Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/BCjA2QLCJLB0RqaipEkoJmzPkuo.roa
File:                     BCjA2QLCJLB0RqaipEkoJmzPkuo.roa (raw, json)
Hash identifier:          X8I1MMn/dx9V8Ql2SKLtuXFQPt50W+dD02KmT4K7tcU=
Subject key identifier:   04:28:C0:D9:02:C2:24:B0:74:46:A6:A2:A4:49:28:26:6C:CF:92:EA
Certificate issuer:       /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial:       018D13D7F064001288E8DDB08B520C795712
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/BCjA2QLCJLB0RqaipEkoJmzPkuo.roa
Signing time:             Tue 16 Jan 2024 19:55:35 +0000
ROA not before:           Tue 16 Jan 2024 19:55:35 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     58061
IP address blocks:        2.58.99.0/24 maxlen: 24
                          176.101.56.0/24 maxlen: 24
                          176.101.57.0/24 maxlen: 24
                          176.101.58.0/24 maxlen: 24
                          176.101.59.0/24 maxlen: 24
                          176.101.60.0/24 maxlen: 24
                          176.101.61.0/24 maxlen: 24
                          176.101.62.0/24 maxlen: 24
                          176.101.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 18 Mar 2024 11:18:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:13:d7:f0:64:00:12:88:e8:dd:b0:8b:52:0c:79:57:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
        Validity
            Not Before: Jan 16 19:55:35 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0428c0d902c224b07446a6a2a44928266ccf92ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:9d:0f:a5:23:ab:cc:8a:8f:45:9e:4e:a6:ce:
                    3f:5e:ff:5a:c2:55:58:20:9c:fd:b8:10:0f:9d:75:
                    a4:97:0e:30:9b:46:de:92:0a:0a:43:9e:74:17:6f:
                    c2:a1:cc:32:0a:a6:ee:91:a6:55:fc:f0:d2:bb:59:
                    12:24:ea:10:65:75:b4:0e:7f:4e:d1:32:00:a0:1a:
                    59:10:11:77:5f:c7:89:15:27:15:b0:46:91:19:a8:
                    b9:f3:c0:33:80:64:1a:df:ff:b6:77:e6:a3:8f:68:
                    c6:16:47:d1:53:9d:c6:3f:1d:2b:5f:2b:0c:e2:61:
                    bc:66:e2:72:83:30:49:fe:46:1c:f5:7c:91:aa:31:
                    ce:c9:8d:f1:8f:db:64:11:32:7d:83:f3:5c:49:ed:
                    a5:d6:ed:ce:b3:9a:04:18:76:a1:66:21:f5:7d:cb:
                    6e:9a:37:77:b1:a2:8a:37:f8:bf:78:d1:dc:f0:95:
                    41:b3:cd:5b:6d:4b:fe:ab:d7:dc:ef:c6:18:ad:8f:
                    8b:91:a2:61:65:94:71:6c:46:d2:62:20:07:d9:99:
                    21:31:87:2e:1b:57:62:31:e9:24:f6:e9:72:9c:96:
                    fc:ce:89:b7:b6:5d:f5:23:cb:18:e5:29:16:f2:92:
                    5e:54:8a:16:c1:90:ca:eb:c9:4f:41:12:5e:b5:8e:
                    4e:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:28:C0:D9:02:C2:24:B0:74:46:A6:A2:A4:49:28:26:6C:CF:92:EA
            X509v3 Authority Key Identifier:
                keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/BCjA2QLCJLB0RqaipEkoJmzPkuo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.99.0/24
                  176.101.56.0/21

    Signature Algorithm: sha256WithRSAEncryption
         95:3a:c3:c2:93:43:d8:73:49:3e:6e:fa:89:c3:da:91:d0:06:
         82:3b:70:55:6b:5c:e5:10:4c:e2:a0:b2:a7:9c:2a:79:a1:bb:
         b7:08:62:a8:55:6c:5a:04:11:b8:0f:4b:e2:9b:5e:58:75:43:
         60:3d:65:e7:49:e2:9e:d0:08:77:70:a0:50:38:06:47:6c:e6:
         43:91:08:b0:73:cb:5d:a2:2b:2f:2c:6e:55:52:07:c0:f5:6e:
         e1:dd:3a:11:03:8a:e2:31:02:77:51:97:b6:c1:11:db:00:f7:
         f6:1d:b0:b1:e7:ed:a4:cf:0a:5c:5d:9d:63:48:3f:4f:d7:61:
         e1:af:21:e1:51:be:40:7a:5f:23:7e:2f:3e:8a:2b:b8:7b:12:
         27:50:58:d7:44:aa:7b:86:fd:df:af:6c:32:6c:65:c3:e5:9e:
         54:0b:e8:43:f9:61:fc:2f:86:2a:bc:4e:2d:e6:7c:ef:93:1c:
         79:a6:2a:b6:d2:b5:c9:58:4e:b0:b8:47:5f:e5:4a:bd:00:b8:
         0f:74:30:fe:6c:3b:fe:b5:6f:df:36:d5:3d:5c:1c:f5:cf:60:
         b8:b9:8f:6d:e5:e7:5d:51:fd:53:66:07:0a:ca:9e:75:be:33:
         56:fa:33:e2:f9:62:23:1d:5f:0e:a8:dd:e3:10:5c:5a:4b:bb:
         fb:61:fd:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0T1/BkABKI6N2wi1IMeVcSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjQwMTE2MTk1NTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDI4YzBkOTAyYzIyNGIwNzQ0NmE2YTJhNDQ5MjgyNjZjY2Y5MmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg50PpSOrzIqPRZ5Ops4/Xv9awlVY
IJz9uBAPnXWklw4wm0bekgoKQ550F2/CocwyCqbukaZV/PDSu1kSJOoQZXW0Dn9O
0TIAoBpZEBF3X8eJFScVsEaRGai588AzgGQa3/+2d+ajj2jGFkfRU53GPx0rXysM
4mG8ZuJygzBJ/kYc9XyRqjHOyY3xj9tkETJ9g/NcSe2l1u3Os5oEGHahZiH1fctu
mjd3saKKN/i/eNHc8JVBs81bbUv+q9fc78YYrY+LkaJhZZRxbEbSYiAH2ZkhMYcu
G1diMekk9ulynJb8zom3tl31I8sY5SkW8pJeVIoWwZDK68lPQRJetY5OiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAQowNkCwiSwdEamoqRJKCZsz5LqMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvQkNqQTJRTENKTEIwUnFhaXBFa29KbXpQa3VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjpjAwQD
sGU4MA0GCSqGSIb3DQEBCwUAA4IBAQCVOsPCk0PYc0k+bvqJw9qR0AaCO3BVa1zl
EEzioLKnnCp5obu3CGKoVWxaBBG4D0vim15YdUNgPWXnSeKe0Ah3cKBQOAZHbOZD
kQiwc8tdoisvLG5VUgfA9W7h3ToRA4riMQJ3UZe2wRHbAPf2HbCx5+2kzwpcXZ1j
SD9P12HhryHhUb5Ael8jfi8+iiu4exInUFjXRKp7hv3fr2wybGXD5Z5UC+hD+WH8
L4YqvE4t5nzvkxx5piq20rXJWE6wuEdf5Uq9ALgPdDD+bDv+tW/fNtU9XBz1z2C4
uY9t5eddUf1TZgcKyp51vjNW+jPi+WIjHV8OqN3jEFxaS7v7Yf2q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:51 2024 by rpki-client on console-fra.rpki-client.org