Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/XfaoHx1DfYUF31U_CIFE2yDibZI.roa
File:                     XfaoHx1DfYUF31U_CIFE2yDibZI.roa (raw, json)
Hash identifier:          ES9suucUSCGMOpgpCeDYGsg01m/6bvUnFcOO5PJNzr0=
Subject key identifier:   5D:F6:A8:1F:1D:43:7D:85:05:DF:55:3F:08:81:44:DB:20:E2:6D:92
Certificate issuer:       /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial:       0185727A2EB4395CF4D87EB2B5B6BCFD5D79
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/XfaoHx1DfYUF31U_CIFE2yDibZI.roa
Signing time:             Mon 02 Jan 2023 12:34:47 +0000
ROA not before:           Mon 02 Jan 2023 12:34:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12697
IP address blocks:        46.249.96.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:7a:2e:b4:39:5c:f4:d8:7e:b2:b5:b6:bc:fd:5d:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
        Validity
            Not Before: Jan  2 12:34:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5df6a81f1d437d8505df553f088144db20e26d92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:0a:05:94:ac:c6:b6:a0:bc:ad:22:33:eb:a3:
                    43:6b:20:38:21:3b:f3:5d:1b:79:a6:b9:c8:76:52:
                    4f:6c:b1:27:d5:b6:4b:c4:43:a8:b0:90:ca:1b:1a:
                    23:30:42:c1:ce:d5:a2:c1:11:20:d5:a9:77:26:db:
                    ef:8a:f6:9a:0f:61:94:49:45:7e:dd:4c:d0:7e:fe:
                    e1:21:20:72:1c:5c:1d:2d:5d:bb:c4:a4:fb:4f:b8:
                    88:f2:0b:46:31:9c:fb:ff:1c:0f:f9:48:fa:ca:41:
                    cd:e0:7b:b5:12:18:62:47:ea:fd:86:82:cd:d8:2a:
                    bd:11:a9:68:08:16:4e:ac:94:21:33:fb:f5:78:86:
                    67:aa:04:0a:b7:9e:70:64:39:65:c6:17:c9:a6:3d:
                    2f:01:93:1b:19:55:ae:ea:a5:5a:ca:cd:dc:d9:15:
                    db:62:d8:b1:c5:6e:13:e2:03:66:2c:e7:00:12:5e:
                    b4:6e:67:e3:25:83:82:63:b3:14:d8:a0:00:6e:28:
                    19:16:5e:49:95:06:ce:8e:8c:50:05:4c:82:e8:12:
                    1e:64:96:35:6d:9f:5b:e5:b4:fa:15:73:d6:b2:e7:
                    52:47:36:8f:41:02:bf:35:ae:61:7f:bb:2d:83:65:
                    b3:bb:9e:17:26:ed:48:10:81:0f:72:57:c9:79:82:
                    63:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:F6:A8:1F:1D:43:7D:85:05:DF:55:3F:08:81:44:DB:20:E2:6D:92
            X509v3 Authority Key Identifier:
                keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/XfaoHx1DfYUF31U_CIFE2yDibZI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.249.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c1:3a:33:0a:7f:f6:ac:54:8e:95:07:15:e2:09:21:49:4e:46:
         f6:a5:4f:fa:ed:93:64:ad:2c:07:25:e4:2a:b4:ef:a1:f2:90:
         29:78:5d:53:59:90:c3:82:6b:ce:c3:95:23:7a:88:4b:06:63:
         85:8b:7a:49:51:a6:e4:1d:cf:c9:8f:60:f1:97:7e:21:3e:5f:
         2f:b2:01:0a:f0:90:60:63:cf:e0:16:11:4c:38:9b:55:a8:09:
         be:16:fe:bc:0f:c4:59:a0:03:c1:00:92:70:f1:d8:55:36:08:
         63:03:2b:90:c6:c1:e6:bb:a7:f1:b0:18:36:7d:d6:a5:36:27:
         53:89:5b:92:90:5b:1f:fb:7d:cb:9b:3c:f1:1d:6c:8f:f2:c0:
         69:15:cf:93:34:be:d5:17:eb:a1:88:38:f1:d8:c6:f2:8f:a8:
         82:a9:06:1a:7e:77:55:61:4d:3d:17:d7:cc:48:1d:d1:01:83:
         75:60:f3:95:16:be:e8:7e:06:ec:cd:07:90:6b:e0:39:18:1d:
         63:fb:88:b5:c7:1a:b3:84:26:e6:5b:27:99:60:73:c7:27:cf:
         24:0a:38:a8:1b:41:56:bb:18:59:36:e8:21:be:06:5a:e4:d2:
         c3:6f:c5:fe:73:c2:fc:99:6b:2e:e7:5b:03:4f:fc:a2:2f:f9:
         02:cf:3f:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyei60OVz02H6ytba8/V15MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMTAyMTIzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGY2YTgxZjFkNDM3ZDg1MDVkZjU1M2YwODgxNDRkYjIwZTI2ZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1QoFlKzGtqC8rSIz66NDayA4ITvz
XRt5prnIdlJPbLEn1bZLxEOosJDKGxojMELBztWiwREg1al3JtvvivaaD2GUSUV+
3UzQfv7hISByHFwdLV27xKT7T7iI8gtGMZz7/xwP+Uj6ykHN4Hu1EhhiR+r9hoLN
2Cq9EaloCBZOrJQhM/v1eIZnqgQKt55wZDllxhfJpj0vAZMbGVWu6qVays3c2RXb
YtixxW4T4gNmLOcAEl60bmfjJYOCY7MU2KAAbigZFl5JlQbOjoxQBUyC6BIeZJY1
bZ9b5bT6FXPWsudSRzaPQQK/Na5hf7stg2Wzu54XJu1IEIEPclfJeYJjtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF32qB8dQ32FBd9VPwiBRNsg4m2SMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvWGZhb0h4MURmWVVGMzFVX0NJRkUyeURpYlpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALvlgMA0G
CSqGSIb3DQEBCwUAA4IBAQDBOjMKf/asVI6VBxXiCSFJTkb2pU/67ZNkrSwHJeQq
tO+h8pApeF1TWZDDgmvOw5UjeohLBmOFi3pJUabkHc/Jj2Dxl34hPl8vsgEK8JBg
Y8/gFhFMOJtVqAm+Fv68D8RZoAPBAJJw8dhVNghjAyuQxsHmu6fxsBg2fdalNidT
iVuSkFsf+33LmzzxHWyP8sBpFc+TNL7VF+uhiDjx2Mbyj6iCqQYafndVYU09F9fM
SB3RAYN1YPOVFr7ofgbszQeQa+A5GB1j+4i1xxqzhCbmWyeZYHPHJ88kCjioG0FW
uxhZNughvgZa5NLDb8X+c8L8mWsu51sDT/yiL/kCzz/x
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org