Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/edfCLJyy6bTxX2sbpEca7XhfDOU.roa
File:                     edfCLJyy6bTxX2sbpEca7XhfDOU.roa (raw, json)
Hash identifier:          ZC2X4NUq4mwgd7x/dzlcHvfNtsjyUjB1dr4viZSu3/o=
Subject key identifier:   79:D7:C2:2C:9C:B2:E9:B4:F1:5F:6B:1B:A4:47:1A:ED:78:5F:0C:E5
Certificate issuer:       /CN=8f3818554a51808eefb829ec7465a3222f270123
Certificate serial:       01856C53CD35CDA90080ACEBA2592B2820BF
Authority key identifier: 8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/edfCLJyy6bTxX2sbpEca7XhfDOU.roa
Signing time:             Sun 01 Jan 2023 07:55:09 +0000
ROA not before:           Sun 01 Jan 2023 07:55:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198976
IP address blocks:        213.135.71.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:53:cd:35:cd:a9:00:80:ac:eb:a2:59:2b:28:20:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f3818554a51808eefb829ec7465a3222f270123
        Validity
            Not Before: Jan  1 07:55:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=79d7c22c9cb2e9b4f15f6b1ba4471aed785f0ce5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:ce:c3:02:50:ff:fa:04:16:68:49:59:aa:3e:
                    be:9e:b2:95:1a:68:59:5e:ea:92:4a:71:13:88:45:
                    d6:f3:3d:6a:40:0b:c3:f1:9f:cc:a9:19:29:77:6b:
                    67:d0:57:ff:64:75:10:d9:da:36:b4:b3:96:4a:1b:
                    f3:00:7e:1f:4c:00:86:02:e0:83:da:de:fe:8c:6a:
                    f3:6b:b2:bc:8d:1e:5d:f5:59:21:8b:d2:bb:4c:6e:
                    f3:0d:16:5d:0c:d3:5c:73:ac:bf:86:54:f0:8c:86:
                    8b:fe:48:ae:5a:a4:4b:82:a0:4a:47:9e:9a:aa:66:
                    36:d3:3c:a0:52:dc:f4:b0:44:9c:c5:c3:de:14:fd:
                    69:30:38:b1:74:4b:95:41:0a:c4:08:d4:43:ba:76:
                    5b:7e:b2:f7:b3:92:d4:a9:c5:2f:17:05:47:94:ae:
                    77:87:a9:9d:0a:8f:cb:42:d9:9f:ce:cc:1a:56:7c:
                    03:c7:1a:e0:81:57:cd:19:0c:2c:5c:46:e3:73:ed:
                    a3:03:24:1e:74:c9:3f:85:a0:f6:19:0e:33:36:35:
                    9e:3f:38:a1:80:d2:16:fa:b0:63:64:66:d4:27:8e:
                    a4:e4:d3:5c:68:55:18:59:e4:4e:0e:03:94:80:31:
                    08:94:41:47:c5:9d:72:1c:d1:55:ee:07:6e:24:7e:
                    6c:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:D7:C2:2C:9C:B2:E9:B4:F1:5F:6B:1B:A4:47:1A:ED:78:5F:0C:E5
            X509v3 Authority Key Identifier:
                keyid:8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/edfCLJyy6bTxX2sbpEca7XhfDOU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.135.71.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b2:fc:28:02:29:ae:27:f2:a9:ab:df:e9:19:09:a5:42:c1:53:
         51:5b:66:2c:36:f0:db:05:81:47:ea:9f:a5:f9:03:5a:3e:fa:
         96:a9:aa:b4:c4:28:08:cc:ab:10:d9:bf:81:d7:e6:17:d0:86:
         44:6f:d3:3c:af:46:95:91:41:41:29:15:db:58:57:88:f5:3d:
         8d:dd:81:d9:b0:b8:f9:72:f9:97:b4:62:26:fe:2a:8b:4b:a9:
         32:a1:ff:e1:bd:df:80:ac:a0:24:b2:31:6a:e2:aa:5c:97:d2:
         70:d7:09:38:35:f1:96:00:64:46:70:40:64:36:e9:a6:5d:93:
         99:b7:0f:35:f8:d0:ef:d9:39:05:ba:92:a2:cf:ca:fc:19:83:
         8b:dd:21:7b:e9:df:a0:06:59:30:e7:fb:bd:e0:41:05:7a:eb:
         66:a4:56:3c:a4:c1:6a:e7:9f:44:cc:51:7d:69:ad:5b:ce:4d:
         a6:c7:b0:a2:ce:3c:b3:9f:a5:da:4a:dc:1e:fd:ee:ed:d6:44:
         0c:d8:f2:c0:c6:97:57:bd:59:9e:42:3d:0e:c9:19:93:25:70:
         a9:6a:1f:ac:92:f7:99:76:26:6b:ce:b4:1d:52:f7:16:db:40:
         ba:97:ad:b8:57:c3:07:f1:50:1a:fa:fb:5c:5a:37:aa:36:0d:
         ff:2b:bb:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsU801zakAgKzrolkrKCC/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzgxODU1NGE1MTgwOGVlZmI4MjllYzc0NjVhMzIyMmYy
NzAxMjMwHhcNMjMwMTAxMDc1NTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWQ3YzIyYzljYjJlOWI0ZjE1ZjZiMWJhNDQ3MWFlZDc4NWYwY2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjs7DAlD/+gQWaElZqj6+nrKVGmhZ
XuqSSnETiEXW8z1qQAvD8Z/MqRkpd2tn0Ff/ZHUQ2do2tLOWShvzAH4fTACGAuCD
2t7+jGrza7K8jR5d9Vkhi9K7TG7zDRZdDNNcc6y/hlTwjIaL/kiuWqRLgqBKR56a
qmY20zygUtz0sEScxcPeFP1pMDixdEuVQQrECNRDunZbfrL3s5LUqcUvFwVHlK53
h6mdCo/LQtmfzswaVnwDxxrggVfNGQwsXEbjc+2jAyQedMk/haD2GQ4zNjWePzih
gNIW+rBjZGbUJ46k5NNcaFUYWeRODgOUgDEIlEFHxZ1yHNFV7gduJH5ssQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHnXwiycsum08V9rG6RHGu14XwzlMB8GA1UdIwQY
MBaAFI84GFVKUYCO77gp7HRloyIvJwEjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgt
YmZiNGJhMzBlNDVhLzEvZWRmQ0xKeXk2YlR4WDJzYnBFY2E3WGhmRE9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgtYmZiNGJhMzBlNDVh
LzEvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1YdHMA0G
CSqGSIb3DQEBCwUAA4IBAQCy/CgCKa4n8qmr3+kZCaVCwVNRW2YsNvDbBYFH6p+l
+QNaPvqWqaq0xCgIzKsQ2b+B1+YX0IZEb9M8r0aVkUFBKRXbWFeI9T2N3YHZsLj5
cvmXtGIm/iqLS6kyof/hvd+ArKAksjFq4qpcl9Jw1wk4NfGWAGRGcEBkNummXZOZ
tw81+NDv2TkFupKiz8r8GYOL3SF76d+gBlkw5/u94EEFeutmpFY8pMFq559EzFF9
aa1bzk2mx7Cizjyzn6XaStwe/e7t1kQM2PLAxpdXvVmeQj0OyRmTJXCpah+skveZ
diZrzrQdUvcW20C6l624V8MH8VAa+vtcWjeqNg3/K7sl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:36 2024 by rpki-client on console-fra.rpki-client.org