Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/DJsuHxASIU1U9OjWw6s7RoKyC8Q.roa
File:                     DJsuHxASIU1U9OjWw6s7RoKyC8Q.roa (raw, json)
Hash identifier:          xyd1UQzsmVrxKMtc9GbzVTZhN/62i0doHvBHCNLZ4K0=
Subject key identifier:   0C:9B:2E:1F:10:12:21:4D:54:F4:E8:D6:C3:AB:3B:46:82:B2:0B:C4
Certificate issuer:       /CN=5b6d178f13851306b5634df159716319f4d82478
Certificate serial:       01917E66A836E2983278621DA103DDAB5549
Authority key identifier: 5B:6D:17:8F:13:85:13:06:B5:63:4D:F1:59:71:63:19:F4:D8:24:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W20XjxOFEwa1Y03xWXFjGfTYJHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/DJsuHxASIU1U9OjWw6s7RoKyC8Q.roa
Signing time:             Fri 23 Aug 2024 08:42:22 +0000
ROA not before:           Fri 23 Aug 2024 08:42:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     207459
IP address blocks:        80.253.254.0/24 maxlen: 32
                          80.253.255.0/24 maxlen: 32
                          91.217.119.0/24 maxlen: 32
                          193.31.117.0/24 maxlen: 32
                          213.142.149.0/24 maxlen: 24
                          213.142.150.0/24 maxlen: 32
                          213.142.156.0/24 maxlen: 24
                          2a0e:36c0::/29 maxlen: 32
                          2a0e:36c0::/32 maxlen: 32
                          2a0e:36c1::/32 maxlen: 32
                          2a0e:36c2::/32 maxlen: 32
                          2a0e:36c3::/32 maxlen: 32
                          2a0e:36c4::/32 maxlen: 32
                          2a0e:36c5::/32 maxlen: 32
                          2a0e:36c6::/32 maxlen: 32
                          2a0e:36c6:ff80::/48 maxlen: 48
                          2a0e:36c7::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 30 Oct 2024 19:34:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:7e:66:a8:36:e2:98:32:78:62:1d:a1:03:dd:ab:55:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b6d178f13851306b5634df159716319f4d82478
        Validity
            Not Before: Aug 23 08:42:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0c9b2e1f1012214d54f4e8d6c3ab3b4682b20bc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:b6:b7:6f:1f:19:6a:7d:b8:5b:d5:fa:d8:9b:
                    f3:2d:29:05:aa:38:d0:14:ee:6b:ae:57:06:64:5b:
                    fc:a8:75:3b:58:0c:a6:43:75:d1:e8:ab:46:44:a8:
                    8d:95:5e:38:d4:72:be:29:62:f4:26:5c:c9:29:18:
                    0a:72:33:0c:cb:f7:00:10:19:c6:18:66:e4:3c:b9:
                    85:19:fa:8d:fd:29:fd:a1:7c:8d:4c:51:60:60:3f:
                    23:e8:1a:8b:1b:8f:cf:3b:3c:d7:df:71:b3:bf:48:
                    40:19:19:b6:55:47:8e:53:8c:fe:6a:bc:31:7e:26:
                    a7:f5:f6:72:21:0a:26:6f:05:46:b0:da:cc:5d:b5:
                    f9:8c:8b:f5:c2:56:44:b5:26:07:a3:09:4a:dd:c0:
                    d0:f4:dc:c9:b8:8b:f6:f7:01:cc:be:db:8b:e1:a2:
                    be:63:a1:32:c9:7b:ae:1d:dc:5c:12:37:41:79:90:
                    28:03:32:32:06:b8:83:e7:16:14:f5:ee:01:59:96:
                    ad:f0:02:f4:60:5e:15:67:1d:61:2d:57:5f:49:3a:
                    a5:85:ec:78:bb:e0:7b:80:1c:49:4f:ea:75:24:a8:
                    98:b7:a2:da:3a:6e:18:7b:de:51:b8:93:15:87:fe:
                    db:31:bf:af:51:7f:70:dc:a0:6e:5a:a4:9e:79:ad:
                    20:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:9B:2E:1F:10:12:21:4D:54:F4:E8:D6:C3:AB:3B:46:82:B2:0B:C4
            X509v3 Authority Key Identifier:
                keyid:5B:6D:17:8F:13:85:13:06:B5:63:4D:F1:59:71:63:19:F4:D8:24:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W20XjxOFEwa1Y03xWXFjGfTYJHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/DJsuHxASIU1U9OjWw6s7RoKyC8Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/W20XjxOFEwa1Y03xWXFjGfTYJHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.253.254.0/23
                  91.217.119.0/24
                  193.31.117.0/24
                  213.142.149.0-213.142.150.255
                  213.142.156.0/24
                IPv6:
                  2a0e:36c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         8c:3f:b2:4e:ca:8c:ce:20:32:0f:cf:29:a8:af:6e:65:3f:97:
         11:ef:e1:13:77:32:d4:09:c5:1f:bf:89:62:f1:b4:24:67:da:
         ea:4c:81:ca:14:fb:3a:4e:b4:4e:c0:a2:6a:04:c2:0f:4c:03:
         a6:ce:a2:99:bd:4b:2f:1f:86:de:82:b9:a3:04:58:e5:5a:99:
         a9:85:67:24:17:74:a5:03:da:4d:df:58:a1:73:db:4b:56:b4:
         ab:ff:38:a4:90:9a:81:2d:11:8e:53:9e:4c:a1:be:f6:31:50:
         88:63:c7:4e:50:e6:a8:39:e9:2c:12:9e:fd:38:33:0d:c6:d6:
         2a:a2:2f:91:99:f5:24:fb:28:35:4a:e3:44:1b:31:87:04:7a:
         e9:dd:19:01:ea:7c:61:c4:da:13:53:5c:a0:0e:2a:6c:09:7e:
         78:24:35:be:45:ee:f9:1a:7f:d4:0d:52:50:81:82:db:16:a2:
         33:4c:f5:e8:81:79:66:4d:ef:c5:dd:2c:63:16:13:e7:c0:a9:
         07:29:09:82:91:8d:f3:f1:be:06:69:e2:c9:10:73:fe:d4:b1:
         7d:32:7a:9c:d2:9a:44:99:ec:07:6a:70:f4:c8:b9:7a:b8:96:
         85:3c:b4:2b:29:f5:3f:06:98:e9:1e:dc:05:ef:5e:00:b1:8f:
         93:52:85:b9
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZF+Zqg24pgyeGIdoQPdq1VJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNmQxNzhmMTM4NTEzMDZiNTYzNGRmMTU5NzE2MzE5ZjRk
ODI0NzgwHhcNMjQwODIzMDg0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzliMmUxZjEwMTIyMTRkNTRmNGU4ZDZjM2FiM2I0NjgyYjIwYmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ba3bx8Zan24W9X62JvzLSkFqjjQ
FO5rrlcGZFv8qHU7WAymQ3XR6KtGRKiNlV441HK+KWL0JlzJKRgKcjMMy/cAEBnG
GGbkPLmFGfqN/Sn9oXyNTFFgYD8j6BqLG4/POzzX33Gzv0hAGRm2VUeOU4z+arwx
fian9fZyIQombwVGsNrMXbX5jIv1wlZEtSYHowlK3cDQ9NzJuIv29wHMvtuL4aK+
Y6EyyXuuHdxcEjdBeZAoAzIyBriD5xYU9e4BWZat8AL0YF4VZx1hLVdfSTqlhex4
u+B7gBxJT+p1JKiYt6LaOm4Ye95RuJMVh/7bMb+vUX9w3KBuWqSeea0gYwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFAybLh8QEiFNVPTo1sOrO0aCsgvEMB8GA1UdIwQY
MBaAFFttF48ThRMGtWNN8VlxYxn02CR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzIwWGp4T0ZFd2ExWTAzeFdYRmpHZlRZSkhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9hMWM2ZWMtYzI2MC00Y2EyLTg4N2It
NGJiOTRjYmMyZTczLzEvREpzdUh4QVNJVTFVOU9qV3c2czdSb0t5QzhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9hMWM2ZWMtYzI2MC00Y2EyLTg4N2ItNGJiOTRjYmMyZTcz
LzEvVzIwWGp4T0ZFd2ExWTAzeFdYRmpHZlRZSkhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQBUP3+AwQA
W9l3AwQAwR91MAwDBADVjpUDBADVjpYDBADVjpwwDQQCAAIwBwMFAyoONsAwDQYJ
KoZIhvcNAQELBQADggEBAIw/sk7KjM4gMg/PKaivbmU/lxHv4RN3MtQJxR+/iWLx
tCRn2upMgcoU+zpOtE7AomoEwg9MA6bOopm9Sy8fht6CuaMEWOVamamFZyQXdKUD
2k3fWKFz20tWtKv/OKSQmoEtEY5TnkyhvvYxUIhjx05Q5qg56SwSnv04Mw3G1iqi
L5GZ9ST7KDVK40QbMYcEeundGQHqfGHE2hNTXKAOKmwJfngkNb5F7vkaf9QNUlCB
gtsWojNM9eiBeWZN78XdLGMWE+fAqQcpCYKRjfPxvgZp4skQc/7UsX0yepzSmkSZ
7AdqcPTIuXq4loU8tCsp9T8GmOke3AXvXgCxj5NShbk=
-----END CERTIFICATE-----
Generated at Wed Oct 30 22:19:28 2024 by rpki-client on console-ams.rpki-client.org