Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/E8bZZed13cY1ydPCqNIiJNiJrRg.roa
File:                     E8bZZed13cY1ydPCqNIiJNiJrRg.roa (raw, json)
Hash identifier:          XgPbDgUnMjrpB18y8tp3rGj41sxnqs5/vq/DfRM5YeA=
Subject key identifier:   13:C6:D9:65:E7:75:DD:C6:35:C9:D3:C2:A8:D2:22:24:D8:89:AD:18
Certificate issuer:       /CN=65179265803b7804d0fccf5962a8b163743e0d1e
Certificate serial:       018D21723E1A51ECCB466BAA5DDE7CA7B150
Authority key identifier: 65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/E8bZZed13cY1ydPCqNIiJNiJrRg.roa
Signing time:             Fri 19 Jan 2024 11:19:11 +0000
ROA not before:           Fri 19 Jan 2024 11:19:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     14618
IP address blocks:        160.214.108.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 06 Feb 2024 08:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:21:72:3e:1a:51:ec:cb:46:6b:aa:5d:de:7c:a7:b1:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65179265803b7804d0fccf5962a8b163743e0d1e
        Validity
            Not Before: Jan 19 11:19:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=13c6d965e775ddc635c9d3c2a8d22224d889ad18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:30:72:ea:7e:f5:05:a0:2c:0f:a4:58:59:1d:
                    4b:7a:e5:8d:02:5a:f3:ae:da:aa:d0:d9:e3:1f:41:
                    26:d4:73:37:53:43:78:44:95:7b:5c:fd:f4:37:ac:
                    e4:07:cd:b6:c5:4c:97:1a:37:47:66:dc:87:83:c7:
                    be:88:9f:bd:17:93:ac:51:8c:2e:17:16:db:87:2b:
                    a7:25:c8:3e:1a:b7:f5:73:6b:c5:68:f2:17:c2:57:
                    f8:07:98:2b:99:2f:69:06:f0:3c:a8:40:2c:da:4a:
                    2a:42:89:a0:a5:b4:d8:ad:3c:c1:0e:3d:7d:bf:65:
                    00:88:f2:da:dd:24:29:2f:9e:ec:0b:da:a2:cf:18:
                    ef:7f:94:f3:a3:d9:7d:1f:9c:9c:a2:a6:be:5d:f0:
                    29:62:8e:74:63:7b:39:0a:a0:1d:01:d7:ac:f2:68:
                    8a:4a:92:23:60:e0:49:f0:d6:e8:c2:67:18:42:9b:
                    de:fb:b4:bf:37:aa:ce:f7:73:fc:00:13:81:d1:c7:
                    16:8f:79:c6:83:eb:6e:7a:f5:e5:72:f3:c3:bf:0e:
                    7e:76:fc:45:f8:8c:b2:ab:b0:5e:cd:f7:f8:a2:d3:
                    37:e7:e3:f4:3e:a3:04:52:aa:96:ac:61:8b:b2:89:
                    40:91:b1:f5:97:9e:20:d5:5a:b3:be:4d:28:a4:0e:
                    8b:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:C6:D9:65:E7:75:DD:C6:35:C9:D3:C2:A8:D2:22:24:D8:89:AD:18
            X509v3 Authority Key Identifier:
                keyid:65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/E8bZZed13cY1ydPCqNIiJNiJrRg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.214.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bc:cf:31:16:5f:41:a1:47:11:28:c1:44:2c:55:ae:52:ef:31:
         36:43:d1:a6:87:e1:31:43:99:e7:dc:e7:02:13:cc:24:c9:27:
         2d:b1:58:85:24:30:84:f2:f5:14:bf:bc:43:b3:44:f7:a7:60:
         56:67:d6:7a:86:b5:71:fe:00:76:b4:ff:42:80:10:cf:79:ac:
         5b:c4:ed:0d:c8:2f:72:e5:93:5a:6e:b1:0b:f3:3f:41:35:35:
         c3:9d:a9:74:9a:63:95:b6:90:de:2d:01:5e:b7:47:f6:ee:3a:
         d7:55:70:13:0e:9a:3c:c6:f2:6f:0b:9c:a4:ba:1c:36:48:0b:
         f4:fb:ec:64:66:d7:58:1d:68:1d:04:ca:b9:91:22:20:29:f9:
         a4:8b:9d:51:07:87:ee:a3:0d:a4:2c:01:d2:ab:65:ae:a8:d2:
         7a:42:99:de:ca:58:4c:5a:11:c3:60:1d:71:52:7c:84:19:14:
         77:57:be:3a:a0:be:21:b1:8a:e8:fb:cc:04:bf:db:9b:0d:66:
         43:ab:76:c7:ec:6f:42:44:df:9a:2d:9e:a5:75:b2:29:ac:ea:
         8d:6b:31:5a:b0:c6:d8:a6:11:a5:7c:39:d6:96:b9:43:c1:b5:
         5c:79:fc:55:36:c5:b6:5c:b0:99:64:79:0a:9d:90:64:a6:29:
         55:37:16:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0hcj4aUezLRmuqXd58p7FQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTc5MjY1ODAzYjc4MDRkMGZjY2Y1OTYyYThiMTYzNzQz
ZTBkMWUwHhcNMjQwMTE5MTExOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2M2ZDk2NWU3NzVkZGM2MzVjOWQzYzJhOGQyMjIyNGQ4ODlhZDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTBy6n71BaAsD6RYWR1LeuWNAlrz
rtqq0NnjH0Em1HM3U0N4RJV7XP30N6zkB822xUyXGjdHZtyHg8e+iJ+9F5OsUYwu
FxbbhyunJcg+Grf1c2vFaPIXwlf4B5grmS9pBvA8qEAs2koqQomgpbTYrTzBDj19
v2UAiPLa3SQpL57sC9qizxjvf5Tzo9l9H5ycoqa+XfApYo50Y3s5CqAdAdes8miK
SpIjYOBJ8NbowmcYQpve+7S/N6rO93P8ABOB0ccWj3nGg+tuevXlcvPDvw5+dvxF
+Iyyq7Bezff4otM35+P0PqMEUqqWrGGLsolAkbH1l54g1Vqzvk0opA6L+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBPG2WXndd3GNcnTwqjSIiTYia0YMB8GA1UdIwQY
MBaAFGUXkmWAO3gE0PzPWWKosWN0Pg0eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEt
ZjdiYjZkOWEzYmU4LzEvRThiWlplZDEzY1kxeWRQQ3FOSWlKTmlKclJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEtZjdiYjZkOWEzYmU4
LzEvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoNZsMA0G
CSqGSIb3DQEBCwUAA4IBAQC8zzEWX0GhRxEowUQsVa5S7zE2Q9Gmh+ExQ5nn3OcC
E8wkySctsViFJDCE8vUUv7xDs0T3p2BWZ9Z6hrVx/gB2tP9CgBDPeaxbxO0NyC9y
5ZNabrEL8z9BNTXDnal0mmOVtpDeLQFet0f27jrXVXATDpo8xvJvC5ykuhw2SAv0
++xkZtdYHWgdBMq5kSIgKfmki51RB4fuow2kLAHSq2WuqNJ6QpneylhMWhHDYB1x
UnyEGRR3V746oL4hsYro+8wEv9ubDWZDq3bH7G9CRN+aLZ6ldbIprOqNazFasMbY
phGlfDnWlrlDwbVcefxVNsW2XLCZZHkKnZBkpilVNxYA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:11 2024 by rpki-client on console-fra.rpki-client.org