Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/LlQBhRNTkajGHdeKJn3WNWx744w.roa
File:                     LlQBhRNTkajGHdeKJn3WNWx744w.roa (raw, json)
Hash identifier:          TCtiL0ilW1cr5x4S8gCftPDhvZIBTppsnvYBvTwWRjo=
Subject key identifier:   2E:54:01:85:13:53:91:A8:C6:1D:D7:8A:26:7D:D6:35:6C:7B:E3:8C
Certificate issuer:       /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial:       01856B4A22A83DC2FDF70957B12B15471AD3
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/LlQBhRNTkajGHdeKJn3WNWx744w.roa
Signing time:             Sun 01 Jan 2023 03:04:58 +0000
ROA not before:           Sun 01 Jan 2023 03:04:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20527
IP address blocks:        178.170.233.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:4a:22:a8:3d:c2:fd:f7:09:57:b1:2b:15:47:1a:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
        Validity
            Not Before: Jan  1 03:04:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2e540185135391a8c61dd78a267dd6356c7be38c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:76:0d:b8:fb:4d:14:47:c1:63:33:fe:32:9b:
                    f9:b8:30:32:21:a1:80:50:f7:e7:27:b1:3a:ea:3f:
                    2e:64:a7:c1:90:6f:0e:9c:2c:fc:50:72:79:d9:eb:
                    62:be:75:85:3f:83:cf:a0:2d:50:38:ab:39:93:43:
                    ec:63:24:c1:05:06:b9:29:48:6c:10:bc:27:06:85:
                    40:3b:11:43:cc:69:c4:48:8d:34:39:83:db:01:a6:
                    a3:48:0e:52:d1:3b:8f:40:33:12:b6:ce:a1:5e:8b:
                    52:e3:5e:e5:42:d5:5d:d8:be:7a:18:5b:3a:bc:b6:
                    0b:8f:79:86:42:ab:7b:e0:79:18:bf:39:46:16:e7:
                    b3:1c:de:19:26:18:27:ea:d6:93:1e:40:15:d8:57:
                    53:ad:99:9a:29:d3:25:26:48:e5:0d:5a:34:a3:9a:
                    d3:db:ba:dd:e7:da:29:1f:4c:c9:bb:00:d1:85:18:
                    ee:5b:3c:7d:68:40:b5:73:a9:a7:f4:08:09:96:6d:
                    cd:a3:68:56:2c:0e:24:73:a9:8a:6d:42:68:86:81:
                    b7:94:1e:61:70:5d:f0:85:d0:a4:6e:5c:23:c0:29:
                    59:fc:c9:e4:b9:4d:44:b3:74:89:06:98:ef:3e:b5:
                    7f:54:a1:8f:65:db:87:0f:20:c0:f1:9b:cd:ef:e4:
                    63:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:54:01:85:13:53:91:A8:C6:1D:D7:8A:26:7D:D6:35:6C:7B:E3:8C
            X509v3 Authority Key Identifier:
                keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/LlQBhRNTkajGHdeKJn3WNWx744w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.170.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:86:b6:f6:d4:d1:42:f3:73:c3:95:a0:b4:2a:19:e4:87:52:
         c5:7d:f2:aa:64:47:7c:ea:6f:78:1d:a7:a3:c2:58:56:54:f7:
         0f:cb:02:12:5d:5a:12:8a:75:20:18:d2:14:92:44:38:26:17:
         39:a7:eb:45:9c:f1:91:8c:1d:09:65:18:5c:ce:70:a9:12:03:
         ee:04:5e:7f:14:23:a5:3e:03:53:49:39:92:1a:44:62:ea:7c:
         de:1b:c0:58:18:73:2d:97:21:df:ac:35:ac:e4:44:cc:16:48:
         f6:eb:bb:fa:2b:53:26:4f:60:c3:15:d9:4b:88:4e:06:87:71:
         0a:67:22:05:ef:be:64:10:6e:8f:86:94:6f:4b:36:f2:2c:63:
         72:4f:f1:ec:0e:42:55:bc:ab:9f:9e:89:5a:8c:52:1f:13:c9:
         e6:b5:c5:28:47:03:07:e7:55:54:ce:3f:f9:79:38:b0:dd:49:
         61:fd:93:3a:fd:c4:a4:51:f4:d8:8d:b0:7e:8b:35:87:ba:1c:
         5e:2b:0f:e1:da:2a:a6:85:22:b7:53:d8:0b:46:4a:a9:bb:40:
         96:3e:22:6d:2d:c0:28:f1:5f:85:cc:d1:38:49:57:91:3b:b0:
         15:76:fc:98:91:d8:89:6c:bc:89:eb:17:1b:a1:88:d9:e1:af:
         e3:2d:67:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrSiKoPcL99wlXsSsVRxrTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjMwMTAxMDMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTU0MDE4NTEzNTM5MWE4YzYxZGQ3OGEyNjdkZDYzNTZjN2JlMzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3nYNuPtNFEfBYzP+Mpv5uDAyIaGA
UPfnJ7E66j8uZKfBkG8OnCz8UHJ52etivnWFP4PPoC1QOKs5k0PsYyTBBQa5KUhs
ELwnBoVAOxFDzGnESI00OYPbAaajSA5S0TuPQDMSts6hXotS417lQtVd2L56GFs6
vLYLj3mGQqt74HkYvzlGFuezHN4ZJhgn6taTHkAV2FdTrZmaKdMlJkjlDVo0o5rT
27rd59opH0zJuwDRhRjuWzx9aEC1c6mn9AgJlm3No2hWLA4kc6mKbUJohoG3lB5h
cF3whdCkblwjwClZ/MnkuU1Es3SJBpjvPrV/VKGPZduHDyDA8ZvN7+RjmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC5UAYUTU5Goxh3XiiZ91jVse+OMMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvTGxRQmhSTlRrYWpHSGRlS0puM1dOV3g3NDR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsqrpMA0G
CSqGSIb3DQEBCwUAA4IBAQCXhrb21NFC83PDlaC0Khnkh1LFffKqZEd86m94Haej
wlhWVPcPywISXVoSinUgGNIUkkQ4Jhc5p+tFnPGRjB0JZRhcznCpEgPuBF5/FCOl
PgNTSTmSGkRi6nzeG8BYGHMtlyHfrDWs5ETMFkj267v6K1MmT2DDFdlLiE4Gh3EK
ZyIF775kEG6PhpRvSzbyLGNyT/HsDkJVvKufnolajFIfE8nmtcUoRwMH51VUzj/5
eTiw3Ulh/ZM6/cSkUfTYjbB+izWHuhxeKw/h2iqmhSK3U9gLRkqpu0CWPiJtLcAo
8V+FzNE4SVeRO7AVdvyYkdiJbLyJ6xcboYjZ4a/jLWey
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:33 2024 by rpki-client on console-ams.rpki-client.org