Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/2d4f7f-16e7-4fe6-a189-bd58d0021a09/1/LVgQxBjrR-ZsiQ4o9gJHy3Qx7ks.roa
File:                     LVgQxBjrR-ZsiQ4o9gJHy3Qx7ks.roa (raw, json)
Hash identifier:          PqPkO1+HDSvGIBL+u7YbhR/uVtXg0ulJ48SBWUN75ro=
Subject key identifier:   2D:58:10:C4:18:EB:47:E6:6C:89:0E:28:F6:02:47:CB:74:31:EE:4B
Certificate issuer:       /CN=3dfa29368c8be69c8edd5aa193557fcba2a57ec8
Certificate serial:       018BD55A26DBEFAC2971A945364832576B72
Authority key identifier: 3D:FA:29:36:8C:8B:E6:9C:8E:DD:5A:A1:93:55:7F:CB:A2:A5:7E:C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PfopNoyL5pyO3Vqhk1V_y6Klfsg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/2d4f7f-16e7-4fe6-a189-bd58d0021a09/1/LVgQxBjrR-ZsiQ4o9gJHy3Qx7ks.roa
Signing time:             Wed 15 Nov 2023 23:38:57 +0000
ROA not before:           Wed 15 Nov 2023 23:38:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29119
IP address blocks:        194.49.57.0/24 maxlen: 24
                          194.49.59.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:d5:5a:26:db:ef:ac:29:71:a9:45:36:48:32:57:6b:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3dfa29368c8be69c8edd5aa193557fcba2a57ec8
        Validity
            Not Before: Nov 15 23:38:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2d5810c418eb47e66c890e28f60247cb7431ee4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:56:cf:44:3b:89:68:5e:a0:c6:a5:17:d7:94:
                    3b:c4:85:f1:3b:ea:7d:32:56:c6:92:6f:75:44:bb:
                    6f:b7:a4:e3:86:6e:82:2a:ca:d7:11:12:f8:18:cb:
                    d8:53:78:dc:ce:9d:14:db:8d:88:9b:4c:b8:05:87:
                    20:15:f7:37:10:03:f7:7d:80:16:2b:80:49:79:51:
                    c1:af:d5:7d:f1:28:a9:bb:2c:94:6b:38:28:09:00:
                    2a:e4:f0:02:06:47:b7:5b:73:bf:79:9c:ec:87:41:
                    5b:99:2a:33:37:45:8e:cc:80:51:f4:47:91:cb:21:
                    45:36:5a:96:58:33:bf:f9:86:96:51:d1:d6:81:80:
                    2b:13:6d:8f:d7:66:dc:b1:41:21:8e:9e:37:9f:98:
                    5b:bd:d6:19:91:40:a2:4f:1e:9f:68:0f:d7:0f:3d:
                    4f:c4:68:04:b3:86:46:3a:ca:2e:b1:1e:80:b8:cc:
                    73:31:48:fd:c8:07:4d:a9:c7:92:f6:de:77:1e:c5:
                    97:60:25:c7:e6:ab:c9:b6:cd:3e:b7:fb:32:6b:5f:
                    4a:3c:03:f3:07:4e:b6:b9:08:c6:ab:c5:21:9c:ec:
                    8c:d7:84:09:42:12:35:bc:fa:3f:0f:82:a8:a6:33:
                    b7:df:d5:69:17:9e:ae:c2:c6:54:d2:0e:e7:60:67:
                    55:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:58:10:C4:18:EB:47:E6:6C:89:0E:28:F6:02:47:CB:74:31:EE:4B
            X509v3 Authority Key Identifier:
                keyid:3D:FA:29:36:8C:8B:E6:9C:8E:DD:5A:A1:93:55:7F:CB:A2:A5:7E:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PfopNoyL5pyO3Vqhk1V_y6Klfsg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/2d4f7f-16e7-4fe6-a189-bd58d0021a09/1/LVgQxBjrR-ZsiQ4o9gJHy3Qx7ks.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/2d4f7f-16e7-4fe6-a189-bd58d0021a09/1/PfopNoyL5pyO3Vqhk1V_y6Klfsg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.49.57.0/24
                  194.49.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:de:bc:25:10:e4:43:ef:e3:1b:9b:f3:46:4b:27:aa:18:f8:
         8c:17:bd:c6:9f:3b:16:29:4e:43:b0:ca:39:3f:a8:24:58:6b:
         5a:7a:d8:b8:28:23:4d:95:25:7a:c8:d2:17:32:ce:db:de:e4:
         26:2c:5d:8e:1d:d4:16:75:47:7c:b2:b2:62:48:2b:5e:75:fe:
         b6:36:00:f7:7b:f2:83:e1:cd:a1:88:a1:ff:c0:ec:dd:c9:e3:
         05:d8:53:04:e1:0c:71:cc:8a:9e:ea:01:bf:14:74:e1:86:04:
         d0:42:2a:66:e1:83:68:81:ee:a1:60:e2:97:8b:55:e3:13:a3:
         31:b2:f3:17:9d:bc:32:7e:e6:62:7e:1f:7c:5d:05:03:9f:a4:
         24:9b:19:69:45:5b:2a:2a:4e:a3:d2:78:5f:60:06:6b:b7:ed:
         ad:a7:04:4d:00:d4:44:db:2d:11:df:6c:ac:88:95:d7:68:e1:
         c9:e1:42:05:a4:23:a2:00:50:ba:ff:a0:7a:49:5a:cd:3e:1d:
         87:95:b1:d8:fd:3b:11:f3:f8:78:a8:a3:64:0c:56:10:8f:97:
         9a:6c:ab:4a:22:f6:23:d1:2b:47:d2:f2:28:57:b5:d8:47:9a:
         94:84:3c:8b:37:49:42:c3:06:54:3f:55:c9:ce:4e:5d:c8:c8:
         9b:f0:bd:8c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvVWibb76wpcalFNkgyV2tyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZmEyOTM2OGM4YmU2OWM4ZWRkNWFhMTkzNTU3ZmNiYTJh
NTdlYzgwHhcNMjMxMTE1MjMzODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDU4MTBjNDE4ZWI0N2U2NmM4OTBlMjhmNjAyNDdjYjc0MzFlZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVbPRDuJaF6gxqUX15Q7xIXxO+p9
MlbGkm91RLtvt6Tjhm6CKsrXERL4GMvYU3jczp0U242Im0y4BYcgFfc3EAP3fYAW
K4BJeVHBr9V98SipuyyUazgoCQAq5PACBke3W3O/eZzsh0FbmSozN0WOzIBR9EeR
yyFFNlqWWDO/+YaWUdHWgYArE22P12bcsUEhjp43n5hbvdYZkUCiTx6faA/XDz1P
xGgEs4ZGOsousR6AuMxzMUj9yAdNqceS9t53HsWXYCXH5qvJts0+t/sya19KPAPz
B062uQjGq8UhnOyM14QJQhI1vPo/D4KopjO339VpF56uwsZU0g7nYGdVfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC1YEMQY60fmbIkOKPYCR8t0Me5LMB8GA1UdIwQY
MBaAFD36KTaMi+acjt1aoZNVf8uipX7IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGZvcE5veUw1cHlPM1ZxaGsxVl95NktsZnNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8yZDRmN2YtMTZlNy00ZmU2LWExODkt
YmQ1OGQwMDIxYTA5LzEvTFZnUXhCanJSLVpzaVE0bzlnSkh5M1F4N2tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8yZDRmN2YtMTZlNy00ZmU2LWExODktYmQ1OGQwMDIxYTA5
LzEvUGZvcE5veUw1cHlPM1ZxaGsxVl95NktsZnNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwjE5AwQA
wjE7MA0GCSqGSIb3DQEBCwUAA4IBAQCJ3rwlEORD7+Mbm/NGSyeqGPiMF73GnzsW
KU5DsMo5P6gkWGtaeti4KCNNlSV6yNIXMs7b3uQmLF2OHdQWdUd8srJiSCtedf62
NgD3e/KD4c2hiKH/wOzdyeMF2FME4QxxzIqe6gG/FHThhgTQQipm4YNoge6hYOKX
i1XjE6MxsvMXnbwyfuZifh98XQUDn6QkmxlpRVsqKk6j0nhfYAZrt+2tpwRNANRE
2y0R32ysiJXXaOHJ4UIFpCOiAFC6/6B6SVrNPh2HlbHY/TsR8/h4qKNkDFYQj5ea
bKtKIvYj0StH0vIoV7XYR5qUhDyLN0lCwwZUP1XJzk5dyMib8L2M
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:11 2024 by rpki-client on console-fra.rpki-client.org