Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/v4DKwFv_UNc9dTSSZQsT3JECLFA.roa
File:                     v4DKwFv_UNc9dTSSZQsT3JECLFA.roa (raw, json)
Hash identifier:          jQFDekcmw881SWKQdIl6+UblNrV9kxLD0eumgEvvlog=
Subject key identifier:   BF:80:CA:C0:5B:FF:50:D7:3D:75:34:92:65:0B:13:DC:91:02:2C:50
Certificate issuer:       /CN=25a553794223e6b4c632779b51371dc4e7d70705
Certificate serial:       01856F023A1EA5C196B986480CB4F80FF7F8
Authority key identifier: 25:A5:53:79:42:23:E6:B4:C6:32:77:9B:51:37:1D:C4:E7:D7:07:05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JaVTeUIj5rTGMnebUTcdxOfXBwU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/v4DKwFv_UNc9dTSSZQsT3JECLFA.roa
Signing time:             Sun 01 Jan 2023 20:24:54 +0000
ROA not before:           Sun 01 Jan 2023 20:24:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3064
IP address blocks:        84.40.16.0/20 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:02:3a:1e:a5:c1:96:b9:86:48:0c:b4:f8:0f:f7:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25a553794223e6b4c632779b51371dc4e7d70705
        Validity
            Not Before: Jan  1 20:24:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bf80cac05bff50d73d753492650b13dc91022c50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:f5:8e:68:8f:57:da:68:d2:bb:82:a3:55:d8:
                    41:59:5b:bd:13:14:52:2c:68:47:72:97:9a:1a:4f:
                    6d:dd:99:f9:56:05:5f:8c:43:20:67:40:e9:06:4e:
                    23:06:78:83:fa:4e:c9:9b:35:1d:62:db:93:73:c9:
                    d3:e2:ae:bf:6e:ef:a1:79:3f:8e:e6:6f:6d:b3:00:
                    51:4e:2d:c1:2e:aa:c1:7f:69:a1:b3:15:1b:6c:81:
                    08:64:82:3c:4c:19:ab:e6:e8:b3:a4:58:42:46:f0:
                    3b:4c:aa:cb:24:64:1b:97:16:92:81:c2:f4:e1:c1:
                    d0:7d:4d:7c:76:a4:33:b0:28:3d:8b:6b:af:60:bf:
                    8b:11:0c:fe:9c:33:23:e0:f5:ff:b4:a6:27:9d:5d:
                    d4:01:57:2f:ab:77:0c:ac:6f:80:d6:59:17:97:d0:
                    65:fb:06:5f:bc:20:f6:b0:25:f7:29:ab:44:60:d5:
                    eb:38:4c:98:b4:88:9b:89:e2:f8:ad:2f:7d:24:bf:
                    1f:97:ab:18:13:bc:22:9b:f5:9c:10:5d:4d:3d:1f:
                    f4:20:f3:cd:0f:fc:81:1a:e2:7a:61:0d:2e:55:6a:
                    c1:47:a0:56:1d:d1:91:49:48:9e:bd:bb:04:8b:2d:
                    12:39:cb:42:67:de:68:0e:d8:8d:85:c9:38:70:a3:
                    f4:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:80:CA:C0:5B:FF:50:D7:3D:75:34:92:65:0B:13:DC:91:02:2C:50
            X509v3 Authority Key Identifier:
                keyid:25:A5:53:79:42:23:E6:B4:C6:32:77:9B:51:37:1D:C4:E7:D7:07:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JaVTeUIj5rTGMnebUTcdxOfXBwU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/v4DKwFv_UNc9dTSSZQsT3JECLFA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/JaVTeUIj5rTGMnebUTcdxOfXBwU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.40.16.0/20

    Signature Algorithm: sha256WithRSAEncryption
         30:e8:63:86:0b:ab:27:ef:64:b7:6e:f1:46:e7:1f:29:13:b5:
         54:b4:dd:db:74:67:cd:77:fb:22:81:b2:bf:41:18:59:4f:f9:
         db:1b:9d:b8:a2:2e:92:52:3f:10:13:b7:e6:ff:04:30:eb:b6:
         44:ba:7b:d0:c0:e6:0c:03:1e:f9:b0:a9:07:c9:c6:62:c0:5d:
         0b:6b:18:46:b9:5a:43:7d:df:97:92:ab:7d:68:d3:a7:d9:ca:
         bd:22:26:fb:df:9c:6d:e8:1e:00:a8:09:84:a8:dc:bd:e2:c3:
         fb:82:f5:ef:a7:88:f3:c8:fe:c6:e5:f0:ed:68:7f:be:ca:b4:
         a8:9b:75:58:0f:29:84:ae:7c:3e:f6:a8:b6:b6:c8:1b:ec:93:
         72:a1:f2:3f:a4:09:bf:1e:e3:2a:f2:f9:fe:43:1f:92:46:40:
         a4:c9:5c:0d:a2:f3:07:eb:9d:7d:35:cd:f7:a6:c7:ba:ac:1b:
         ae:ba:bb:d2:11:d8:ab:b8:3d:e4:83:35:27:46:1c:ad:2c:3b:
         41:44:a7:8c:8a:0b:17:49:96:02:09:cb:f3:f6:5b:e5:61:ba:
         4c:bd:3f:00:ca:f2:a2:2c:95:b3:68:d2:78:60:15:91:2e:e2:
         21:39:79:a5:1d:1f:0a:89:51:ab:05:18:b7:c2:04:5c:f3:5e:
         f1:a5:57:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAjoepcGWuYZIDLT4D/f4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YTU1Mzc5NDIyM2U2YjRjNjMyNzc5YjUxMzcxZGM0ZTdk
NzA3MDUwHhcNMjMwMTAxMjAyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjgwY2FjMDViZmY1MGQ3M2Q3NTM0OTI2NTBiMTNkYzkxMDIyYzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvWOaI9X2mjSu4KjVdhBWVu9ExRS
LGhHcpeaGk9t3Zn5VgVfjEMgZ0DpBk4jBniD+k7JmzUdYtuTc8nT4q6/bu+heT+O
5m9tswBRTi3BLqrBf2mhsxUbbIEIZII8TBmr5uizpFhCRvA7TKrLJGQblxaSgcL0
4cHQfU18dqQzsCg9i2uvYL+LEQz+nDMj4PX/tKYnnV3UAVcvq3cMrG+A1lkXl9Bl
+wZfvCD2sCX3KatEYNXrOEyYtIibieL4rS99JL8fl6sYE7wim/WcEF1NPR/0IPPN
D/yBGuJ6YQ0uVWrBR6BWHdGRSUievbsEiy0SOctCZ95oDtiNhck4cKP0bwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL+AysBb/1DXPXU0kmULE9yRAixQMB8GA1UdIwQY
MBaAFCWlU3lCI+a0xjJ3m1E3HcTn1wcFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmFWVGVVSWo1clRHTW5lYlVUY2R4T2ZYQndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8xZjk2Y2MtNWVhNi00OWUzLThmNWYt
MzBlOTI5ZWQxMDYzLzEvdjRES3dGdl9VTmM5ZFRTU1pRc1QzSkVDTEZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8xZjk2Y2MtNWVhNi00OWUzLThmNWYtMzBlOTI5ZWQxMDYz
LzEvSmFWVGVVSWo1clRHTW5lYlVUY2R4T2ZYQndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEVCgQMA0G
CSqGSIb3DQEBCwUAA4IBAQAw6GOGC6sn72S3bvFG5x8pE7VUtN3bdGfNd/sigbK/
QRhZT/nbG524oi6SUj8QE7fm/wQw67ZEunvQwOYMAx75sKkHycZiwF0LaxhGuVpD
fd+Xkqt9aNOn2cq9Iib735xt6B4AqAmEqNy94sP7gvXvp4jzyP7G5fDtaH++yrSo
m3VYDymErnw+9qi2tsgb7JNyofI/pAm/HuMq8vn+Qx+SRkCkyVwNovMH6519Nc33
pse6rBuuurvSEdiruD3kgzUnRhytLDtBRKeMigsXSZYCCcvz9lvlYbpMvT8AyvKi
LJWzaNJ4YBWRLuIhOXmlHR8KiVGrBRi3wgRc817xpVfK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:53 2024 by rpki-client on console-fra.rpki-client.org