Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/nIIQqf0xeIXUMNkQ2t4ASkL3PX4.roa
File:                     nIIQqf0xeIXUMNkQ2t4ASkL3PX4.roa (raw, json)
Hash identifier:          9xtm+u2PVApA7kwIzRNDx+/vjsHhUWVQMbt/M8/Fojw=
Subject key identifier:   9C:82:10:A9:FD:31:78:85:D4:30:D9:10:DA:DE:00:4A:42:F7:3D:7E
Certificate issuer:       /CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Certificate serial:       01856C6F21C149084B4F2CDA7EDB5F358117
Authority key identifier: DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/nIIQqf0xeIXUMNkQ2t4ASkL3PX4.roa
Signing time:             Sun 01 Jan 2023 08:25:00 +0000
ROA not before:           Sun 01 Jan 2023 08:25:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208046
IP address blocks:        193.142.147.0/24 maxlen: 24
                          193.142.146.0/24 maxlen: 24
                          193.142.59.0/24 maxlen: 24
                          2a0f:ca80:1338::/48 maxlen: 48
                          2a0f:ca80:618::/48 maxlen: 48
                          2a0f:ca86::/40 maxlen: 40
                          2a0f:ca80:1::/48 maxlen: 48
                          2a0f:ca80:1337::/48 maxlen: 48
                          2a0f:ca80:617::/48 maxlen: 48
                          2a0f:ca83:1337::/48 maxlen: 48
                          2a0f:ca84::/40 maxlen: 40
                          2a0f:ca80:1200::/40 maxlen: 40
                          2a0f:ca80:1100::/40 maxlen: 40
                          2a0f:ca80::/48 maxlen: 48
                          2a0f:ca80:619::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:6f:21:c1:49:08:4b:4f:2c:da:7e:db:5f:35:81:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
        Validity
            Not Before: Jan  1 08:25:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9c8210a9fd317885d430d910dade004a42f73d7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:de:7e:eb:ae:df:49:99:53:98:17:07:fe:03:
                    78:6b:da:0b:9d:5b:5f:11:79:32:8c:9e:b4:f4:98:
                    64:37:f8:20:28:2f:b6:5a:aa:12:e7:23:2e:7d:df:
                    c2:21:32:cc:4c:35:23:34:66:7d:7f:96:ad:b0:8d:
                    1e:9b:07:ef:09:62:ca:dc:5c:86:d1:82:48:9f:f7:
                    b5:da:05:10:c6:b1:52:98:2c:5c:ba:41:28:7f:04:
                    0c:47:a4:29:e7:b1:a7:50:e7:dd:52:21:58:e3:73:
                    ae:1c:18:ff:17:54:d6:bd:39:53:aa:5c:cb:cb:86:
                    6e:eb:cf:cf:63:6c:9a:bf:87:e9:1a:ff:60:50:b9:
                    ff:31:a4:3b:b6:14:7c:f5:42:b3:bb:bb:d0:63:a7:
                    9e:42:7c:7a:0f:76:bd:ea:32:05:f0:6a:0f:f0:92:
                    1e:ef:7d:3a:6f:6c:cc:c0:97:42:60:aa:58:72:b1:
                    49:eb:ba:2a:f9:77:d2:e4:19:be:54:28:fb:9b:a3:
                    53:69:ab:9c:06:69:13:df:46:75:bf:ae:10:b5:4d:
                    eb:ec:ae:f1:5e:7e:d3:3e:83:c0:4e:5b:d7:5f:1a:
                    62:7b:62:d9:c5:b2:20:0d:03:9a:7e:d0:18:64:60:
                    37:cb:c7:2a:8e:a7:e5:90:6e:cf:e3:bf:b9:2b:79:
                    ee:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:82:10:A9:FD:31:78:85:D4:30:D9:10:DA:DE:00:4A:42:F7:3D:7E
            X509v3 Authority Key Identifier:
                keyid:DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/nIIQqf0xeIXUMNkQ2t4ASkL3PX4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/2-arjgxG6EG0TSucawO7ZfViHbE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.142.59.0/24
                  193.142.146.0/23
                IPv6:
                  2a0f:ca80::/47
                  2a0f:ca80:617::-2a0f:ca80:619:ffff:ffff:ffff:ffff:ffff
                  2a0f:ca80:1100::-2a0f:ca80:12ff:ffff:ffff:ffff:ffff:ffff
                  2a0f:ca80:1337::-2a0f:ca80:1338:ffff:ffff:ffff:ffff:ffff
                  2a0f:ca83:1337::/48
                  2a0f:ca84::/40
                  2a0f:ca86::/40

    Signature Algorithm: sha256WithRSAEncryption
         54:b7:b1:7d:b0:5b:c7:6c:a2:1f:96:34:da:0b:ba:f4:07:31:
         b3:91:46:3a:ab:92:d3:1f:93:93:97:38:70:cf:cc:f9:4a:33:
         25:ef:28:55:24:ef:f0:fb:a7:e3:f3:e4:56:48:48:fd:ec:5c:
         76:4c:cb:07:6e:e4:d1:ea:0c:e8:22:de:14:51:02:e3:a4:53:
         89:49:b6:a6:02:81:f1:a2:af:c2:86:e4:87:f2:75:ba:19:33:
         a0:16:55:ca:8b:aa:d5:9e:34:8b:7d:b1:2f:84:0c:e0:3e:f4:
         4d:e1:ab:ab:c5:a4:3c:4d:9f:36:97:10:fe:7e:e8:0f:08:ab:
         a4:11:60:8f:f1:8e:d4:fa:74:c8:1c:e3:a6:76:63:2e:44:5b:
         8e:f2:08:1e:ec:c1:84:b5:33:72:31:20:0b:51:d7:47:8a:21:
         89:df:13:54:6b:fe:c9:b2:63:35:06:28:a1:cc:d9:a7:07:08:
         77:b7:d6:00:df:f3:0a:8d:9b:2d:9f:c5:14:7d:d5:d3:b3:92:
         df:28:f8:2c:13:54:8f:c2:88:d2:03:2a:4f:ca:25:4f:81:5e:
         bc:88:5c:3a:24:00:d4:01:4a:7e:eb:06:f1:8c:60:f9:88:59:
         6d:65:3d:c1:a6:c8:95:33:e2:eb:39:aa:b6:7a:64:c6:59:e8:
         7a:0d:48:b1
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYVsbyHBSQhLTyzafttfNYEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTZhYjhlMGM0NmU4NDFiNDRkMmI5YzZiMDNiYjY1ZjU2
MjFkYjEwHhcNMjMwMTAxMDgyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzgyMTBhOWZkMzE3ODg1ZDQzMGQ5MTBkYWRlMDA0YTQyZjczZDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyt5+667fSZlTmBcH/gN4a9oLnVtf
EXkyjJ609JhkN/ggKC+2WqoS5yMufd/CITLMTDUjNGZ9f5atsI0emwfvCWLK3FyG
0YJIn/e12gUQxrFSmCxcukEofwQMR6Qp57GnUOfdUiFY43OuHBj/F1TWvTlTqlzL
y4Zu68/PY2yav4fpGv9gULn/MaQ7thR89UKzu7vQY6eeQnx6D3a96jIF8GoP8JIe
7306b2zMwJdCYKpYcrFJ67oq+XfS5Bm+VCj7m6NTaaucBmkT30Z1v64QtU3r7K7x
Xn7TPoPATlvXXxpie2LZxbIgDQOaftAYZGA3y8cqjqflkG7P47+5K3nuOwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFJyCEKn9MXiF1DDZENreAEpC9z1+MB8GA1UdIwQY
MBaAFNvmq44MRuhBtE0rnGsDu2X1Yh2xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2Mt
ZmIxMDMwNjUxMDY3LzEvbklJUXFmMHhlSVhVTU5rUTJ0NEFTa0wzUFg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2MtZmIxMDMwNjUxMDY3
LzEvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwEgQCAAEwDAMEAMGOOwME
AcGOkjBiBAIAAjBcAwcBKg/KgAAAMBIDBwAqD8qABhcDBwEqD8qABhgwEAMGACoP
yoARAwYAKg/KgBIwEgMHACoPyoATNwMHACoPyoATOAMHACoPyoMTNwMGACoPyoQA
AwYAKg/KhgAwDQYJKoZIhvcNAQELBQADggEBAFS3sX2wW8dsoh+WNNoLuvQHMbOR
RjqrktMfk5OXOHDPzPlKMyXvKFUk7/D7p+Pz5FZISP3sXHZMywdu5NHqDOgi3hRR
AuOkU4lJtqYCgfGir8KG5IfydboZM6AWVcqLqtWeNIt9sS+EDOA+9E3hq6vFpDxN
nzaXEP5+6A8Iq6QRYI/xjtT6dMgc46Z2Yy5EW47yCB7swYS1M3IxIAtR10eKIYnf
E1Rr/smyYzUGKKHM2acHCHe31gDf8wqNmy2fxRR91dOzkt8o+CwTVI/CiNIDKk/K
JU+BXryIXDokANQBSn7rBvGMYPmIWW1lPcGmyJUz4us5qrZ6ZMZZ6HoNSLE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:55 2024 by rpki-client on console-fra.rpki-client.org