Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/72phU6jOKQlDER1Xwf4oRAjU3dE.roa
File:                     72phU6jOKQlDER1Xwf4oRAjU3dE.roa (raw, json)
Hash identifier:          Q+j3hbJquX1qVIR74qERU6BNI8bOAtaMs3N2vOInYdY=
Subject key identifier:   EF:6A:61:53:A8:CE:29:09:43:11:1D:57:C1:FE:28:44:08:D4:DD:D1
Certificate issuer:       /CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Certificate serial:       0189E0BF90758ADD8B182660D2068EC92095
Authority key identifier: 17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/72phU6jOKQlDER1Xwf4oRAjU3dE.roa
Signing time:             Thu 10 Aug 2023 18:39:58 +0000
ROA not before:           Thu 10 Aug 2023 18:39:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42465
IP address blocks:        86.111.216.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:e0:bf:90:75:8a:dd:8b:18:26:60:d2:06:8e:c9:20:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
        Validity
            Not Before: Aug 10 18:39:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ef6a6153a8ce290943111d57c1fe284408d4ddd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:f7:a6:bb:f9:da:99:29:e8:31:21:02:2f:51:
                    40:ff:cc:98:fe:21:8c:bc:46:98:be:48:3c:d1:dc:
                    35:95:93:cc:3b:7f:cb:5e:7a:66:7a:c6:81:84:fe:
                    ab:75:5d:d6:0a:22:09:57:3c:26:fc:20:26:63:ff:
                    67:f7:af:b6:8a:1d:84:48:3a:29:6a:05:8a:3a:81:
                    34:e7:87:8d:1a:e1:49:0a:69:7d:69:30:16:24:69:
                    20:28:d8:ac:e6:ba:51:11:69:6c:e4:2d:6d:2a:dd:
                    31:56:9d:5b:20:f7:7f:41:68:54:60:05:0a:a6:01:
                    e5:6d:bb:27:84:e4:78:05:78:a8:5a:37:5d:78:1a:
                    70:31:be:8e:4f:c5:b9:6c:bc:89:02:8c:35:53:93:
                    67:c5:02:fe:0a:49:a2:d5:f7:5a:e6:21:ed:b1:08:
                    5c:1c:fb:b7:6f:69:06:5a:52:6e:f7:46:5b:db:be:
                    d4:b8:38:64:57:72:cc:b1:cd:18:c6:43:6a:5e:2e:
                    37:d2:2a:e8:d2:86:27:cb:4e:36:7c:6b:ec:e0:35:
                    64:4d:92:8b:b2:92:90:68:4a:c5:24:0b:29:dd:b5:
                    43:dc:f9:cc:b6:ca:8f:b3:12:3e:a5:dd:b0:df:dc:
                    6b:ad:d6:b7:6b:73:05:5e:c4:e3:4d:b0:33:e4:f6:
                    fd:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:6A:61:53:A8:CE:29:09:43:11:1D:57:C1:FE:28:44:08:D4:DD:D1
            X509v3 Authority Key Identifier:
                keyid:17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/72phU6jOKQlDER1Xwf4oRAjU3dE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/F92cI69p7Czbb-K5k260lM_RYh8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.111.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:a6:d4:1f:3d:98:17:f7:c6:ca:52:cb:df:85:66:c1:ce:88:
         43:e8:d9:22:8a:26:0b:47:c3:76:46:50:97:57:b3:3a:a4:24:
         0b:07:d7:95:5c:ed:cc:da:a0:b8:1f:19:68:fb:e9:4c:6a:1e:
         e6:19:13:1c:ca:43:98:88:c2:19:f3:7d:b2:b1:f1:99:59:39:
         f9:88:db:58:58:40:48:f3:b2:b5:04:37:25:80:99:c9:6e:e7:
         9e:1e:30:be:78:60:fd:97:b8:4a:60:67:99:27:93:39:70:a0:
         d9:87:d8:48:5a:83:44:f3:41:dd:7b:05:c6:1e:70:3a:93:25:
         09:0b:7c:b8:b6:e1:41:bb:45:7c:3f:46:67:c6:2a:d5:45:eb:
         32:d7:2c:77:2f:e7:e9:fa:a6:5d:b2:c2:40:94:93:de:7f:b9:
         4b:e1:2a:75:32:8f:96:7d:9a:68:85:cb:43:ed:a0:ce:a9:bb:
         ed:22:7b:35:7b:68:a5:37:2d:67:a2:31:30:80:c9:88:ed:a9:
         4d:c2:a3:6c:5d:aa:d9:bf:de:83:f0:b1:52:1a:ee:13:10:48:
         f2:61:27:46:85:12:9d:6e:7d:eb:dc:86:ae:93:1c:81:06:97:
         cd:dc:e2:85:75:14:2e:42:9a:db:4a:d5:24:97:db:00:64:e0:
         fa:b3:8e:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYngv5B1it2LGCZg0gaOySCVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZGQ5YzIzYWY2OWVjMmNkYjZmZTJiOTkzNmViNDk0Y2Zk
MTYyMWYwHhcNMjMwODEwMTgzOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjZhNjE1M2E4Y2UyOTA5NDMxMTFkNTdjMWZlMjg0NDA4ZDRkZGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/emu/namSnoMSECL1FA/8yY/iGM
vEaYvkg80dw1lZPMO3/LXnpmesaBhP6rdV3WCiIJVzwm/CAmY/9n96+2ih2ESDop
agWKOoE054eNGuFJCml9aTAWJGkgKNis5rpREWls5C1tKt0xVp1bIPd/QWhUYAUK
pgHlbbsnhOR4BXioWjddeBpwMb6OT8W5bLyJAow1U5NnxQL+Ckmi1fda5iHtsQhc
HPu3b2kGWlJu90Zb277UuDhkV3LMsc0YxkNqXi430iro0oYny042fGvs4DVkTZKL
spKQaErFJAsp3bVD3PnMtsqPsxI+pd2w39xrrda3a3MFXsTjTbAz5Pb9IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO9qYVOozikJQxEdV8H+KEQI1N3RMB8GA1UdIwQY
MBaAFBfdnCOvaews22/iuZNutJTP0WIfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYt
OGZhN2I0YzUzMDczLzEvNzJwaFU2ak9LUWxERVIxWHdmNG9SQWpVM2RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYtOGZhN2I0YzUzMDcz
LzEvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVm/YMA0G
CSqGSIb3DQEBCwUAA4IBAQCiptQfPZgX98bKUsvfhWbBzohD6NkiiiYLR8N2RlCX
V7M6pCQLB9eVXO3M2qC4Hxlo++lMah7mGRMcykOYiMIZ832ysfGZWTn5iNtYWEBI
87K1BDclgJnJbueeHjC+eGD9l7hKYGeZJ5M5cKDZh9hIWoNE80HdewXGHnA6kyUJ
C3y4tuFBu0V8P0ZnxirVResy1yx3L+fp+qZdssJAlJPef7lL4Sp1Mo+WfZpohctD
7aDOqbvtIns1e2ilNy1nojEwgMmI7alNwqNsXarZv96D8LFSGu4TEEjyYSdGhRKd
bn3r3IaukxyBBpfN3OKFdRQuQprbStUkl9sAZOD6s47r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:21 2024 by rpki-client on console-fra.rpki-client.org