Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/BA_23vuzHB2IMNkC6BhecLccFws.roa
File:                     BA_23vuzHB2IMNkC6BhecLccFws.roa (raw, json)
Hash identifier:          WJNgWr9mRU+i9QBJDa7PBunEpZp+Oghvjs3ffh+7JrI=
Subject key identifier:   04:0F:F6:DE:FB:B3:1C:1D:88:30:D9:02:E8:18:5E:70:B7:1C:17:0B
Certificate issuer:       /CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Certificate serial:       01869D5305D1326F3D34F169831E6EDD6F94
Authority key identifier: 6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/BA_23vuzHB2IMNkC6BhecLccFws.roa
Signing time:             Wed 01 Mar 2023 13:18:29 +0000
ROA not before:           Wed 01 Mar 2023 13:18:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        46.233.39.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 01 Aug 2023 06:09:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:9d:53:05:d1:32:6f:3d:34:f1:69:83:1e:6e:dd:6f:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
        Validity
            Not Before: Mar  1 13:18:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=040ff6defbb31c1d8830d902e8185e70b71c170b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:7e:d4:91:be:a8:39:0b:7e:04:bd:aa:44:02:
                    a4:62:e5:ee:d9:ef:e2:0e:b4:31:76:73:bb:97:65:
                    bd:02:c7:11:61:96:4e:1f:d3:89:70:56:bc:f2:2f:
                    89:ad:95:a9:d5:fa:45:1c:5d:b9:aa:fc:d6:21:5d:
                    ae:f3:bd:a4:d1:53:54:57:64:12:32:66:c2:1e:d2:
                    1c:41:01:e2:3d:6a:02:db:2f:8b:2b:8e:45:02:8e:
                    2e:93:d5:45:66:ea:a5:48:c5:c6:6d:da:e2:24:ee:
                    0e:2d:41:53:a0:f2:4a:1d:84:fe:4b:4b:5f:40:12:
                    df:4a:96:dd:44:74:6f:98:cf:2b:52:df:b5:8b:87:
                    06:34:da:13:81:cc:dc:48:d5:b5:5b:92:42:17:45:
                    83:de:de:f2:65:1b:c4:c5:ad:60:a4:fb:d8:65:be:
                    5c:d2:15:31:d0:03:d5:58:96:2d:8a:28:40:c3:f5:
                    17:5e:35:54:c7:44:5a:70:7c:b9:14:67:f3:61:37:
                    8f:a8:1d:94:cc:3a:82:41:a6:c2:26:55:e5:4a:f1:
                    64:71:41:1e:46:ec:3e:05:ed:87:30:49:6a:a4:1e:
                    42:cf:2e:60:0a:37:d1:06:d1:59:22:a3:55:db:e5:
                    36:59:c7:5b:30:d6:5e:c7:79:f7:5c:cb:5f:04:f3:
                    a0:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:0F:F6:DE:FB:B3:1C:1D:88:30:D9:02:E8:18:5E:70:B7:1C:17:0B
            X509v3 Authority Key Identifier:
                keyid:6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/BA_23vuzHB2IMNkC6BhecLccFws.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.233.39.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:b3:d9:62:26:b3:8f:a5:e0:16:1b:22:50:f7:0d:3d:92:45:
         25:1b:57:7c:0e:93:7e:29:16:c7:6c:b1:ee:f8:d9:22:b7:7d:
         d5:2a:36:b4:9a:c8:b7:e6:25:8d:88:f2:c8:34:fc:a1:40:94:
         cc:4d:76:e3:53:34:1f:18:25:71:2d:27:94:18:66:0d:95:3e:
         61:7b:41:41:95:20:04:13:d0:85:99:0e:2e:74:2b:e0:ab:05:
         de:2f:50:b6:89:40:20:44:2e:b4:16:72:e6:bf:fb:af:f8:02:
         d7:ac:f3:51:5b:11:02:67:9b:f7:75:ae:a1:58:a4:f9:af:b7:
         7f:0a:68:4d:50:c6:be:b7:0b:cd:5f:11:9c:c1:9d:78:92:22:
         cf:3c:6d:df:c9:51:47:41:8d:68:50:53:1f:79:50:8c:d7:f5:
         76:d7:8b:99:6e:b2:8d:f0:66:fd:f4:5f:03:67:1a:8d:72:d6:
         55:76:3f:ce:9c:fa:c7:f6:1a:6a:4e:f8:b4:fb:00:1e:ef:fa:
         5c:31:ff:0f:93:3a:fe:12:1f:72:d4:c9:17:07:ac:fc:c4:f7:
         b7:ba:f5:3a:26:a6:5b:cc:c1:53:5f:e1:5f:2a:aa:b2:08:e9:
         bb:8c:1a:80:5c:2a:f2:af:19:cf:b5:a9:ae:d9:4e:25:8c:0c:
         4b:0a:c8:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYadUwXRMm89NPFpgx5u3W+UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYzUwZDBkNDIwNjdiNzZhYjFhMmU4ZTUzM2ZmODQ5YjY1
ZDU2ZjUwHhcNMjMwMzAxMTMxODI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDBmZjZkZWZiYjMxYzFkODgzMGQ5MDJlODE4NWU3MGI3MWMxNzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAun7Ukb6oOQt+BL2qRAKkYuXu2e/i
DrQxdnO7l2W9AscRYZZOH9OJcFa88i+JrZWp1fpFHF25qvzWIV2u872k0VNUV2QS
MmbCHtIcQQHiPWoC2y+LK45FAo4uk9VFZuqlSMXGbdriJO4OLUFToPJKHYT+S0tf
QBLfSpbdRHRvmM8rUt+1i4cGNNoTgczcSNW1W5JCF0WD3t7yZRvExa1gpPvYZb5c
0hUx0APVWJYtiihAw/UXXjVUx0RacHy5FGfzYTePqB2UzDqCQabCJlXlSvFkcUEe
Ruw+Be2HMElqpB5Czy5gCjfRBtFZIqNV2+U2WcdbMNZex3n3XMtfBPOgzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAQP9t77sxwdiDDZAugYXnC3HBcLMB8GA1UdIwQY
MBaAFG/FDQ1CBnt2qxoujlM/+Em2XVb1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDkt
M2MxNmZmODQxYWIyLzEvQkFfMjN2dXpIQjJJTU5rQzZCaGVjTGNjRndzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDktM2MxNmZmODQxYWIy
LzEvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALuknMA0G
CSqGSIb3DQEBCwUAA4IBAQAJs9liJrOPpeAWGyJQ9w09kkUlG1d8DpN+KRbHbLHu
+Nkit33VKja0msi35iWNiPLINPyhQJTMTXbjUzQfGCVxLSeUGGYNlT5he0FBlSAE
E9CFmQ4udCvgqwXeL1C2iUAgRC60FnLmv/uv+ALXrPNRWxECZ5v3da6hWKT5r7d/
CmhNUMa+twvNXxGcwZ14kiLPPG3fyVFHQY1oUFMfeVCM1/V214uZbrKN8Gb99F8D
ZxqNctZVdj/OnPrH9hpqTvi0+wAe7/pcMf8Pkzr+Eh9y1MkXB6z8xPe3uvU6JqZb
zMFTX+FfKqqyCOm7jBqAXCryrxnPtamu2U4ljAxLCsjR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:37 2024 by rpki-client on console-fra.rpki-client.org