzMwNWI0Y2JlMzEwODcwNTFk
OTgzZjYwHhcNMjQwMTAyMTIzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjA4NTA5ZWQzOGM3YTdlNmRlMTg5NzE0Y2M5N2JmNGJkOGJjMTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrFsCaB2Qhr65zShunZdpmNikMJh
9+OZRxWc04bHrQGCn9SyU+EY4amxbGP1ZxwTNXGp3Aog8+aS8Rm43oaeKiNQt+Ye
qtWfzlZe51xnY0hUxpCBiwy1qzzad8vfE/th4v9sFEIqo/FlZpVOPY7N1SS0q4Jn
S1k/Q/wBqGcFLzmAPJRMyLFj1Et/06bwHLfifhNsofpyjb5/nK/WnharjhDZ/g8v
zCmHq3erAESk3/wTaO1h4U8iqWLZSnG9sp5j5Lq0JuRCcYlbHFXwLUgwjOufjZDP
ffjGYZsVv7jsXu3Ft63oOdP2XjSQlOhSgqXkXBT68qJ9hLxTSEVcMCMNYQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAYIUJ7TjHp+beGJcUzJe/S9i8EiMB8GA1UdIwQY
MBaAFOW/OnLK1vSz3DBbTL4xCHBR2YP2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEt
MDliZTlkYjExZjY2LzEvQmdoUW50T01lbjV0NFlseFRNbDc5TDJMd1NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEtMDliZTlkYjExZjY2
LzEvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQAwhrZMBQE
AgACMA4DBQAqEngAAwUAKhJ4BzANBgkqhkiG9w0BAQsFAAOCAQEAh9RZIZh+z9LI
uh7Qm4HfcuqEYhJ9KwgPZQBB9jMRcJMQFQ8RwL0gUyTYuDn9Ih1gR9+Bh+8PdUAc
IiV5FeoUXxZ2Y1Pd19JFKL1HM6puDyI4iv5PbmBWBA87VEZ+A7Kw1/JYaeaS9Md/
ZiiyEB7xnhQdUdemddIgxzjqF/MGldI2kWWdSnAbCpVPLGIBXcL/2FTRzHG7BzKQ
WcN9c9JKowTEy0kNJe39yxoJTP6matodCDb8jBHYP9tQwYHmfsy2D6dZS5Q6TmYe
ueYZjiRaeg6/aMSTGbv9fYEzXseOvnmIcuxXFRWHacUSEn1Rgd/2AJnzFVTLvH1I
a4Ju57MU+Q==
-----END CERTIFICATE-----
Generated at Sun Nov 10 09:36:25 2024 by rpki-client on console-fra.rpki-client.org