Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/Bml8zVvJMlr240ab5b9GEWwm3dI.roa
File:                     Bml8zVvJMlr240ab5b9GEWwm3dI.roa (raw, json)
Hash identifier:          6SbfOK969igHNLABd3mc28dUgWfAuPpHH9orc1Yvzyo=
Subject key identifier:   06:69:7C:CD:5B:C9:32:5A:F6:E3:46:9B:E5:BF:46:11:6C:26:DD:D2
Certificate issuer:       /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial:       01892C338E21DA25283026D46773F598027F
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/Bml8zVvJMlr240ab5b9GEWwm3dI.roa
Signing time:             Thu 06 Jul 2023 17:15:23 +0000
ROA not before:           Thu 06 Jul 2023 17:15:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31863
IP address blocks:        194.143.214.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:2c:33:8e:21:da:25:28:30:26:d4:67:73:f5:98:02:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
        Validity
            Not Before: Jul  6 17:15:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=06697ccd5bc9325af6e3469be5bf46116c26ddd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:8a:3e:a3:b4:da:cf:80:82:5f:41:75:4e:72:
                    31:66:1c:43:3e:e7:da:79:5c:5f:6b:6b:e0:e0:b7:
                    07:57:6c:e6:14:0c:13:79:92:c8:bd:22:41:10:21:
                    97:9a:da:bd:52:17:c3:95:35:5e:6e:93:ce:27:86:
                    1c:52:ce:09:a4:bb:0c:b6:de:2b:ec:24:2a:1a:3d:
                    d9:33:63:ed:e8:18:0c:c7:4e:e8:0a:8e:6b:78:fd:
                    06:b5:d1:cc:d0:fd:cc:d0:05:fe:77:99:85:15:0e:
                    57:f0:b1:dc:45:98:38:09:67:cc:e7:ed:f8:8b:e5:
                    f5:d7:3a:e3:84:5e:17:d5:1d:63:81:26:39:54:ce:
                    b2:fe:7c:3b:40:ed:cf:c7:49:d8:48:1f:96:15:88:
                    ee:27:b4:6f:9d:0c:62:98:21:87:7c:ba:8a:26:5e:
                    d4:af:6b:cd:7c:da:e4:e3:9c:2a:f7:65:26:a1:61:
                    e1:e9:37:a3:0d:4d:01:6a:2c:d2:26:b4:3b:df:32:
                    64:b8:eb:d8:6f:ac:b2:4f:dc:01:a4:1d:38:bd:49:
                    0f:1e:1a:76:74:4d:68:1c:c0:e4:a9:8b:d0:39:ec:
                    5f:6b:75:2b:7d:67:a1:35:62:d4:c3:43:3e:cd:84:
                    d9:03:23:63:80:8e:b0:b0:6e:6f:af:4f:0e:fe:db:
                    2d:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:69:7C:CD:5B:C9:32:5A:F6:E3:46:9B:E5:BF:46:11:6C:26:DD:D2
            X509v3 Authority Key Identifier:
                keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/Bml8zVvJMlr240ab5b9GEWwm3dI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.143.214.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:20:02:6c:f0:af:30:05:bb:84:be:91:bc:4a:69:ef:f1:20:
         46:23:0c:06:d1:81:83:47:51:3b:63:e3:ea:5a:22:28:2b:81:
         a0:7b:1b:9f:7d:ba:04:c0:83:1f:dc:aa:f3:54:c4:0f:13:b1:
         cc:1e:f1:8a:84:05:82:55:1f:9d:52:5c:7d:70:b8:dc:3c:01:
         94:94:94:52:41:20:0e:c8:ae:65:7b:d1:28:9b:de:d3:fd:96:
         ac:b3:7c:79:8a:4d:b4:5b:de:8e:7e:eb:2b:86:04:76:6a:8f:
         00:ec:6c:f8:ad:a4:37:fd:fd:68:4b:98:61:80:00:63:d9:f9:
         60:f4:44:81:60:82:67:33:79:b6:3e:4e:cd:5f:77:8b:06:05:
         61:99:07:9b:55:07:73:1a:b4:87:e1:fe:39:86:dd:2f:fe:d6:
         60:ec:67:05:5e:19:f6:4e:83:66:8f:51:a0:c4:aa:e9:a9:1c:
         a1:a9:04:8c:bb:b8:5c:c2:db:28:43:5a:93:ab:89:ca:8d:d3:
         45:a6:45:54:1f:c7:c6:a5:07:24:ce:1b:a3:b0:bf:d1:ef:b7:
         62:9f:9c:62:26:c3:c8:5a:07:97:4b:74:2e:08:45:d8:b2:1a:
         e7:2b:a1:c0:6a:b8:57:53:cf:ee:4a:5a:c3:b0:2b:32:c3:91:
         ef:f0:0c:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYksM44h2iUoMCbUZ3P1mAJ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjMwNzA2MTcxNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjY5N2NjZDViYzkzMjVhZjZlMzQ2OWJlNWJmNDYxMTZjMjZkZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4o+o7Taz4CCX0F1TnIxZhxDPufa
eVxfa2vg4LcHV2zmFAwTeZLIvSJBECGXmtq9UhfDlTVebpPOJ4YcUs4JpLsMtt4r
7CQqGj3ZM2Pt6BgMx07oCo5reP0GtdHM0P3M0AX+d5mFFQ5X8LHcRZg4CWfM5+34
i+X11zrjhF4X1R1jgSY5VM6y/nw7QO3Px0nYSB+WFYjuJ7RvnQximCGHfLqKJl7U
r2vNfNrk45wq92UmoWHh6TejDU0BaizSJrQ73zJkuOvYb6yyT9wBpB04vUkPHhp2
dE1oHMDkqYvQOexfa3UrfWehNWLUw0M+zYTZAyNjgI6wsG5vr08O/tstLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAZpfM1byTJa9uNGm+W/RhFsJt3SMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvQm1sOHpWdkpNbHIyNDBhYjViOUdFV3dtM2RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwo/WMA0G
CSqGSIb3DQEBCwUAA4IBAQBiIAJs8K8wBbuEvpG8Smnv8SBGIwwG0YGDR1E7Y+Pq
WiIoK4GgexuffboEwIMf3KrzVMQPE7HMHvGKhAWCVR+dUlx9cLjcPAGUlJRSQSAO
yK5le9Eom97T/Zass3x5ik20W96OfusrhgR2ao8A7Gz4raQ3/f1oS5hhgABj2flg
9ESBYIJnM3m2Pk7NX3eLBgVhmQebVQdzGrSH4f45ht0v/tZg7GcFXhn2ToNmj1Gg
xKrpqRyhqQSMu7hcwtsoQ1qTq4nKjdNFpkVUH8fGpQckzhujsL/R77din5xiJsPI
WgeXS3QuCEXYshrnK6HAarhXU8/uSlrDsCsyw5Hv8Ay2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:17 2024 by rpki-client on console-fra.rpki-client.org