Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/JlLXNhkP8pIZHjc-bfT2bmqDY3A.roa
File:                     JlLXNhkP8pIZHjc-bfT2bmqDY3A.roa (raw, json)
Hash identifier:          nEYC2jipnOSijE81bVq/c8qO2Ogq46mbepeoymJx6sI=
Subject key identifier:   26:52:D7:36:19:0F:F2:92:19:1E:37:3E:6D:F4:F6:6E:6A:83:63:70
Certificate issuer:       /CN=aecd64c97837d7bfac06637dd952bdede0c25d85
Certificate serial:       01856EC1FB498572FE0987C33F041FDFBD99
Authority key identifier: AE:CD:64:C9:78:37:D7:BF:AC:06:63:7D:D9:52:BD:ED:E0:C2:5D:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rs1kyXg317-sBmN92VK97eDCXYU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/JlLXNhkP8pIZHjc-bfT2bmqDY3A.roa
Signing time:             Sun 01 Jan 2023 19:14:44 +0000
ROA not before:           Sun 01 Jan 2023 19:14:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39868
IP address blocks:        85.112.79.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:c1:fb:49:85:72:fe:09:87:c3:3f:04:1f:df:bd:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aecd64c97837d7bfac06637dd952bdede0c25d85
        Validity
            Not Before: Jan  1 19:14:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2652d736190ff292191e373e6df4f66e6a836370
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:a3:85:4e:91:a3:3e:dc:9f:dd:f3:93:ae:dd:
                    c7:e7:41:8b:78:f5:49:08:22:7b:fd:26:96:4c:b6:
                    ab:f0:e0:d3:d5:a2:26:60:ec:cf:d4:e8:d8:22:e8:
                    e3:15:08:9e:01:84:5a:93:d6:7c:90:b6:d3:8f:28:
                    5d:ea:f8:5b:87:9d:8f:e7:e0:9c:bd:dc:49:a4:b2:
                    44:f7:c1:2e:dc:ae:db:bc:a5:18:e9:a3:cc:1e:12:
                    d0:b2:43:b3:c5:21:4e:03:de:63:5c:f6:dc:c9:99:
                    d1:22:df:f9:4e:de:62:e7:e6:56:e9:ee:06:07:fd:
                    31:1f:a9:96:ba:a9:63:87:4a:c7:6e:9b:e5:4a:6f:
                    a7:f3:61:1e:64:16:d1:0e:80:c9:85:fe:07:3b:78:
                    62:08:0b:b2:88:ec:00:16:04:97:a1:ae:eb:e5:db:
                    9c:2c:45:a3:f0:ed:5d:f8:53:02:ec:d0:bb:17:7b:
                    31:cd:17:a9:7c:1b:13:9d:bd:44:ce:9c:cc:3d:1d:
                    74:f7:0b:79:06:93:67:05:e1:0d:a1:1f:71:e1:43:
                    2b:74:27:63:b3:c8:0b:63:7f:bd:d1:29:06:6e:b6:
                    37:f8:aa:f0:4d:ec:7b:ae:90:09:a2:be:d0:d2:5a:
                    c5:45:f5:29:ca:c6:df:da:f1:ae:c6:a3:10:74:01:
                    c9:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:52:D7:36:19:0F:F2:92:19:1E:37:3E:6D:F4:F6:6E:6A:83:63:70
            X509v3 Authority Key Identifier:
                keyid:AE:CD:64:C9:78:37:D7:BF:AC:06:63:7D:D9:52:BD:ED:E0:C2:5D:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rs1kyXg317-sBmN92VK97eDCXYU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/JlLXNhkP8pIZHjc-bfT2bmqDY3A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/rs1kyXg317-sBmN92VK97eDCXYU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.112.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:35:39:7e:a5:9e:94:d3:ab:a0:1e:c7:6f:52:f1:c7:22:0b:
         c5:ca:ac:54:e2:44:e8:68:db:c3:b6:9a:be:5f:74:72:9d:88:
         95:4d:56:0e:da:5b:70:29:f3:a3:39:c8:d0:0b:6e:9a:d7:4f:
         b3:80:fb:79:03:09:d1:71:c3:bb:c0:de:1a:6d:ab:80:a6:08:
         77:77:ad:87:0c:cf:99:7e:7c:83:4c:a7:29:fc:22:3a:1e:fc:
         35:73:ba:d7:71:36:11:b6:0b:35:42:5c:cf:72:89:68:c0:7d:
         75:4b:11:a1:14:28:80:ca:07:51:ac:d6:66:a4:99:96:3d:35:
         b1:80:3b:ac:16:e5:f9:a1:b8:6e:cd:96:38:ca:6f:8e:cc:27:
         d8:b1:81:16:01:2e:5c:a9:11:ef:68:49:91:2f:e0:4a:a3:83:
         64:d5:91:0b:de:a1:21:67:f4:77:9f:83:23:aa:17:69:d0:b3:
         0e:d7:54:e4:23:9c:30:c2:10:f1:ca:cb:2a:af:bf:d3:ca:e5:
         0b:f0:f8:4b:fb:9f:0e:0d:cb:0a:e7:95:4e:0a:b5:6b:dd:47:
         eb:26:0a:41:9c:cc:7d:f8:e0:cd:ba:a1:9c:6c:90:bc:c1:89:
         22:1f:f4:a3:b0:50:b4:fd:11:c7:12:ad:29:68:f4:5e:e3:39:
         fe:4f:16:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwftJhXL+CYfDPwQf372ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlY2Q2NGM5NzgzN2Q3YmZhYzA2NjM3ZGQ5NTJiZGVkZTBj
MjVkODUwHhcNMjMwMTAxMTkxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjUyZDczNjE5MGZmMjkyMTkxZTM3M2U2ZGY0ZjY2ZTZhODM2MzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKOFTpGjPtyf3fOTrt3H50GLePVJ
CCJ7/SaWTLar8ODT1aImYOzP1OjYIujjFQieAYRak9Z8kLbTjyhd6vhbh52P5+Cc
vdxJpLJE98Eu3K7bvKUY6aPMHhLQskOzxSFOA95jXPbcyZnRIt/5Tt5i5+ZW6e4G
B/0xH6mWuqljh0rHbpvlSm+n82EeZBbRDoDJhf4HO3hiCAuyiOwAFgSXoa7r5duc
LEWj8O1d+FMC7NC7F3sxzRepfBsTnb1EzpzMPR109wt5BpNnBeENoR9x4UMrdCdj
s8gLY3+90SkGbrY3+KrwTex7rpAJor7Q0lrFRfUpysbf2vGuxqMQdAHJ6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCZS1zYZD/KSGR43Pm309m5qg2NwMB8GA1UdIwQY
MBaAFK7NZMl4N9e/rAZjfdlSve3gwl2FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnMxa3lYZzMxNy1zQm1OOTJWSzk3ZURDWFlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81OTJkNGYtZDcxZS00ZThiLWE2MzIt
MWVjZGUxNzkxNTExLzEvSmxMWE5oa1A4cElaSGpjLWJmVDJibXFEWTNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81OTJkNGYtZDcxZS00ZThiLWE2MzItMWVjZGUxNzkxNTEx
LzEvcnMxa3lYZzMxNy1zQm1OOTJWSzk3ZURDWFlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXBPMA0G
CSqGSIb3DQEBCwUAA4IBAQAHNTl+pZ6U06ugHsdvUvHHIgvFyqxU4kToaNvDtpq+
X3RynYiVTVYO2ltwKfOjOcjQC26a10+zgPt5AwnRccO7wN4abauApgh3d62HDM+Z
fnyDTKcp/CI6Hvw1c7rXcTYRtgs1QlzPcolowH11SxGhFCiAygdRrNZmpJmWPTWx
gDusFuX5obhuzZY4ym+OzCfYsYEWAS5cqRHvaEmRL+BKo4Nk1ZEL3qEhZ/R3n4Mj
qhdp0LMO11TkI5wwwhDxyssqr7/TyuUL8PhL+58ODcsK55VOCrVr3UfrJgpBnMx9
+ODNuqGcbJC8wYkiH/SjsFC0/RHHEq0paPRe4zn+TxZk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:24 2024 by rpki-client on console-ams.rpki-client.org