Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/xhApbNp5FohNFZUaHAV9jh6sw5g.roa
File:                     xhApbNp5FohNFZUaHAV9jh6sw5g.roa (raw, json)
Hash identifier:          +IzQdvIf9igiMV22oJkplYMJQ+EWKFuNcU+kQMdjpRw=
Subject key identifier:   C6:10:29:6C:DA:79:16:88:4D:15:95:1A:1C:05:7D:8E:1E:AC:C3:98
Certificate issuer:       /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial:       018D7E0B22E73FFABACD7BDF044FD220D37A
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/xhApbNp5FohNFZUaHAV9jh6sw5g.roa
Signing time:             Tue 06 Feb 2024 10:51:15 +0000
ROA not before:           Tue 06 Feb 2024 10:51:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     36113
IP address blocks:        212.16.94.0/24 maxlen: 24
                          212.80.0.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 12 Feb 2024 11:51:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7e:0b:22:e7:3f:fa:ba:cd:7b:df:04:4f:d2:20:d3:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
        Validity
            Not Before: Feb  6 10:51:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c610296cda7916884d15951a1c057d8e1eacc398
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:e5:d3:0a:01:a1:41:53:c4:6f:58:55:31:13:
                    81:b1:8f:a0:ef:c8:13:f6:57:33:90:96:f4:8e:d6:
                    67:fa:e6:3d:40:8e:63:b3:1e:e1:f3:85:9c:03:b2:
                    1f:fa:32:70:6c:ab:33:87:2d:c1:87:b0:79:fb:07:
                    34:d0:73:ec:cd:38:8b:b2:bd:63:fc:15:73:ba:07:
                    ec:f2:cb:dd:0e:5d:17:62:da:d5:2a:6d:31:cd:5f:
                    d7:20:4f:16:32:50:46:08:0d:c4:5c:7c:a2:0a:60:
                    b5:19:56:18:93:12:a6:f2:dc:26:5e:a7:97:04:d7:
                    02:c8:d7:27:0f:8a:47:c5:c2:b1:85:43:3d:63:b0:
                    42:7a:1e:c0:de:6a:4e:6a:69:09:1b:a6:c1:bf:6f:
                    0c:bf:74:51:41:1c:b5:2a:a2:48:64:b7:b0:93:0d:
                    b9:14:67:75:c6:af:e1:38:2f:9e:0c:b1:46:8a:82:
                    7a:8b:1f:b8:97:69:02:27:c3:ac:a7:1d:42:5b:b0:
                    8a:ac:a4:a5:b5:25:42:ab:9b:22:02:03:72:2e:71:
                    32:3d:4d:4a:37:71:02:8a:db:2a:49:04:20:ed:26:
                    f6:26:26:20:64:53:ea:59:12:8c:b0:84:6a:16:92:
                    df:36:52:1e:22:a6:12:29:de:25:97:59:84:e8:8f:
                    02:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:10:29:6C:DA:79:16:88:4D:15:95:1A:1C:05:7D:8E:1E:AC:C3:98
            X509v3 Authority Key Identifier:
                keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/xhApbNp5FohNFZUaHAV9jh6sw5g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.16.94.0/24
                  212.80.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:71:30:06:05:fb:7c:71:a9:58:8b:5c:b6:23:60:5c:cd:9d:
         fe:ef:cd:35:87:9c:79:53:37:76:c9:b5:a1:53:c2:b1:75:b9:
         de:e2:44:bc:4a:28:15:1e:97:75:7f:ca:87:4e:28:cc:04:0e:
         d3:d8:9b:fd:72:40:9c:20:1d:b9:95:4e:4c:4d:74:b8:47:7d:
         90:a9:46:50:e4:f5:99:4b:3c:fc:f6:93:30:e6:a9:eb:25:4c:
         bf:45:dd:35:a5:c5:a3:c2:81:6c:79:ee:7d:46:5b:19:53:c3:
         5c:1a:22:16:ec:d0:de:1a:8c:96:22:42:cf:9a:f9:7c:e6:86:
         8d:9a:d2:f9:e4:7e:cf:90:88:4c:34:e2:dc:f4:7c:eb:fa:3b:
         dc:a3:3c:87:38:6f:ec:0c:f6:36:88:82:e1:86:f1:86:e0:4a:
         e2:b4:06:3e:25:dd:a7:00:22:74:0a:e9:75:ce:dd:d2:8c:6b:
         fc:e2:f2:27:b3:96:df:0a:84:6e:53:57:bf:5b:89:b8:47:db:
         2a:9c:66:a4:71:70:4c:d3:19:3a:5a:a7:81:36:5a:92:1b:a5:
         74:25:d5:cb:aa:d8:91:96:b8:05:ce:ae:fd:bd:9b:af:b1:11:
         b7:8d:24:cf:8d:cd:45:c5:97:c5:29:22:8b:50:ff:ba:e6:e1:
         bf:32:19:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1+CyLnP/q6zXvfBE/SINN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwMjA2MTA1MTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjEwMjk2Y2RhNzkxNjg4NGQxNTk1MWExYzA1N2Q4ZTFlYWNjMzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquXTCgGhQVPEb1hVMROBsY+g78gT
9lczkJb0jtZn+uY9QI5jsx7h84WcA7If+jJwbKszhy3Bh7B5+wc00HPszTiLsr1j
/BVzugfs8svdDl0XYtrVKm0xzV/XIE8WMlBGCA3EXHyiCmC1GVYYkxKm8twmXqeX
BNcCyNcnD4pHxcKxhUM9Y7BCeh7A3mpOamkJG6bBv28Mv3RRQRy1KqJIZLewkw25
FGd1xq/hOC+eDLFGioJ6ix+4l2kCJ8Ospx1CW7CKrKSltSVCq5siAgNyLnEyPU1K
N3ECitsqSQQg7Sb2JiYgZFPqWRKMsIRqFpLfNlIeIqYSKd4ll1mE6I8CKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMYQKWzaeRaITRWVGhwFfY4erMOYMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEveGhBcGJOcDVGb2hORlpVYUhBVjlqaDZzdzVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1BBeAwQA
1FAAMA0GCSqGSIb3DQEBCwUAA4IBAQAfcTAGBft8calYi1y2I2BczZ3+7801h5x5
Uzd2ybWhU8Kxdbne4kS8SigVHpd1f8qHTijMBA7T2Jv9ckCcIB25lU5MTXS4R32Q
qUZQ5PWZSzz89pMw5qnrJUy/Rd01pcWjwoFsee59RlsZU8NcGiIW7NDeGoyWIkLP
mvl85oaNmtL55H7PkIhMNOLc9Hzr+jvcozyHOG/sDPY2iILhhvGG4EritAY+Jd2n
ACJ0Cul1zt3SjGv84vIns5bfCoRuU1e/W4m4R9sqnGakcXBM0xk6WqeBNlqSG6V0
JdXLqtiRlrgFzq79vZuvsRG3jSTPjc1FxZfFKSKLUP+65uG/Mhkk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:24 2024 by rpki-client on console-fra.rpki-client.org