Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/e08e41-d609-41d8-86a2-8e6a295f806f/1/q8XUXgycgjX3ILYz817pzhc48tg.roa
File:                     q8XUXgycgjX3ILYz817pzhc48tg.roa (raw, json)
Hash identifier:          pkcIZ5nvplHk8fmemaemQzeAFONPU4QO5b/JHmhOzws=
Subject key identifier:   AB:C5:D4:5E:0C:9C:82:35:F7:20:B6:33:F3:5E:E9:CE:17:38:F2:D8
Certificate issuer:       /CN=f29a699580185d6510015e1d2ca19eff43641edc
Certificate serial:       01889132AAB3C9E272027ED84DDDEED831FE
Authority key identifier: F2:9A:69:95:80:18:5D:65:10:01:5E:1D:2C:A1:9E:FF:43:64:1E:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8ppplYAYXWUQAV4dLKGe_0NkHtw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/e08e41-d609-41d8-86a2-8e6a295f806f/1/q8XUXgycgjX3ILYz817pzhc48tg.roa
Signing time:             Tue 06 Jun 2023 14:53:16 +0000
ROA not before:           Tue 06 Jun 2023 14:53:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209729
IP address blocks:        217.24.32.0/20 maxlen: 20

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:91:32:aa:b3:c9:e2:72:02:7e:d8:4d:dd:ee:d8:31:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f29a699580185d6510015e1d2ca19eff43641edc
        Validity
            Not Before: Jun  6 14:53:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=abc5d45e0c9c8235f720b633f35ee9ce1738f2d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:d1:67:28:8a:81:69:63:f6:74:08:79:75:f5:
                    e0:da:f9:d8:b9:92:f0:d8:93:3c:b3:d6:c5:ab:7d:
                    d6:15:6c:b6:5c:ef:b3:d1:35:7d:e5:53:0d:8a:6b:
                    8a:90:bc:bb:1c:30:23:40:32:bd:5d:1f:a3:f8:01:
                    13:34:37:89:4d:16:80:eb:d2:96:09:21:ca:bc:7a:
                    95:a5:68:58:35:af:ad:17:88:66:a8:6b:e0:36:9d:
                    64:bd:7b:38:ba:34:36:ee:b1:b1:5f:b7:47:f8:df:
                    a8:6f:20:3c:be:dc:00:89:6d:20:5a:eb:57:88:e5:
                    8c:3c:57:32:9d:82:22:96:32:7b:86:60:c3:36:bf:
                    e4:94:d2:ff:05:88:32:4b:94:88:8e:8b:ca:4c:f6:
                    8b:61:29:71:66:ca:cb:7f:6a:6b:50:75:52:5e:b2:
                    b6:f6:db:cd:5f:11:5c:46:82:ad:03:20:87:82:d9:
                    03:ba:b0:4d:95:14:9c:44:a0:52:66:63:26:7a:39:
                    16:ae:48:0a:f5:aa:3d:41:1a:2b:c3:fa:d2:39:69:
                    69:4b:36:97:c1:c2:86:b3:97:00:86:0b:e2:d7:6f:
                    fc:5a:0c:ae:cd:04:7e:6c:fd:ce:a7:a4:f9:0c:da:
                    82:51:e7:f8:ca:72:cf:85:89:5f:04:a3:d2:8b:35:
                    74:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:C5:D4:5E:0C:9C:82:35:F7:20:B6:33:F3:5E:E9:CE:17:38:F2:D8
            X509v3 Authority Key Identifier:
                keyid:F2:9A:69:95:80:18:5D:65:10:01:5E:1D:2C:A1:9E:FF:43:64:1E:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8ppplYAYXWUQAV4dLKGe_0NkHtw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/e08e41-d609-41d8-86a2-8e6a295f806f/1/q8XUXgycgjX3ILYz817pzhc48tg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/e08e41-d609-41d8-86a2-8e6a295f806f/1/8ppplYAYXWUQAV4dLKGe_0NkHtw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.24.32.0/20

    Signature Algorithm: sha256WithRSAEncryption
         87:49:08:a7:ca:5a:8b:eb:0b:5a:c6:29:2d:ff:09:fd:f3:e7:
         40:9c:55:11:ee:53:ca:42:8d:0a:a0:79:30:75:de:bb:7a:c8:
         dd:fe:1a:ab:ee:b5:ea:86:fd:91:4a:a2:a6:07:7e:46:7b:e9:
         da:ef:f2:01:3d:c6:60:8f:50:ff:bd:d2:2d:9c:8f:73:57:57:
         68:f5:36:bd:9b:b9:67:82:02:41:29:a8:57:78:22:f9:f6:3c:
         47:0e:c1:4e:90:fb:af:4b:ca:74:0b:f3:fe:ad:d8:04:89:0f:
         28:81:59:d3:7a:b3:ce:d7:41:f1:9a:98:28:a1:48:0b:dc:34:
         6f:9d:dd:92:f0:f2:6d:80:56:1d:6b:0f:9b:b4:79:97:83:40:
         8b:cd:2d:92:5f:7d:05:fe:40:88:b5:c7:b3:9a:45:9c:fc:07:
         45:e1:fa:46:51:0e:7d:5b:1b:57:e3:ce:19:be:28:ed:43:af:
         6b:bc:ad:3d:2d:3c:63:8a:8d:07:19:f2:0d:18:ee:6e:8f:04:
         82:5d:08:fd:2d:47:8e:ba:cd:70:47:d6:02:7e:51:39:34:f7:
         01:b6:a4:52:6d:7b:c0:f7:10:00:4e:ab:1d:6d:f6:8c:01:dc:
         53:f3:f8:9c:01:15:dc:56:34:43:b4:1b:69:5e:a3:eb:06:ad:
         10:ee:92:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiRMqqzyeJyAn7YTd3u2DH+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyOWE2OTk1ODAxODVkNjUxMDAxNWUxZDJjYTE5ZWZmNDM2
NDFlZGMwHhcNMjMwNjA2MTQ1MzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmM1ZDQ1ZTBjOWM4MjM1ZjcyMGI2MzNmMzVlZTljZTE3MzhmMmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldFnKIqBaWP2dAh5dfXg2vnYuZLw
2JM8s9bFq33WFWy2XO+z0TV95VMNimuKkLy7HDAjQDK9XR+j+AETNDeJTRaA69KW
CSHKvHqVpWhYNa+tF4hmqGvgNp1kvXs4ujQ27rGxX7dH+N+obyA8vtwAiW0gWutX
iOWMPFcynYIiljJ7hmDDNr/klNL/BYgyS5SIjovKTPaLYSlxZsrLf2prUHVSXrK2
9tvNXxFcRoKtAyCHgtkDurBNlRScRKBSZmMmejkWrkgK9ao9QRorw/rSOWlpSzaX
wcKGs5cAhgvi12/8WgyuzQR+bP3Op6T5DNqCUef4ynLPhYlfBKPSizV0iwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKvF1F4MnII19yC2M/Ne6c4XOPLYMB8GA1UdIwQY
MBaAFPKaaZWAGF1lEAFeHSyhnv9DZB7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHBwcGxZQVlYV1VRQVY0ZExLR2VfME5rSHR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lMDhlNDEtZDYwOS00MWQ4LTg2YTIt
OGU2YTI5NWY4MDZmLzEvcThYVVhneWNnalgzSUxZejgxN3B6aGM0OHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lMDhlNDEtZDYwOS00MWQ4LTg2YTItOGU2YTI5NWY4MDZm
LzEvOHBwcGxZQVlYV1VRQVY0ZExLR2VfME5rSHR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2RggMA0G
CSqGSIb3DQEBCwUAA4IBAQCHSQinylqL6wtaxikt/wn98+dAnFUR7lPKQo0KoHkw
dd67esjd/hqr7rXqhv2RSqKmB35Ge+na7/IBPcZgj1D/vdItnI9zV1do9Ta9m7ln
ggJBKahXeCL59jxHDsFOkPuvS8p0C/P+rdgEiQ8ogVnTerPO10HxmpgooUgL3DRv
nd2S8PJtgFYdaw+btHmXg0CLzS2SX30F/kCItcezmkWc/AdF4fpGUQ59WxtX484Z
vijtQ69rvK09LTxjio0HGfINGO5ujwSCXQj9LUeOus1wR9YCflE5NPcBtqRSbXvA
9xAATqsdbfaMAdxT8/icARXcVjRDtBtpXqPrBq0Q7pIr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:41 2024 by rpki-client on console-ams.rpki-client.org