Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/8ljYQpRqMJHI8u9QmUEKwElkp_o.roa
File:                     8ljYQpRqMJHI8u9QmUEKwElkp_o.roa (raw, json)
Hash identifier:          WFX/43mhwDCposvSEQA0umijRE8yti/O0A1ExG3eMJ0=
Subject key identifier:   F2:58:D8:42:94:6A:30:91:C8:F2:EF:50:99:41:0A:C0:49:64:A7:FA
Certificate issuer:       /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial:       01857082D412B2061B3EEAC2E18A911BF726
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/8ljYQpRqMJHI8u9QmUEKwElkp_o.roa
Signing time:             Mon 02 Jan 2023 03:25:00 +0000
ROA not before:           Mon 02 Jan 2023 03:25:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205196
IP address blocks:        104.247.181.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 03 May 2023 13:39:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:82:d4:12:b2:06:1b:3e:ea:c2:e1:8a:91:1b:f7:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
        Validity
            Not Before: Jan  2 03:25:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f258d842946a3091c8f2ef5099410ac04964a7fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:9c:0d:2c:bf:09:5d:4a:98:c8:c5:a7:4f:29:
                    45:e8:58:17:bb:95:08:18:02:a4:f9:3a:1b:37:80:
                    54:c4:c8:df:b2:3e:5a:3b:d2:c0:26:c8:5a:3d:2f:
                    cc:2f:e0:e5:a2:af:22:e0:fc:af:56:c6:ea:6d:9e:
                    2c:3c:9a:61:d6:85:db:5c:36:05:3c:49:96:7e:79:
                    26:01:e0:34:cb:21:9d:00:31:68:37:f1:71:b7:47:
                    fe:d8:2a:cd:0f:dd:53:84:eb:85:83:48:2e:51:6e:
                    f5:d4:0d:c0:b8:0e:ad:4e:7f:2b:2d:05:92:2d:1f:
                    68:d6:28:39:40:bd:7b:67:2b:ec:f9:37:b2:5f:09:
                    ad:25:9a:55:ae:01:cf:28:b5:79:57:eb:a2:15:07:
                    f7:9f:d4:bf:12:a3:e1:ed:b7:d9:84:ff:bb:50:81:
                    24:32:cf:d2:21:f0:58:bd:c0:5e:26:72:aa:85:cf:
                    f6:6c:dc:ee:7b:4e:01:07:95:a7:a5:fd:76:27:64:
                    cd:df:e8:72:e6:96:6e:c2:96:69:cb:9c:6d:52:b7:
                    cf:ce:f4:14:6a:a3:17:56:46:be:65:d0:93:61:95:
                    dc:cb:38:3b:3d:b0:15:36:b8:89:61:b4:81:ef:af:
                    20:c5:66:85:7d:ba:74:c4:ce:0f:86:d3:bd:11:1d:
                    50:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:58:D8:42:94:6A:30:91:C8:F2:EF:50:99:41:0A:C0:49:64:A7:FA
            X509v3 Authority Key Identifier:
                keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/8ljYQpRqMJHI8u9QmUEKwElkp_o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.247.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:27:72:36:ea:04:d7:eb:87:4c:38:b6:23:c9:69:5c:39:0e:
         1a:25:30:ca:91:14:2b:81:4a:e6:f4:cd:f7:6a:b8:81:25:f9:
         de:a0:1d:5d:54:ed:cb:63:6d:84:7b:e6:5d:1f:59:e1:b4:49:
         5d:16:cd:d4:04:0a:7e:bb:8b:35:f5:96:d6:f8:54:a8:9b:6f:
         06:c2:cd:5f:64:9c:94:4f:ed:56:3f:4d:c6:74:36:15:8e:ee:
         28:d6:26:9c:e7:71:9c:0a:73:da:73:27:78:11:7b:ea:bb:b1:
         67:e2:71:0b:3b:37:77:97:9f:52:17:16:b6:95:57:5a:1c:01:
         07:bc:99:06:45:cd:19:7d:88:f8:06:f2:7e:f4:5d:8e:56:ff:
         b3:f4:42:50:52:78:1d:67:30:1e:8f:3e:f4:69:e3:03:78:5d:
         78:59:45:f4:0c:82:ce:af:f8:f9:77:54:0e:b8:08:f4:32:d2:
         45:9b:a8:c3:3a:2b:34:a3:f9:6b:5d:5f:c5:97:32:95:23:86:
         38:04:5e:ba:af:9d:9b:a4:7f:ab:54:b7:75:3e:05:19:e3:32:
         64:e3:97:cd:4a:38:71:e9:d2:18:d1:7f:93:4c:79:a2:49:81:
         e3:50:44:fc:a7:6d:7e:d2:68:5a:33:35:6d:ad:09:a6:a7:3b:
         e4:71:2b:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwgtQSsgYbPurC4YqRG/cmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYTAyYjE5N2RiYWY3ZGViNzRlMGEyN2Q5ZDRlY2QzZmFl
MWU4ZWQwHhcNMjMwMTAyMDMyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjU4ZDg0Mjk0NmEzMDkxYzhmMmVmNTA5OTQxMGFjMDQ5NjRhN2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJwNLL8JXUqYyMWnTylF6FgXu5UI
GAKk+TobN4BUxMjfsj5aO9LAJshaPS/ML+Dloq8i4PyvVsbqbZ4sPJph1oXbXDYF
PEmWfnkmAeA0yyGdADFoN/Fxt0f+2CrND91ThOuFg0guUW711A3AuA6tTn8rLQWS
LR9o1ig5QL17Zyvs+TeyXwmtJZpVrgHPKLV5V+uiFQf3n9S/EqPh7bfZhP+7UIEk
Ms/SIfBYvcBeJnKqhc/2bNzue04BB5Wnpf12J2TN3+hy5pZuwpZpy5xtUrfPzvQU
aqMXVka+ZdCTYZXcyzg7PbAVNriJYbSB768gxWaFfbp0xM4PhtO9ER1Q4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPJY2EKUajCRyPLvUJlBCsBJZKf6MB8GA1UdIwQY
MBaAFO6gKxl9uvfet04KJ9nU7NP64ejtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMt
YmJjY2FiOTEzYjVkLzEvOGxqWVFwUnFNSkhJOHU5UW1VRUt3RWxrcF9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMtYmJjY2FiOTEzYjVk
LzEvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAaPe1MA0G
CSqGSIb3DQEBCwUAA4IBAQCaJ3I26gTX64dMOLYjyWlcOQ4aJTDKkRQrgUrm9M33
ariBJfneoB1dVO3LY22Ee+ZdH1nhtEldFs3UBAp+u4s19ZbW+FSom28Gws1fZJyU
T+1WP03GdDYVju4o1iac53GcCnPacyd4EXvqu7Fn4nELOzd3l59SFxa2lVdaHAEH
vJkGRc0ZfYj4BvJ+9F2OVv+z9EJQUngdZzAejz70aeMDeF14WUX0DILOr/j5d1QO
uAj0MtJFm6jDOis0o/lrXV/FlzKVI4Y4BF66r52bpH+rVLd1PgUZ4zJk45fNSjhx
6dIY0X+TTHmiSYHjUET8p21+0mhaMzVtrQmmpzvkcSvE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:08 2024 by rpki-client on console-fra.rpki-client.org