Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/3qXX2cGOtNmfJ9zM08EuiT4Jgjs.roa
File:                     3qXX2cGOtNmfJ9zM08EuiT4Jgjs.roa (raw, json)
Hash identifier:          K3e2aUn9mYDMn0UIIwtMNl/R2R8ocrXmRBdfrJ9Bx2U=
Subject key identifier:   DE:A5:D7:D9:C1:8E:B4:D9:9F:27:DC:CC:D3:C1:2E:89:3E:09:82:3B
Certificate issuer:       /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial:       01856C8A58DF3BD5C88CBEE72AF0E27A0997
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/3qXX2cGOtNmfJ9zM08EuiT4Jgjs.roa
Signing time:             Sun 01 Jan 2023 08:54:44 +0000
ROA not before:           Sun 01 Jan 2023 08:54:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48147
IP address blocks:        87.248.147.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:30:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:8a:58:df:3b:d5:c8:8c:be:e7:2a:f0:e2:7a:09:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
        Validity
            Not Before: Jan  1 08:54:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dea5d7d9c18eb4d99f27dcccd3c12e893e09823b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:ac:91:8c:27:6f:a1:9a:f7:04:60:53:1b:04:
                    ad:da:26:8e:b5:c4:0c:64:01:82:34:fd:6a:7c:24:
                    cb:89:7c:ee:b3:4e:8d:93:f9:10:c9:52:39:1e:4a:
                    8b:a0:4c:8b:06:4e:ee:81:c2:04:45:3c:00:37:12:
                    9d:de:e9:db:ff:04:27:16:dc:d1:04:df:4f:aa:97:
                    75:54:d1:83:ef:76:f4:7a:18:49:8e:c5:82:4e:c7:
                    8b:f2:ac:ed:9e:31:25:fb:0d:03:e1:1e:86:65:58:
                    6e:b0:11:99:db:67:09:dd:60:ee:33:ec:4a:0a:46:
                    2f:b3:39:1d:eb:c0:f5:f2:17:dc:e5:e1:b2:71:21:
                    84:97:fb:3a:29:67:17:9a:9d:57:91:13:69:b9:ba:
                    48:6d:ba:e9:2d:8c:a6:b3:e5:86:a2:37:24:c7:19:
                    ad:6b:2e:4d:f7:74:eb:48:95:b2:72:17:c8:56:41:
                    d8:31:1e:98:20:cd:e1:8a:e6:6d:db:6d:24:2c:ce:
                    55:8a:e9:8f:f3:34:da:9d:63:50:75:e7:49:be:84:
                    b2:52:eb:f8:80:31:54:8f:74:67:b3:77:dd:8b:41:
                    d6:67:eb:f4:58:dd:fc:b7:1d:87:a1:7c:ae:54:56:
                    b3:ec:d8:f6:49:4e:f9:f9:56:b2:0f:78:2c:fc:18:
                    33:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:A5:D7:D9:C1:8E:B4:D9:9F:27:DC:CC:D3:C1:2E:89:3E:09:82:3B
            X509v3 Authority Key Identifier:
                keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/3qXX2cGOtNmfJ9zM08EuiT4Jgjs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.248.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:2e:db:c0:b7:3f:a2:da:ba:6f:86:5f:55:e4:8b:73:79:a4:
         17:14:98:e8:9a:26:b7:0f:be:b5:48:29:8e:48:43:4f:6a:fa:
         48:64:0f:be:f8:4f:3d:8a:06:31:79:22:3d:08:ae:7b:d2:a2:
         bc:8d:35:a8:07:ef:c7:26:16:0a:aa:62:20:4d:4f:2e:f9:dc:
         22:bb:05:66:fd:c8:fe:fc:3c:3e:3d:c7:ab:43:ec:0a:b7:46:
         78:9f:52:19:23:0e:32:d8:50:f3:03:d1:bd:eb:9e:e0:44:41:
         af:f7:22:1c:ba:96:49:dd:58:b9:22:b5:1e:8b:09:e5:72:53:
         8b:42:90:98:30:f7:1e:59:a6:14:e1:d1:d9:d4:a7:53:f6:57:
         76:56:fd:c5:31:53:d2:b6:b7:8f:3c:f4:79:bb:72:84:c4:da:
         60:a3:26:d9:9d:df:b5:5d:d9:75:18:a7:e3:26:17:1f:55:4d:
         a2:eb:b3:44:0d:bf:7b:ca:59:a4:bb:1b:4b:7f:17:24:07:c3:
         f9:93:21:57:ca:5b:ea:18:37:38:e1:24:c9:c5:e6:99:cb:09:
         ac:47:48:60:f9:a9:d9:97:48:da:01:4e:fa:46:55:63:d8:d5:
         c7:c9:cf:48:78:7f:1f:c5:d6:f0:97:9b:3f:78:1d:c1:9f:d8:
         d7:f7:ba:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsiljfO9XIjL7nKvDiegmXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjMwMTAxMDg1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWE1ZDdkOWMxOGViNGQ5OWYyN2RjY2NkM2MxMmU4OTNlMDk4MjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKyRjCdvoZr3BGBTGwSt2iaOtcQM
ZAGCNP1qfCTLiXzus06Nk/kQyVI5HkqLoEyLBk7ugcIERTwANxKd3unb/wQnFtzR
BN9Pqpd1VNGD73b0ehhJjsWCTseL8qztnjEl+w0D4R6GZVhusBGZ22cJ3WDuM+xK
CkYvszkd68D18hfc5eGycSGEl/s6KWcXmp1XkRNpubpIbbrpLYyms+WGojckxxmt
ay5N93TrSJWychfIVkHYMR6YIM3hiuZt220kLM5ViumP8zTanWNQdedJvoSyUuv4
gDFUj3Rns3fdi0HWZ+v0WN38tx2HoXyuVFaz7Nj2SU75+VayD3gs/BgzLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN6l19nBjrTZnyfczNPBLok+CYI7MB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvM3FYWDJjR090Tm1mSjl6TTA4RXVpVDRKZ2pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/iTMA0G
CSqGSIb3DQEBCwUAA4IBAQCqLtvAtz+i2rpvhl9V5ItzeaQXFJjomia3D761SCmO
SENPavpIZA+++E89igYxeSI9CK570qK8jTWoB+/HJhYKqmIgTU8u+dwiuwVm/cj+
/Dw+PcerQ+wKt0Z4n1IZIw4y2FDzA9G9657gREGv9yIcupZJ3Vi5IrUeiwnlclOL
QpCYMPceWaYU4dHZ1KdT9ld2Vv3FMVPStrePPPR5u3KExNpgoybZnd+1Xdl1GKfj
JhcfVU2i67NEDb97ylmkuxtLfxckB8P5kyFXylvqGDc44STJxeaZywmsR0hg+anZ
l0jaAU76RlVj2NXHyc9IeH8fxdbwl5s/eB3Bn9jX97qf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:35 2024 by rpki-client on console-fra.rpki-client.org