Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/T-OA8LRnpSZbNyPV_UAj3XvAk7M.roa
File:                     T-OA8LRnpSZbNyPV_UAj3XvAk7M.roa (raw, json)
Hash identifier:          rzTh8Dpgc7UwKULfPDludTzgfpDe+NwY1cgMypXCeDM=
Subject key identifier:   4F:E3:80:F0:B4:67:A5:26:5B:37:23:D5:FD:40:23:DD:7B:C0:93:B3
Certificate issuer:       /CN=cb6bf2b89584ec96080048dc3fdc2e3983c277f3
Certificate serial:       018571699FB1F5A84DF230914EFC4B0A03B3
Authority key identifier: CB:6B:F2:B8:95:84:EC:96:08:00:48:DC:3F:DC:2E:39:83:C2:77:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y2vyuJWE7JYIAEjcP9wuOYPCd_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/T-OA8LRnpSZbNyPV_UAj3XvAk7M.roa
Signing time:             Mon 02 Jan 2023 07:37:05 +0000
ROA not before:           Mon 02 Jan 2023 07:37:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198012
IP address blocks:        178.255.24.0/21 maxlen: 21
                          2a13:4540::/29 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:69:9f:b1:f5:a8:4d:f2:30:91:4e:fc:4b:0a:03:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb6bf2b89584ec96080048dc3fdc2e3983c277f3
        Validity
            Not Before: Jan  2 07:37:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4fe380f0b467a5265b3723d5fd4023dd7bc093b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:f0:19:4c:1d:3b:0e:cf:fb:a8:53:91:4f:9d:
                    ce:e6:fe:ef:fd:ab:f8:3d:44:cc:dd:93:aa:c1:8a:
                    bc:c8:71:48:6d:62:0b:c8:cd:8f:bf:cd:d0:8d:78:
                    06:7f:ee:f9:ed:cc:68:d9:da:e3:f6:a6:11:3a:e2:
                    97:bb:d5:fa:f0:44:57:25:78:68:c3:9a:59:a3:5f:
                    3b:3e:eb:9d:cd:d5:4c:73:ce:42:d1:88:a1:6e:81:
                    3c:20:9d:34:40:d1:11:b2:35:a8:4a:ad:90:12:9c:
                    ea:89:57:c6:e8:27:f9:28:c6:5c:fc:a6:19:e6:6d:
                    71:93:46:4e:dd:b7:bb:cc:7a:2d:02:82:8c:12:da:
                    f0:d5:99:c0:90:e8:bc:12:28:cf:f3:2b:ed:8c:f1:
                    e9:a4:cc:50:fe:5b:05:e2:69:dd:5f:f3:d6:c2:cd:
                    dc:c3:47:01:70:2e:cd:65:e2:e7:3a:a0:8b:e0:75:
                    39:f0:e0:9a:8e:4f:fd:98:1a:a3:14:2f:e2:30:a8:
                    10:ad:ea:af:02:3a:a6:70:79:2c:47:27:3e:40:ea:
                    83:16:07:87:d8:8f:44:b5:c1:0c:32:92:b4:73:a6:
                    37:a1:1f:e8:e4:ff:a2:74:0f:ad:69:3d:00:1c:f7:
                    d2:b6:a6:dc:1c:c6:f4:7f:e3:8c:5b:40:c1:d7:aa:
                    0c:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:E3:80:F0:B4:67:A5:26:5B:37:23:D5:FD:40:23:DD:7B:C0:93:B3
            X509v3 Authority Key Identifier:
                keyid:CB:6B:F2:B8:95:84:EC:96:08:00:48:DC:3F:DC:2E:39:83:C2:77:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2vyuJWE7JYIAEjcP9wuOYPCd_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/T-OA8LRnpSZbNyPV_UAj3XvAk7M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/y2vyuJWE7JYIAEjcP9wuOYPCd_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.255.24.0/21
                IPv6:
                  2a13:4540::/29

    Signature Algorithm: sha256WithRSAEncryption
         7e:a0:a0:99:bd:a6:f7:9f:eb:b8:3b:ef:12:b1:ba:ba:26:5c:
         9c:a6:3d:d5:3d:26:98:60:9d:a0:78:df:02:0d:e3:18:04:22:
         c9:38:2c:ab:42:07:a5:64:41:b1:1f:6e:38:ea:67:f8:da:dd:
         7e:a6:e9:43:04:6a:23:0a:c8:82:ab:d0:2f:b5:e0:66:23:60:
         b0:63:83:78:3a:58:55:e6:15:57:64:27:45:b8:b1:06:82:bc:
         7d:4a:e6:ed:18:e8:04:d6:77:c5:cd:b6:b4:03:63:4b:d1:94:
         6b:36:05:2e:8d:8c:7b:94:9a:23:1a:ea:2e:04:a4:3e:5d:70:
         ec:5e:f7:18:ae:b5:a1:e3:f5:05:89:47:e3:2f:20:71:57:84:
         8f:28:29:88:4f:bb:fe:bb:3e:76:06:75:92:e6:13:fc:6b:92:
         ba:d3:3f:cf:a9:8f:47:93:cd:23:0f:04:32:be:37:e7:5a:75:
         06:ab:5c:ac:77:f2:12:82:fb:c3:60:8b:8d:0b:4c:69:f6:e2:
         e5:23:e0:1d:d6:a0:fc:ec:d5:c7:e4:a4:fd:61:44:38:b3:5d:
         18:13:54:8b:0f:34:a7:ef:d1:84:93:1e:6c:20:fb:8b:a9:f7:
         7c:42:31:22:ec:3d:84:fa:dd:08:f1:78:7e:0d:99:4f:3e:7a:
         70:75:53:e3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxaZ+x9ahN8jCRTvxLCgOzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNmJmMmI4OTU4NGVjOTYwODAwNDhkYzNmZGMyZTM5ODNj
Mjc3ZjMwHhcNMjMwMTAyMDczNzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmUzODBmMGI0NjdhNTI2NWIzNzIzZDVmZDQwMjNkZDdiYzA5M2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfAZTB07Ds/7qFORT53O5v7v/av4
PUTM3ZOqwYq8yHFIbWILyM2Pv83QjXgGf+757cxo2drj9qYROuKXu9X68ERXJXho
w5pZo187PuudzdVMc85C0YihboE8IJ00QNERsjWoSq2QEpzqiVfG6Cf5KMZc/KYZ
5m1xk0ZO3be7zHotAoKMEtrw1ZnAkOi8EijP8yvtjPHppMxQ/lsF4mndX/PWws3c
w0cBcC7NZeLnOqCL4HU58OCajk/9mBqjFC/iMKgQreqvAjqmcHksRyc+QOqDFgeH
2I9EtcEMMpK0c6Y3oR/o5P+idA+taT0AHPfStqbcHMb0f+OMW0DB16oMHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE/jgPC0Z6UmWzcj1f1AI917wJOzMB8GA1UdIwQY
MBaAFMtr8riVhOyWCABI3D/cLjmDwnfzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTJ2eXVKV0U3SllJQUVqY1A5d3VPWVBDZF9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC82YTg3ZjEtZTE5Ny00YTIzLTk1M2Qt
MTBmZGZjZTk0NTEzLzEvVC1PQThMUm5wU1piTnlQVl9VQWozWHZBazdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC82YTg3ZjEtZTE5Ny00YTIzLTk1M2QtMTBmZGZjZTk0NTEz
LzEveTJ2eXVKV0U3SllJQUVqY1A5d3VPWVBDZF9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDsv8YMA0E
AgACMAcDBQMqE0VAMA0GCSqGSIb3DQEBCwUAA4IBAQB+oKCZvab3n+u4O+8Ssbq6
Jlycpj3VPSaYYJ2geN8CDeMYBCLJOCyrQgelZEGxH2446mf42t1+pulDBGojCsiC
q9AvteBmI2CwY4N4OlhV5hVXZCdFuLEGgrx9SubtGOgE1nfFzba0A2NL0ZRrNgUu
jYx7lJojGuouBKQ+XXDsXvcYrrWh4/UFiUfjLyBxV4SPKCmIT7v+uz52BnWS5hP8
a5K60z/PqY9Hk80jDwQyvjfnWnUGq1ysd/ISgvvDYIuNC0xp9uLlI+Ad1qD87NXH
5KT9YUQ4s10YE1SLDzSn79GEkx5sIPuLqfd8QjEi7D2E+t0I8Xh+DZlPPnpwdVPj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:05 2024 by rpki-client on console-ams.rpki-client.org