Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/XtQTJ2DlTM3M1jA2rE6jtdD_irE.roa
File:                     XtQTJ2DlTM3M1jA2rE6jtdD_irE.roa (raw, json)
Hash identifier:          +RaLPb9uq/uiRub0UAp6X9S0abafLUP+CmbHyJmlu/s=
Subject key identifier:   5E:D4:13:27:60:E5:4C:CD:CC:D6:30:36:AC:4E:A3:B5:D0:FF:8A:B1
Certificate issuer:       /CN=08a297f8cfa1ce6d3fe2c526911c468a9a6318d0
Certificate serial:       01856FC27CB1CBDE6DF06E4E019FE4D2896C
Authority key identifier: 08:A2:97:F8:CF:A1:CE:6D:3F:E2:C5:26:91:1C:46:8A:9A:63:18:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CKKX-M-hzm0_4sUmkRxGippjGNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/XtQTJ2DlTM3M1jA2rE6jtdD_irE.roa
Signing time:             Sun 01 Jan 2023 23:54:54 +0000
ROA not before:           Sun 01 Jan 2023 23:54:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203981
IP address blocks:        178.213.75.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:c2:7c:b1:cb:de:6d:f0:6e:4e:01:9f:e4:d2:89:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08a297f8cfa1ce6d3fe2c526911c468a9a6318d0
        Validity
            Not Before: Jan  1 23:54:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5ed4132760e54ccdccd63036ac4ea3b5d0ff8ab1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:df:41:11:40:56:57:ea:63:b2:24:c7:bc:45:
                    5c:29:03:b7:9d:73:06:d9:3b:fb:e0:ef:60:70:c1:
                    6c:35:0d:03:11:a4:48:9d:93:46:5e:18:af:56:ad:
                    46:26:f6:7a:fa:10:17:d6:e2:90:24:5e:f8:7b:7b:
                    95:6c:88:af:20:71:64:90:d4:9e:8a:64:1c:7d:b9:
                    66:7f:7e:b6:6e:04:37:36:6a:70:34:1e:5f:fe:a9:
                    8c:d0:95:3c:66:89:92:9c:01:29:ea:09:61:cf:34:
                    22:bc:58:77:19:87:f8:84:c6:6b:54:d9:09:17:15:
                    62:b0:63:a6:77:e5:21:58:67:11:ea:3b:97:c1:83:
                    12:7d:92:d6:6b:a7:be:39:39:e3:d9:19:ce:8b:bc:
                    89:d0:02:2e:fe:a1:20:89:8e:31:9c:64:33:73:a1:
                    91:d3:0f:8d:f1:f0:7a:15:df:45:b3:ff:e6:df:75:
                    c3:cf:42:61:c9:7d:c3:47:0c:34:7b:cf:54:a5:b8:
                    96:85:c1:18:65:df:4f:5c:99:de:1a:bc:81:37:b9:
                    ef:62:65:e8:9a:73:1c:1d:18:43:7f:e5:ce:7f:a2:
                    1f:38:38:f6:73:63:b8:9a:67:1e:1b:7b:6d:b0:bf:
                    32:b7:99:7b:2c:bc:81:b5:33:c9:88:68:20:5e:f9:
                    63:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:D4:13:27:60:E5:4C:CD:CC:D6:30:36:AC:4E:A3:B5:D0:FF:8A:B1
            X509v3 Authority Key Identifier:
                keyid:08:A2:97:F8:CF:A1:CE:6D:3F:E2:C5:26:91:1C:46:8A:9A:63:18:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKKX-M-hzm0_4sUmkRxGippjGNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/XtQTJ2DlTM3M1jA2rE6jtdD_irE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/CKKX-M-hzm0_4sUmkRxGippjGNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.213.75.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:e9:17:29:02:83:84:19:fc:50:1f:42:f6:e0:c0:01:f8:70:
         5a:45:b1:7e:84:99:ef:01:b7:21:e2:c2:0d:36:53:ad:3d:36:
         0b:26:20:b9:d7:90:26:c6:e4:30:f5:12:22:06:2a:52:50:65:
         bc:ca:f7:d7:d2:ce:5c:3b:3e:04:e8:0d:ee:76:41:00:0e:55:
         10:b0:3b:53:e3:6f:36:c2:a4:c1:6d:41:1a:22:fd:e1:be:d1:
         7a:9a:1f:b2:9f:5c:06:9f:b8:e0:00:3e:7a:2d:d3:11:05:ce:
         52:bc:4c:0d:f7:a8:1a:e1:22:f8:1b:75:a3:d3:3c:ed:9f:19:
         57:1b:f4:18:47:a6:9b:bc:c3:dd:c8:7f:13:4b:b2:a5:88:88:
         ae:e3:f9:c0:46:8b:f1:1e:52:88:62:41:ba:73:03:41:ef:f8:
         3c:7b:e6:02:ec:7d:65:af:d6:94:42:c9:fe:1d:e3:68:dd:cd:
         26:66:dd:01:03:b5:49:06:74:98:0d:71:84:0b:f8:93:d8:50:
         04:ff:2f:4f:35:0a:8c:d4:c8:bf:c5:38:09:7b:e9:66:d8:6d:
         ba:15:85:f6:a2:15:08:67:4f:63:ae:e6:dc:6c:67:b6:78:63:
         ef:bf:28:fc:02:2d:b9:26:7c:dd:aa:4a:39:fe:39:a0:6d:45:
         b1:69:31:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvwnyxy95t8G5OAZ/k0olsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTI5N2Y4Y2ZhMWNlNmQzZmUyYzUyNjkxMWM0NjhhOWE2
MzE4ZDAwHhcNMjMwMTAxMjM1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWQ0MTMyNzYwZTU0Y2NkY2NkNjMwMzZhYzRlYTNiNWQwZmY4YWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkd9BEUBWV+pjsiTHvEVcKQO3nXMG
2Tv74O9gcMFsNQ0DEaRInZNGXhivVq1GJvZ6+hAX1uKQJF74e3uVbIivIHFkkNSe
imQcfblmf362bgQ3NmpwNB5f/qmM0JU8ZomSnAEp6glhzzQivFh3GYf4hMZrVNkJ
FxVisGOmd+UhWGcR6juXwYMSfZLWa6e+OTnj2RnOi7yJ0AIu/qEgiY4xnGQzc6GR
0w+N8fB6Fd9Fs//m33XDz0JhyX3DRww0e89UpbiWhcEYZd9PXJneGryBN7nvYmXo
mnMcHRhDf+XOf6IfODj2c2O4mmceG3ttsL8yt5l7LLyBtTPJiGggXvljNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF7UEydg5UzNzNYwNqxOo7XQ/4qxMB8GA1UdIwQY
MBaAFAiil/jPoc5tP+LFJpEcRoqaYxjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tLWC1NLWh6bTBfNHNVbWtSeEdpcHBqR05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS81ZjE1M2QtNzFkOS00NzBhLWJhMjct
OTcxMTM5NTE0YmIxLzEvWHRRVEoyRGxUTTNNMWpBMnJFNmp0ZERfaXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS81ZjE1M2QtNzFkOS00NzBhLWJhMjctOTcxMTM5NTE0YmIx
LzEvQ0tLWC1NLWh6bTBfNHNVbWtSeEdpcHBqR05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstVLMA0G
CSqGSIb3DQEBCwUAA4IBAQBz6RcpAoOEGfxQH0L24MAB+HBaRbF+hJnvAbch4sIN
NlOtPTYLJiC515AmxuQw9RIiBipSUGW8yvfX0s5cOz4E6A3udkEADlUQsDtT4282
wqTBbUEaIv3hvtF6mh+yn1wGn7jgAD56LdMRBc5SvEwN96ga4SL4G3Wj0zztnxlX
G/QYR6abvMPdyH8TS7KliIiu4/nARovxHlKIYkG6cwNB7/g8e+YC7H1lr9aUQsn+
HeNo3c0mZt0BA7VJBnSYDXGEC/iT2FAE/y9PNQqM1Mi/xTgJe+lm2G26FYX2ohUI
Z09jrubcbGe2eGPvvyj8Ai25Jnzdqko5/jmgbUWxaTFl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:27 2024 by rpki-client on console-ams.rpki-client.org