Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/KF4kAphutmGIb7sp0dJN_qQ0qyw.roa
File:                     KF4kAphutmGIb7sp0dJN_qQ0qyw.roa (raw, json)
Hash identifier:          5V5UtCjHysJ3jtynH33QlsJLDLWQn2GLJ28+tzhRkBM=
Subject key identifier:   28:5E:24:02:98:6E:B6:61:88:6F:BB:29:D1:D2:4D:FE:A4:34:AB:2C
Certificate issuer:       /CN=0b6f1e9f0950e4f39c9c5fee3f868a24eb361ef1
Certificate serial:       01882A090540979D06C8E4FAAFDD5CE752DC
Authority key identifier: 0B:6F:1E:9F:09:50:E4:F3:9C:9C:5F:EE:3F:86:8A:24:EB:36:1E:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C28enwlQ5POcnF_uP4aKJOs2HvE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/KF4kAphutmGIb7sp0dJN_qQ0qyw.roa
Signing time:             Wed 17 May 2023 14:06:54 +0000
ROA not before:           Wed 17 May 2023 14:06:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     396982
IP address blocks:        87.238.241.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 16 Nov 2023 18:49:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:2a:09:05:40:97:9d:06:c8:e4:fa:af:dd:5c:e7:52:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b6f1e9f0950e4f39c9c5fee3f868a24eb361ef1
        Validity
            Not Before: May 17 14:06:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=285e2402986eb661886fbb29d1d24dfea434ab2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:8b:fd:d7:9f:89:09:6e:1e:4b:3c:bb:b8:c2:
                    bb:93:52:6d:ca:ec:4a:cf:1a:a5:25:ec:65:22:74:
                    bc:0e:fb:67:db:3e:b1:cc:9c:a2:ef:32:a9:5d:4e:
                    5d:be:7c:a2:71:bd:61:a7:78:cd:b7:08:56:3b:87:
                    70:bd:89:a9:2f:f2:6e:5a:d5:51:a3:94:70:69:71:
                    92:06:04:1d:34:d7:1a:63:aa:6b:7a:0d:24:8b:74:
                    86:da:64:9d:0b:4b:f6:c5:a0:ba:7b:e7:d8:76:8d:
                    49:45:6a:bc:85:d6:85:91:ec:c1:a3:0c:26:90:0a:
                    b7:e5:43:94:70:34:57:f7:1f:30:6f:bf:55:18:ac:
                    95:ee:bd:b8:30:db:96:57:ec:bd:40:82:8a:4e:28:
                    b2:c8:dc:92:38:a8:6c:b2:d0:7a:8c:28:83:67:bd:
                    97:b8:6f:e6:15:05:0a:1c:d2:47:0b:64:22:e8:be:
                    88:b3:4f:5f:2e:60:8d:bf:d8:8e:fb:3d:ff:0d:f3:
                    ff:ed:1c:07:9a:ac:97:14:16:e7:2b:74:6d:5f:55:
                    40:b8:0f:82:ad:64:27:b6:b0:9f:09:06:6a:bc:e7:
                    f7:fe:cf:ab:a1:eb:3f:71:00:f9:18:da:c7:67:6c:
                    c7:2c:0f:ce:c5:a9:1c:a0:cc:26:0a:c6:c9:34:c1:
                    12:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:5E:24:02:98:6E:B6:61:88:6F:BB:29:D1:D2:4D:FE:A4:34:AB:2C
            X509v3 Authority Key Identifier:
                keyid:0B:6F:1E:9F:09:50:E4:F3:9C:9C:5F:EE:3F:86:8A:24:EB:36:1E:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C28enwlQ5POcnF_uP4aKJOs2HvE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/KF4kAphutmGIb7sp0dJN_qQ0qyw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/C28enwlQ5POcnF_uP4aKJOs2HvE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.238.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:a5:78:f7:d8:d5:9e:d1:8a:f8:63:cb:b9:36:ed:18:36:42:
         04:bf:52:7b:93:59:e4:be:2a:53:51:4c:10:76:55:4f:55:bc:
         bc:9c:10:87:16:08:2e:1d:58:b5:e2:0d:66:12:f3:c9:af:15:
         f7:07:f7:91:36:a6:56:5a:0c:81:37:b9:0c:28:50:5f:ce:0a:
         64:9f:56:b1:ef:e6:5a:f4:60:64:47:61:d1:5f:85:24:72:62:
         11:40:f2:32:e6:ed:d0:f3:33:b9:d8:cc:34:64:57:a6:75:ad:
         0f:6f:0b:89:bb:fa:f1:56:33:bd:55:b2:79:e2:45:c7:fa:93:
         ec:41:9c:39:75:01:04:c9:4e:dd:47:9e:b9:8c:40:fd:0a:80:
         8b:db:d5:86:ae:54:12:73:c2:0d:0e:86:2f:ba:40:a9:50:09:
         f5:3e:9d:bc:93:56:7e:5a:de:a1:31:8e:71:87:fe:81:d3:32:
         2c:fe:66:0b:4a:09:e4:c6:42:f7:30:45:67:de:fd:2b:e8:50:
         13:ce:46:7e:1a:54:d5:b2:15:38:e7:6a:3a:af:64:eb:52:a8:
         87:ab:ba:5a:44:f6:f2:d8:5e:09:ee:f7:74:13:a7:e3:f1:a2:
         b0:79:dd:37:7b:d6:42:8b:6f:c3:31:da:ac:2e:ea:d6:f6:e6:
         63:f8:73:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgqCQVAl50GyOT6r91c51LcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNmYxZTlmMDk1MGU0ZjM5YzljNWZlZTNmODY4YTI0ZWIz
NjFlZjEwHhcNMjMwNTE3MTQwNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODVlMjQwMjk4NmViNjYxODg2ZmJiMjlkMWQyNGRmZWE0MzRhYjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIv915+JCW4eSzy7uMK7k1JtyuxK
zxqlJexlInS8Dvtn2z6xzJyi7zKpXU5dvnyicb1hp3jNtwhWO4dwvYmpL/JuWtVR
o5RwaXGSBgQdNNcaY6preg0ki3SG2mSdC0v2xaC6e+fYdo1JRWq8hdaFkezBowwm
kAq35UOUcDRX9x8wb79VGKyV7r24MNuWV+y9QIKKTiiyyNySOKhsstB6jCiDZ72X
uG/mFQUKHNJHC2Qi6L6Is09fLmCNv9iO+z3/DfP/7RwHmqyXFBbnK3RtX1VAuA+C
rWQntrCfCQZqvOf3/s+roes/cQD5GNrHZ2zHLA/OxakcoMwmCsbJNMESjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCheJAKYbrZhiG+7KdHSTf6kNKssMB8GA1UdIwQY
MBaAFAtvHp8JUOTznJxf7j+GiiTrNh7xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzI4ZW53bFE1UE9jbkZfdVA0YUtKT3MySHZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lNjliZDMtMjE1ZS00NDIyLTkxNzAt
MDgxYmNiYWM0ZGFmLzEvS0Y0a0FwaHV0bUdJYjdzcDBkSk5fcVEwcXl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lNjliZDMtMjE1ZS00NDIyLTkxNzAtMDgxYmNiYWM0ZGFm
LzEvQzI4ZW53bFE1UE9jbkZfdVA0YUtKT3MySHZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+7xMA0G
CSqGSIb3DQEBCwUAA4IBAQBDpXj32NWe0Yr4Y8u5Nu0YNkIEv1J7k1nkvipTUUwQ
dlVPVby8nBCHFgguHVi14g1mEvPJrxX3B/eRNqZWWgyBN7kMKFBfzgpkn1ax7+Za
9GBkR2HRX4UkcmIRQPIy5u3Q8zO52Mw0ZFemda0PbwuJu/rxVjO9VbJ54kXH+pPs
QZw5dQEEyU7dR565jED9CoCL29WGrlQSc8INDoYvukCpUAn1Pp28k1Z+Wt6hMY5x
h/6B0zIs/mYLSgnkxkL3MEVn3v0r6FATzkZ+GlTVshU452o6r2TrUqiHq7paRPby
2F4J7vd0E6fj8aKwed03e9ZCi2/DMdqsLurW9uZj+HOY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:37 2024 by rpki-client on console-fra.rpki-client.org