Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/gESIxJRfY9IKlg7r0jCROPCR_08.roa
File:                     gESIxJRfY9IKlg7r0jCROPCR_08.roa (raw, json)
Hash identifier:          aDwzE6s3PFW2PdKoV3aMqKRmFCRbfSx5tAw9LvD/GJI=
Subject key identifier:   80:44:88:C4:94:5F:63:D2:0A:96:0E:EB:D2:30:91:38:F0:91:FF:4F
Certificate issuer:       /CN=6ba26b56cee97f6020941bb17c6a7c6cea0f814a
Certificate serial:       018570303066F93466F4C5B6F45F492FB5AE
Authority key identifier: 6B:A2:6B:56:CE:E9:7F:60:20:94:1B:B1:7C:6A:7C:6C:EA:0F:81:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a6JrVs7pf2AglBuxfGp8bOoPgUo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/gESIxJRfY9IKlg7r0jCROPCR_08.roa
Signing time:             Mon 02 Jan 2023 01:54:44 +0000
ROA not before:           Mon 02 Jan 2023 01:54:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62068
IP address blocks:        176.105.255.0/24 maxlen: 24
                          2a0d:c740:2c::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 01 Feb 2023 19:42:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:30:30:66:f9:34:66:f4:c5:b6:f4:5f:49:2f:b5:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ba26b56cee97f6020941bb17c6a7c6cea0f814a
        Validity
            Not Before: Jan  2 01:54:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=804488c4945f63d20a960eebd2309138f091ff4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:fb:be:4a:47:47:d0:d5:e9:46:c2:b7:d0:00:
                    ef:1d:db:a8:33:56:4f:64:b0:f7:ab:8b:a8:c0:ca:
                    36:35:46:22:47:75:b9:18:66:fd:2d:88:97:4c:e2:
                    24:b2:ee:9f:1d:71:fc:ee:37:c4:5a:3a:20:17:f2:
                    19:d8:a1:4e:16:8a:05:15:16:06:37:01:db:92:8c:
                    2a:22:d4:1d:d1:8d:bf:c8:56:ab:2b:99:ca:15:d6:
                    a5:22:e2:57:4b:b4:38:84:55:78:29:96:da:ad:f4:
                    2c:bb:3b:e9:3e:5b:00:a7:1b:6e:60:63:97:72:e4:
                    84:5b:51:2e:8f:9f:06:85:12:20:d6:2c:b9:7d:23:
                    9f:ad:0a:f1:60:a5:ea:2a:39:fb:44:85:f8:4c:ab:
                    2a:8e:8f:b2:21:0e:62:cf:97:d4:b1:6c:7f:51:0a:
                    df:9f:9b:bd:4a:d1:71:7f:bc:14:30:f4:cc:ed:7f:
                    4a:2f:10:f1:61:b7:67:4a:cc:8a:e5:03:b2:81:ba:
                    af:d6:2e:b3:96:9e:0a:5e:c6:74:95:01:b2:f7:8d:
                    13:85:f4:27:96:50:4c:6f:ae:95:1d:44:a3:2a:cf:
                    d4:cc:a6:e2:50:c2:59:a7:51:0b:5c:21:47:da:2d:
                    41:fb:3e:16:64:69:44:29:12:31:94:15:d9:95:9d:
                    f9:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:44:88:C4:94:5F:63:D2:0A:96:0E:EB:D2:30:91:38:F0:91:FF:4F
            X509v3 Authority Key Identifier:
                keyid:6B:A2:6B:56:CE:E9:7F:60:20:94:1B:B1:7C:6A:7C:6C:EA:0F:81:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6JrVs7pf2AglBuxfGp8bOoPgUo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/gESIxJRfY9IKlg7r0jCROPCR_08.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/a6JrVs7pf2AglBuxfGp8bOoPgUo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.105.255.0/24
                IPv6:
                  2a0d:c740:2c::/48

    Signature Algorithm: sha256WithRSAEncryption
         92:98:0f:68:e1:4f:95:fc:6e:22:cb:b2:69:07:34:67:18:72:
         10:3e:8c:5f:3a:a6:d7:73:ef:29:07:b7:9f:a7:6f:52:e2:6e:
         27:f1:f9:2d:18:b1:12:83:65:f4:d3:14:13:8f:eb:fe:87:e5:
         72:c2:3f:51:41:5e:30:48:9b:c7:51:44:5f:c8:6f:11:07:19:
         63:f0:06:28:a0:63:a2:fc:8d:5e:9c:39:cf:79:57:d2:0f:7f:
         c3:8e:09:db:e4:d9:c1:54:5d:74:6f:95:bb:82:0e:95:b4:ae:
         df:84:8f:95:f1:bb:9f:75:f0:24:55:fe:66:f8:4c:b2:a3:bd:
         8f:97:6a:8c:0c:b6:52:5a:63:22:1a:6a:4c:94:e1:d4:69:41:
         f6:90:dd:aa:09:d2:b2:c6:d8:5b:28:40:cd:24:ca:5d:18:b5:
         80:7d:f4:46:8d:60:61:49:c2:f0:cf:3a:db:f1:ce:33:04:f6:
         8a:d1:6c:90:67:76:b6:99:8e:1a:4d:f4:a2:35:ff:14:62:40:
         03:98:37:f7:20:d3:03:e5:56:ce:bb:72:46:ec:32:97:d4:97:
         1a:5b:93:27:bf:b3:38:a1:0f:a6:d1:82:5f:17:ec:a8:8c:cd:
         af:ca:b9:5f:24:0e:dd:58:39:db:3d:55:94:5b:3f:0d:5b:e5:
         70:54:96:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwMDBm+TRm9MW29F9JL7WuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTI2YjU2Y2VlOTdmNjAyMDk0MWJiMTdjNmE3YzZjZWEw
ZjgxNGEwHhcNMjMwMTAyMDE1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDQ0ODhjNDk0NWY2M2QyMGE5NjBlZWJkMjMwOTEzOGYwOTFmZjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfu+SkdH0NXpRsK30ADvHduoM1ZP
ZLD3q4uowMo2NUYiR3W5GGb9LYiXTOIksu6fHXH87jfEWjogF/IZ2KFOFooFFRYG
NwHbkowqItQd0Y2/yFarK5nKFdalIuJXS7Q4hFV4KZbarfQsuzvpPlsApxtuYGOX
cuSEW1Euj58GhRIg1iy5fSOfrQrxYKXqKjn7RIX4TKsqjo+yIQ5iz5fUsWx/UQrf
n5u9StFxf7wUMPTM7X9KLxDxYbdnSsyK5QOygbqv1i6zlp4KXsZ0lQGy940ThfQn
llBMb66VHUSjKs/UzKbiUMJZp1ELXCFH2i1B+z4WZGlEKRIxlBXZlZ35ewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIBEiMSUX2PSCpYO69IwkTjwkf9PMB8GA1UdIwQY
MBaAFGuia1bO6X9gIJQbsXxqfGzqD4FKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZKclZzN3BmMkFnbEJ1eGZHcDhiT29QZ1VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iOTAzZTktNmQwOS00ZTIwLWI5MjYt
MzY5MmY5NmUzM2E5LzEvZ0VTSXhKUmZZOUlLbGc3cjBqQ1JPUENSXzA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iOTAzZTktNmQwOS00ZTIwLWI5MjYtMzY5MmY5NmUzM2E5
LzEvYTZKclZzN3BmMkFnbEJ1eGZHcDhiT29QZ1VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAsGn/MA8E
AgACMAkDBwAqDcdAACwwDQYJKoZIhvcNAQELBQADggEBAJKYD2jhT5X8biLLsmkH
NGcYchA+jF86ptdz7ykHt5+nb1Libifx+S0YsRKDZfTTFBOP6/6H5XLCP1FBXjBI
m8dRRF/IbxEHGWPwBiigY6L8jV6cOc95V9IPf8OOCdvk2cFUXXRvlbuCDpW0rt+E
j5Xxu5918CRV/mb4TLKjvY+XaowMtlJaYyIaakyU4dRpQfaQ3aoJ0rLG2FsoQM0k
yl0YtYB99EaNYGFJwvDPOtvxzjME9orRbJBndraZjhpN9KI1/xRiQAOYN/cg0wPl
Vs67ckbsMpfUlxpbkye/szihD6bRgl8X7KiMza/KuV8kDt1YOds9VZRbPw1b5XBU
llg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:07 2024 by rpki-client on console-fra.rpki-client.org