Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/JcK_urmUp4meQmpFhQJq5hxS-lo.roa
File:                     JcK_urmUp4meQmpFhQJq5hxS-lo.roa (raw, json)
Hash identifier:          TSmr10h7BdX6LGKPQD8YQZMbQFGLOehVK4FleXpD5G8=
Subject key identifier:   25:C2:BF:BA:B9:94:A7:89:9E:42:6A:45:85:02:6A:E6:1C:52:FA:5A
Certificate issuer:       /CN=a608db43964b6986ec740f0b5e33f627589ac560
Certificate serial:       018B2ABDFBA998A6F4F927E845232CC6C749
Authority key identifier: A6:08:DB:43:96:4B:69:86:EC:74:0F:0B:5E:33:F6:27:58:9A:C5:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/JcK_urmUp4meQmpFhQJq5hxS-lo.roa
Signing time:             Fri 13 Oct 2023 20:32:55 +0000
ROA not before:           Fri 13 Oct 2023 20:32:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206804
IP address blocks:        176.96.226.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:2a:bd:fb:a9:98:a6:f4:f9:27:e8:45:23:2c:c6:c7:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a608db43964b6986ec740f0b5e33f627589ac560
        Validity
            Not Before: Oct 13 20:32:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=25c2bfbab994a7899e426a4585026ae61c52fa5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:36:33:73:b4:58:41:01:68:6a:71:7e:2a:2f:
                    fe:f0:83:fb:c0:ba:1b:98:25:f2:0e:58:4d:7c:4b:
                    41:38:09:6d:ca:84:90:e0:cf:e8:93:6b:15:60:17:
                    53:c1:49:b6:3f:03:a6:f6:44:2e:cf:aa:19:a1:f3:
                    c8:af:a3:c4:cd:a6:24:5a:1e:69:b6:36:a1:1a:ae:
                    e0:d1:a8:e5:74:be:28:5c:37:8d:05:2d:c9:9f:e6:
                    d9:c8:cc:f5:62:05:9b:4f:45:97:14:35:b2:2f:fd:
                    ec:76:12:90:2d:8f:40:08:90:80:69:ee:ef:6b:fa:
                    30:ea:2c:40:3f:0b:be:b7:f2:8d:d0:e0:df:24:49:
                    44:fc:d0:33:d9:39:72:15:8a:7d:da:04:b8:ea:78:
                    08:f9:d6:41:3b:fa:70:f1:9c:0a:9e:0d:44:02:0d:
                    ea:7e:ee:ec:79:f7:91:1e:36:a8:21:a5:81:f7:45:
                    c9:7a:bc:f0:ef:a5:a5:95:6c:83:df:1a:52:da:27:
                    ee:f8:74:ca:e5:6f:86:cf:bf:80:cf:8b:06:43:7d:
                    81:a8:b0:14:57:6e:12:3e:9b:d8:51:dd:57:18:2c:
                    50:f7:8a:86:12:fd:8c:93:21:ff:5e:22:1e:8b:47:
                    55:88:73:4e:34:84:ea:a3:7c:53:90:22:2f:0e:f7:
                    80:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:C2:BF:BA:B9:94:A7:89:9E:42:6A:45:85:02:6A:E6:1C:52:FA:5A
            X509v3 Authority Key Identifier:
                keyid:A6:08:DB:43:96:4B:69:86:EC:74:0F:0B:5E:33:F6:27:58:9A:C5:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/JcK_urmUp4meQmpFhQJq5hxS-lo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.96.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:e1:64:a3:1e:1c:bb:34:e3:f1:71:28:22:c7:fa:8d:35:f1:
         29:2a:be:ad:13:17:b6:6f:7b:23:11:07:eb:51:0a:98:5e:9c:
         33:1f:c2:06:7c:56:82:fd:66:7c:4a:8e:8c:ba:26:bd:1e:bc:
         b4:f9:cc:98:75:a2:ce:95:26:64:58:55:10:17:6a:da:d0:03:
         03:ec:86:a0:ab:2b:76:36:95:cf:f3:c5:14:b7:ce:a3:ad:33:
         d0:b7:fd:0c:92:68:da:bc:d8:f9:c2:e3:57:44:c2:de:ef:23:
         40:a0:ba:d4:77:1b:23:eb:0d:ca:f4:de:54:9b:4e:a5:c7:fd:
         08:d3:ad:2b:74:63:a9:a3:63:14:51:72:f4:37:28:f8:da:1c:
         59:f6:5c:8f:ac:40:5c:1a:a6:76:5c:90:90:30:92:99:ba:4c:
         e4:e1:e3:a6:eb:c4:33:d0:df:d8:e6:93:85:01:ca:cd:83:64:
         15:1a:34:2e:d0:ec:49:cb:27:7a:5d:96:8d:85:99:3f:d2:08:
         34:21:99:ac:0a:6b:b6:b5:cd:8b:77:08:db:84:c8:82:5e:45:
         f4:c2:6e:a3:16:c5:3f:75:68:3c:fe:61:a7:87:9e:37:d0:28:
         31:11:33:46:79:43:5c:31:48:64:06:f9:a8:3e:48:a6:2e:da:
         7f:a2:3e:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsqvfupmKb0+SfoRSMsxsdJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MDhkYjQzOTY0YjY5ODZlYzc0MGYwYjVlMzNmNjI3NTg5
YWM1NjAwHhcNMjMxMDEzMjAzMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWMyYmZiYWI5OTRhNzg5OWU0MjZhNDU4NTAyNmFlNjFjNTJmYTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDYzc7RYQQFoanF+Ki/+8IP7wLob
mCXyDlhNfEtBOAltyoSQ4M/ok2sVYBdTwUm2PwOm9kQuz6oZofPIr6PEzaYkWh5p
tjahGq7g0ajldL4oXDeNBS3Jn+bZyMz1YgWbT0WXFDWyL/3sdhKQLY9ACJCAae7v
a/ow6ixAPwu+t/KN0ODfJElE/NAz2TlyFYp92gS46ngI+dZBO/pw8ZwKng1EAg3q
fu7sefeRHjaoIaWB90XJerzw76WllWyD3xpS2ifu+HTK5W+Gz7+Az4sGQ32BqLAU
V24SPpvYUd1XGCxQ94qGEv2MkyH/XiIei0dViHNONITqo3xTkCIvDveA8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCXCv7q5lKeJnkJqRYUCauYcUvpaMB8GA1UdIwQY
MBaAFKYI20OWS2mG7HQPC14z9idYmsVgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGdqYlE1WkxhWWJzZEE4TFhqUDJKMWlheFdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81MDAxNTAtMTU1MS00N2RlLWI1MDQt
ZDY0NjgzY2VlMTZmLzEvSmNLX3VybVVwNG1lUW1wRmhRSnE1aHhTLWxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81MDAxNTAtMTU1MS00N2RlLWI1MDQtZDY0NjgzY2VlMTZm
LzEvcGdqYlE1WkxhWWJzZEE4TFhqUDJKMWlheFdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGDiMA0G
CSqGSIb3DQEBCwUAA4IBAQBL4WSjHhy7NOPxcSgix/qNNfEpKr6tExe2b3sjEQfr
UQqYXpwzH8IGfFaC/WZ8So6Muia9Hry0+cyYdaLOlSZkWFUQF2ra0AMD7Iagqyt2
NpXP88UUt86jrTPQt/0MkmjavNj5wuNXRMLe7yNAoLrUdxsj6w3K9N5Um06lx/0I
060rdGOpo2MUUXL0Nyj42hxZ9lyPrEBcGqZ2XJCQMJKZukzk4eOm68Qz0N/Y5pOF
AcrNg2QVGjQu0OxJyyd6XZaNhZk/0gg0IZmsCmu2tc2LdwjbhMiCXkX0wm6jFsU/
dWg8/mGnh5430CgxETNGeUNcMUhkBvmoPkimLtp/oj5r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:00 2024 by rpki-client on console-fra.rpki-client.org