Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/1-gahZCkvewLTtTLegKg00vb9pw8.roa
File:                     1-gahZCkvewLTtTLegKg00vb9pw8.roa (raw, json)
Hash identifier:          qK/kIGQ7nJdh2yGDKBuyjLvNmQrDV+pe+KHkx+KiDgg=
Subject key identifier:   FA:06:A1:64:29:2F:7B:02:D3:B5:32:DE:80:A8:34:D2:F6:FD:A7:0F
Certificate issuer:       /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial:       018570950E9B25CF1917B2B21BDB26F9B7E3
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/1-gahZCkvewLTtTLegKg00vb9pw8.roa
Signing time:             Mon 02 Jan 2023 03:44:54 +0000
ROA not before:           Mon 02 Jan 2023 03:44:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207883
IP address blocks:        87.251.70.0/23 maxlen: 24
                          80.66.68.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 24 Jan 2023 04:30:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:95:0e:9b:25:cf:19:17:b2:b2:1b:db:26:f9:b7:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
        Validity
            Not Before: Jan  2 03:44:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fa06a164292f7b02d3b532de80a834d2f6fda70f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:8f:7c:56:87:6a:c1:09:29:52:c1:38:72:94:
                    ce:93:6f:97:43:91:b8:62:3e:6e:bb:5e:ce:ba:fd:
                    fc:09:c5:ad:9f:bf:8b:65:1a:f2:e7:26:a0:73:8d:
                    0f:ad:68:ee:5c:50:e9:ac:b9:71:dc:00:35:e2:96:
                    d3:a9:ea:1a:f8:81:da:59:53:18:aa:a5:b2:36:c6:
                    19:b4:b7:9e:0e:9a:a6:ea:67:fa:10:58:e3:1f:c4:
                    07:b9:c0:ca:fc:53:09:8d:62:7d:ae:33:74:d0:7c:
                    29:96:c1:2e:0b:60:e2:41:38:1a:87:13:bf:62:db:
                    0c:7d:79:34:fd:86:13:5e:8b:d5:0a:0a:f5:c7:05:
                    35:7c:b2:94:ad:3d:48:81:f4:1e:59:6d:24:ed:33:
                    e8:ef:0d:cf:1f:9c:06:12:18:3e:a1:d1:18:76:40:
                    c3:09:19:8d:b2:c5:ae:ea:ea:2c:70:0a:4e:27:f8:
                    eb:ba:51:99:66:38:44:c8:33:4d:15:77:1c:ba:bb:
                    22:5d:99:d8:ab:81:3a:f8:01:5f:13:ee:58:2b:05:
                    60:4d:d3:27:17:46:94:fe:7a:4d:17:7f:60:c4:81:
                    9f:db:cf:5a:9c:43:33:8a:d1:77:d6:89:15:6e:3f:
                    6a:70:c8:2a:55:5c:b3:c5:53:0b:35:60:70:e6:69:
                    ca:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:06:A1:64:29:2F:7B:02:D3:B5:32:DE:80:A8:34:D2:F6:FD:A7:0F
            X509v3 Authority Key Identifier:
                keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/1-gahZCkvewLTtTLegKg00vb9pw8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.66.68.0/24
                  87.251.70.0/23

    Signature Algorithm: sha256WithRSAEncryption
         54:4f:14:ab:77:04:25:ad:31:a8:c9:7d:24:df:69:8a:c5:ba:
         18:1e:2f:05:fa:45:52:74:ef:95:a9:b5:1d:9b:aa:bb:5f:81:
         cd:eb:1e:10:65:28:1b:ab:d7:3e:34:c1:3f:0e:f3:48:a0:0f:
         fb:9f:47:1f:2b:e9:51:6a:e0:b1:92:2f:ec:af:0d:96:44:f5:
         c1:01:c0:0a:f5:b4:b1:41:76:53:89:97:e2:9d:c4:c1:7f:25:
         ae:74:59:50:73:88:f8:ab:a6:d8:0a:08:79:4a:23:90:10:8c:
         85:17:a4:62:7f:d5:b3:9f:8f:df:9f:40:01:ee:d3:93:3d:4c:
         c0:cd:37:bf:5f:44:25:d4:9b:ca:bf:91:90:7c:47:36:ca:3a:
         dd:7e:8d:b8:e4:fb:23:8e:fd:c2:3b:d9:2b:ec:10:ba:ad:2e:
         e4:45:ee:cf:70:81:f9:3b:2e:e2:db:5e:36:32:01:b3:38:ac:
         26:7a:f0:fb:66:ea:3e:5b:dc:f1:ab:50:7b:b4:f9:b9:05:84:
         64:bc:9f:fb:d8:4f:fd:fe:67:32:b8:0a:e1:19:05:96:fa:51:
         34:22:86:ac:c3:d1:14:01:cb:59:b2:e8:f1:7d:5d:52:73:c2:
         d3:e5:db:4f:98:0a:07:39:b0:98:c6:08:a1:5a:38:92:52:08:
         26:48:56:14
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVwlQ6bJc8ZF7KyG9sm+bfjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjMwMTAyMDM0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTA2YTE2NDI5MmY3YjAyZDNiNTMyZGU4MGE4MzRkMmY2ZmRhNzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmo98VodqwQkpUsE4cpTOk2+XQ5G4
Yj5uu17Ouv38CcWtn7+LZRry5yagc40PrWjuXFDprLlx3AA14pbTqeoa+IHaWVMY
qqWyNsYZtLeeDpqm6mf6EFjjH8QHucDK/FMJjWJ9rjN00HwplsEuC2DiQTgahxO/
YtsMfXk0/YYTXovVCgr1xwU1fLKUrT1IgfQeWW0k7TPo7w3PH5wGEhg+odEYdkDD
CRmNssWu6uoscApOJ/jrulGZZjhEyDNNFXccursiXZnYq4E6+AFfE+5YKwVgTdMn
F0aU/npNF39gxIGf289anEMzitF31okVbj9qcMgqVVyzxVMLNWBw5mnKtwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPoGoWQpL3sC07Uy3oCoNNL2/acPMB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvMS1nYWhaQ2t2ZXdMVHRUTGVnS2cwMHZiOXB3OC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGMvNjNkYmU1LTVhYTMtNGYxOS04ZGE0LWE4ZDM2MWNlNjRh
YS8xL0J6dE1Fa2pFdlBJckJYZmZ5cHNVMlFZOEtNQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFBCRAME
AVf7RjANBgkqhkiG9w0BAQsFAAOCAQEAVE8Uq3cEJa0xqMl9JN9pisW6GB4vBfpF
UnTvlam1HZuqu1+BzeseEGUoG6vXPjTBPw7zSKAP+59HHyvpUWrgsZIv7K8NlkT1
wQHACvW0sUF2U4mX4p3EwX8lrnRZUHOI+Kum2AoIeUojkBCMhRekYn/Vs5+P359A
Ae7Tkz1MwM03v19EJdSbyr+RkHxHNso63X6NuOT7I479wjvZK+wQuq0u5EXuz3CB
+Tsu4tteNjIBszisJnrw+2bqPlvc8atQe7T5uQWEZLyf+9hP/f5nMrgK4RkFlvpR
NCKGrMPRFAHLWbLo8X1dUnPC0+XbT5gKBzmwmMYIoVo4klIIJkhWFA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:36 2024 by rpki-client on console-ams.rpki-client.org