Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/jl7MN0wa66bV86o70JkW5Dn9drU.roa
File:                     jl7MN0wa66bV86o70JkW5Dn9drU.roa (raw, json)
Hash identifier:          F8Gkb0mabWDeEyyZT0mc8LZGGnkgdND+PIADaX6v/D8=
Subject key identifier:   8E:5E:CC:37:4C:1A:EB:A6:D5:F3:AA:3B:D0:99:16:E4:39:FD:76:B5
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       018CC348F1F275A05EE79F9D3AA7B9A4F792
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/jl7MN0wa66bV86o70JkW5Dn9drU.roa
Signing time:             Mon 01 Jan 2024 04:29:46 +0000
ROA not before:           Mon 01 Jan 2024 04:29:46 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     52035
IP address blocks:        158.41.24.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Fri 05 Apr 2024 09:04:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:f1:f2:75:a0:5e:e7:9f:9d:3a:a7:b9:a4:f7:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Jan  1 04:29:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8e5ecc374c1aeba6d5f3aa3bd09916e439fd76b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:25:8c:98:98:d1:4b:c8:ef:71:a7:d6:3b:74:
                    a9:f1:99:f3:04:72:95:93:0b:9e:ec:c0:50:71:9c:
                    7d:2f:3b:89:9a:dc:bb:05:3d:6a:94:d1:dd:b2:d2:
                    4f:74:5a:c2:da:43:3a:80:a6:de:76:20:98:81:b9:
                    ad:5a:1b:16:ba:aa:8a:07:6a:b9:b3:ba:7f:20:69:
                    68:22:d0:2f:51:bf:f8:a9:a3:83:e2:a1:a0:90:a3:
                    ba:a3:94:e5:5c:de:4a:22:eb:94:15:0f:9e:65:47:
                    8c:f2:6e:53:ca:1b:af:8a:e9:7d:13:42:9c:47:0f:
                    e4:c9:83:e4:7b:0e:3f:69:66:09:e8:41:e6:53:40:
                    1b:e7:d1:14:69:bf:a1:40:db:23:35:ec:84:b8:3b:
                    ba:b6:10:20:22:de:47:b7:3a:a0:1c:06:d9:00:2b:
                    24:11:d9:08:95:7f:7e:e3:ad:d7:36:f9:dc:2b:79:
                    12:58:66:14:b0:75:37:ae:43:31:1b:c2:14:91:eb:
                    ae:18:85:d2:20:93:90:f8:8a:dd:f9:1a:dd:18:11:
                    b1:73:13:d8:33:91:1e:65:96:6f:1a:30:88:38:59:
                    b3:f2:8b:67:78:a2:7a:2a:3e:09:e4:b3:ae:9c:57:
                    bd:90:b7:07:a3:4c:20:30:63:a9:36:34:ac:81:fa:
                    37:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:5E:CC:37:4C:1A:EB:A6:D5:F3:AA:3B:D0:99:16:E4:39:FD:76:B5
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/jl7MN0wa66bV86o70JkW5Dn9drU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.41.24.0/21

    Signature Algorithm: sha256WithRSAEncryption
         62:58:39:57:23:83:cb:b0:75:d8:39:97:cd:ac:4a:2f:b8:e9:
         d6:1e:9f:70:8a:6e:74:93:10:71:60:18:dc:54:94:fb:ca:8c:
         7f:5a:61:a3:21:cb:96:80:33:ff:4b:58:bd:32:95:b2:ae:81:
         30:a1:35:f1:aa:c1:89:34:0e:07:e2:5f:bc:7f:9a:7e:d8:71:
         81:99:17:f4:bf:77:b9:79:c5:18:16:e0:26:43:0f:70:cc:54:
         70:07:f3:8d:de:d9:31:15:60:66:a5:13:d1:1d:d4:3d:41:31:
         17:ab:51:5f:da:42:b4:06:02:3d:ac:9e:37:7e:0c:7b:22:ee:
         69:63:f8:60:ad:ed:e1:eb:93:c2:09:5b:27:2e:db:db:86:23:
         e3:26:76:7e:61:bd:cc:0e:97:72:1e:0f:e1:08:8c:84:3a:ce:
         a5:49:14:b8:18:4a:57:96:4e:f0:9f:d8:3a:d9:ea:68:75:e9:
         0b:39:97:1b:f9:47:66:63:b6:44:e9:44:2b:fc:df:0b:a6:20:
         6e:7d:68:73:4c:5c:93:11:f7:2f:b3:b1:47:6d:0c:42:0d:75:
         e3:46:5b:c7:6b:ae:c6:51:2c:36:4f:d2:0c:0f:87:76:97:a0:
         49:bf:8f:f8:8c:1c:31:23:25:80:74:4b:18:1f:a9:83:45:2c:
         a1:ac:4c:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSPHydaBe55+dOqe5pPeSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjQwMTAxMDQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTVlY2MzNzRjMWFlYmE2ZDVmM2FhM2JkMDk5MTZlNDM5ZmQ3NmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCWMmJjRS8jvcafWO3Sp8ZnzBHKV
kwue7MBQcZx9LzuJmty7BT1qlNHdstJPdFrC2kM6gKbediCYgbmtWhsWuqqKB2q5
s7p/IGloItAvUb/4qaOD4qGgkKO6o5TlXN5KIuuUFQ+eZUeM8m5Tyhuviul9E0Kc
Rw/kyYPkew4/aWYJ6EHmU0Ab59EUab+hQNsjNeyEuDu6thAgIt5HtzqgHAbZACsk
EdkIlX9+463XNvncK3kSWGYUsHU3rkMxG8IUkeuuGIXSIJOQ+Ird+RrdGBGxcxPY
M5EeZZZvGjCIOFmz8otneKJ6Kj4J5LOunFe9kLcHo0wgMGOpNjSsgfo3wQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI5ezDdMGuum1fOqO9CZFuQ5/Xa1MB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvamw3TU4wd2E2NmJWODZvNzBKa1c1RG45ZHJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnikYMA0G
CSqGSIb3DQEBCwUAA4IBAQBiWDlXI4PLsHXYOZfNrEovuOnWHp9wim50kxBxYBjc
VJT7yox/WmGjIcuWgDP/S1i9MpWyroEwoTXxqsGJNA4H4l+8f5p+2HGBmRf0v3e5
ecUYFuAmQw9wzFRwB/ON3tkxFWBmpRPRHdQ9QTEXq1Ff2kK0BgI9rJ43fgx7Iu5p
Y/hgre3h65PCCVsnLtvbhiPjJnZ+Yb3MDpdyHg/hCIyEOs6lSRS4GEpXlk7wn9g6
2epodekLOZcb+UdmY7ZE6UQr/N8LpiBufWhzTFyTEfcvs7FHbQxCDXXjRlvHa67G
USw2T9IMD4d2l6BJv4/4jBwxIyWAdEsYH6mDRSyhrEzd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:38 2024 by rpki-client on console-ams.rpki-client.org