Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/Bab85z0pmT4opENaekS0M9uIlAM.roa
File:                     Bab85z0pmT4opENaekS0M9uIlAM.roa (raw, json)
Hash identifier:          MHcZKBfe8cUnEBHaBE7NpmJhzQaneyAwWh+0lD/bS3M=
Subject key identifier:   05:A6:FC:E7:3D:29:99:3E:28:A4:43:5A:7A:44:B4:33:DB:88:94:03
Certificate issuer:       /CN=a6785773df313b91711bf6bc5b149ecc246b9e89
Certificate serial:       018570FBB7A2FF3C0BC20B37192A9C26291E
Authority key identifier: A6:78:57:73:DF:31:3B:91:71:1B:F6:BC:5B:14:9E:CC:24:6B:9E:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/Bab85z0pmT4opENaekS0M9uIlAM.roa
Signing time:             Mon 02 Jan 2023 05:37:02 +0000
ROA not before:           Mon 02 Jan 2023 05:37:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202354
IP address blocks:        185.239.179.0/24 maxlen: 24
                          185.239.178.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:30:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:fb:b7:a2:ff:3c:0b:c2:0b:37:19:2a:9c:26:29:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6785773df313b91711bf6bc5b149ecc246b9e89
        Validity
            Not Before: Jan  2 05:37:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=05a6fce73d29993e28a4435a7a44b433db889403
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:3a:35:4c:21:5c:32:03:03:bc:da:04:8b:92:
                    80:0c:35:95:ce:9f:c0:14:06:fd:32:db:e8:f9:da:
                    96:76:3f:20:ca:61:6d:cb:ca:b2:9a:f4:4c:d0:1d:
                    b7:d7:67:ab:4f:d0:c7:79:7a:a5:9f:b2:7a:3a:89:
                    39:b1:dd:4e:46:ec:5d:06:f9:71:15:90:81:b2:95:
                    29:65:71:f8:8f:83:2b:a0:3a:98:08:ea:05:a1:93:
                    69:bf:09:d1:21:c4:2e:16:7a:7c:ea:7a:8a:2e:3a:
                    28:69:16:b2:ae:c7:a0:9e:c1:a4:a6:4a:74:e7:c7:
                    0b:7f:82:a0:65:e2:aa:e2:0a:75:97:01:b2:c4:d2:
                    3d:3a:21:ba:ac:cc:cc:a1:7c:2f:83:b8:54:58:80:
                    5a:21:4c:36:33:fd:c9:99:b4:41:72:66:85:cf:21:
                    44:97:11:9f:10:e1:a3:67:ed:b2:11:e2:76:c9:6c:
                    89:c6:f8:55:ca:b3:89:99:3c:66:bb:22:11:d8:6d:
                    a8:3b:7d:ac:22:c7:0c:fd:d0:c5:08:de:19:b2:fa:
                    bd:c8:b8:14:e4:e4:87:33:4f:a4:f6:59:47:4b:03:
                    27:17:08:26:5f:8e:bc:9c:61:3f:cf:12:86:f3:c5:
                    33:1a:9d:68:12:64:0f:ad:5b:b3:c2:f7:07:81:ae:
                    f5:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:A6:FC:E7:3D:29:99:3E:28:A4:43:5A:7A:44:B4:33:DB:88:94:03
            X509v3 Authority Key Identifier:
                keyid:A6:78:57:73:DF:31:3B:91:71:1B:F6:BC:5B:14:9E:CC:24:6B:9E:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/Bab85z0pmT4opENaekS0M9uIlAM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.239.178.0/23

    Signature Algorithm: sha256WithRSAEncryption
         95:ce:b3:c5:ae:fd:d3:48:f2:ec:8e:0e:ab:b3:ef:5b:82:35:
         7a:d3:89:d4:1f:b5:03:be:f1:45:b5:c1:6e:93:12:2a:1d:a2:
         68:8d:e6:7d:7c:d6:45:e7:e5:42:6f:b8:f6:ce:c6:3e:dc:db:
         56:ae:06:56:98:0f:4a:72:60:9d:08:19:bb:c8:30:ac:77:b4:
         c8:6e:07:ff:f6:92:61:5c:94:94:3a:55:b5:77:9d:de:32:63:
         8c:4b:76:68:56:b9:b4:61:5c:05:ce:5c:21:33:22:f2:34:9c:
         b3:51:2f:10:68:e1:c7:f0:d8:48:a3:65:e0:f3:de:c0:f5:66:
         de:2e:a7:f7:b5:ec:b2:83:96:29:f2:b1:cd:ad:55:d3:9c:d0:
         c4:30:6c:9f:4c:fc:31:43:4a:b9:3a:a7:ca:a0:0f:41:a3:86:
         3a:a2:95:11:79:68:dd:5b:10:b5:f0:0c:e1:46:07:ee:60:5a:
         49:58:1a:46:86:0a:02:8d:98:fe:85:4f:74:06:cf:63:a8:1d:
         ef:b2:86:e0:12:6b:73:93:cb:6d:63:44:e5:64:2e:74:a2:26:
         26:71:23:67:8a:84:00:17:26:67:76:02:2b:76:5a:64:09:aa:
         d4:6c:1c:22:12:fd:31:1a:19:6f:6d:48:30:f3:c8:54:d2:1d:
         f3:3e:d7:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+7ei/zwLwgs3GSqcJikeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2Nzg1NzczZGYzMTNiOTE3MTFiZjZiYzViMTQ5ZWNjMjQ2
YjllODkwHhcNMjMwMTAyMDUzNzAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWE2ZmNlNzNkMjk5OTNlMjhhNDQzNWE3YTQ0YjQzM2RiODg5NDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0To1TCFcMgMDvNoEi5KADDWVzp/A
FAb9Mtvo+dqWdj8gymFty8qymvRM0B2312erT9DHeXqln7J6Ook5sd1ORuxdBvlx
FZCBspUpZXH4j4MroDqYCOoFoZNpvwnRIcQuFnp86nqKLjooaRayrsegnsGkpkp0
58cLf4KgZeKq4gp1lwGyxNI9OiG6rMzMoXwvg7hUWIBaIUw2M/3JmbRBcmaFzyFE
lxGfEOGjZ+2yEeJ2yWyJxvhVyrOJmTxmuyIR2G2oO32sIscM/dDFCN4Zsvq9yLgU
5OSHM0+k9llHSwMnFwgmX468nGE/zxKG88UzGp1oEmQPrVuzwvcHga71WwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAWm/Oc9KZk+KKRDWnpEtDPbiJQDMB8GA1UdIwQY
MBaAFKZ4V3PfMTuRcRv2vFsUnswka56JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hZTkyMTEtYzUyZC00ODBkLWE1OTEt
ZDc1ODY5YzBjNzFlLzEvQmFiODV6MHBtVDRvcEVOYWVrUzBNOXVJbEFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hZTkyMTEtYzUyZC00ODBkLWE1OTEtZDc1ODY5YzBjNzFl
LzEvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBue+yMA0G
CSqGSIb3DQEBCwUAA4IBAQCVzrPFrv3TSPLsjg6rs+9bgjV604nUH7UDvvFFtcFu
kxIqHaJojeZ9fNZF5+VCb7j2zsY+3NtWrgZWmA9KcmCdCBm7yDCsd7TIbgf/9pJh
XJSUOlW1d53eMmOMS3ZoVrm0YVwFzlwhMyLyNJyzUS8QaOHH8NhIo2Xg897A9Wbe
Lqf3teyyg5Yp8rHNrVXTnNDEMGyfTPwxQ0q5OqfKoA9Bo4Y6opUReWjdWxC18Azh
RgfuYFpJWBpGhgoCjZj+hU90Bs9jqB3vsobgEmtzk8ttY0TlZC50oiYmcSNnioQA
FyZndgIrdlpkCarUbBwiEv0xGhlvbUgw88hU0h3zPtdb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:36 2024 by rpki-client on console-fra.rpki-client.org