Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/bmmJBthBHyV06H4ug6lS6AS4E9o.roa
File:                     bmmJBthBHyV06H4ug6lS6AS4E9o.roa (raw, json)
Hash identifier:          /2eh+OrAi6majUdXoZSORkjknwFLgl7GmYB7BimhfNg=
Subject key identifier:   6E:69:89:06:D8:41:1F:25:74:E8:7E:2E:83:A9:52:E8:04:B8:13:DA
Certificate issuer:       /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial:       0186EF915FA1EFC179A5FA0CC74E71AD4085
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/bmmJBthBHyV06H4ug6lS6AS4E9o.roa
Signing time:             Fri 17 Mar 2023 12:35:27 +0000
ROA not before:           Fri 17 Mar 2023 12:35:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56382
IP address blocks:        141.98.139.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 03 Jul 2023 16:41:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:ef:91:5f:a1:ef:c1:79:a5:fa:0c:c7:4e:71:ad:40:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
        Validity
            Not Before: Mar 17 12:35:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6e698906d8411f2574e87e2e83a952e804b813da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:1f:9d:8d:3d:dd:30:9b:13:81:7d:99:a3:40:
                    4e:cb:48:79:6f:e3:48:17:56:cc:3e:ce:22:4b:79:
                    ee:62:ae:6d:c9:1f:ea:f9:5d:1a:28:be:7d:bf:77:
                    a2:d0:88:3d:4f:02:58:d0:68:93:26:59:b2:c9:9f:
                    aa:5a:05:12:bb:0d:21:be:74:61:37:c5:ff:17:8f:
                    38:47:be:52:67:f0:37:04:b0:48:75:cb:5b:c4:b2:
                    ce:1b:fd:3f:e6:16:8d:0f:b0:d3:82:b5:ed:bd:ac:
                    65:db:04:c6:24:bd:ab:3b:4f:7b:10:aa:d1:f7:13:
                    42:d5:66:8a:24:6c:c4:7e:df:8d:dd:f5:b8:8f:7a:
                    ac:d3:cb:47:da:b2:85:a2:97:47:71:a6:ed:ad:e9:
                    e8:89:a2:cf:1a:be:5e:77:29:b7:34:24:3a:95:cf:
                    36:b6:7f:c6:2a:ee:3c:f7:bd:dc:03:b7:53:df:98:
                    be:01:fd:aa:70:6b:56:13:fe:8e:f3:86:78:e3:89:
                    70:48:0a:0b:a1:ca:84:77:fd:cd:35:c6:4c:aa:19:
                    72:ed:c1:12:16:9e:9c:fd:c0:49:ad:fb:b5:16:4a:
                    b9:a2:8e:42:ff:89:33:31:5c:02:c2:1b:3a:2c:9b:
                    04:07:9a:f7:be:7d:c8:51:48:a1:2c:62:2b:7f:27:
                    32:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:69:89:06:D8:41:1F:25:74:E8:7E:2E:83:A9:52:E8:04:B8:13:DA
            X509v3 Authority Key Identifier:
                keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/bmmJBthBHyV06H4ug6lS6AS4E9o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.98.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:1f:a1:db:a5:28:ab:e6:e0:0d:5e:be:88:27:35:b8:9e:a7:
         1c:fc:45:a4:c7:f6:7a:7c:50:99:1b:a6:aa:63:67:77:01:c8:
         3c:a1:12:df:57:ec:a6:78:5f:64:b7:8a:ec:88:5e:0a:35:02:
         84:e8:09:ac:3b:95:09:c0:47:ad:fb:6e:34:92:e0:e3:c7:c2:
         c0:41:b5:b5:e9:bd:d1:91:cc:94:31:e3:14:f2:f3:67:e1:76:
         78:9c:4d:a1:0e:c9:57:79:e9:bd:b6:2f:db:64:f6:65:ec:5c:
         0d:dd:84:8b:ea:45:96:2c:f9:d1:d7:0d:a6:85:79:51:7d:7e:
         c9:23:69:a7:c1:b1:5b:d8:01:2b:f0:33:1c:01:a5:1b:51:27:
         ba:4c:c7:24:a7:4e:19:46:16:cd:bd:8c:97:37:71:26:10:b3:
         20:f2:03:1d:08:01:48:ce:b5:2d:9c:5e:69:0d:ba:52:6f:28:
         b5:66:78:39:a4:cb:bf:f2:75:2d:fa:58:0f:65:d0:30:78:19:
         df:c7:56:d6:db:29:bf:fe:93:77:e1:d2:96:01:a4:06:49:91:
         23:54:04:3c:0a:62:74:d7:89:fb:f7:f9:d1:0e:b0:58:ae:8f:
         1b:25:9c:d3:a2:43:b0:c1:87:1e:e0:05:d3:c7:94:a0:21:3c:
         d6:54:69:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbvkV+h78F5pfoMx05xrUCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjMwMzE3MTIzNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTY5ODkwNmQ4NDExZjI1NzRlODdlMmU4M2E5NTJlODA0YjgxM2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsx+djT3dMJsTgX2Zo0BOy0h5b+NI
F1bMPs4iS3nuYq5tyR/q+V0aKL59v3ei0Ig9TwJY0GiTJlmyyZ+qWgUSuw0hvnRh
N8X/F484R75SZ/A3BLBIdctbxLLOG/0/5haND7DTgrXtvaxl2wTGJL2rO097EKrR
9xNC1WaKJGzEft+N3fW4j3qs08tH2rKFopdHcabtrenoiaLPGr5edym3NCQ6lc82
tn/GKu48973cA7dT35i+Af2qcGtWE/6O84Z444lwSAoLocqEd/3NNcZMqhly7cES
Fp6c/cBJrfu1Fkq5oo5C/4kzMVwCwhs6LJsEB5r3vn3IUUihLGIrfycyHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG5piQbYQR8ldOh+LoOpUugEuBPaMB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEvYm1tSkJ0aEJIeVYwNkg0dWc2bFM2QVM0RTlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjWKLMA0G
CSqGSIb3DQEBCwUAA4IBAQCVH6HbpSir5uANXr6IJzW4nqcc/EWkx/Z6fFCZG6aq
Y2d3Acg8oRLfV+ymeF9kt4rsiF4KNQKE6AmsO5UJwEet+240kuDjx8LAQbW16b3R
kcyUMeMU8vNn4XZ4nE2hDslXeem9ti/bZPZl7FwN3YSL6kWWLPnR1w2mhXlRfX7J
I2mnwbFb2AEr8DMcAaUbUSe6TMckp04ZRhbNvYyXN3EmELMg8gMdCAFIzrUtnF5p
DbpSbyi1Zng5pMu/8nUt+lgPZdAweBnfx1bW2ym//pN34dKWAaQGSZEjVAQ8CmJ0
14n79/nRDrBYro8bJZzTokOwwYce4AXTx5SgITzWVGnM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:09 2024 by rpki-client on console-fra.rpki-client.org