Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/869b30-fcd6-48df-8d25-bef3ba21c715/1/t3_41ERdgMlGOuHN0PFt0Dl0Jw4.roa
File:                     t3_41ERdgMlGOuHN0PFt0Dl0Jw4.roa (raw, json)
Hash identifier:          iOnw+M1v4vlztXsAjJz4WuQaS6uEVa8YCP6sKFXFFaU=
Subject key identifier:   B7:7F:F8:D4:44:5D:80:C9:46:3A:E1:CD:D0:F1:6D:D0:39:74:27:0E
Certificate issuer:       /CN=e0c8a390dde5e1519a4bd3da754a93e988492d67
Certificate serial:       01860239CE8FFFC3D3EBAB92F3FE5775B967
Authority key identifier: E0:C8:A3:90:DD:E5:E1:51:9A:4B:D3:DA:75:4A:93:E9:88:49:2D:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4MijkN3l4VGaS9PadUqT6YhJLWc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/869b30-fcd6-48df-8d25-bef3ba21c715/1/t3_41ERdgMlGOuHN0PFt0Dl0Jw4.roa
Signing time:             Mon 30 Jan 2023 10:29:48 +0000
ROA not before:           Mon 30 Jan 2023 10:29:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34934
IP address blocks:        78.24.89.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:02:39:ce:8f:ff:c3:d3:eb:ab:92:f3:fe:57:75:b9:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0c8a390dde5e1519a4bd3da754a93e988492d67
        Validity
            Not Before: Jan 30 10:29:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b77ff8d4445d80c9463ae1cdd0f16dd03974270e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:ed:3a:24:9a:d2:d6:54:95:77:5b:50:6d:e8:
                    50:3c:e6:2f:58:16:de:cb:3f:b7:78:84:5a:bc:7e:
                    af:11:11:2b:e9:90:35:ea:d7:08:57:68:fa:cc:2b:
                    f1:00:73:3b:6d:f7:99:49:f2:02:3e:09:97:02:d6:
                    b2:76:72:4f:06:94:49:8e:4a:03:3e:06:27:83:56:
                    69:e4:bd:b3:83:65:de:6a:7d:24:75:bd:0c:91:1e:
                    bc:04:9c:35:49:7b:c2:41:e2:0f:9c:79:9a:11:70:
                    db:06:8f:1f:6b:e2:de:8e:3e:8c:86:89:dc:a1:62:
                    18:22:72:f3:8e:95:77:ea:20:57:c4:9e:7c:23:df:
                    ac:2e:11:b9:20:40:44:d2:8e:94:a1:3d:c9:69:40:
                    a2:6d:3c:c0:6b:69:5d:f1:ec:a3:37:40:92:31:11:
                    44:08:2a:08:df:42:ef:71:eb:3d:4f:c1:74:23:e8:
                    ea:ff:6c:c1:9e:ab:3e:8d:11:a1:71:3c:4a:c6:40:
                    fa:5c:2b:19:fd:45:75:eb:fb:60:44:1b:29:88:47:
                    9f:ec:b3:da:f7:70:2a:59:c9:c8:26:00:39:c0:40:
                    65:c7:79:c1:68:26:5c:e5:a4:86:79:01:0c:d6:2a:
                    72:22:ed:cd:ff:29:7f:83:97:83:47:de:3c:b4:e3:
                    7a:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:7F:F8:D4:44:5D:80:C9:46:3A:E1:CD:D0:F1:6D:D0:39:74:27:0E
            X509v3 Authority Key Identifier:
                keyid:E0:C8:A3:90:DD:E5:E1:51:9A:4B:D3:DA:75:4A:93:E9:88:49:2D:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4MijkN3l4VGaS9PadUqT6YhJLWc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/869b30-fcd6-48df-8d25-bef3ba21c715/1/t3_41ERdgMlGOuHN0PFt0Dl0Jw4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/869b30-fcd6-48df-8d25-bef3ba21c715/1/4MijkN3l4VGaS9PadUqT6YhJLWc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.24.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bd:42:5f:a8:08:08:95:90:fa:66:ca:fe:a3:bc:55:06:3d:19:
         bf:16:f2:14:d6:e9:81:50:68:b8:01:f7:ec:21:14:e4:24:19:
         c2:08:62:cd:38:ae:1e:50:55:6c:1d:ab:21:40:ec:c0:b5:01:
         f8:c5:7d:64:3d:cf:54:5d:13:fc:55:d7:fb:2e:eb:d6:08:1c:
         a2:de:0e:03:ae:b2:a1:7a:7d:ba:bb:ac:72:d2:8c:10:26:21:
         0d:b2:d4:83:ce:05:f7:d0:f5:48:72:7b:32:02:e0:f8:e1:40:
         58:e6:99:a7:fd:f1:ff:a0:33:06:e3:ed:71:e7:e6:5f:61:92:
         7f:83:1e:6b:39:77:3b:3e:05:85:c2:c6:e9:a2:20:b4:31:7c:
         a3:e9:54:80:c7:ba:11:78:e3:83:f1:31:59:33:3c:fb:1c:b0:
         6e:a2:4b:d0:d6:07:49:13:8b:b9:1d:6d:f2:2d:48:87:b4:e5:
         ce:cb:dc:4d:c2:7e:b2:36:22:4b:40:ab:3a:0a:28:0c:f7:01:
         3f:76:ac:28:2d:17:dd:ca:ea:db:de:de:94:9e:f5:36:25:f0:
         72:4b:56:4e:64:b8:1e:4a:77:d4:3b:4d:f8:c1:58:07:c2:27:
         6e:a3:27:ed:4b:01:50:64:d8:66:34:74:bd:40:56:e6:59:ad:
         7f:08:42:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYCOc6P/8PT66uS8/5XdblnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYzhhMzkwZGRlNWUxNTE5YTRiZDNkYTc1NGE5M2U5ODg0
OTJkNjcwHhcNMjMwMTMwMTAyOTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzdmZjhkNDQ0NWQ4MGM5NDYzYWUxY2RkMGYxNmRkMDM5NzQyNzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuO06JJrS1lSVd1tQbehQPOYvWBbe
yz+3eIRavH6vEREr6ZA16tcIV2j6zCvxAHM7bfeZSfICPgmXAtaydnJPBpRJjkoD
PgYng1Zp5L2zg2Xean0kdb0MkR68BJw1SXvCQeIPnHmaEXDbBo8fa+Lejj6Mhonc
oWIYInLzjpV36iBXxJ58I9+sLhG5IEBE0o6UoT3JaUCibTzAa2ld8eyjN0CSMRFE
CCoI30Lvces9T8F0I+jq/2zBnqs+jRGhcTxKxkD6XCsZ/UV16/tgRBspiEef7LPa
93AqWcnIJgA5wEBlx3nBaCZc5aSGeQEM1ipyIu3N/yl/g5eDR948tON6JwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLd/+NREXYDJRjrhzdDxbdA5dCcOMB8GA1UdIwQY
MBaAFODIo5Dd5eFRmkvT2nVKk+mISS1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE1pamtOM2w0VkdhUzlQYWRVcVQ2WWhKTFdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS84NjliMzAtZmNkNi00OGRmLThkMjUt
YmVmM2JhMjFjNzE1LzEvdDNfNDFFUmRnTWxHT3VITjBQRnQwRGwwSnc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS84NjliMzAtZmNkNi00OGRmLThkMjUtYmVmM2JhMjFjNzE1
LzEvNE1pamtOM2w0VkdhUzlQYWRVcVQ2WWhKTFdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAThhZMA0G
CSqGSIb3DQEBCwUAA4IBAQC9Ql+oCAiVkPpmyv6jvFUGPRm/FvIU1umBUGi4Affs
IRTkJBnCCGLNOK4eUFVsHashQOzAtQH4xX1kPc9UXRP8Vdf7LuvWCByi3g4DrrKh
en26u6xy0owQJiENstSDzgX30PVIcnsyAuD44UBY5pmn/fH/oDMG4+1x5+ZfYZJ/
gx5rOXc7PgWFwsbpoiC0MXyj6VSAx7oReOOD8TFZMzz7HLBuokvQ1gdJE4u5HW3y
LUiHtOXOy9xNwn6yNiJLQKs6CigM9wE/dqwoLRfdyurb3t6UnvU2JfByS1ZOZLge
SnfUO034wVgHwiduoyftSwFQZNhmNHS9QFbmWa1/CEJu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:45 2024 by rpki-client on console-fra.rpki-client.org