Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/Lr7RmJGLEQkvm40P4e5v7qUYX0s.roa
File:                     Lr7RmJGLEQkvm40P4e5v7qUYX0s.roa (raw, json)
Hash identifier:          ZIx//PdNeLKIcW9yT/ACglkUDPfG7a9zptEQV8WS5kk=
Subject key identifier:   2E:BE:D1:98:91:8B:11:09:2F:9B:8D:0F:E1:EE:6F:EE:A5:18:5F:4B
Certificate issuer:       /CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Certificate serial:       018D83C7A47E65FB5A96F381CAC0B0454C24
Authority key identifier: 4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/Lr7RmJGLEQkvm40P4e5v7qUYX0s.roa
Signing time:             Wed 07 Feb 2024 13:35:15 +0000
ROA not before:           Wed 07 Feb 2024 13:35:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48678
IP address blocks:        185.174.70.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 01 Mar 2024 15:35:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:83:c7:a4:7e:65:fb:5a:96:f3:81:ca:c0:b0:45:4c:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
        Validity
            Not Before: Feb  7 13:35:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2ebed198918b11092f9b8d0fe1ee6feea5185f4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:d2:17:92:f4:53:17:83:36:2a:63:72:03:fa:
                    1e:ab:ec:22:66:41:b2:d9:07:07:3a:dd:7d:fc:e3:
                    cf:1c:28:00:62:37:5c:99:7b:5b:db:e8:65:ee:73:
                    cc:e0:6f:aa:05:89:0a:55:9a:72:e9:f6:05:db:97:
                    f6:ce:fe:0b:14:f8:5a:35:48:1f:9d:62:36:0d:87:
                    14:e1:1f:0c:97:15:18:35:79:43:a2:67:d3:37:5b:
                    cc:a6:37:5a:cd:22:d8:39:ef:e7:23:3d:46:5c:56:
                    e2:8a:ad:a4:95:a0:db:e4:33:65:b8:37:43:a0:06:
                    d6:21:c7:71:45:62:90:1a:64:bd:3a:cb:85:2e:ec:
                    e0:29:b6:a5:49:53:c4:0f:32:32:5a:cf:6b:37:d1:
                    41:e1:ec:46:aa:37:7f:19:5e:a7:ef:ce:83:6e:bd:
                    53:21:b6:c6:70:81:de:3e:46:96:23:74:ac:96:95:
                    8e:de:9c:ac:c4:a0:4c:19:21:7b:c9:77:0b:b0:ab:
                    cf:1d:32:96:36:38:c1:5b:cb:31:e2:96:a9:7d:06:
                    dc:1d:05:3d:a1:af:ef:df:5e:06:5a:9e:74:6a:97:
                    b7:f3:45:b4:33:51:61:e4:87:11:13:20:be:61:59:
                    9e:72:60:79:be:d8:9b:be:6e:75:50:2e:15:78:f3:
                    2f:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:BE:D1:98:91:8B:11:09:2F:9B:8D:0F:E1:EE:6F:EE:A5:18:5F:4B
            X509v3 Authority Key Identifier:
                keyid:4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/Lr7RmJGLEQkvm40P4e5v7qUYX0s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.174.70.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:a0:1a:d1:d9:1c:95:7e:7d:31:ee:63:5f:7f:26:e9:1d:5b:
         8e:bc:83:a4:07:f7:8a:81:55:ea:f5:45:63:21:4c:47:90:f7:
         ac:dd:0e:a9:46:a2:2f:d9:bb:6c:39:20:7e:40:81:15:cd:e4:
         1a:bc:47:6a:9f:f6:ea:89:31:6a:13:cf:48:14:f4:fd:c9:1d:
         39:43:a6:e6:2e:4c:fe:c0:d7:a3:9e:72:67:13:c7:e7:de:95:
         04:82:36:92:db:b5:fc:3e:cf:d0:3c:58:95:39:7b:e6:3a:89:
         eb:00:47:91:65:73:aa:f6:82:48:80:62:1d:b5:d4:1e:45:58:
         2f:c9:cc:d4:e7:47:e0:80:0d:88:ff:36:af:54:22:a2:13:60:
         4b:99:86:25:08:76:bb:15:5b:0d:5d:e9:c9:ea:a3:13:4f:b4:
         05:61:ec:d1:96:e2:63:60:8a:9f:ee:48:c7:de:9b:bf:e1:e9:
         ab:b3:d4:6a:4d:04:70:fe:b2:3e:7c:50:20:2a:41:c3:9c:78:
         2a:0f:e1:66:11:69:97:93:fb:e1:ce:ff:89:aa:da:a0:21:b0:
         cc:ce:8d:1c:f9:29:e9:00:9e:0a:ce:a5:ea:bd:ca:4d:17:4e:
         5c:bd:8b:2f:7f:92:c7:a5:a9:e4:8a:3e:cc:57:9b:b3:db:13:
         06:07:12:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2Dx6R+ZftalvOBysCwRUwkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTg0ZDI0N2NlMzdjZGNjZjA2ZTE1NzFkMjI2YTJiODU2
NzdiY2QwHhcNMjQwMjA3MTMzNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWJlZDE5ODkxOGIxMTA5MmY5YjhkMGZlMWVlNmZlZWE1MTg1ZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtIXkvRTF4M2KmNyA/oeq+wiZkGy
2QcHOt19/OPPHCgAYjdcmXtb2+hl7nPM4G+qBYkKVZpy6fYF25f2zv4LFPhaNUgf
nWI2DYcU4R8MlxUYNXlDomfTN1vMpjdazSLYOe/nIz1GXFbiiq2klaDb5DNluDdD
oAbWIcdxRWKQGmS9OsuFLuzgKbalSVPEDzIyWs9rN9FB4exGqjd/GV6n786Dbr1T
IbbGcIHePkaWI3SslpWO3pysxKBMGSF7yXcLsKvPHTKWNjjBW8sx4papfQbcHQU9
oa/v314GWp50ape380W0M1Fh5IcREyC+YVmecmB5vtibvm51UC4VePMvnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC6+0ZiRixEJL5uND+Hub+6lGF9LMB8GA1UdIwQY
MBaAFE2oTSR843zczwbhVx0iaiuFZ3vNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGIt
NTU1OGE4YjUzZTNkLzEvTHI3Um1KR0xFUWt2bTQwUDRlNXY3cVVZWDBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGItNTU1OGE4YjUzZTNk
LzEvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAua5GMA0G
CSqGSIb3DQEBCwUAA4IBAQB+oBrR2RyVfn0x7mNffybpHVuOvIOkB/eKgVXq9UVj
IUxHkPes3Q6pRqIv2btsOSB+QIEVzeQavEdqn/bqiTFqE89IFPT9yR05Q6bmLkz+
wNejnnJnE8fn3pUEgjaS27X8Ps/QPFiVOXvmOonrAEeRZXOq9oJIgGIdtdQeRVgv
yczU50fggA2I/zavVCKiE2BLmYYlCHa7FVsNXenJ6qMTT7QFYezRluJjYIqf7kjH
3pu/4emrs9RqTQRw/rI+fFAgKkHDnHgqD+FmEWmXk/vhzv+JqtqgIbDMzo0c+Snp
AJ4KzqXqvcpNF05cvYsvf5LHpankij7MV5uz2xMGBxJl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:33 2024 by rpki-client on console-fra.rpki-client.org