Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/_EzpCqRv9_K6cS3K4lC0u25LApk.roa
File:                     _EzpCqRv9_K6cS3K4lC0u25LApk.roa (raw, json)
Hash identifier:          FjNgg3nFIJv58ccip3ytYJpocgPkDItbMDlzOsl1IqA=
Subject key identifier:   FC:4C:E9:0A:A4:6F:F7:F2:BA:71:2D:CA:E2:50:B4:BB:6E:4B:02:99
Certificate issuer:       /CN=65179265803b7804d0fccf5962a8b163743e0d1e
Certificate serial:       018C06EF64ECAB2A67A0760B34C0BB9B1333
Authority key identifier: 65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/_EzpCqRv9_K6cS3K4lC0u25LApk.roa
Signing time:             Sat 25 Nov 2023 14:43:21 +0000
ROA not before:           Sat 25 Nov 2023 14:43:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     215970
IP address blocks:        160.214.111.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 28 Nov 2023 07:39:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:06:ef:64:ec:ab:2a:67:a0:76:0b:34:c0:bb:9b:13:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65179265803b7804d0fccf5962a8b163743e0d1e
        Validity
            Not Before: Nov 25 14:43:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fc4ce90aa46ff7f2ba712dcae250b4bb6e4b0299
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:4a:e0:96:63:b5:8b:ac:84:aa:94:c3:94:87:
                    96:c8:d4:d8:6a:65:af:a6:f5:00:d4:43:a9:88:77:
                    14:f0:6e:d9:74:bb:91:e8:c5:97:9f:ad:ff:1a:2c:
                    81:2f:de:70:df:6e:6f:01:51:83:ab:df:90:ea:bb:
                    e5:ff:60:e0:33:9d:22:b2:1a:6f:66:90:ac:06:90:
                    a4:4e:b1:d8:8c:ea:fd:8e:fc:d4:08:ca:2f:0d:3c:
                    54:78:4e:a8:10:bd:d8:23:fb:33:06:3b:67:9f:a2:
                    3f:dd:8a:aa:21:21:b6:49:58:4e:74:d2:72:5c:2b:
                    42:e9:0b:86:6f:9e:4f:37:7f:5b:9b:4c:5d:22:3d:
                    47:04:48:fc:4a:19:94:19:ef:6d:57:2d:73:e3:33:
                    da:e2:18:b7:7f:15:6e:09:bd:fe:4b:d7:70:d5:52:
                    05:f7:7f:d0:47:da:5e:d8:4f:e1:4d:49:d2:f6:c8:
                    eb:11:4f:0e:c1:6e:a1:46:19:22:17:42:9e:4e:a5:
                    f5:aa:4b:21:42:55:2d:d0:74:4a:79:1a:55:24:07:
                    45:74:66:9f:64:66:2b:6e:93:29:94:fd:21:da:81:
                    0f:77:02:0c:77:26:dd:7f:22:3f:7d:4a:d5:8b:4b:
                    c9:e3:bd:1d:0d:1c:87:bc:25:7c:3d:fe:25:69:60:
                    b6:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:4C:E9:0A:A4:6F:F7:F2:BA:71:2D:CA:E2:50:B4:BB:6E:4B:02:99
            X509v3 Authority Key Identifier:
                keyid:65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/_EzpCqRv9_K6cS3K4lC0u25LApk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.214.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:27:12:1a:8c:f4:f8:e5:13:9a:69:3b:25:ec:fb:c1:60:cb:
         a4:27:3d:b3:bc:af:1a:36:68:f0:03:36:ca:43:d8:89:5e:94:
         78:4d:62:c4:ec:94:47:bd:d7:d2:f0:bd:48:2f:38:90:01:c1:
         a0:92:b2:a1:62:af:f0:47:92:10:5d:12:48:5d:aa:40:10:05:
         f2:31:46:b0:5e:86:89:ab:60:b9:e4:2b:b2:3b:ac:9a:46:7a:
         42:d8:d3:25:db:24:4e:41:62:b4:bc:0a:06:ea:1f:ce:f6:b8:
         80:49:3d:4e:99:87:85:40:8a:16:06:48:61:12:48:ef:29:99:
         75:67:83:35:e2:bb:0e:f2:b3:d5:74:7f:fb:c2:28:20:51:e4:
         64:e7:4f:b4:51:c0:da:d9:95:67:8c:57:e9:c3:e7:76:57:36:
         cc:79:65:64:58:c0:76:7a:03:41:a6:d3:84:84:35:b5:44:11:
         bb:cd:bb:ec:c7:c2:19:de:3d:74:e8:d9:e9:0a:40:ab:16:dd:
         0d:74:09:ee:9e:59:33:01:96:6d:0a:ed:47:00:91:50:5d:e8:
         f9:07:20:df:0c:41:ad:2c:cb:70:f9:85:25:94:bd:a4:b8:26:
         c6:c8:be:10:45:20:6d:b7:1f:26:16:e2:b6:79:b4:2d:48:58:
         18:ac:32:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwG72TsqypnoHYLNMC7mxMzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTc5MjY1ODAzYjc4MDRkMGZjY2Y1OTYyYThiMTYzNzQz
ZTBkMWUwHhcNMjMxMTI1MTQ0MzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzRjZTkwYWE0NmZmN2YyYmE3MTJkY2FlMjUwYjRiYjZlNGIwMjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0krglmO1i6yEqpTDlIeWyNTYamWv
pvUA1EOpiHcU8G7ZdLuR6MWXn63/GiyBL95w325vAVGDq9+Q6rvl/2DgM50ishpv
ZpCsBpCkTrHYjOr9jvzUCMovDTxUeE6oEL3YI/szBjtnn6I/3YqqISG2SVhOdNJy
XCtC6QuGb55PN39bm0xdIj1HBEj8ShmUGe9tVy1z4zPa4hi3fxVuCb3+S9dw1VIF
93/QR9pe2E/hTUnS9sjrEU8OwW6hRhkiF0KeTqX1qkshQlUt0HRKeRpVJAdFdGaf
ZGYrbpMplP0h2oEPdwIMdybdfyI/fUrVi0vJ470dDRyHvCV8Pf4laWC26wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPxM6Qqkb/fyunEtyuJQtLtuSwKZMB8GA1UdIwQY
MBaAFGUXkmWAO3gE0PzPWWKosWN0Pg0eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEt
ZjdiYjZkOWEzYmU4LzEvX0V6cENxUnY5X0s2Y1MzSzRsQzB1MjVMQXBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEtZjdiYjZkOWEzYmU4
LzEvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoNZvMA0G
CSqGSIb3DQEBCwUAA4IBAQALJxIajPT45ROaaTsl7PvBYMukJz2zvK8aNmjwAzbK
Q9iJXpR4TWLE7JRHvdfS8L1ILziQAcGgkrKhYq/wR5IQXRJIXapAEAXyMUawXoaJ
q2C55CuyO6yaRnpC2NMl2yROQWK0vAoG6h/O9riAST1OmYeFQIoWBkhhEkjvKZl1
Z4M14rsO8rPVdH/7wiggUeRk50+0UcDa2ZVnjFfpw+d2VzbMeWVkWMB2egNBptOE
hDW1RBG7zbvsx8IZ3j106NnpCkCrFt0NdAnunlkzAZZtCu1HAJFQXej5ByDfDEGt
LMtw+YUllL2kuCbGyL4QRSBttx8mFuK2ebQtSFgYrDLF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:33 2024 by rpki-client on console-ams.rpki-client.org