Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/DsaVj_zwtUPMvYuQUeNhf6oGgyw.roa
File:                     DsaVj_zwtUPMvYuQUeNhf6oGgyw.roa (raw, json)
Hash identifier:          +8n0wZq2pvQnk+NDkKj3VSpL/70/0XJ3dM77FzXLQ/U=
Subject key identifier:   0E:C6:95:8F:FC:F0:B5:43:CC:BD:8B:90:51:E3:61:7F:AA:06:83:2C
Certificate issuer:       /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial:       01911A10594578E7981072490682CF083CBD
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/DsaVj_zwtUPMvYuQUeNhf6oGgyw.roa
Signing time:             Sat 03 Aug 2024 21:06:04 +0000
ROA not before:           Sat 03 Aug 2024 21:06:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     47585
IP address blocks:        217.180.38.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 28 Aug 2024 09:57:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:1a:10:59:45:78:e7:98:10:72:49:06:82:cf:08:3c:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
        Validity
            Not Before: Aug  3 21:06:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0ec6958ffcf0b543ccbd8b9051e3617faa06832c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:c1:c3:4d:b6:27:d3:71:9c:51:82:08:11:9a:
                    0a:54:35:2a:c9:e2:50:97:b0:30:59:08:9f:9f:58:
                    63:03:b1:af:ab:5d:3e:0b:b4:f4:7d:0a:71:d9:8f:
                    23:a5:9c:bc:75:c7:41:87:40:81:33:e4:21:34:18:
                    e0:d4:86:cc:ef:36:1b:f6:c8:d4:a9:5f:6c:9b:0b:
                    45:46:a1:6e:a0:db:19:60:ca:77:88:c5:67:de:55:
                    f7:75:d2:1b:0f:08:19:d3:e1:65:20:e4:49:ae:6c:
                    a1:8d:28:bc:1a:8d:09:3d:57:73:a0:15:79:4a:f6:
                    01:02:00:7e:03:d4:74:80:cd:51:31:4b:ce:a8:d5:
                    5e:c8:1b:53:fa:cc:11:0d:ac:07:9f:22:54:8a:1b:
                    a1:db:7b:9f:4a:2f:56:25:17:21:2d:9c:5e:8e:79:
                    53:da:67:22:fd:16:19:86:35:a6:27:ad:4b:e7:8e:
                    8c:43:39:ed:0e:38:b2:49:67:cc:4a:7e:08:19:e2:
                    27:22:cd:0b:ba:cf:a5:7d:f4:5c:f9:3a:a4:48:1d:
                    3f:7a:7b:08:7e:0b:53:7d:63:4f:88:fb:2d:de:2f:
                    40:66:ea:6c:6b:33:4d:06:55:ac:6e:0e:93:46:1b:
                    ea:31:b4:ff:e6:68:bb:26:ce:83:d0:5b:88:49:49:
                    3d:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:C6:95:8F:FC:F0:B5:43:CC:BD:8B:90:51:E3:61:7F:AA:06:83:2C
            X509v3 Authority Key Identifier:
                keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/DsaVj_zwtUPMvYuQUeNhf6oGgyw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.180.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:47:0e:fd:88:3e:64:0a:e4:10:87:da:79:d3:2e:f7:73:23:
         5a:35:24:5b:fb:0f:6d:a5:b2:64:54:86:fc:fe:53:fb:c2:68:
         ae:33:ae:77:68:36:42:a0:61:05:1d:81:cb:f1:dc:c9:3c:f8:
         58:dc:b5:be:4f:9d:68:fe:db:42:0b:bd:ed:92:91:0e:ef:f4:
         b0:11:23:ca:ac:c7:c2:85:b8:4a:c8:36:58:7d:75:0d:4c:94:
         b1:4d:0c:9b:2e:91:78:63:ed:4c:be:c3:04:ee:c9:a6:40:1a:
         ac:17:d2:1a:8b:ab:7d:84:8d:0d:00:6e:a2:c8:b3:c9:5a:1c:
         56:de:b5:fc:de:2c:f3:ae:bb:83:6d:6e:7c:f4:4d:8f:97:0d:
         da:4e:8c:4b:78:20:b9:bf:70:72:5e:fe:b9:4c:ce:30:fd:02:
         47:e5:68:06:0b:08:0f:1f:93:2f:78:07:64:34:09:1f:f4:ed:
         fa:0a:8a:3a:ec:e8:ab:e5:d9:78:ac:78:12:f2:50:67:ed:54:
         0e:ab:7f:c2:5e:0f:95:dd:70:74:1b:d4:d4:25:19:2c:7f:68:
         af:41:34:f1:95:b7:b2:3d:60:c6:64:40:f7:e5:b8:62:fd:25:
         0c:f4:2d:0c:28:3a:3c:13:41:24:82:a8:c9:c3:ce:61:3b:b3:
         06:77:75:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEaEFlFeOeYEHJJBoLPCDy9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQwODAzMjEwNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWM2OTU4ZmZjZjBiNTQzY2NiZDhiOTA1MWUzNjE3ZmFhMDY4MzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcHDTbYn03GcUYIIEZoKVDUqyeJQ
l7AwWQifn1hjA7Gvq10+C7T0fQpx2Y8jpZy8dcdBh0CBM+QhNBjg1IbM7zYb9sjU
qV9smwtFRqFuoNsZYMp3iMVn3lX3ddIbDwgZ0+FlIORJrmyhjSi8Go0JPVdzoBV5
SvYBAgB+A9R0gM1RMUvOqNVeyBtT+swRDawHnyJUihuh23ufSi9WJRchLZxejnlT
2mci/RYZhjWmJ61L546MQzntDjiySWfMSn4IGeInIs0Lus+lffRc+TqkSB0/ensI
fgtTfWNPiPst3i9AZupsazNNBlWsbg6TRhvqMbT/5mi7Js6D0FuISUk9jQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA7GlY/88LVDzL2LkFHjYX+qBoMsMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvRHNhVmpfend0VVBNdll1UVVlTmhmNm9HZ3l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2bQmMA0G
CSqGSIb3DQEBCwUAA4IBAQBXRw79iD5kCuQQh9p50y73cyNaNSRb+w9tpbJkVIb8
/lP7wmiuM653aDZCoGEFHYHL8dzJPPhY3LW+T51o/ttCC73tkpEO7/SwESPKrMfC
hbhKyDZYfXUNTJSxTQybLpF4Y+1MvsME7smmQBqsF9Iai6t9hI0NAG6iyLPJWhxW
3rX83izzrruDbW589E2Plw3aToxLeCC5v3ByXv65TM4w/QJH5WgGCwgPH5MveAdk
NAkf9O36Coo67Oir5dl4rHgS8lBn7VQOq3/CXg+V3XB0G9TUJRksf2ivQTTxlbey
PWDGZED35bhi/SUM9C0MKDo8E0EkgqjJw85hO7MGd3WH
-----END CERTIFICATE-----
Generated at Wed Aug 28 11:56:59 2024 by rpki-client on console-fra.rpki-client.org