Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/baCUsN62ULoJWAjDKgpdJywnGSk.roa
File:                     baCUsN62ULoJWAjDKgpdJywnGSk.roa (raw, json)
Hash identifier:          eI/opMn+XSkPe3EsjNv3DDkDUUObNOgV+tZ2KObN25c=
Subject key identifier:   6D:A0:94:B0:DE:B6:50:BA:09:58:08:C3:2A:0A:5D:27:2C:27:19:29
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       018CC5013FDFCB26208DF143159A4C2091AD
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/baCUsN62ULoJWAjDKgpdJywnGSk.roa
Signing time:             Mon 01 Jan 2024 12:30:42 +0000
ROA not before:           Mon 01 Jan 2024 12:30:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     45887
IP address blocks:        84.32.59.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 07 Jan 2024 08:58:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:01:3f:df:cb:26:20:8d:f1:43:15:9a:4c:20:91:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Jan  1 12:30:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6da094b0deb650ba095808c32a0a5d272c271929
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:e2:9c:67:07:f8:0e:d2:ba:64:8c:18:3b:db:
                    43:92:85:7e:62:df:e6:35:e1:2e:0c:93:8e:0b:05:
                    b3:46:1a:67:74:21:00:5d:ad:3b:1c:13:f5:9c:06:
                    a4:81:47:6b:e6:72:9f:86:d9:62:67:9b:bc:dc:03:
                    78:31:83:3b:64:80:bc:e3:d2:bd:e6:ad:b2:17:81:
                    9d:49:89:a5:95:5b:12:91:b2:3f:63:d1:ee:73:76:
                    ac:73:e3:d5:cd:5b:c3:16:5a:d3:6d:48:89:ae:20:
                    c9:12:e1:e1:26:f1:8b:96:78:f0:f5:30:f0:5e:bb:
                    ff:24:18:22:74:56:d7:03:bb:76:2a:9c:57:d8:9c:
                    72:7c:4f:a0:28:5a:e4:7a:30:34:50:08:6c:8c:f4:
                    94:b4:bb:f0:67:b0:dc:7c:09:4c:93:cf:1a:a0:98:
                    2f:88:e8:2e:6b:c1:f0:04:a4:4c:b8:bc:1d:0b:57:
                    ad:e2:78:0c:3d:bb:a3:93:65:fe:ab:7d:22:13:68:
                    cb:97:8a:44:7b:c1:c0:a9:d5:26:4e:3f:3d:3c:ae:
                    d3:23:b8:37:7d:89:d8:31:b8:68:2a:25:7a:4d:d7:
                    cd:4a:0d:8a:75:4a:64:89:8d:34:e4:3c:17:7d:e2:
                    54:15:f6:44:17:80:c0:4c:f7:de:08:42:c2:fa:f9:
                    bf:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:A0:94:B0:DE:B6:50:BA:09:58:08:C3:2A:0A:5D:27:2C:27:19:29
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/baCUsN62ULoJWAjDKgpdJywnGSk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:c5:15:ac:90:32:36:69:6a:7e:2e:38:70:41:d5:ac:74:1b:
         12:08:a8:1f:d4:ce:9c:15:c7:be:98:bc:bc:f2:30:42:97:c9:
         22:7a:ab:6f:e3:a9:e1:74:92:30:31:a0:3c:74:f8:0d:17:35:
         57:54:03:0c:ab:fc:ab:0f:7f:3b:d5:cf:1c:93:36:d6:cd:73:
         ad:c0:81:08:f1:05:01:62:1b:3e:5d:e3:60:e8:26:fa:00:0d:
         52:2e:6e:dc:13:1d:a3:b0:fe:fb:23:94:87:96:e1:dd:3f:3f:
         ab:c6:12:59:8d:a2:df:34:f8:24:cc:f9:15:af:b6:c7:e1:7c:
         c8:7f:86:4d:db:18:57:42:25:11:46:ff:e4:1c:04:b0:ef:09:
         52:d2:79:7a:1e:dc:51:55:c1:6d:48:ba:fb:de:c5:53:2e:f5:
         a8:e9:b6:4f:1e:3c:0f:b6:c7:64:b4:9b:08:03:35:7b:a9:d0:
         43:be:38:43:8e:61:f2:69:e1:2e:6a:23:76:0a:c4:c8:e8:5c:
         fb:ee:e5:74:bd:87:3d:d7:ea:79:b2:33:9a:4a:b4:12:4d:82:
         7b:d6:ca:fa:71:7a:4d:19:46:48:db:c7:30:9b:44:49:1e:c0:
         c6:01:7f:dd:01:30:0d:32:af:c5:49:10:fc:ae:1e:af:9f:4b:
         fb:56:84:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAT/fyyYgjfFDFZpMIJGtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTAxMTIzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGEwOTRiMGRlYjY1MGJhMDk1ODA4YzMyYTBhNWQyNzJjMjcxOTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOKcZwf4DtK6ZIwYO9tDkoV+Yt/m
NeEuDJOOCwWzRhpndCEAXa07HBP1nAakgUdr5nKfhtliZ5u83AN4MYM7ZIC849K9
5q2yF4GdSYmllVsSkbI/Y9Huc3asc+PVzVvDFlrTbUiJriDJEuHhJvGLlnjw9TDw
Xrv/JBgidFbXA7t2KpxX2JxyfE+gKFrkejA0UAhsjPSUtLvwZ7DcfAlMk88aoJgv
iOgua8HwBKRMuLwdC1et4ngMPbujk2X+q30iE2jLl4pEe8HAqdUmTj89PK7TI7g3
fYnYMbhoKiV6TdfNSg2KdUpkiY005DwXfeJUFfZEF4DATPfeCELC+vm/lwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG2glLDetlC6CVgIwyoKXScsJxkpMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvYmFDVXNONjJVTG9KV0FqREtncGRKeXduR1NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCA7MA0G
CSqGSIb3DQEBCwUAA4IBAQBgxRWskDI2aWp+LjhwQdWsdBsSCKgf1M6cFce+mLy8
8jBCl8kieqtv46nhdJIwMaA8dPgNFzVXVAMMq/yrD3871c8ckzbWzXOtwIEI8QUB
Yhs+XeNg6Cb6AA1SLm7cEx2jsP77I5SHluHdPz+rxhJZjaLfNPgkzPkVr7bH4XzI
f4ZN2xhXQiURRv/kHASw7wlS0nl6HtxRVcFtSLr73sVTLvWo6bZPHjwPtsdktJsI
AzV7qdBDvjhDjmHyaeEuaiN2CsTI6Fz77uV0vYc91+p5sjOaSrQSTYJ71sr6cXpN
GUZI28cwm0RJHsDGAX/dATANMq/FSRD8rh6vn0v7VoRx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:34 2024 by rpki-client on console-fra.rpki-client.org