Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/6y41gADBNJZlnm_bIrmzPyYHlDk.roa
File:                     6y41gADBNJZlnm_bIrmzPyYHlDk.roa (raw, json)
Hash identifier:          HVFnHSjs/Iu6MIMtQQFri3xGNxjI+4IXSgC9UINfalo=
Subject key identifier:   EB:2E:35:80:00:C1:34:96:65:9E:6F:DB:22:B9:B3:3F:26:07:94:39
Certificate issuer:       /CN=a76fcfad966ae7e8171cfce26db3f65776d26fe8
Certificate serial:       018B8080A2E258976172ED4A9F7D47CDA3ED
Authority key identifier: A7:6F:CF:AD:96:6A:E7:E8:17:1C:FC:E2:6D:B3:F6:57:76:D2:6F:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p2_PrZZq5-gXHPzibbP2V3bSb-g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/6y41gADBNJZlnm_bIrmzPyYHlDk.roa
Signing time:             Mon 30 Oct 2023 12:13:15 +0000
ROA not before:           Mon 30 Oct 2023 12:13:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8075
IP address blocks:        153.98.24.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:80:80:a2:e2:58:97:61:72:ed:4a:9f:7d:47:cd:a3:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a76fcfad966ae7e8171cfce26db3f65776d26fe8
        Validity
            Not Before: Oct 30 12:13:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eb2e358000c13496659e6fdb22b9b33f26079439
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:e7:e0:b2:18:35:ac:e9:8c:16:e7:77:a3:fb:
                    a2:50:d8:f8:dd:29:4c:f6:25:7d:03:85:fd:a6:14:
                    bd:6b:26:fc:f8:43:02:bf:22:c9:f6:0b:2b:1d:96:
                    42:32:aa:b8:2a:90:ac:f6:72:06:5f:3f:84:cc:3c:
                    9a:bb:f1:4c:51:c4:db:2a:7d:0c:f3:5f:bd:73:21:
                    f1:3e:e7:b4:9b:78:b4:e8:8b:fa:7b:3d:22:fa:78:
                    e2:73:c1:e1:70:54:7f:e3:4b:22:18:80:f3:f5:ad:
                    00:50:f9:9f:21:d0:2a:bb:47:0d:de:ed:b6:ec:a4:
                    0a:a7:af:17:34:7c:8b:df:3e:67:64:35:21:87:91:
                    42:2f:16:c6:e0:22:ce:8a:d0:99:e2:7d:29:8d:9f:
                    cd:3b:72:53:8a:f3:39:96:4e:99:61:e7:85:f1:11:
                    18:e6:6c:5a:e9:bb:ee:e0:e3:36:24:2d:ea:6e:5d:
                    18:21:9b:cc:b3:c4:89:e1:29:34:af:65:12:4e:27:
                    70:1b:8f:9f:a6:65:de:4e:29:68:1f:1d:73:f2:e8:
                    aa:13:d0:18:9d:c1:92:27:75:3a:06:c2:9c:04:60:
                    ee:f8:d4:65:7f:a8:a9:e8:eb:aa:9d:8f:b3:3f:6b:
                    51:13:16:e0:49:78:67:8f:1f:c6:cf:6a:80:ca:f0:
                    d4:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:2E:35:80:00:C1:34:96:65:9E:6F:DB:22:B9:B3:3F:26:07:94:39
            X509v3 Authority Key Identifier:
                keyid:A7:6F:CF:AD:96:6A:E7:E8:17:1C:FC:E2:6D:B3:F6:57:76:D2:6F:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p2_PrZZq5-gXHPzibbP2V3bSb-g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/6y41gADBNJZlnm_bIrmzPyYHlDk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/p2_PrZZq5-gXHPzibbP2V3bSb-g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  153.98.24.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:3f:38:24:66:f9:fe:f0:e5:88:34:8d:db:bb:11:df:34:54:
         f1:81:a4:65:76:37:36:e5:68:3c:ba:91:e1:e4:2f:6b:d0:d4:
         80:99:65:ae:3a:8b:ac:62:ca:65:65:3e:89:1f:bc:66:07:85:
         e3:80:ff:dc:ff:bd:b3:4b:62:12:3c:66:6a:2e:88:e8:d8:e0:
         e6:27:f6:41:93:6f:b0:5b:ca:e4:a2:04:3b:8b:5a:4a:0b:f1:
         e7:f8:49:b5:6f:cb:3b:4c:00:1b:bc:e9:dc:3c:02:d1:ed:aa:
         92:5f:5a:84:03:e0:a0:fc:95:81:cc:23:9f:fe:c4:49:2a:36:
         f0:62:00:1b:8f:87:da:72:75:82:57:cd:5f:a4:74:c5:18:fd:
         71:46:80:65:72:95:e5:b7:08:d1:20:a5:ce:7d:55:ac:70:a1:
         69:78:43:64:12:fa:b9:50:47:0c:96:d4:ec:d1:56:fe:7c:f2:
         87:ed:e1:56:c3:93:43:3f:3d:ab:c9:48:1c:40:9d:ab:2e:d2:
         78:fa:8f:3b:3f:83:61:1e:cb:f1:a7:64:a3:fb:62:cb:67:84:
         4a:d7:77:6f:3e:1f:26:4c:63:4d:d4:d2:1a:75:2b:7d:af:ee:
         5a:f5:47:ff:aa:44:d1:33:a6:a0:8f:29:41:5d:4a:b8:f0:e6:
         87:41:35:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuAgKLiWJdhcu1Kn31HzaPtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NmZjZmFkOTY2YWU3ZTgxNzFjZmNlMjZkYjNmNjU3NzZk
MjZmZTgwHhcNMjMxMDMwMTIxMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjJlMzU4MDAwYzEzNDk2NjU5ZTZmZGIyMmI5YjMzZjI2MDc5NDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhufgshg1rOmMFud3o/uiUNj43SlM
9iV9A4X9phS9ayb8+EMCvyLJ9gsrHZZCMqq4KpCs9nIGXz+EzDyau/FMUcTbKn0M
81+9cyHxPue0m3i06Iv6ez0i+njic8HhcFR/40siGIDz9a0AUPmfIdAqu0cN3u22
7KQKp68XNHyL3z5nZDUhh5FCLxbG4CLOitCZ4n0pjZ/NO3JTivM5lk6ZYeeF8REY
5mxa6bvu4OM2JC3qbl0YIZvMs8SJ4Sk0r2USTidwG4+fpmXeTiloHx1z8uiqE9AY
ncGSJ3U6BsKcBGDu+NRlf6ip6OuqnY+zP2tRExbgSXhnjx/Gz2qAyvDU1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOsuNYAAwTSWZZ5v2yK5sz8mB5Q5MB8GA1UdIwQY
MBaAFKdvz62WaufoFxz84m2z9ld20m/oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDJfUHJaWnE1LWdYSFB6aWJiUDJWM2JTYi1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kYjg3NTItODRiMi00MzhhLTliYzEt
YzU0MDFmNmQ5MWQxLzEvNnk0MWdBREJOSlpsbm1fYklybXpQeVlIbERrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kYjg3NTItODRiMi00MzhhLTliYzEtYzU0MDFmNmQ5MWQx
LzEvcDJfUHJaWnE1LWdYSFB6aWJiUDJWM2JTYi1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmWIYMA0G
CSqGSIb3DQEBCwUAA4IBAQBSPzgkZvn+8OWINI3buxHfNFTxgaRldjc25Wg8upHh
5C9r0NSAmWWuOousYsplZT6JH7xmB4XjgP/c/72zS2ISPGZqLojo2ODmJ/ZBk2+w
W8rkogQ7i1pKC/Hn+Em1b8s7TAAbvOncPALR7aqSX1qEA+Cg/JWBzCOf/sRJKjbw
YgAbj4facnWCV81fpHTFGP1xRoBlcpXltwjRIKXOfVWscKFpeENkEvq5UEcMltTs
0Vb+fPKH7eFWw5NDPz2ryUgcQJ2rLtJ4+o87P4NhHsvxp2Sj+2LLZ4RK13dvPh8m
TGNN1NIadSt9r+5a9Uf/qkTRM6agjylBXUq48OaHQTVn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:39 2024 by rpki-client on console-fra.rpki-client.org