Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/l-r3juB819S6lfM-X5TLLQzyylI.roa
File:                     l-r3juB819S6lfM-X5TLLQzyylI.roa (raw, json)
Hash identifier:          fqA3q0nCuYxIKlSnB8U2ZW910hNXoUNiYqkmIiXS9Jo=
Subject key identifier:   97:EA:F7:8E:E0:7C:D7:D4:BA:95:F3:3E:5F:94:CB:2D:0C:F2:CA:52
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       01881FE964FDCDD56121ED8FFF72B22959C9
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/l-r3juB819S6lfM-X5TLLQzyylI.roa
Signing time:             Mon 15 May 2023 14:56:09 +0000
ROA not before:           Mon 15 May 2023 14:56:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2914
IP address blocks:        2.58.196.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Thu 07 Sep 2023 11:52:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:1f:e9:64:fd:cd:d5:61:21:ed:8f:ff:72:b2:29:59:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: May 15 14:56:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=97eaf78ee07cd7d4ba95f33e5f94cb2d0cf2ca52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:66:bf:98:e6:df:86:39:5a:d6:4f:7c:d5:d4:
                    37:db:dc:4d:33:4f:eb:66:3b:92:3c:e6:12:2a:87:
                    f3:0f:fa:c2:df:6d:bc:ae:5a:ee:0d:38:f5:a0:0d:
                    60:54:30:ec:d5:e2:dd:14:85:b0:46:81:1b:18:23:
                    a1:da:ae:d4:03:7a:e4:b2:ad:75:28:62:ec:b6:0e:
                    1e:9c:e7:4f:9f:83:22:bf:4f:5b:5d:ac:67:90:7d:
                    55:25:b1:6b:7a:a8:a7:f8:fd:29:bd:5d:1a:9a:e0:
                    4e:67:35:f0:d1:ad:b3:e7:a2:ea:79:32:71:6d:13:
                    7e:57:5f:9c:b1:bb:fa:7a:05:66:2a:ad:d5:3e:b5:
                    46:7f:88:34:a6:40:6c:53:a2:7b:ec:d3:a0:92:8f:
                    a5:0b:5f:b7:ef:6b:06:82:b7:0f:10:3a:aa:a9:a8:
                    69:04:ed:00:71:d2:a7:f7:cb:f7:32:60:8e:a1:2c:
                    01:b5:2f:41:8f:a7:af:fb:5d:a7:22:6a:68:f7:0a:
                    70:b9:3c:16:b0:06:f1:36:99:c1:45:c7:10:b6:b9:
                    50:d3:c8:84:b5:c8:c4:2a:93:b2:0b:e9:b6:24:15:
                    84:6a:dc:fa:48:a0:c5:0e:2e:5c:7a:1c:82:4b:26:
                    2e:07:8f:cc:e5:5e:2d:a1:40:83:11:b2:cd:02:bf:
                    87:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:EA:F7:8E:E0:7C:D7:D4:BA:95:F3:3E:5F:94:CB:2D:0C:F2:CA:52
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/l-r3juB819S6lfM-X5TLLQzyylI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4b:c2:5e:6f:d9:f1:3a:17:bf:f1:80:85:b7:1e:86:c7:ee:d4:
         4c:87:a6:2e:00:ac:45:e3:55:b5:02:92:6a:6e:d1:7c:6c:a9:
         b5:9e:0c:08:fd:33:19:e9:f3:8f:c3:a0:64:21:53:cd:8e:0b:
         79:46:42:fb:9c:0e:58:73:40:6c:81:83:de:cb:05:08:5a:de:
         b9:81:8a:d2:8c:89:fb:cf:21:11:a3:a6:85:e9:68:17:07:88:
         52:7d:82:62:0b:b6:85:a6:53:27:1b:e7:31:ad:8c:8b:8d:8c:
         3d:fb:b7:1b:42:9c:f0:ee:1f:9f:67:84:d2:1b:18:a7:39:15:
         bf:c2:35:73:6d:e6:52:76:01:c4:3c:74:f2:c3:59:0c:b8:33:
         b6:e8:46:12:40:6d:6b:26:51:67:43:2f:67:23:b8:47:0e:7e:
         1e:83:6c:00:fd:b9:a5:a5:04:51:fd:6b:8f:39:2f:8e:ff:08:
         2f:49:44:66:58:37:2c:e4:87:d7:41:9a:38:f2:da:12:64:a8:
         16:d4:85:6f:35:2e:d3:fd:21:24:2e:58:2f:be:67:ce:ad:6c:
         7f:55:6f:25:ef:38:85:a1:ee:6e:e0:ac:91:b5:e8:6f:43:97:
         9e:b7:fc:c1:7b:5c:f5:74:21:87:1b:39:06:fe:09:ce:7d:ce:
         e3:57:09:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgf6WT9zdVhIe2P/3KyKVnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwNTE1MTQ1NjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2VhZjc4ZWUwN2NkN2Q0YmE5NWYzM2U1Zjk0Y2IyZDBjZjJjYTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuma/mObfhjla1k981dQ329xNM0/r
ZjuSPOYSKofzD/rC3228rlruDTj1oA1gVDDs1eLdFIWwRoEbGCOh2q7UA3rksq11
KGLstg4enOdPn4Miv09bXaxnkH1VJbFreqin+P0pvV0amuBOZzXw0a2z56LqeTJx
bRN+V1+csbv6egVmKq3VPrVGf4g0pkBsU6J77NOgko+lC1+372sGgrcPEDqqqahp
BO0AcdKn98v3MmCOoSwBtS9Bj6ev+12nImpo9wpwuTwWsAbxNpnBRccQtrlQ08iE
tcjEKpOyC+m2JBWEatz6SKDFDi5cehyCSyYuB4/M5V4toUCDEbLNAr+HdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJfq947gfNfUupXzPl+Uyy0M8spSMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvbC1yM2p1QjgxOVM2bGZNLVg1VExMUXp5eWxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjrEMA0G
CSqGSIb3DQEBCwUAA4IBAQBLwl5v2fE6F7/xgIW3HobH7tRMh6YuAKxF41W1ApJq
btF8bKm1ngwI/TMZ6fOPw6BkIVPNjgt5RkL7nA5Yc0BsgYPeywUIWt65gYrSjIn7
zyERo6aF6WgXB4hSfYJiC7aFplMnG+cxrYyLjYw9+7cbQpzw7h+fZ4TSGxinORW/
wjVzbeZSdgHEPHTyw1kMuDO26EYSQG1rJlFnQy9nI7hHDn4eg2wA/bmlpQRR/WuP
OS+O/wgvSURmWDcs5IfXQZo48toSZKgW1IVvNS7T/SEkLlgvvmfOrWx/VW8l7ziF
oe5u4KyRtehvQ5eet/zBe1z1dCGHGzkG/gnOfc7jVwle
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org