Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/dft_VEOPsk4pAIryRKzcAvjrJh0.roa
File:                     dft_VEOPsk4pAIryRKzcAvjrJh0.roa (raw, json)
Hash identifier:          UstdS4xPB3xJrGVlHdGdypZfsOdXrjWOZXCVIGTvI1M=
Subject key identifier:   75:FB:7F:54:43:8F:B2:4E:29:00:8A:F2:44:AC:DC:02:F8:EB:26:1D
Certificate issuer:       /CN=23b1943087ce69623e76b2145b3479ac204ba1c9
Certificate serial:       018570397B2005830A256F12C7E7A8EB4DD3
Authority key identifier: 23:B1:94:30:87:CE:69:62:3E:76:B2:14:5B:34:79:AC:20:4B:A1:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I7GUMIfOaWI-drIUWzR5rCBLock.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/dft_VEOPsk4pAIryRKzcAvjrJh0.roa
Signing time:             Mon 02 Jan 2023 02:04:53 +0000
ROA not before:           Mon 02 Jan 2023 02:04:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        87.236.67.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:39:7b:20:05:83:0a:25:6f:12:c7:e7:a8:eb:4d:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23b1943087ce69623e76b2145b3479ac204ba1c9
        Validity
            Not Before: Jan  2 02:04:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=75fb7f54438fb24e29008af244acdc02f8eb261d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:7c:2e:1d:5c:a7:fe:bf:8e:6e:86:90:fd:e7:
                    d1:73:26:64:46:71:ef:36:c8:6d:43:d9:a5:0f:00:
                    5a:55:6f:ad:be:6d:38:89:f4:9f:85:c8:4e:a6:75:
                    f6:e1:07:66:96:23:d6:53:bb:be:6a:36:83:2e:ab:
                    b4:67:ab:9d:4e:57:7b:46:ec:05:fa:34:8a:01:6e:
                    29:3f:73:3b:fb:68:d4:f4:e8:75:21:f1:a1:17:ac:
                    da:21:fd:4b:be:b9:c0:e0:68:d0:54:17:d3:b0:1e:
                    a4:df:76:3b:c0:f1:c8:e4:18:b8:26:d7:a1:d2:21:
                    52:d7:44:62:52:fe:2d:81:19:25:8d:5e:a8:d9:08:
                    be:9c:2d:a5:cc:15:93:ea:bc:18:46:64:ed:a9:5f:
                    ef:02:e5:ed:00:c5:6b:d1:36:e8:47:91:ce:bd:d3:
                    4f:41:4e:29:e8:95:78:2a:fd:f2:f3:81:2d:a9:7d:
                    63:62:ca:c9:41:4b:2a:db:e0:08:a6:8e:8a:8a:ea:
                    e6:da:82:7d:c7:ab:1a:08:17:fb:28:3e:e0:9b:c8:
                    28:5b:b6:03:56:bc:3b:2a:8b:07:41:8f:03:c1:0f:
                    b3:95:e6:09:3d:be:b7:15:29:6a:49:fa:6e:d6:6a:
                    4b:21:c6:fd:0f:31:3f:00:ec:84:73:52:e4:85:17:
                    95:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:FB:7F:54:43:8F:B2:4E:29:00:8A:F2:44:AC:DC:02:F8:EB:26:1D
            X509v3 Authority Key Identifier:
                keyid:23:B1:94:30:87:CE:69:62:3E:76:B2:14:5B:34:79:AC:20:4B:A1:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I7GUMIfOaWI-drIUWzR5rCBLock.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/dft_VEOPsk4pAIryRKzcAvjrJh0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/I7GUMIfOaWI-drIUWzR5rCBLock.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.236.67.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:a7:80:e0:5d:f9:3e:fc:54:e2:8e:3c:76:f1:34:d8:5d:de:
         00:27:df:f9:c5:11:e2:7d:a8:9d:f6:c5:dc:4f:a9:b5:d5:08:
         d4:1b:c1:12:94:64:62:7a:2f:8f:0f:cf:28:09:4a:4d:56:05:
         6b:d7:e5:eb:e3:bd:c9:52:6e:2d:06:f2:80:74:bf:8a:cb:d3:
         8e:60:0a:87:b3:0a:75:b3:b5:7a:84:56:88:32:c1:a4:de:1a:
         13:49:aa:3f:5b:2b:bf:aa:51:0a:ec:fd:93:df:69:7e:5b:50:
         a1:61:de:a7:87:58:5d:fd:03:84:8f:e3:86:dc:af:b1:e3:07:
         f3:5d:a8:0d:ae:d4:4d:b4:0f:1b:6a:03:a9:47:0b:f2:ef:e9:
         7b:9f:16:63:70:3f:c4:8e:65:6a:fb:f3:2f:5d:72:ee:ef:b6:
         80:44:d9:4a:6b:e8:25:7b:19:7c:4f:5b:66:c0:9c:51:67:b5:
         d0:aa:ec:00:87:61:61:35:35:38:4a:9f:96:72:a8:6f:4e:a0:
         9b:db:9c:3f:3c:ae:15:b6:c7:03:8d:72:5f:e0:fe:c8:28:dc:
         5d:6a:c2:4d:15:e8:75:c1:8a:3b:71:15:c4:12:ef:3e:7d:1c:
         77:c3:51:48:79:45:57:87:f7:7a:5c:45:1a:9f:95:2b:4b:60:
         aa:0c:a1:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwOXsgBYMKJW8Sx+eo603TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYjE5NDMwODdjZTY5NjIzZTc2YjIxNDViMzQ3OWFjMjA0
YmExYzkwHhcNMjMwMTAyMDIwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWZiN2Y1NDQzOGZiMjRlMjkwMDhhZjI0NGFjZGMwMmY4ZWIyNjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunwuHVyn/r+OboaQ/efRcyZkRnHv
NshtQ9mlDwBaVW+tvm04ifSfhchOpnX24QdmliPWU7u+ajaDLqu0Z6udTld7RuwF
+jSKAW4pP3M7+2jU9Oh1IfGhF6zaIf1LvrnA4GjQVBfTsB6k33Y7wPHI5Bi4Jteh
0iFS10RiUv4tgRkljV6o2Qi+nC2lzBWT6rwYRmTtqV/vAuXtAMVr0TboR5HOvdNP
QU4p6JV4Kv3y84EtqX1jYsrJQUsq2+AIpo6Kiurm2oJ9x6saCBf7KD7gm8goW7YD
Vrw7KosHQY8DwQ+zleYJPb63FSlqSfpu1mpLIcb9DzE/AOyEc1LkhReV+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHX7f1RDj7JOKQCK8kSs3AL46yYdMB8GA1UdIwQY
MBaAFCOxlDCHzmliPnayFFs0eawgS6HJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTdHVU1JZk9hV0ktZHJJVVd6UjVyQ0JMb2NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83M2YxYzktODJiMC00ZWRlLWI4OTkt
Zjc0MmYzOTVhYWY5LzEvZGZ0X1ZFT1BzazRwQUlyeVJLemNBdmpySmgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83M2YxYzktODJiMC00ZWRlLWI4OTktZjc0MmYzOTVhYWY5
LzEvSTdHVU1JZk9hV0ktZHJJVVd6UjVyQ0JMb2NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+xDMA0G
CSqGSIb3DQEBCwUAA4IBAQBdp4DgXfk+/FTijjx28TTYXd4AJ9/5xRHifaid9sXc
T6m11QjUG8ESlGRiei+PD88oCUpNVgVr1+Xr473JUm4tBvKAdL+Ky9OOYAqHswp1
s7V6hFaIMsGk3hoTSao/Wyu/qlEK7P2T32l+W1ChYd6nh1hd/QOEj+OG3K+x4wfz
XagNrtRNtA8bagOpRwvy7+l7nxZjcD/EjmVq+/MvXXLu77aARNlKa+glexl8T1tm
wJxRZ7XQquwAh2FhNTU4Sp+WcqhvTqCb25w/PK4VtscDjXJf4P7IKNxdasJNFeh1
wYo7cRXEEu8+fRx3w1FIeUVXh/d6XEUan5UrS2CqDKEW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:13 2024 by rpki-client on console-ams.rpki-client.org