Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/_I2U3s9Y_vx-i3JHNjBaPs3UUUc.roa
File:                     _I2U3s9Y_vx-i3JHNjBaPs3UUUc.roa (raw, json)
Hash identifier:          2it33zHRpEJwXiQm6vfjU0islOlwhq2pjsQczDjFKVQ=
Subject key identifier:   FC:8D:94:DE:CF:58:FE:FC:7E:8B:72:47:36:30:5A:3E:CD:D4:51:47
Certificate issuer:       /CN=08a297f8cfa1ce6d3fe2c526911c468a9a6318d0
Certificate serial:       01856FC27C19622CD0288A905FBBF12876CA
Authority key identifier: 08:A2:97:F8:CF:A1:CE:6D:3F:E2:C5:26:91:1C:46:8A:9A:63:18:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CKKX-M-hzm0_4sUmkRxGippjGNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/_I2U3s9Y_vx-i3JHNjBaPs3UUUc.roa
Signing time:             Sun 01 Jan 2023 23:54:54 +0000
ROA not before:           Sun 01 Jan 2023 23:54:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        178.213.75.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:c2:7c:19:62:2c:d0:28:8a:90:5f:bb:f1:28:76:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08a297f8cfa1ce6d3fe2c526911c468a9a6318d0
        Validity
            Not Before: Jan  1 23:54:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fc8d94decf58fefc7e8b724736305a3ecdd45147
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:9d:f0:e5:12:a3:04:bd:11:a0:e9:0d:25:d2:
                    8f:df:1b:a1:2c:cf:c6:0e:4a:e4:11:72:81:2a:95:
                    41:57:b1:e4:48:ae:30:e4:91:a6:a5:57:eb:52:0a:
                    c4:52:4c:11:71:27:66:bb:97:d4:ce:af:ea:65:d6:
                    7b:ee:c2:34:42:4f:ff:cd:aa:4a:6d:e8:5f:7d:03:
                    19:82:dc:34:c2:30:7f:ad:ac:d6:b2:57:73:a2:fe:
                    2a:a3:db:58:ef:b7:0b:e0:5d:c8:cc:44:a2:bc:84:
                    44:e9:9a:1a:bd:e4:da:ea:6b:dc:8f:ba:4c:c9:14:
                    a9:28:e2:26:08:94:9e:03:da:70:a4:77:69:28:80:
                    23:19:fe:12:61:85:13:a6:ba:95:6a:81:30:43:95:
                    f4:d6:ba:6e:c0:3b:17:51:6a:af:ba:dd:96:bf:90:
                    58:f0:90:92:0b:5f:f2:49:1e:ca:35:d2:a9:07:93:
                    19:8c:41:33:77:4c:f0:5c:8e:83:e0:a6:c6:6c:02:
                    2d:79:68:b4:07:a5:13:3b:44:fd:92:b4:1c:94:b9:
                    63:e1:2f:04:5f:f9:ed:76:80:3c:ac:57:1d:42:2c:
                    ad:19:1a:25:f9:0b:5b:03:bb:b4:dd:87:ca:0d:6e:
                    d1:00:10:8d:9e:95:66:38:cf:25:f1:1f:7f:dc:0a:
                    01:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:8D:94:DE:CF:58:FE:FC:7E:8B:72:47:36:30:5A:3E:CD:D4:51:47
            X509v3 Authority Key Identifier:
                keyid:08:A2:97:F8:CF:A1:CE:6D:3F:E2:C5:26:91:1C:46:8A:9A:63:18:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKKX-M-hzm0_4sUmkRxGippjGNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/_I2U3s9Y_vx-i3JHNjBaPs3UUUc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/CKKX-M-hzm0_4sUmkRxGippjGNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.213.75.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:73:41:40:04:06:71:e0:17:81:44:b3:f8:72:2f:9f:aa:2c:
         6c:62:86:39:bc:b6:8d:fd:06:18:d3:f2:83:19:de:04:ee:d5:
         d2:a8:4c:ab:00:97:47:6c:af:53:bf:7b:bb:e5:93:92:fe:80:
         7d:c4:86:80:38:b5:1c:44:7b:28:09:25:30:ac:3a:45:f7:3f:
         13:05:39:e4:e3:7c:72:96:cd:6b:4b:c4:00:37:dd:c9:b1:76:
         ee:33:33:0a:c6:7a:d3:23:af:18:70:45:85:83:61:34:55:8f:
         b1:59:48:99:23:4b:bd:75:35:d0:5a:d1:53:d7:5b:56:e8:36:
         71:40:a0:19:08:9e:19:7f:28:53:d2:57:fa:ec:76:2f:5c:70:
         8f:78:53:5f:77:af:a2:8c:5d:21:76:60:d5:95:8c:31:24:7f:
         1e:a1:94:45:9d:ba:23:bc:43:5c:67:60:6f:1c:55:94:81:20:
         59:1c:5a:64:3c:c2:2c:d0:4f:20:7f:93:c3:cc:82:16:96:5d:
         ba:da:a5:54:b6:a2:fd:2c:69:10:d5:b6:a2:bc:b4:98:b6:60:
         2f:f3:8e:ed:d7:fe:3f:c5:fb:ad:ed:bb:18:ca:7b:e5:15:56:
         1d:6b:b4:54:51:a6:8e:ee:44:dd:8f:a3:41:d3:44:51:90:52:
         d0:e0:ee:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvwnwZYizQKIqQX7vxKHbKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTI5N2Y4Y2ZhMWNlNmQzZmUyYzUyNjkxMWM0NjhhOWE2
MzE4ZDAwHhcNMjMwMTAxMjM1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzhkOTRkZWNmNThmZWZjN2U4YjcyNDczNjMwNWEzZWNkZDQ1MTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt53w5RKjBL0RoOkNJdKP3xuhLM/G
DkrkEXKBKpVBV7HkSK4w5JGmpVfrUgrEUkwRcSdmu5fUzq/qZdZ77sI0Qk//zapK
behffQMZgtw0wjB/razWsldzov4qo9tY77cL4F3IzESivIRE6ZoaveTa6mvcj7pM
yRSpKOImCJSeA9pwpHdpKIAjGf4SYYUTprqVaoEwQ5X01rpuwDsXUWqvut2Wv5BY
8JCSC1/ySR7KNdKpB5MZjEEzd0zwXI6D4KbGbAIteWi0B6UTO0T9krQclLlj4S8E
X/ntdoA8rFcdQiytGRol+QtbA7u03YfKDW7RABCNnpVmOM8l8R9/3AoBWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPyNlN7PWP78fotyRzYwWj7N1FFHMB8GA1UdIwQY
MBaAFAiil/jPoc5tP+LFJpEcRoqaYxjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tLWC1NLWh6bTBfNHNVbWtSeEdpcHBqR05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS81ZjE1M2QtNzFkOS00NzBhLWJhMjct
OTcxMTM5NTE0YmIxLzEvX0kyVTNzOVlfdngtaTNKSE5qQmFQczNVVVVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS81ZjE1M2QtNzFkOS00NzBhLWJhMjctOTcxMTM5NTE0YmIx
LzEvQ0tLWC1NLWh6bTBfNHNVbWtSeEdpcHBqR05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstVLMA0G
CSqGSIb3DQEBCwUAA4IBAQCTc0FABAZx4BeBRLP4ci+fqixsYoY5vLaN/QYY0/KD
Gd4E7tXSqEyrAJdHbK9Tv3u75ZOS/oB9xIaAOLUcRHsoCSUwrDpF9z8TBTnk43xy
ls1rS8QAN93JsXbuMzMKxnrTI68YcEWFg2E0VY+xWUiZI0u9dTXQWtFT11tW6DZx
QKAZCJ4ZfyhT0lf67HYvXHCPeFNfd6+ijF0hdmDVlYwxJH8eoZRFnbojvENcZ2Bv
HFWUgSBZHFpkPMIs0E8gf5PDzIIWll262qVUtqL9LGkQ1baivLSYtmAv847t1/4/
xfut7bsYynvlFVYda7RUUaaO7kTdj6NB00RRkFLQ4O6k
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:27 2024 by rpki-client on console-ams.rpki-client.org