Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/pNwmPLG6wE828KrpxgMiryaw_R4.roa
File:                     pNwmPLG6wE828KrpxgMiryaw_R4.roa (raw, json)
Hash identifier:          cg+rnOBXAWSlG7NnYMHBc1lUcE9/3DEKxTW7mWS3lzo=
Subject key identifier:   A4:DC:26:3C:B1:BA:C0:4F:36:F0:AA:E9:C6:03:22:AF:26:B0:FD:1E
Certificate issuer:       /CN=b155daddb871b9d6a53cd6b47f776250837f7774
Certificate serial:       01856DDD2A2D76E0E1F5C695A3F52AE78B30
Authority key identifier: B1:55:DA:DD:B8:71:B9:D6:A5:3C:D6:B4:7F:77:62:50:83:7F:77:74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVXa3bhxudalPNa0f3diUIN_d3Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/pNwmPLG6wE828KrpxgMiryaw_R4.roa
Signing time:             Sun 01 Jan 2023 15:04:48 +0000
ROA not before:           Sun 01 Jan 2023 15:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49086
IP address blocks:        80.228.2.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:dd:2a:2d:76:e0:e1:f5:c6:95:a3:f5:2a:e7:8b:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155daddb871b9d6a53cd6b47f776250837f7774
        Validity
            Not Before: Jan  1 15:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a4dc263cb1bac04f36f0aae9c60322af26b0fd1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:98:29:53:bd:07:7d:86:d3:c9:85:89:24:a3:
                    43:ca:28:cd:d5:69:9f:56:4c:06:85:2e:92:12:a6:
                    14:f2:7b:b0:c5:6f:c0:af:1e:f2:7c:9f:c6:dc:c6:
                    80:20:a3:2c:8c:10:fe:9d:de:f2:38:b0:ce:6b:e4:
                    4a:f5:4c:8e:44:60:57:e7:3f:7b:54:04:7d:9b:f9:
                    ee:60:4f:bb:d9:c3:07:09:96:f9:55:35:57:51:48:
                    4f:d3:98:b1:2b:ca:f6:a6:2c:bb:55:da:3c:31:4e:
                    12:ab:13:b0:d4:f8:3f:f4:9c:e3:21:ec:06:f2:2e:
                    c4:45:fc:06:ba:5d:b1:25:78:f4:27:e7:fc:c6:35:
                    6d:8e:f7:e2:6f:48:67:fe:9f:b7:10:5f:82:e3:93:
                    31:de:00:c4:0f:4f:7c:dd:e7:31:b1:4f:53:79:cf:
                    09:22:ee:7c:51:f3:c3:7a:8f:52:ed:a7:ea:d5:62:
                    d3:2e:11:05:1d:c0:86:ce:b1:fc:91:69:2c:79:d7:
                    7e:09:6b:37:0e:2e:22:01:a4:33:85:5c:8d:9c:0f:
                    a2:15:63:ea:08:36:53:b7:1e:ee:1b:fc:91:c4:3e:
                    1b:00:c7:a5:0d:fb:08:08:b8:70:da:36:d8:e7:0a:
                    a8:27:e6:6b:ea:fa:bc:0e:62:d0:f6:96:5f:f5:00:
                    74:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:DC:26:3C:B1:BA:C0:4F:36:F0:AA:E9:C6:03:22:AF:26:B0:FD:1E
            X509v3 Authority Key Identifier:
                keyid:B1:55:DA:DD:B8:71:B9:D6:A5:3C:D6:B4:7F:77:62:50:83:7F:77:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVXa3bhxudalPNa0f3diUIN_d3Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/pNwmPLG6wE828KrpxgMiryaw_R4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/sVXa3bhxudalPNa0f3diUIN_d3Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.228.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:c2:a8:30:71:35:ec:13:e5:dc:6f:52:dc:e5:bd:20:dc:3e:
         3b:da:d7:61:54:13:64:79:03:2f:ce:78:f9:c9:70:a1:17:08:
         02:2e:5a:68:d8:60:25:50:bc:16:12:b8:59:7f:26:5f:53:c5:
         45:bc:6d:03:fd:9b:e5:11:1f:fb:b5:5a:08:d6:77:10:16:50:
         e5:11:1e:42:cc:9d:85:34:22:d8:a0:c9:5c:3e:7a:70:f3:a0:
         f2:ee:2c:a9:c8:82:ab:a6:6b:f9:94:6f:e1:69:e3:3c:77:75:
         9a:26:34:bd:2c:4e:e1:86:2c:16:56:fe:ef:58:9d:64:8e:7a:
         b8:bd:c9:91:03:a2:4e:9d:cd:e3:15:d9:4d:d5:e5:51:53:d4:
         cf:f4:9e:26:1a:53:4a:de:78:a2:5d:dd:0b:90:e4:d4:f4:5b:
         04:70:3b:87:0b:e1:45:09:b5:48:83:47:af:09:50:21:36:0f:
         9c:f6:79:3b:ba:e2:1b:c8:2b:0b:13:9a:b5:80:49:e9:7e:0a:
         44:7b:06:d6:6c:b7:ae:e4:cf:0f:d3:f4:27:f3:75:a1:0e:91:
         de:9b:21:a0:ec:6b:66:6c:31:aa:13:0f:78:d9:57:c6:d3:41:
         67:00:6f:c5:57:23:6e:83:46:2a:42:23:2b:5e:e7:66:a4:cf:
         d0:a4:6a:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt3SotduDh9caVo/Uq54swMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTVkYWRkYjg3MWI5ZDZhNTNjZDZiNDdmNzc2MjUwODM3
Zjc3NzQwHhcNMjMwMTAxMTUwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGRjMjYzY2IxYmFjMDRmMzZmMGFhZTljNjAzMjJhZjI2YjBmZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJgpU70HfYbTyYWJJKNDyijN1Wmf
VkwGhS6SEqYU8nuwxW/Arx7yfJ/G3MaAIKMsjBD+nd7yOLDOa+RK9UyORGBX5z97
VAR9m/nuYE+72cMHCZb5VTVXUUhP05ixK8r2piy7Vdo8MU4SqxOw1Pg/9JzjIewG
8i7ERfwGul2xJXj0J+f8xjVtjvfib0hn/p+3EF+C45Mx3gDED0983ecxsU9Tec8J
Iu58UfPDeo9S7afq1WLTLhEFHcCGzrH8kWksedd+CWs3Di4iAaQzhVyNnA+iFWPq
CDZTtx7uG/yRxD4bAMelDfsICLhw2jbY5wqoJ+Zr6vq8DmLQ9pZf9QB0yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKTcJjyxusBPNvCq6cYDIq8msP0eMB8GA1UdIwQY
MBaAFLFV2t24cbnWpTzWtH93YlCDf3d0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZYYTNiaHh1ZGFsUE5hMGYzZGlVSU5fZDNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS84ZmQ2ZTctNDk2Zi00N2NmLTgwZmIt
NTQ2OGIyY2YwYTc3LzEvcE53bVBMRzZ3RTgyOEtycHhnTWlyeWF3X1I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS84ZmQ2ZTctNDk2Zi00N2NmLTgwZmItNTQ2OGIyY2YwYTc3
LzEvc1ZYYTNiaHh1ZGFsUE5hMGYzZGlVSU5fZDNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUOQCMA0G
CSqGSIb3DQEBCwUAA4IBAQBawqgwcTXsE+Xcb1Lc5b0g3D472tdhVBNkeQMvznj5
yXChFwgCLlpo2GAlULwWErhZfyZfU8VFvG0D/ZvlER/7tVoI1ncQFlDlER5CzJ2F
NCLYoMlcPnpw86Dy7iypyIKrpmv5lG/haeM8d3WaJjS9LE7hhiwWVv7vWJ1kjnq4
vcmRA6JOnc3jFdlN1eVRU9TP9J4mGlNK3niiXd0LkOTU9FsEcDuHC+FFCbVIg0ev
CVAhNg+c9nk7uuIbyCsLE5q1gEnpfgpEewbWbLeu5M8P0/Qn83WhDpHemyGg7Gtm
bDGqEw942VfG00FnAG/FVyNug0YqQiMrXudmpM/QpGps
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:06 2024 by rpki-client on console-ams.rpki-client.org