Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/21oXYiwaoNh3-0w2o0PZB3GWt9M.roa
File:                     21oXYiwaoNh3-0w2o0PZB3GWt9M.roa (raw, json)
Hash identifier:          nk2yVGGgQGIzj9uRD1Z143E33azWHbRuo7wgrdgsMec=
Subject key identifier:   DB:5A:17:62:2C:1A:A0:D8:77:FB:4C:36:A3:43:D9:07:71:96:B7:D3
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       0189E45144015496F285755FB41DA7E31422
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/21oXYiwaoNh3-0w2o0PZB3GWt9M.roa
Signing time:             Fri 11 Aug 2023 11:17:58 +0000
ROA not before:           Fri 11 Aug 2023 11:17:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212219
IP address blocks:        80.71.228.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 14 Aug 2023 05:35:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:e4:51:44:01:54:96:f2:85:75:5f:b4:1d:a7:e3:14:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Aug 11 11:17:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=db5a17622c1aa0d877fb4c36a343d9077196b7d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:4e:e1:b8:e1:ee:a0:57:dd:cd:0c:d0:45:11:
                    9c:8b:fa:13:65:33:c7:d1:0b:90:5b:ba:36:3e:60:
                    e3:8d:3d:7a:e3:a7:96:6f:04:62:5f:f3:ba:d7:c4:
                    49:38:c5:c3:f8:2c:9a:7a:42:fa:8b:0c:f2:05:7f:
                    db:13:7b:8c:6a:39:f0:be:7b:c9:df:1c:83:ab:63:
                    90:2c:8a:5e:56:f8:30:99:16:a2:fe:0f:d9:2d:95:
                    d5:24:71:51:06:9a:67:7e:be:36:83:de:69:d8:39:
                    2f:c8:fd:26:96:df:a8:2b:78:5f:e9:2e:e4:66:6e:
                    39:72:b0:fa:47:84:68:db:eb:f2:63:85:c7:b6:a3:
                    13:71:73:95:de:2b:fa:4f:e8:e5:ac:9f:de:7d:f1:
                    77:b8:61:cb:a8:a8:f9:7d:c0:c7:3b:07:f8:3f:86:
                    30:ad:69:0a:07:84:80:f5:2a:22:2e:a7:11:6f:fa:
                    42:bc:b3:37:b5:47:35:aa:6d:54:1e:7f:10:9f:9a:
                    57:11:00:11:0f:27:67:97:9d:7a:e1:17:c7:a1:48:
                    04:79:6e:72:cb:91:b5:11:73:9a:47:31:01:1f:39:
                    a6:35:cc:78:9c:8a:75:ca:13:a8:c4:3e:ec:6d:09:
                    df:12:4d:89:2b:72:1c:89:b1:15:9d:01:b7:a6:c3:
                    f2:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:5A:17:62:2C:1A:A0:D8:77:FB:4C:36:A3:43:D9:07:71:96:B7:D3
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/21oXYiwaoNh3-0w2o0PZB3GWt9M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.71.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:d1:5d:16:23:67:26:62:00:05:44:36:e3:04:3d:87:c1:69:
         b9:cc:53:11:fd:01:46:d2:6c:87:08:8f:44:b0:bf:1c:d6:d3:
         97:a4:ee:ea:7b:9d:8d:d3:ad:99:22:fe:8b:f9:a1:18:84:c8:
         3d:a3:54:64:74:89:5e:1e:15:b8:ba:2f:39:c3:9f:0c:6c:37:
         c8:5a:ab:7c:bf:cc:7a:75:7b:58:51:54:88:06:63:55:1a:b2:
         0f:5e:87:bf:59:9e:1f:0d:eb:27:ef:1b:bd:e5:f1:e0:77:de:
         a9:41:47:ef:06:4a:18:b7:ed:53:29:d8:77:27:6c:e4:6f:a8:
         03:8b:53:e1:34:ab:c6:96:b8:f7:45:21:d9:2c:67:ce:af:35:
         7e:a9:f8:62:84:79:ef:db:5a:2e:46:08:67:b2:93:02:81:5f:
         45:0f:5a:f3:bd:8a:8f:fa:d5:bb:01:1c:85:bd:e7:e6:2e:fb:
         5a:4c:1c:b3:8c:d6:db:cb:94:38:51:d5:f5:06:44:e9:ee:fb:
         3a:f7:a9:5d:eb:0d:b8:75:6e:fd:11:07:35:7d:e6:8b:c4:3f:
         eb:40:8c:89:eb:63:0e:2f:4d:d7:5e:da:53:3c:b9:88:3c:10:
         5f:e1:ad:a7:2a:b0:cf:33:e8:7b:62:c9:73:4d:c9:df:cf:e3:
         d2:5c:a1:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnkUUQBVJbyhXVftB2n4xQiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwODExMTExNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjVhMTc2MjJjMWFhMGQ4NzdmYjRjMzZhMzQzZDkwNzcxOTZiN2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnU7huOHuoFfdzQzQRRGci/oTZTPH
0QuQW7o2PmDjjT1646eWbwRiX/O618RJOMXD+CyaekL6iwzyBX/bE3uMajnwvnvJ
3xyDq2OQLIpeVvgwmRai/g/ZLZXVJHFRBppnfr42g95p2DkvyP0mlt+oK3hf6S7k
Zm45crD6R4Ro2+vyY4XHtqMTcXOV3iv6T+jlrJ/effF3uGHLqKj5fcDHOwf4P4Yw
rWkKB4SA9SoiLqcRb/pCvLM3tUc1qm1UHn8Qn5pXEQARDydnl5164RfHoUgEeW5y
y5G1EXOaRzEBHzmmNcx4nIp1yhOoxD7sbQnfEk2JK3IcibEVnQG3psPyzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNtaF2IsGqDYd/tMNqND2QdxlrfTMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvMjFvWFlpd2FvTmgzLTB3Mm8wUFpCM0dXdDlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEfkMA0G
CSqGSIb3DQEBCwUAA4IBAQB20V0WI2cmYgAFRDbjBD2HwWm5zFMR/QFG0myHCI9E
sL8c1tOXpO7qe52N062ZIv6L+aEYhMg9o1RkdIleHhW4ui85w58MbDfIWqt8v8x6
dXtYUVSIBmNVGrIPXoe/WZ4fDesn7xu95fHgd96pQUfvBkoYt+1TKdh3J2zkb6gD
i1PhNKvGlrj3RSHZLGfOrzV+qfhihHnv21ouRghnspMCgV9FD1rzvYqP+tW7ARyF
vefmLvtaTByzjNbby5Q4UdX1BkTp7vs696ld6w24dW79EQc1feaLxD/rQIyJ62MO
L03XXtpTPLmIPBBf4a2nKrDPM+h7YslzTcnfz+PSXKGo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:39 2024 by rpki-client on console-fra.rpki-client.org