Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/1-pjGpzzhumEKNN6XtfJSpN6GsYM.roa
File:                     1-pjGpzzhumEKNN6XtfJSpN6GsYM.roa (raw, json)
Hash identifier:          TI69R39xus/YYInv0woZ19GDhF0u7FRRTfUcZspQq/s=
Subject key identifier:   FA:98:C6:A7:3C:E1:BA:61:0A:34:DE:97:B5:F2:52:A4:DE:86:B1:83
Certificate issuer:       /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial:       018ECC4A058C23E07A02D49FCB733376EE7D
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/1-pjGpzzhumEKNN6XtfJSpN6GsYM.roa
Signing time:             Thu 11 Apr 2024 08:33:06 +0000
ROA not before:           Thu 11 Apr 2024 08:33:06 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     996
IP address blocks:        80.71.159.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 12 Aug 2024 21:26:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:cc:4a:05:8c:23:e0:7a:02:d4:9f:cb:73:33:76:ee:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
        Validity
            Not Before: Apr 11 08:33:06 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fa98c6a73ce1ba610a34de97b5f252a4de86b183
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:bb:da:9e:96:1e:a0:71:d5:32:c5:10:5f:fd:
                    02:5a:57:dd:4b:5c:ac:99:26:26:89:7f:7b:0c:5f:
                    2c:13:83:92:cb:d1:cf:40:d7:1b:b6:56:b7:44:ae:
                    87:34:44:79:6f:e6:0c:be:bc:17:3f:63:bf:07:d5:
                    2f:b9:97:88:27:47:52:b9:5b:de:a9:bb:26:7d:9f:
                    9c:f7:9c:23:7d:4f:e8:43:a1:62:7e:8f:39:86:c5:
                    2e:2d:a0:e2:9f:c9:dd:6f:1d:7d:e1:e9:78:bd:87:
                    d0:69:1c:95:d1:cb:b4:73:24:b8:7a:03:05:aa:c6:
                    56:ee:0e:c4:92:99:4b:0e:8a:2c:fd:1a:c3:c9:01:
                    b9:9b:00:ae:4e:3e:9f:45:71:b2:7e:68:1c:bd:21:
                    81:8e:8a:5e:86:c2:2b:4b:a3:fb:c4:7f:a5:b0:e7:
                    e1:72:82:e9:c8:1d:61:27:04:3b:68:4a:7b:d4:41:
                    a1:31:69:0a:84:74:7f:99:22:92:d3:11:67:37:79:
                    e5:f7:0b:fc:36:3d:d0:3c:74:28:a8:ff:1a:60:66:
                    56:d7:9d:65:06:7a:7a:86:1a:4c:bd:3d:99:ba:ec:
                    c5:76:ff:61:d5:00:5f:cc:19:fe:12:47:09:e3:18:
                    64:3c:d5:29:9b:69:fc:30:a5:2e:7b:38:39:25:33:
                    9c:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:98:C6:A7:3C:E1:BA:61:0A:34:DE:97:B5:F2:52:A4:DE:86:B1:83
            X509v3 Authority Key Identifier:
                keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/1-pjGpzzhumEKNN6XtfJSpN6GsYM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.71.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:76:f7:be:6d:30:0d:7b:e3:55:22:46:06:0b:98:89:87:72:
         d8:7f:e6:5f:41:95:0b:ab:a5:62:b2:c0:54:8b:9d:f6:3a:3b:
         1f:43:9e:43:74:77:44:6d:13:c4:ec:9e:5d:ff:ac:79:0a:7f:
         de:12:ed:15:7b:62:7d:66:42:e2:01:2a:ba:2c:08:76:11:d5:
         5a:76:56:82:ac:8f:8d:c3:73:aa:c5:df:13:a6:56:96:56:98:
         14:aa:e3:37:be:cd:05:41:9b:85:0b:d3:34:8c:4c:e4:b9:86:
         25:14:9f:f5:be:f2:d0:14:ba:98:6b:7f:87:4f:00:eb:5c:93:
         40:79:e8:eb:26:96:5c:fc:e2:3a:93:4e:48:cf:f7:a5:2f:87:
         73:5f:4f:d2:fa:c6:08:4b:8b:01:35:b0:65:42:f2:3d:f6:6f:
         b6:9e:d6:a7:82:2e:f1:5e:3e:93:57:1b:eb:77:6a:b3:33:ec:
         bf:5e:00:64:76:55:3d:93:8a:20:90:9d:55:61:46:56:33:6b:
         36:3e:28:81:cd:23:d7:05:bd:6c:d4:8a:bd:6f:9b:6a:95:19:
         0a:3b:1e:f2:b4:33:26:c6:b4:ea:8c:3d:ae:d4:d1:75:99:3e:
         85:56:fe:f5:26:b2:aa:14:87:cc:ea:10:fc:a1:0f:60:df:87:
         be:2d:81:d2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY7MSgWMI+B6AtSfy3Mzdu59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDExMDgzMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTk4YzZhNzNjZTFiYTYxMGEzNGRlOTdiNWYyNTJhNGRlODZiMTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrvanpYeoHHVMsUQX/0CWlfdS1ys
mSYmiX97DF8sE4OSy9HPQNcbtla3RK6HNER5b+YMvrwXP2O/B9UvuZeIJ0dSuVve
qbsmfZ+c95wjfU/oQ6Fifo85hsUuLaDin8ndbx194el4vYfQaRyV0cu0cyS4egMF
qsZW7g7EkplLDoos/RrDyQG5mwCuTj6fRXGyfmgcvSGBjopehsIrS6P7xH+lsOfh
coLpyB1hJwQ7aEp71EGhMWkKhHR/mSKS0xFnN3nl9wv8Nj3QPHQoqP8aYGZW151l
Bnp6hhpMvT2ZuuzFdv9h1QBfzBn+EkcJ4xhkPNUpm2n8MKUuezg5JTOc7wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPqYxqc84bphCjTel7XyUqTehrGDMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvMS1wakdwenpodW1FS05ONlh0ZkpTcE42R3NZTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWIvN2I5MzM2LWU5ZjgtNGUyNy1hZjRiLTIzOWQyZmUzOThi
MS8xL0NUTlR3ZnEtaVdyNHVGX25ZQTVHTkphUHpFdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFBHnzAN
BgkqhkiG9w0BAQsFAAOCAQEAQXb3vm0wDXvjVSJGBguYiYdy2H/mX0GVC6ulYrLA
VIud9jo7H0OeQ3R3RG0TxOyeXf+seQp/3hLtFXtifWZC4gEquiwIdhHVWnZWgqyP
jcNzqsXfE6ZWllaYFKrjN77NBUGbhQvTNIxM5LmGJRSf9b7y0BS6mGt/h08A61yT
QHno6yaWXPziOpNOSM/3pS+Hc19P0vrGCEuLATWwZULyPfZvtp7Wp4Iu8V4+k1cb
63dqszPsv14AZHZVPZOKIJCdVWFGVjNrNj4ogc0j1wW9bNSKvW+bapUZCjse8rQz
Jsa06ow9rtTRdZk+hVb+9SayqhSHzOoQ/KEPYN+Hvi2B0g==
-----END CERTIFICATE-----
Generated at Mon Aug 12 23:53:59 2024 by rpki-client on console-ams.rpki-client.org