Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/omH9h5y8mjpVpQBz6zm0LhAXMWs.roa
File:                     omH9h5y8mjpVpQBz6zm0LhAXMWs.roa (raw, json)
Hash identifier:          uVpTBXjv+yhnqnAIDXrC/WpWdHfYBqIhSwFKubUlRR4=
Subject key identifier:   A2:61:FD:87:9C:BC:9A:3A:55:A5:00:73:EB:39:B4:2E:10:17:31:6B
Certificate issuer:       /CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Certificate serial:       018A039C882123D9C9DF8B32E21728D2D1E0
Authority key identifier: 53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/omH9h5y8mjpVpQBz6zm0LhAXMWs.roa
Signing time:             Thu 17 Aug 2023 13:08:24 +0000
ROA not before:           Thu 17 Aug 2023 13:08:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        80.254.228.0/24 maxlen: 24
                          2a13:5241::/32 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:03:9c:88:21:23:d9:c9:df:8b:32:e2:17:28:d2:d1:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
        Validity
            Not Before: Aug 17 13:08:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a261fd879cbc9a3a55a50073eb39b42e1017316b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:f4:e6:c8:98:c0:ed:37:5d:9d:65:5a:d3:99:
                    1b:52:8c:ab:e2:e6:8f:36:9b:64:51:87:4a:c6:ff:
                    28:26:76:68:02:4c:ad:94:fc:70:7f:33:69:1e:e7:
                    c9:f6:aa:40:82:17:57:c4:bc:d7:60:58:05:e2:8e:
                    83:f0:d4:43:47:25:3c:43:74:29:f1:5d:3d:dc:66:
                    38:34:1a:01:12:30:19:fd:91:0e:d2:a4:c5:b4:b2:
                    10:d7:72:85:1e:4b:6f:55:55:3c:a1:59:ac:20:00:
                    55:33:c0:6a:d9:98:48:ac:52:81:2c:ce:21:96:61:
                    09:3f:25:62:75:59:ad:8b:56:82:ab:be:d6:98:53:
                    8b:34:e0:ec:de:76:ce:4e:05:ab:89:92:8a:87:e9:
                    b8:ec:ee:b2:5b:72:49:77:0b:79:d4:a0:b0:51:21:
                    49:d7:ad:b2:c0:bc:ee:aa:fd:36:b9:b7:58:c6:87:
                    50:5f:a4:b2:42:88:28:b0:0a:0f:f3:df:d5:93:1a:
                    20:91:0b:16:7b:4c:95:47:4a:ec:75:65:93:fb:fa:
                    92:57:74:51:da:31:f5:05:95:b6:1a:5d:cd:ec:3d:
                    13:7c:b1:73:91:94:60:a9:3c:32:7e:1c:6e:7f:b6:
                    2e:ca:b5:d5:fd:1a:50:49:11:1e:0a:93:44:7c:56:
                    ad:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:61:FD:87:9C:BC:9A:3A:55:A5:00:73:EB:39:B4:2E:10:17:31:6B
            X509v3 Authority Key Identifier:
                keyid:53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/omH9h5y8mjpVpQBz6zm0LhAXMWs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.254.228.0/24
                IPv6:
                  2a13:5241::/32

    Signature Algorithm: sha256WithRSAEncryption
         bc:18:df:c1:e3:1b:dd:8a:ce:66:75:c4:57:67:6d:24:2e:58:
         13:02:73:31:45:08:42:0f:60:a7:ad:37:6d:63:e2:e2:f4:91:
         b8:05:7f:6d:14:3b:73:3c:fa:c4:db:79:1b:c9:0b:91:48:f8:
         2d:da:29:cd:46:61:70:ae:67:f0:94:d5:ca:85:8d:ac:53:cd:
         75:28:e8:a6:95:36:7c:33:04:b4:7c:6f:84:5b:89:4f:11:98:
         f2:83:39:79:1f:65:aa:71:2f:04:07:47:9b:34:07:02:81:6c:
         07:fa:b6:57:89:36:d9:22:75:bd:e3:5e:f3:a0:36:dc:8f:ef:
         b4:c6:9c:78:73:7b:bd:41:fe:15:48:ec:85:66:91:79:37:77:
         c0:87:c7:69:04:22:96:4b:20:43:c1:10:a0:32:4c:c7:3a:79:
         df:9c:9f:63:cc:96:73:d6:8e:aa:b9:5a:d4:2f:8c:eb:49:02:
         69:ef:9a:11:97:c4:9b:b9:f5:16:3a:ee:99:12:5c:e9:f8:92:
         2b:a9:38:de:13:f0:f9:a4:48:d0:03:fd:0a:6a:24:dd:02:1a:
         b0:76:02:d6:ab:57:01:6e:88:3b:0f:f9:9d:1d:e8:fe:94:8b:
         dd:b7:f2:46:0d:83:ee:d5:ba:c3:65:a0:89:7e:7c:a2:43:37:
         5f:7e:71:ca
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYoDnIghI9nJ34sy4hco0tHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjQ2YWI3OWI5ZmM1OGY1ZGM0Y2YyOWQ3MmRjNTI2N2Vj
M2VkZGUwHhcNMjMwODE3MTMwODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjYxZmQ4NzljYmM5YTNhNTVhNTAwNzNlYjM5YjQyZTEwMTczMTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfTmyJjA7TddnWVa05kbUoyr4uaP
NptkUYdKxv8oJnZoAkytlPxwfzNpHufJ9qpAghdXxLzXYFgF4o6D8NRDRyU8Q3Qp
8V093GY4NBoBEjAZ/ZEO0qTFtLIQ13KFHktvVVU8oVmsIABVM8Bq2ZhIrFKBLM4h
lmEJPyVidVmti1aCq77WmFOLNODs3nbOTgWriZKKh+m47O6yW3JJdwt51KCwUSFJ
162ywLzuqv02ubdYxodQX6SyQogosAoP89/VkxogkQsWe0yVR0rsdWWT+/qSV3RR
2jH1BZW2Gl3N7D0TfLFzkZRgqTwyfhxuf7YuyrXV/RpQSREeCpNEfFatpQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKJh/YecvJo6VaUAc+s5tC4QFzFrMB8GA1UdIwQY
MBaAFFO0arebn8WPXcTPKdctxSZ+w+3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQt
MDYwYTQ3MzgwOTFkLzEvb21IOWg1eThtanBWcFFCejZ6bTBMaEFYTVdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQtMDYwYTQ3MzgwOTFk
LzEvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAUP7kMA0E
AgACMAcDBQAqE1JBMA0GCSqGSIb3DQEBCwUAA4IBAQC8GN/B4xvdis5mdcRXZ20k
LlgTAnMxRQhCD2CnrTdtY+Li9JG4BX9tFDtzPPrE23kbyQuRSPgt2inNRmFwrmfw
lNXKhY2sU811KOimlTZ8MwS0fG+EW4lPEZjygzl5H2WqcS8EB0ebNAcCgWwH+rZX
iTbZInW9417zoDbcj++0xpx4c3u9Qf4VSOyFZpF5N3fAh8dpBCKWSyBDwRCgMkzH
OnnfnJ9jzJZz1o6quVrUL4zrSQJp75oRl8SbufUWOu6ZElzp+JIrqTjeE/D5pEjQ
A/0KaiTdAhqwdgLWq1cBbog7D/mdHej+lIvdt/JGDYPu1brDZaCJfnyiQzdffnHK
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:03 2024 by rpki-client on console-ams.rpki-client.org