Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/Ldj97OFCkVlUrCjJM4Mb3cYQ4nE.roa
File:                     Ldj97OFCkVlUrCjJM4Mb3cYQ4nE.roa (raw, json)
Hash identifier:          SyA+o46eLc/KgN/9S2QeYolaytkeeYAMLlpTGviK23Y=
Subject key identifier:   2D:D8:FD:EC:E1:42:91:59:54:AC:28:C9:33:83:1B:DD:C6:10:E2:71
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       018CC64AF0F1D05D9B2D4DA7C02C325DF884
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/Ldj97OFCkVlUrCjJM4Mb3cYQ4nE.roa
Signing time:             Mon 01 Jan 2024 18:30:49 +0000
ROA not before:           Mon 01 Jan 2024 18:30:49 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61002
IP address blocks:        80.97.54.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Wed 31 Jan 2024 15:54:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4a:f0:f1:d0:5d:9b:2d:4d:a7:c0:2c:32:5d:f8:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Jan  1 18:30:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2dd8fdece142915954ac28c933831bddc610e271
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:4d:67:99:ab:ff:c9:89:5c:fb:3b:e7:76:74:
                    15:b1:d9:56:8c:c3:dc:3e:dc:72:c1:d4:3a:c5:33:
                    04:d0:63:aa:29:2f:de:bd:32:7e:64:4e:15:e8:09:
                    30:ea:df:3e:7a:2f:15:cb:29:2c:07:e9:ce:d1:70:
                    11:3b:f9:76:45:2c:c1:fe:1b:4e:34:b7:02:63:fd:
                    76:7b:4d:69:9c:e2:4c:e9:9d:87:28:95:05:ac:79:
                    1c:1a:bf:01:21:a7:2a:c6:34:ac:17:22:45:a4:58:
                    00:92:0b:d0:fb:8a:9c:98:e2:76:98:d2:8a:bc:d9:
                    8b:b0:d7:40:7d:78:0c:b8:fe:06:dd:5c:d5:cb:b5:
                    70:14:4d:8d:e8:3a:de:79:17:ec:c4:f7:c9:37:fd:
                    49:d5:b8:e0:0e:08:57:62:40:b1:69:03:53:65:7c:
                    03:52:0b:cf:4f:9a:ae:97:dc:17:14:99:62:3f:1f:
                    fb:71:7a:b9:2d:8f:ef:6b:eb:18:af:97:47:6c:25:
                    d6:a1:07:f5:4b:46:53:55:cd:a4:b1:33:c6:fb:72:
                    85:29:2f:1c:eb:82:47:97:58:b5:04:de:93:da:47:
                    4f:e2:3b:53:d4:f6:31:21:21:b3:5e:df:75:d5:bc:
                    18:6c:f3:0c:ab:0d:36:30:41:77:85:ef:53:f6:c6:
                    0c:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:D8:FD:EC:E1:42:91:59:54:AC:28:C9:33:83:1B:DD:C6:10:E2:71
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/Ldj97OFCkVlUrCjJM4Mb3cYQ4nE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.97.54.0/23

    Signature Algorithm: sha256WithRSAEncryption
         59:ee:46:1c:cd:c7:be:13:84:9f:e7:e2:54:71:39:bc:9b:6a:
         1d:76:e0:06:d9:f9:89:ed:56:84:74:0f:d3:a0:74:0d:0e:8e:
         6d:a9:57:58:29:fc:33:b1:07:ba:fd:7b:ba:b2:03:fe:7d:38:
         ed:26:01:74:25:07:f1:f0:21:4a:14:17:40:73:29:e6:86:29:
         bf:84:d7:29:65:86:e3:72:ca:56:09:8a:e4:1b:ab:42:32:1e:
         2b:14:3e:5c:18:a9:e8:22:fb:12:54:26:b0:c4:f8:7a:3e:b7:
         28:eb:9f:6f:1b:22:f6:0d:1d:e7:d7:58:ee:ee:22:e4:4c:86:
         ca:79:27:0b:25:78:9f:45:68:49:0d:2f:26:97:0e:f3:b2:12:
         5b:30:b0:78:d8:4c:ea:e0:a0:7e:ba:cc:51:0d:ea:93:79:45:
         72:06:22:01:01:23:6f:43:e8:72:7c:57:9f:16:81:5e:76:d7:
         7f:82:7c:60:7c:d8:ad:73:37:db:47:d3:ba:60:d4:ce:ea:0c:
         b3:b1:cb:14:28:75:71:09:e1:70:7f:45:d5:8b:af:72:b2:99:
         31:b8:7c:22:6f:0a:d6:18:dd:af:6c:55:8a:c3:4b:f3:d0:32:
         82:df:d7:71:a7:ae:99:fa:6a:cd:45:05:d8:68:b4:c7:e0:e8:
         ab:7e:c2:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSvDx0F2bLU2nwCwyXfiEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwMTAxMTgzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGQ4ZmRlY2UxNDI5MTU5NTRhYzI4YzkzMzgzMWJkZGM2MTBlMjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqU1nmav/yYlc+zvndnQVsdlWjMPc
PtxywdQ6xTME0GOqKS/evTJ+ZE4V6Akw6t8+ei8VyyksB+nO0XARO/l2RSzB/htO
NLcCY/12e01pnOJM6Z2HKJUFrHkcGr8BIacqxjSsFyJFpFgAkgvQ+4qcmOJ2mNKK
vNmLsNdAfXgMuP4G3VzVy7VwFE2N6DreeRfsxPfJN/1J1bjgDghXYkCxaQNTZXwD
UgvPT5qul9wXFJliPx/7cXq5LY/va+sYr5dHbCXWoQf1S0ZTVc2ksTPG+3KFKS8c
64JHl1i1BN6T2kdP4jtT1PYxISGzXt911bwYbPMMqw02MEF3he9T9sYM6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC3Y/ezhQpFZVKwoyTODG93GEOJxMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvTGRqOTdPRkNrVmxVckNqSk00TWIzY1lRNG5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUGE2MA0G
CSqGSIb3DQEBCwUAA4IBAQBZ7kYczce+E4Sf5+JUcTm8m2odduAG2fmJ7VaEdA/T
oHQNDo5tqVdYKfwzsQe6/Xu6sgP+fTjtJgF0JQfx8CFKFBdAcynmhim/hNcpZYbj
cspWCYrkG6tCMh4rFD5cGKnoIvsSVCawxPh6Prco659vGyL2DR3n11ju7iLkTIbK
eScLJXifRWhJDS8mlw7zshJbMLB42Ezq4KB+usxRDeqTeUVyBiIBASNvQ+hyfFef
FoFedtd/gnxgfNitczfbR9O6YNTO6gyzscsUKHVxCeFwf0XVi69yspkxuHwibwrW
GN2vbFWKw0vz0DKC39dxp66Z+mrNRQXYaLTH4OirfsJL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:22 2024 by rpki-client on console-fra.rpki-client.org