Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/Lecl3_TEJhzcL75mJrbO8ZIYTr0.roa
File:                     Lecl3_TEJhzcL75mJrbO8ZIYTr0.roa (raw, json)
Hash identifier:          JtdzKkSl0s+NPrkzLTEKnOPWuErlvbBx/p/W6V07ViE=
Subject key identifier:   2D:E7:25:DF:F4:C4:26:1C:DC:2F:BE:66:26:B6:CE:F1:92:18:4E:BD
Certificate issuer:       /CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Certificate serial:       0189D4B15344D66777383DB217836B97349E
Authority key identifier: 76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/Lecl3_TEJhzcL75mJrbO8ZIYTr0.roa
Signing time:             Tue 08 Aug 2023 10:28:58 +0000
ROA not before:           Tue 08 Aug 2023 10:28:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60721
IP address blocks:        212.24.113.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 04 Sep 2023 06:51:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:d4:b1:53:44:d6:67:77:38:3d:b2:17:83:6b:97:34:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
        Validity
            Not Before: Aug  8 10:28:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2de725dff4c4261cdc2fbe6626b6cef192184ebd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:4e:24:a2:65:ed:cd:20:4b:e0:92:8e:3e:03:
                    fd:72:f3:0f:6a:50:4f:9f:04:f8:fd:d3:b7:28:84:
                    53:ba:55:54:d4:33:e8:f8:fe:cd:98:9b:c7:ab:46:
                    2d:e0:92:ad:2f:d3:18:06:69:57:77:34:fa:78:22:
                    2b:8a:b0:03:1b:8c:a8:33:68:b9:b8:64:b2:60:64:
                    1e:99:d0:65:b5:cc:16:a6:95:60:3d:de:dc:fb:d3:
                    56:fd:0f:c6:66:61:33:b6:cc:c2:e2:ae:28:7b:0c:
                    ba:56:dc:6f:76:49:76:a5:87:4c:8f:8d:dd:9d:76:
                    d2:34:00:cb:41:06:c8:c1:e9:56:1a:10:95:65:13:
                    c9:a0:25:f1:be:c7:9a:97:9a:31:8d:39:ce:c8:73:
                    53:bc:f1:db:3d:46:57:5e:6d:97:b0:d3:21:74:e4:
                    a2:3e:ac:5f:ae:2c:ac:8c:39:38:58:48:ae:6e:2c:
                    b7:81:3f:4f:6a:7f:4b:a5:5d:9b:6c:a0:34:ec:57:
                    a1:fc:69:c4:a1:aa:b8:82:c1:3e:93:45:15:c5:68:
                    24:10:b2:a8:71:4b:8b:a5:ff:9d:96:0b:7e:2b:6d:
                    2b:d9:92:05:06:e2:2f:73:a3:e7:7b:9f:5a:9f:a9:
                    32:1a:83:80:a1:92:8c:d0:85:b6:5c:d4:fd:c9:15:
                    f0:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:E7:25:DF:F4:C4:26:1C:DC:2F:BE:66:26:B6:CE:F1:92:18:4E:BD
            X509v3 Authority Key Identifier:
                keyid:76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/Lecl3_TEJhzcL75mJrbO8ZIYTr0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.24.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:d5:6a:52:60:2b:02:e9:9f:de:3e:9c:9e:26:c7:1e:9b:72:
         b1:b6:09:18:70:2c:8b:9f:f5:db:54:59:26:0f:71:3a:0d:2d:
         82:92:d7:aa:c8:09:cc:48:d8:46:69:80:2a:89:26:85:0b:5f:
         92:cd:64:b6:2a:4c:3a:67:5c:10:7a:26:c4:88:26:6a:62:93:
         ae:45:95:ac:7c:52:3c:e3:48:2f:84:77:29:b3:4d:44:f6:63:
         b9:8c:24:59:71:25:5f:06:07:01:23:f4:9b:c4:75:6c:3a:ef:
         6a:8d:6f:31:f8:b2:21:ca:9a:77:93:78:b0:eb:18:ce:0c:33:
         ea:c7:3e:57:87:c1:8c:66:8a:54:88:5d:cd:5f:31:0d:6b:24:
         52:21:53:1e:6f:4f:61:83:32:b6:4c:de:86:39:51:86:d8:8a:
         83:11:17:0d:4f:52:18:9c:dd:45:3d:67:95:1f:eb:7a:1a:95:
         ef:3d:de:90:da:af:2e:2f:ab:6a:72:2b:05:47:d9:da:2f:51:
         e4:d9:2b:82:1a:cf:4e:70:90:9e:12:77:97:51:77:53:8f:af:
         23:eb:2f:79:00:27:84:71:2c:91:f6:15:4a:97:53:4f:ba:66:
         4d:fe:54:02:cb:57:87:65:05:01:3a:9e:5f:e1:61:01:61:d4:
         4d:9c:30:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnUsVNE1md3OD2yF4NrlzSeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2N2YzYmQ0YmZiZDMwNzFjMzhjZDRkNzA5MmJkMzQ5MDky
MGMzZDkwHhcNMjMwODA4MTAyODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGU3MjVkZmY0YzQyNjFjZGMyZmJlNjYyNmI2Y2VmMTkyMTg0ZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjU4komXtzSBL4JKOPgP9cvMPalBP
nwT4/dO3KIRTulVU1DPo+P7NmJvHq0Yt4JKtL9MYBmlXdzT6eCIrirADG4yoM2i5
uGSyYGQemdBltcwWppVgPd7c+9NW/Q/GZmEztszC4q4oewy6Vtxvdkl2pYdMj43d
nXbSNADLQQbIwelWGhCVZRPJoCXxvseal5oxjTnOyHNTvPHbPUZXXm2XsNMhdOSi
PqxfriysjDk4WEiubiy3gT9Pan9LpV2bbKA07Feh/GnEoaq4gsE+k0UVxWgkELKo
cUuLpf+dlgt+K20r2ZIFBuIvc6Pne59an6kyGoOAoZKM0IW2XNT9yRXwuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC3nJd/0xCYc3C++Zia2zvGSGE69MB8GA1UdIwQY
MBaAFHZ/O9S/vTBxw4zU1wkr00kJIMPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgt
NGZiNTU5YjNiOWIzLzEvTGVjbDNfVEVKaHpjTDc1bUpyYk84WklZVHIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgtNGZiNTU5YjNiOWIz
LzEvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BhxMA0G
CSqGSIb3DQEBCwUAA4IBAQBH1WpSYCsC6Z/ePpyeJscem3KxtgkYcCyLn/XbVFkm
D3E6DS2CkteqyAnMSNhGaYAqiSaFC1+SzWS2Kkw6Z1wQeibEiCZqYpOuRZWsfFI8
40gvhHcps01E9mO5jCRZcSVfBgcBI/SbxHVsOu9qjW8x+LIhypp3k3iw6xjODDPq
xz5Xh8GMZopUiF3NXzENayRSIVMeb09hgzK2TN6GOVGG2IqDERcNT1IYnN1FPWeV
H+t6GpXvPd6Q2q8uL6tqcisFR9naL1Hk2SuCGs9OcJCeEneXUXdTj68j6y95ACeE
cSyR9hVKl1NPumZN/lQCy1eHZQUBOp5f4WEBYdRNnDAC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:24 2024 by rpki-client on console-ams.rpki-client.org