Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/vieLq0IkXFydrvTD78N7ta_o28Q.roa
File:                     vieLq0IkXFydrvTD78N7ta_o28Q.roa (raw, json)
Hash identifier:          Zhe0zYEDpvyav6//fNRos7BkU/4vYHSg6N3BqvLGhBk=
Subject key identifier:   BE:27:8B:AB:42:24:5C:5C:9D:AE:F4:C3:EF:C3:7B:B5:AF:E8:DB:C4
Certificate issuer:       /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial:       018920049529F2C4FF9CF7F1B70264A9E814
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/vieLq0IkXFydrvTD78N7ta_o28Q.roa
Signing time:             Tue 04 Jul 2023 08:28:38 +0000
ROA not before:           Tue 04 Jul 2023 08:28:38 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211282
IP address blocks:        80.72.18.0/23 maxlen: 23
                          2a00:8740:600::/40 maxlen: 40

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:20:04:95:29:f2:c4:ff:9c:f7:f1:b7:02:64:a9:e8:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
        Validity
            Not Before: Jul  4 08:28:38 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=be278bab42245c5c9daef4c3efc37bb5afe8dbc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:81:3b:d3:76:31:d1:0d:f0:bf:14:e4:d6:f8:
                    f1:08:9a:a9:3a:d1:5b:b0:47:a1:91:d6:a1:c0:93:
                    38:7b:60:b8:80:31:a7:4c:be:96:1f:ed:0f:2d:41:
                    cd:e7:be:e2:5a:6d:d4:7e:64:e5:08:db:5b:85:57:
                    a1:61:d3:49:b3:d2:c0:ef:8d:68:63:62:2f:50:04:
                    a7:c8:2c:40:ed:a4:84:a1:51:d3:63:25:fe:61:07:
                    ad:93:fa:b0:10:4b:d7:e3:a9:40:e1:66:e2:48:1c:
                    17:07:60:90:a9:ac:c6:79:90:25:2a:ed:b6:7f:d0:
                    7d:97:fb:b0:e9:ca:2c:97:56:89:fd:45:85:3e:54:
                    39:d0:14:75:63:e5:6b:ac:20:ca:29:eb:ce:59:d1:
                    39:7f:18:f3:b5:47:ed:d6:5b:13:30:52:51:82:28:
                    8b:fc:5a:71:92:7f:eb:45:77:6c:1b:f0:38:56:b1:
                    1e:60:ef:85:58:23:d1:3c:f6:05:f1:05:11:3c:e7:
                    5f:bf:d5:3c:48:b9:30:16:f0:44:47:13:bc:9a:60:
                    b9:8e:1f:ca:b9:54:cc:46:7e:49:48:16:cc:bd:77:
                    27:5e:58:49:ff:6c:fa:59:7a:a1:45:24:75:dc:8c:
                    2d:e8:66:e8:2d:56:db:e8:05:42:2f:d6:4d:63:d2:
                    c4:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:27:8B:AB:42:24:5C:5C:9D:AE:F4:C3:EF:C3:7B:B5:AF:E8:DB:C4
            X509v3 Authority Key Identifier:
                keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/vieLq0IkXFydrvTD78N7ta_o28Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.72.18.0/23
                IPv6:
                  2a00:8740:600::/40

    Signature Algorithm: sha256WithRSAEncryption
         73:60:c2:70:65:95:ab:66:9c:7f:b7:98:05:84:f2:65:f6:ce:
         07:ad:69:45:ee:e6:e5:26:3e:00:93:22:24:5d:45:70:4b:0b:
         6a:63:3a:0f:9e:c3:d9:4d:36:2a:5c:4d:0c:2e:92:64:9b:a2:
         4b:7a:cc:aa:9c:44:78:89:a8:43:f7:64:3b:99:ca:ac:eb:9a:
         24:2a:36:b0:3a:8e:ee:f0:d4:36:de:60:b5:64:fc:75:d4:94:
         0a:46:41:04:69:21:41:74:d8:b1:96:cc:00:29:a4:f3:cd:79:
         7b:e2:6c:31:4c:32:3b:fd:e3:33:1a:11:f7:76:fc:cc:dd:8a:
         12:80:61:54:a8:89:04:f0:d1:04:0e:84:a5:f5:8b:ab:f4:10:
         4d:8e:89:84:38:60:c7:5f:c2:8c:d3:19:44:17:8d:8c:c4:fa:
         0e:1f:7a:23:f4:77:d0:1a:f7:e1:c5:35:45:73:93:3f:8c:f8:
         b3:fa:b3:a1:f9:8a:b0:aa:d1:72:4f:0a:75:60:5d:65:17:58:
         dc:57:98:7e:68:38:77:e0:b3:ba:8a:eb:f7:bb:80:85:3b:e0:
         20:b0:c5:bf:1b:11:12:ed:e8:9f:6c:e3:ee:e6:87:a6:78:2c:
         62:db:74:c2:cb:a2:33:23:4b:74:d6:21:4e:7f:42:7f:fd:c1:
         64:f5:d4:05
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYkgBJUp8sT/nPfxtwJkqegUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjMwNzA0MDgyODM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTI3OGJhYjQyMjQ1YzVjOWRhZWY0YzNlZmMzN2JiNWFmZThkYmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYE703Yx0Q3wvxTk1vjxCJqpOtFb
sEehkdahwJM4e2C4gDGnTL6WH+0PLUHN577iWm3UfmTlCNtbhVehYdNJs9LA741o
Y2IvUASnyCxA7aSEoVHTYyX+YQetk/qwEEvX46lA4WbiSBwXB2CQqazGeZAlKu22
f9B9l/uw6cosl1aJ/UWFPlQ50BR1Y+VrrCDKKevOWdE5fxjztUft1lsTMFJRgiiL
/Fpxkn/rRXdsG/A4VrEeYO+FWCPRPPYF8QURPOdfv9U8SLkwFvBERxO8mmC5jh/K
uVTMRn5JSBbMvXcnXlhJ/2z6WXqhRSR13Iwt6GboLVbb6AVCL9ZNY9LEewIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFL4ni6tCJFxcna70w+/De7Wv6NvEMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvdmllTHEwSWtYRnlkcnZURDc4Tjd0YV9vMjhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBUEgSMA4E
AgACMAgDBgAqAIdABjANBgkqhkiG9w0BAQsFAAOCAQEAc2DCcGWVq2acf7eYBYTy
ZfbOB61pRe7m5SY+AJMiJF1FcEsLamM6D57D2U02KlxNDC6SZJuiS3rMqpxEeImo
Q/dkO5nKrOuaJCo2sDqO7vDUNt5gtWT8ddSUCkZBBGkhQXTYsZbMACmk8815e+Js
MUwyO/3jMxoR93b8zN2KEoBhVKiJBPDRBA6EpfWLq/QQTY6JhDhgx1/CjNMZRBeN
jMT6Dh96I/R30Br34cU1RXOTP4z4s/qzofmKsKrRck8KdWBdZRdY3FeYfmg4d+Cz
uorr97uAhTvgILDFvxsREu3on2zj7uaHpngsYtt0wsuiMyNLdNYhTn9Cf/3BZPXU
BQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:44 2024 by rpki-client on console-fra.rpki-client.org