Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/1-iqZutv2-aEKenuJAY0V-nLKYG4.roa
File:                     1-iqZutv2-aEKenuJAY0V-nLKYG4.roa (raw, json)
Hash identifier:          UmYCvkczZoL6rBrecz9iDC/E1pwMvz/Et61Ca4BCYbM=
Subject key identifier:   FA:2A:99:BA:DB:F6:F9:A1:0A:7A:7B:89:01:8D:15:FA:72:CA:60:6E
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       01856F150F2BC767BFDEA6A4CB3C2013B1E1
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/1-iqZutv2-aEKenuJAY0V-nLKYG4.roa
Signing time:             Sun 01 Jan 2023 20:45:29 +0000
ROA not before:           Sun 01 Jan 2023 20:45:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209157
IP address blocks:        80.96.2.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:15:0f:2b:c7:67:bf:de:a6:a4:cb:3c:20:13:b1:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Jan  1 20:45:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fa2a99badbf6f9a10a7a7b89018d15fa72ca606e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:7b:ac:0b:d4:2c:b8:3f:e7:9d:7f:0b:9f:19:
                    c7:fe:4b:29:cc:22:24:40:c1:38:90:a2:55:69:2d:
                    3c:d0:5f:35:ae:94:76:0d:28:5b:0e:13:2f:d4:a6:
                    04:3b:30:91:26:19:1c:62:25:66:78:7e:1a:b0:07:
                    a6:fe:b2:9f:51:e6:a6:a3:5b:cf:4f:3d:07:79:d9:
                    6d:e1:62:da:c9:43:8c:0c:bc:7b:15:d1:ae:4c:4f:
                    1c:65:4d:73:1b:81:98:77:28:83:39:36:ee:30:19:
                    ab:85:96:4d:f8:1d:1f:52:e8:43:bd:4d:24:44:c1:
                    8f:f1:db:a9:1d:83:be:c3:c7:80:75:c8:98:ea:c1:
                    f3:f6:8f:cb:5e:9d:5c:f3:a1:95:68:73:33:bc:0c:
                    fe:a3:28:c8:e7:d8:89:e4:fb:6d:47:62:65:49:2d:
                    8c:cf:3d:51:d9:49:68:a2:ef:13:5e:2c:ac:c2:3c:
                    b0:29:49:30:06:d7:a6:8c:68:75:1d:5f:0f:84:f7:
                    db:58:bb:26:23:25:ea:81:4d:49:3b:6d:5b:7c:b0:
                    e6:e1:bc:15:45:f2:74:99:50:6f:d8:d8:a5:cd:66:
                    61:ae:60:95:20:a5:47:54:d1:51:66:0d:1b:17:9e:
                    22:6d:38:5d:5e:40:84:f3:ed:74:7e:5a:d5:43:d8:
                    7b:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:2A:99:BA:DB:F6:F9:A1:0A:7A:7B:89:01:8D:15:FA:72:CA:60:6E
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/1-iqZutv2-aEKenuJAY0V-nLKYG4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.96.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:53:fa:32:99:ee:b6:97:e6:f0:f7:91:9b:ab:ce:18:ce:36:
         04:47:70:9a:ac:8c:63:4f:72:d2:bd:5f:11:fa:00:fe:03:a9:
         38:3d:b2:ff:32:44:d4:c8:6c:92:4f:1d:19:6e:54:77:a0:33:
         f2:ef:7e:75:44:31:62:a0:27:01:19:a1:c5:88:8e:be:ef:6c:
         e8:6f:73:2c:67:ff:0f:12:66:01:9f:5d:10:c1:f7:f7:8c:7b:
         2d:21:a9:9a:b3:96:c3:0d:c3:6c:9f:2d:46:55:e4:0d:14:19:
         41:d5:6d:94:4d:47:8f:99:50:9e:43:bc:a3:d9:7e:8e:60:82:
         10:40:2d:39:b5:8c:34:fe:be:40:e5:f1:05:ec:97:96:61:09:
         89:99:8a:c3:17:2b:dd:9b:4f:a8:54:a5:96:1c:dd:ae:a9:c0:
         87:bf:c4:45:c7:8d:66:6f:5c:d0:f3:f6:8a:be:18:de:f2:83:
         f3:5d:66:2f:07:dd:58:9d:64:2f:f2:25:26:5e:42:77:2d:1c:
         22:f4:14:20:d3:d6:4b:86:d8:1b:04:72:ac:30:56:1f:70:0a:
         b1:32:11:84:60:ec:72:24:28:ab:51:06:fb:b0:32:16:2e:19:
         22:4c:25:9b:7c:f4:0d:09:2e:96:73:96:dc:4f:dd:d9:ca:e8:
         70:39:eb:92
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvFQ8rx2e/3qakyzwgE7HhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwMTAxMjA0NTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTJhOTliYWRiZjZmOWExMGE3YTdiODkwMThkMTVmYTcyY2E2MDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXusC9QsuD/nnX8LnxnH/kspzCIk
QME4kKJVaS080F81rpR2DShbDhMv1KYEOzCRJhkcYiVmeH4asAem/rKfUeamo1vP
Tz0Hedlt4WLayUOMDLx7FdGuTE8cZU1zG4GYdyiDOTbuMBmrhZZN+B0fUuhDvU0k
RMGP8dupHYO+w8eAdciY6sHz9o/LXp1c86GVaHMzvAz+oyjI59iJ5PttR2JlSS2M
zz1R2Uloou8TXiyswjywKUkwBtemjGh1HV8PhPfbWLsmIyXqgU1JO21bfLDm4bwV
RfJ0mVBv2NilzWZhrmCVIKVHVNFRZg0bF54ibThdXkCE8+10flrVQ9h7gQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPoqmbrb9vmhCnp7iQGNFfpyymBuMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvMS1pcVp1dHYyLWFFS2VudUpBWTBWLW5MS1lHNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTUvNzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVk
Yi8xL01ZTjRXUmJObU5mSGNOYUZGRlNacUtDaFZ5SS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFBgAjAN
BgkqhkiG9w0BAQsFAAOCAQEABVP6Mpnutpfm8PeRm6vOGM42BEdwmqyMY09y0r1f
EfoA/gOpOD2y/zJE1Mhskk8dGW5Ud6Az8u9+dUQxYqAnARmhxYiOvu9s6G9zLGf/
DxJmAZ9dEMH394x7LSGpmrOWww3DbJ8tRlXkDRQZQdVtlE1Hj5lQnkO8o9l+jmCC
EEAtObWMNP6+QOXxBeyXlmEJiZmKwxcr3ZtPqFSllhzdrqnAh7/ERceNZm9c0PP2
ir4Y3vKD811mLwfdWJ1kL/IlJl5Cdy0cIvQUINPWS4bYGwRyrDBWH3AKsTIRhGDs
ciQoq1EG+7AyFi4ZIkwlm3z0DQkulnOW3E/d2crocDnrkg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:21 2024 by rpki-client on console-fra.rpki-client.org