Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/SdTJlBT-GP-IkuQgpsdLe31M3nc.roa
File:                     SdTJlBT-GP-IkuQgpsdLe31M3nc.roa (raw, json)
Hash identifier:          JMAj3Cd71qmhtJl5K6XBcwH/ktOzsy73IcRWnIBoUm4=
Subject key identifier:   49:D4:C9:94:14:FE:18:FF:88:92:E4:20:A6:C7:4B:7B:7D:4C:DE:77
Certificate issuer:       /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial:       01879E32CAA43A862D5FF9E37ED97D4EF8C2
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/SdTJlBT-GP-IkuQgpsdLe31M3nc.roa
Signing time:             Thu 20 Apr 2023 10:25:41 +0000
ROA not before:           Thu 20 Apr 2023 10:25:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207083
IP address blocks:        213.21.236.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 19 May 2023 11:33:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:9e:32:ca:a4:3a:86:2d:5f:f9:e3:7e:d9:7d:4e:f8:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
        Validity
            Not Before: Apr 20 10:25:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=49d4c99414fe18ff8892e420a6c74b7b7d4cde77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:49:0e:b2:ae:74:ac:c8:8b:26:13:1d:47:03:
                    b4:bd:e3:d4:48:e3:79:d3:29:b3:42:ee:4c:73:e5:
                    5a:cb:e9:35:00:c1:a5:5b:20:15:6f:47:dc:87:58:
                    22:f2:9b:91:cf:f2:70:dd:7b:2d:9b:89:54:31:f0:
                    3b:2c:f2:19:6f:3b:9d:75:19:16:a4:5e:13:96:83:
                    46:3f:50:b4:cf:1d:57:d2:5d:22:66:4f:4c:64:86:
                    fb:42:23:03:d1:9f:a0:11:5d:07:ed:dd:d9:2a:e5:
                    4e:32:3b:cd:f2:dd:98:a6:48:5d:b7:e2:9b:8c:d0:
                    79:c6:e5:15:41:4a:9e:5b:d5:a0:72:fe:67:d3:9d:
                    b9:f5:c3:04:44:ef:87:0d:35:a2:cd:a7:f2:96:a5:
                    6d:14:8e:9d:ab:d0:0c:78:d6:4e:8e:bf:b9:7d:40:
                    9d:2e:33:1b:6b:50:f7:49:14:cb:88:b7:69:cd:41:
                    4e:98:82:49:16:a8:3d:34:a9:05:ba:55:30:05:1f:
                    20:7b:c7:85:1e:4a:70:24:4f:2c:b0:43:4b:49:2c:
                    11:9f:e9:e5:c9:90:16:fe:c2:a1:f4:4b:0b:65:e8:
                    83:ec:0e:7c:3e:12:17:58:b6:e4:33:ca:d9:9d:c1:
                    e7:b7:63:a7:26:65:8f:b4:3e:02:e6:2a:74:10:00:
                    d5:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:D4:C9:94:14:FE:18:FF:88:92:E4:20:A6:C7:4B:7B:7D:4C:DE:77
            X509v3 Authority Key Identifier:
                keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/SdTJlBT-GP-IkuQgpsdLe31M3nc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.21.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:ed:9a:b9:ca:20:80:05:43:24:ed:65:22:b8:6f:39:06:47:
         2e:63:c2:d2:20:d2:ab:53:8a:8d:0a:08:fe:3b:fe:f0:33:7a:
         fa:a6:db:05:87:c8:1b:a9:19:d3:d3:80:db:27:c6:18:b5:d7:
         11:7d:b5:58:10:3c:e4:cb:5c:4b:9a:fd:ba:5e:51:6d:d7:03:
         02:43:87:ee:3e:48:df:3f:2b:52:f8:87:36:38:fd:b7:bf:1f:
         59:5f:c2:28:9f:4e:87:66:c7:b9:cd:57:55:9f:d4:41:3f:e2:
         60:0c:28:70:10:ae:c0:6a:af:de:2d:e1:99:dc:46:49:8e:79:
         3f:f9:64:c4:75:bc:f6:c2:6f:ad:4f:8d:8d:81:f6:7b:9c:8f:
         75:6c:c6:f3:01:05:46:94:30:83:37:93:44:46:07:a7:db:91:
         61:d3:15:62:85:60:c7:97:f8:3e:24:98:9a:0c:73:aa:12:97:
         05:9b:4b:e4:d7:b1:b8:d5:70:0b:43:08:a2:98:47:21:a3:b1:
         16:ff:36:1e:cb:27:f5:de:fb:1e:a1:6c:1d:73:76:64:86:51:
         eb:d8:1a:a0:a1:f1:fc:a5:ab:93:5d:e9:f3:83:49:bc:a9:8d:
         24:be:f0:1d:1d:e6:9e:8a:7b:93:2e:8d:b3:ce:fb:70:44:cb:
         e2:6a:84:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeeMsqkOoYtX/njftl9TvjCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjMwNDIwMTAyNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWQ0Yzk5NDE0ZmUxOGZmODg5MmU0MjBhNmM3NGI3YjdkNGNkZTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0kOsq50rMiLJhMdRwO0vePUSON5
0ymzQu5Mc+Vay+k1AMGlWyAVb0fch1gi8puRz/Jw3Xstm4lUMfA7LPIZbzuddRkW
pF4TloNGP1C0zx1X0l0iZk9MZIb7QiMD0Z+gEV0H7d3ZKuVOMjvN8t2Ypkhdt+Kb
jNB5xuUVQUqeW9Wgcv5n05259cMERO+HDTWizafylqVtFI6dq9AMeNZOjr+5fUCd
LjMba1D3SRTLiLdpzUFOmIJJFqg9NKkFulUwBR8ge8eFHkpwJE8ssENLSSwRn+nl
yZAW/sKh9EsLZeiD7A58PhIXWLbkM8rZncHnt2OnJmWPtD4C5ip0EADVXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEnUyZQU/hj/iJLkIKbHS3t9TN53MB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvU2RUSmxCVC1HUC1Ja3VRZ3BzZExlMzFNM25jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1RXsMA0G
CSqGSIb3DQEBCwUAA4IBAQA17Zq5yiCABUMk7WUiuG85BkcuY8LSINKrU4qNCgj+
O/7wM3r6ptsFh8gbqRnT04DbJ8YYtdcRfbVYEDzky1xLmv26XlFt1wMCQ4fuPkjf
PytS+Ic2OP23vx9ZX8Ion06HZse5zVdVn9RBP+JgDChwEK7Aaq/eLeGZ3EZJjnk/
+WTEdbz2wm+tT42NgfZ7nI91bMbzAQVGlDCDN5NERgen25Fh0xVihWDHl/g+JJia
DHOqEpcFm0vk17G41XALQwiimEcho7EW/zYeyyf13vseoWwdc3ZkhlHr2BqgofH8
pauTXenzg0m8qY0kvvAdHeaeinuTLo2zzvtwRMviaoRM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:38 2024 by rpki-client on console-ams.rpki-client.org