Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/f328ff-927f-4116-8e33-4043b2c77bbf/1/6zVqAFWNQt_e1L0Wtvmmep9BrNU.roa
File:                     6zVqAFWNQt_e1L0Wtvmmep9BrNU.roa (raw, json)
Hash identifier:          lEPZF/eE827H6Ypx2zRQkxW3H3E7ijOgTSXFYw3DZjI=
Subject key identifier:   EB:35:6A:00:55:8D:42:DF:DE:D4:BD:16:B6:F9:A6:7A:9F:41:AC:D5
Certificate issuer:       /CN=3c6bcaff3e80ae419a15d1bcb36e3198def8e227
Certificate serial:       018B5CCB1904256DA799D0FCD715F8D06810
Authority key identifier: 3C:6B:CA:FF:3E:80:AE:41:9A:15:D1:BC:B3:6E:31:98:DE:F8:E2:27
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PGvK_z6ArkGaFdG8s24xmN744ic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/f328ff-927f-4116-8e33-4043b2c77bbf/1/6zVqAFWNQt_e1L0Wtvmmep9BrNU.roa
Signing time:             Mon 23 Oct 2023 13:48:15 +0000
ROA not before:           Mon 23 Oct 2023 13:48:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200374
IP address blocks:        195.5.98.0/23 maxlen: 23
                          194.53.64.0/22 maxlen: 22
                          2a0c:f7c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:5c:cb:19:04:25:6d:a7:99:d0:fc:d7:15:f8:d0:68:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c6bcaff3e80ae419a15d1bcb36e3198def8e227
        Validity
            Not Before: Oct 23 13:48:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eb356a00558d42dfded4bd16b6f9a67a9f41acd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:66:5b:ad:ca:4b:4a:b6:8b:78:2b:e5:33:76:
                    b1:bb:9b:84:0b:cf:d0:5c:cc:53:58:08:ed:10:3f:
                    d0:3e:d1:11:d4:64:32:d8:87:70:ff:ee:3a:ce:d8:
                    75:1a:05:ab:6f:a5:2d:cf:59:4f:a6:c8:b4:7f:86:
                    a3:fc:a5:6c:e8:68:36:75:28:46:c9:66:73:5b:80:
                    a4:75:4c:45:28:eb:ab:28:41:fc:1d:06:7d:3e:a8:
                    ab:57:36:9d:82:2c:8d:78:60:75:43:83:8a:d0:35:
                    bb:79:8c:4b:4a:a0:bf:bc:70:c6:af:4c:dd:1e:18:
                    d0:64:e8:c3:ff:00:4a:f0:a5:79:7d:3e:c6:de:27:
                    26:ec:f8:13:7a:f8:98:3d:8a:22:09:62:ad:e9:17:
                    6c:2a:e0:f2:86:db:79:64:d2:03:69:af:97:bc:10:
                    3a:8f:a3:31:e2:90:48:60:db:3c:4a:36:b8:5d:77:
                    69:f2:75:5d:6b:c0:c6:c2:ff:df:dc:6e:b3:af:2e:
                    f1:22:1d:cb:35:4f:3e:ef:0a:29:04:ee:df:a7:53:
                    3c:10:7e:c1:78:41:04:a1:77:cf:be:1d:bc:66:09:
                    e1:df:c0:36:80:f3:f8:b1:48:85:4d:4a:c8:44:4e:
                    78:33:d2:fc:29:5b:7c:39:66:9c:c4:56:3b:ea:fb:
                    92:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:35:6A:00:55:8D:42:DF:DE:D4:BD:16:B6:F9:A6:7A:9F:41:AC:D5
            X509v3 Authority Key Identifier:
                keyid:3C:6B:CA:FF:3E:80:AE:41:9A:15:D1:BC:B3:6E:31:98:DE:F8:E2:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PGvK_z6ArkGaFdG8s24xmN744ic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/f328ff-927f-4116-8e33-4043b2c77bbf/1/6zVqAFWNQt_e1L0Wtvmmep9BrNU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/f328ff-927f-4116-8e33-4043b2c77bbf/1/PGvK_z6ArkGaFdG8s24xmN744ic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.53.64.0/22
                  195.5.98.0/23
                IPv6:
                  2a0c:f7c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         5e:8d:64:55:64:df:d0:70:57:af:87:95:9e:b6:2f:59:2e:63:
         c6:f7:a9:b1:56:cc:70:8c:8c:6f:0c:63:39:04:e2:1f:0a:15:
         ce:80:c5:48:cb:7c:69:33:a3:b5:b4:73:d8:94:bd:c3:5d:42:
         32:16:af:eb:1f:b3:d9:25:a0:e9:de:ab:38:36:ec:f4:7c:15:
         cb:cd:c8:1a:a8:78:16:8e:4f:70:04:e5:b1:0a:f8:ed:32:e2:
         6d:7e:2b:df:d3:85:58:6f:25:22:44:7c:50:e5:c4:8b:ce:b4:
         73:fd:0d:8b:28:fb:07:90:ef:e7:c5:7c:64:59:24:d7:c2:d8:
         e6:32:b5:9f:24:1a:8e:8b:eb:79:a4:49:b5:c5:17:e0:40:0a:
         cd:42:a7:c8:77:6f:b9:d0:5e:21:a9:2f:c3:e7:27:8d:77:71:
         03:3e:8b:36:2c:fe:c2:8b:3a:89:70:a0:3c:16:03:4a:c4:01:
         c5:69:c2:53:f5:73:d0:dc:7e:74:0f:be:8e:c6:74:c6:ea:6e:
         22:19:07:0d:ee:1e:5e:51:df:ca:6d:b2:c6:7f:96:31:0c:ac:
         cb:10:47:52:87:fd:e5:8f:33:37:de:d7:c1:59:a0:c9:11:e7:
         87:16:cc:d0:7d:29:ef:12:11:b3:bb:b7:9d:b2:14:5b:99:f9:
         98:48:40:39
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYtcyxkEJW2nmdD81xX40GgQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNmJjYWZmM2U4MGFlNDE5YTE1ZDFiY2IzNmUzMTk4ZGVm
OGUyMjcwHhcNMjMxMDIzMTM0ODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjM1NmEwMDU1OGQ0MmRmZGVkNGJkMTZiNmY5YTY3YTlmNDFhY2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2ZbrcpLSraLeCvlM3axu5uEC8/Q
XMxTWAjtED/QPtER1GQy2Idw/+46zth1GgWrb6Utz1lPpsi0f4aj/KVs6Gg2dShG
yWZzW4CkdUxFKOurKEH8HQZ9PqirVzadgiyNeGB1Q4OK0DW7eYxLSqC/vHDGr0zd
HhjQZOjD/wBK8KV5fT7G3icm7PgTeviYPYoiCWKt6RdsKuDyhtt5ZNIDaa+XvBA6
j6Mx4pBIYNs8Sja4XXdp8nVda8DGwv/f3G6zry7xIh3LNU8+7wopBO7fp1M8EH7B
eEEEoXfPvh28Zgnh38A2gPP4sUiFTUrIRE54M9L8KVt8OWacxFY76vuSdwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOs1agBVjULf3tS9Frb5pnqfQazVMB8GA1UdIwQY
MBaAFDxryv8+gK5BmhXRvLNuMZje+OInMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEd2S196NkFya0dhRmRHOHMyNHhtTjc0NGljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9mMzI4ZmYtOTI3Zi00MTE2LThlMzMt
NDA0M2IyYzc3YmJmLzEvNnpWcUFGV05RdF9lMUwwV3R2bW1lcDlCck5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9mMzI4ZmYtOTI3Zi00MTE2LThlMzMtNDA0M2IyYzc3YmJm
LzEvUEd2S196NkFya0dhRmRHOHMyNHhtTjc0NGljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCwjVAAwQB
wwViMA0EAgACMAcDBQMqDPfAMA0GCSqGSIb3DQEBCwUAA4IBAQBejWRVZN/QcFev
h5Weti9ZLmPG96mxVsxwjIxvDGM5BOIfChXOgMVIy3xpM6O1tHPYlL3DXUIyFq/r
H7PZJaDp3qs4Nuz0fBXLzcgaqHgWjk9wBOWxCvjtMuJtfivf04VYbyUiRHxQ5cSL
zrRz/Q2LKPsHkO/nxXxkWSTXwtjmMrWfJBqOi+t5pEm1xRfgQArNQqfId2+50F4h
qS/D5yeNd3EDPos2LP7CizqJcKA8FgNKxAHFacJT9XPQ3H50D76OxnTG6m4iGQcN
7h5eUd/KbbLGf5YxDKzLEEdSh/3ljzM33tfBWaDJEeeHFszQfSnvEhGzu7edshRb
mfmYSEA5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:06 2024 by rpki-client on console-fra.rpki-client.org