Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/od-iE99edf9-AK6QRNvEVzFs5aY.roa
File:                     od-iE99edf9-AK6QRNvEVzFs5aY.roa (raw, json)
Hash identifier:          AVvUXl3w+EfXhN2AgTN+zwhfW36OoozfdkvM4UuWNns=
Subject key identifier:   A1:DF:A2:13:DF:5E:75:FF:7E:00:AE:90:44:DB:C4:57:31:6C:E5:A6
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       018AA6AD4E52BF93C7BFD67284EA055A4DCD
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/od-iE99edf9-AK6QRNvEVzFs5aY.roa
Signing time:             Mon 18 Sep 2023 05:04:50 +0000
ROA not before:           Mon 18 Sep 2023 05:04:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     174
IP address blocks:        84.32.25.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 18 Sep 2023 10:53:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:a6:ad:4e:52:bf:93:c7:bf:d6:72:84:ea:05:5a:4d:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Sep 18 05:04:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a1dfa213df5e75ff7e00ae9044dbc457316ce5a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:fb:27:ef:df:f2:86:7f:e4:0c:53:79:fa:ee:
                    13:28:13:04:0d:49:20:9c:71:fe:37:19:bf:10:2a:
                    77:ac:58:c7:25:5c:31:12:f7:ea:14:0b:57:40:e0:
                    99:1c:d1:ec:e3:3e:fc:a4:7a:ef:d2:51:74:fb:f2:
                    d2:44:9c:b0:91:6d:ce:b6:55:b4:9b:51:a3:51:c3:
                    ca:6a:ff:18:99:a1:64:c7:2d:bd:97:f9:59:aa:7d:
                    d8:61:e4:92:8c:98:d5:dd:e9:5f:9a:54:08:aa:25:
                    c3:70:3c:9f:e8:06:6e:f5:4c:f4:48:23:1f:35:8b:
                    f6:9e:ed:27:ca:e2:14:2c:26:13:a1:e3:3c:fc:ae:
                    39:4c:8b:7c:4c:53:83:04:8e:21:a9:50:68:71:1b:
                    9e:57:10:22:a9:47:7e:5b:90:ce:30:37:fe:7e:6b:
                    bc:c0:e7:14:37:9c:94:8d:27:07:6b:e9:a8:e8:68:
                    77:e6:79:70:6b:85:b0:87:1d:58:d2:85:ca:32:80:
                    a7:e7:6e:95:82:bd:ac:c5:1f:8c:cc:6f:b5:79:c4:
                    e6:70:70:d4:c8:6e:ab:6d:a9:32:94:d2:7b:8a:be:
                    33:11:41:46:5e:f2:b0:74:04:31:03:21:50:dc:26:
                    c8:bd:9b:37:42:38:8c:14:31:f4:ae:68:1e:81:c3:
                    11:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:DF:A2:13:DF:5E:75:FF:7E:00:AE:90:44:DB:C4:57:31:6C:E5:A6
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/od-iE99edf9-AK6QRNvEVzFs5aY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:84:7f:03:7a:d5:38:d7:c4:0f:b4:0b:e6:96:37:d1:bc:7c:
         b6:52:e9:02:04:88:83:20:35:13:ec:e5:22:1f:76:20:d8:35:
         b7:cb:c1:ab:28:f4:6b:a0:f6:ea:fe:77:64:2b:3a:4c:c5:9a:
         47:52:40:d7:ed:f3:3c:57:e2:04:3a:d8:08:3d:83:d2:30:0a:
         df:e9:06:10:6f:20:50:9d:7a:fb:ea:f7:e4:e5:21:92:09:45:
         43:e6:2e:cc:4f:0d:9d:f9:24:21:12:0b:67:7d:57:16:f1:c7:
         e1:06:b2:92:ec:49:ed:a5:a4:c3:f9:3b:36:38:cf:64:2b:d9:
         7e:3b:a3:ba:dd:73:ec:eb:4e:45:b1:11:6a:2c:da:06:ed:cf:
         f6:9d:79:f9:a7:68:17:36:13:58:e4:df:b7:de:4d:28:b6:d2:
         0f:b0:59:eb:00:21:71:aa:8e:27:f5:a8:94:ac:e4:cc:db:a7:
         f6:c5:2c:0e:fe:ea:5d:b2:ad:4d:ef:86:6c:70:b1:9c:e1:da:
         0c:36:f0:de:93:76:a6:78:69:d4:55:79:05:9e:d5:d0:64:ca:
         09:75:e6:b3:bc:f0:8f:a1:e7:80:a5:ea:fe:48:05:2e:98:18:
         85:f1:81:c0:71:89:49:1e:64:5a:20:bd:80:a1:94:f0:5c:73:
         23:7d:3c:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqmrU5Sv5PHv9ZyhOoFWk3NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwOTE4MDUwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWRmYTIxM2RmNWU3NWZmN2UwMGFlOTA0NGRiYzQ1NzMxNmNlNWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfsn79/yhn/kDFN5+u4TKBMEDUkg
nHH+Nxm/ECp3rFjHJVwxEvfqFAtXQOCZHNHs4z78pHrv0lF0+/LSRJywkW3OtlW0
m1GjUcPKav8YmaFkxy29l/lZqn3YYeSSjJjV3elfmlQIqiXDcDyf6AZu9Uz0SCMf
NYv2nu0nyuIULCYToeM8/K45TIt8TFODBI4hqVBocRueVxAiqUd+W5DOMDf+fmu8
wOcUN5yUjScHa+mo6Gh35nlwa4Wwhx1Y0oXKMoCn526Vgr2sxR+MzG+1ecTmcHDU
yG6rbakylNJ7ir4zEUFGXvKwdAQxAyFQ3CbIvZs3QjiMFDH0rmgegcMRcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKHfohPfXnX/fgCukETbxFcxbOWmMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvb2QtaUU5OWVkZjktQUs2UVJOdkVWekZzNWFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCAZMA0G
CSqGSIb3DQEBCwUAA4IBAQBvhH8DetU418QPtAvmljfRvHy2UukCBIiDIDUT7OUi
H3Yg2DW3y8GrKPRroPbq/ndkKzpMxZpHUkDX7fM8V+IEOtgIPYPSMArf6QYQbyBQ
nXr76vfk5SGSCUVD5i7MTw2d+SQhEgtnfVcW8cfhBrKS7EntpaTD+Ts2OM9kK9l+
O6O63XPs605FsRFqLNoG7c/2nXn5p2gXNhNY5N+33k0ottIPsFnrACFxqo4n9aiU
rOTM26f2xSwO/updsq1N74ZscLGc4doMNvDek3ameGnUVXkFntXQZMoJdeazvPCP
oeeAper+SAUumBiF8YHAcYlJHmRaIL2AoZTwXHMjfTyf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:31 2024 by rpki-client on console-ams.rpki-client.org