Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/b6Phll57VNhN0PETsMFlLsxDRu0.roa
File:                     b6Phll57VNhN0PETsMFlLsxDRu0.roa (raw, json)
Hash identifier:          GASKTAL5ce2sFciZM5ZcnoQLcRjHO0MIuE5LxKejH7M=
Subject key identifier:   6F:A3:E1:96:5E:7B:54:D8:4D:D0:F1:13:B0:C1:65:2E:CC:43:46:ED
Certificate issuer:       /CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Certificate serial:       018B66A64A585AF34BC92E95C815EEE30D15
Authority key identifier: FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/b6Phll57VNhN0PETsMFlLsxDRu0.roa
Signing time:             Wed 25 Oct 2023 11:44:15 +0000
ROA not before:           Wed 25 Oct 2023 11:44:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211309
IP address blocks:        46.227.152.0/21 maxlen: 21
                          185.190.36.0/24 maxlen: 24
                          2a10:d640::/29 maxlen: 29

Validation:               Failed, certificate revoked on Thu 16 Nov 2023 13:16:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:66:a6:4a:58:5a:f3:4b:c9:2e:95:c8:15:ee:e3:0d:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
        Validity
            Not Before: Oct 25 11:44:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6fa3e1965e7b54d84dd0f113b0c1652ecc4346ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:29:58:ad:be:a0:83:1d:20:3c:03:36:27:2b:
                    48:26:26:99:b0:2e:b1:0a:8f:6a:9c:c3:34:e4:0f:
                    9b:b8:27:93:08:40:14:91:18:82:e5:ce:02:71:a1:
                    2f:31:f3:2a:16:db:fd:a8:c7:41:18:f6:5b:f2:7c:
                    c9:29:25:10:5d:89:1c:13:84:e1:4a:17:8e:9e:a5:
                    b8:e3:5e:ca:3e:c8:dc:b4:19:93:ef:cb:43:15:16:
                    70:6c:1f:36:fa:e5:55:75:5e:d1:b9:72:5e:bc:08:
                    16:29:dd:e8:45:3c:3a:ef:11:30:79:66:be:94:dd:
                    01:1c:0e:f6:b4:6b:31:41:ee:0b:28:f6:fd:02:18:
                    3b:cd:bf:67:d3:79:42:c4:55:82:bd:52:97:64:5b:
                    46:bf:e4:de:09:da:7a:dc:e4:73:c7:8b:31:26:d8:
                    fd:7b:4a:7c:04:94:fb:b5:22:b8:96:dc:c6:d2:08:
                    09:43:7a:ec:53:59:a3:af:f2:2d:ab:c2:fa:7e:4c:
                    36:1f:9b:5d:6b:0f:92:06:dd:2d:9e:9d:28:b8:a6:
                    09:db:5f:c3:e9:50:f9:83:16:cd:3a:6a:24:29:26:
                    33:67:7a:45:08:32:59:31:27:06:eb:b9:47:97:2f:
                    a0:90:8c:be:be:91:42:6f:a8:7d:58:92:94:a8:58:
                    1c:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:A3:E1:96:5E:7B:54:D8:4D:D0:F1:13:B0:C1:65:2E:CC:43:46:ED
            X509v3 Authority Key Identifier:
                keyid:FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/b6Phll57VNhN0PETsMFlLsxDRu0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/_4IIsSnFPofD8NDtG8qFcwFA85A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.227.152.0/21
                  185.190.36.0/24
                IPv6:
                  2a10:d640::/29

    Signature Algorithm: sha256WithRSAEncryption
         9b:69:01:1d:b3:33:5c:ab:fe:7d:67:54:e5:e9:82:59:4f:70:
         11:7a:62:1b:d7:25:b9:71:08:d1:f5:99:c4:da:88:53:f4:10:
         00:ef:8e:3f:80:3a:6c:57:56:d8:54:61:22:70:16:ab:93:2e:
         1b:da:d0:aa:fd:d1:8a:6f:7e:1f:2e:e6:09:b7:70:41:87:94:
         a7:a5:ac:93:af:ea:e8:60:84:24:f9:4a:12:1a:9d:fb:10:c9:
         b9:d5:c3:56:25:14:4a:fd:2f:ab:b3:e9:cb:08:fe:35:c3:a6:
         b0:e0:ac:54:5d:23:7f:a7:a7:b3:42:84:42:7b:b3:44:47:70:
         77:05:f2:26:a8:fb:31:d2:3b:c1:dd:1b:cc:de:99:ce:e3:64:
         9e:a1:8e:86:a2:2c:1a:eb:18:f4:92:c1:f4:85:29:24:2a:df:
         89:b6:72:48:c6:b8:e5:39:25:0c:93:89:e0:dd:ca:5d:58:20:
         8b:38:89:c7:49:dd:f0:ad:9b:c9:61:de:9b:57:c9:30:35:4d:
         4a:09:c0:c2:de:44:f4:6f:64:a6:20:09:3b:d4:4d:7a:0a:4d:
         a0:45:67:e9:6c:74:6c:20:5f:b5:dc:9c:b0:f7:23:6b:33:67:
         5b:4b:06:40:c9:7c:48:db:f7:b4:71:84:ed:84:e7:f5:73:57:
         f4:2c:09:2c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYtmpkpYWvNLyS6VyBXu4w0VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIwOGIxMjljNTNlODdjM2YwZDBlZDFiY2E4NTczMDE0
MGYzOTAwHhcNMjMxMDI1MTE0NDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmEzZTE5NjVlN2I1NGQ4NGRkMGYxMTNiMGMxNjUyZWNjNDM0NmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxClYrb6ggx0gPAM2JytIJiaZsC6x
Co9qnMM05A+buCeTCEAUkRiC5c4CcaEvMfMqFtv9qMdBGPZb8nzJKSUQXYkcE4Th
SheOnqW4417KPsjctBmT78tDFRZwbB82+uVVdV7RuXJevAgWKd3oRTw67xEweWa+
lN0BHA72tGsxQe4LKPb9Ahg7zb9n03lCxFWCvVKXZFtGv+TeCdp63ORzx4sxJtj9
e0p8BJT7tSK4ltzG0ggJQ3rsU1mjr/Itq8L6fkw2H5tdaw+SBt0tnp0ouKYJ21/D
6VD5gxbNOmokKSYzZ3pFCDJZMScG67lHly+gkIy+vpFCb6h9WJKUqFgcywIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFG+j4ZZee1TYTdDxE7DBZS7MQ0btMB8GA1UdIwQY
MBaAFP+CCLEpxT6Hw/DQ7RvKhXMBQPOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMt
NDAxNTNjNWQwYTQ3LzEvYjZQaGxsNTdWTmhOMFBFVHNNRmxMc3hEUnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMtNDAxNTNjNWQwYTQ3
LzEvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLuOYAwQA
ub4kMA0EAgACMAcDBQMqENZAMA0GCSqGSIb3DQEBCwUAA4IBAQCbaQEdszNcq/59
Z1Tl6YJZT3ARemIb1yW5cQjR9ZnE2ohT9BAA744/gDpsV1bYVGEicBarky4b2tCq
/dGKb34fLuYJt3BBh5SnpayTr+roYIQk+UoSGp37EMm51cNWJRRK/S+rs+nLCP41
w6aw4KxUXSN/p6ezQoRCe7NER3B3BfImqPsx0jvB3RvM3pnO42SeoY6Goiwa6xj0
ksH0hSkkKt+JtnJIxrjlOSUMk4ng3cpdWCCLOInHSd3wrZvJYd6bV8kwNU1KCcDC
3kT0b2SmIAk71E16Ck2gRWfpbHRsIF+13Jyw9yNrM2dbSwZAyXxI2/e0cYTthOf1
c1f0LAks
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:28 2024 by rpki-client on console-ams.rpki-client.org