Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/OHOvYy5FDeboYbqjr6V1majFHd4.roa
File:                     OHOvYy5FDeboYbqjr6V1majFHd4.roa (raw, json)
Hash identifier:          MKXw+fQpffk0nbc4YipbmKYoJSz1JKElO5lgSVTWJI4=
Subject key identifier:   38:73:AF:63:2E:45:0D:E6:E8:61:BA:A3:AF:A5:75:99:A8:C5:1D:DE
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       01856F54B68162A113AEBFFCF431319CD2CB
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/OHOvYy5FDeboYbqjr6V1majFHd4.roa
Signing time:             Sun 01 Jan 2023 21:55:00 +0000
ROA not before:           Sun 01 Jan 2023 21:55:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41327
IP address blocks:        80.71.237.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 29 Mar 2023 12:54:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:54:b6:81:62:a1:13:ae:bf:fc:f4:31:31:9c:d2:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Jan  1 21:55:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3873af632e450de6e861baa3afa57599a8c51dde
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:bc:05:73:6d:d4:7a:4d:18:9f:3a:e0:bc:4b:
                    05:64:5a:80:d1:03:d9:aa:17:71:94:7e:f4:f4:09:
                    d1:2f:a8:6d:f4:a3:bb:b3:3e:d4:b3:34:36:89:ae:
                    49:8f:6c:d6:01:f2:fd:3a:6f:de:a7:91:49:4d:a6:
                    4e:7d:c4:f3:be:11:f3:f8:a8:54:e3:cf:a9:02:1e:
                    f4:b5:14:4e:8f:da:8d:c5:f3:5a:cd:b5:bb:82:c6:
                    6d:8b:e7:d7:3b:60:73:e0:aa:0e:78:ae:84:e8:e4:
                    53:4d:b3:27:75:b8:60:60:08:be:b4:e4:59:37:27:
                    74:24:58:be:8f:86:8c:6b:d0:89:40:0e:25:6e:c5:
                    f1:49:e1:e3:72:05:37:a7:b2:b5:c9:73:59:80:ff:
                    36:b6:1e:37:36:c5:6f:88:06:f7:92:77:2b:68:0f:
                    f1:19:cc:a7:8f:fd:99:2d:94:c1:e1:dc:02:b2:1d:
                    b3:78:7e:af:7e:48:00:d9:e5:10:cd:38:40:1f:c7:
                    13:ab:34:98:b9:65:37:8a:35:cc:22:9e:c0:fa:9e:
                    b8:79:b1:bc:e9:a5:22:22:41:6d:d3:b4:cc:8a:bc:
                    07:e2:fb:fe:1e:77:5c:ca:4f:0e:3a:57:2f:93:80:
                    8b:f8:f7:96:94:2a:f5:49:66:29:4f:98:6a:6e:14:
                    9f:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:73:AF:63:2E:45:0D:E6:E8:61:BA:A3:AF:A5:75:99:A8:C5:1D:DE
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/OHOvYy5FDeboYbqjr6V1majFHd4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.71.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:3d:4c:10:b1:d6:b3:7d:1a:8e:be:54:34:74:0e:d8:79:12:
         95:4c:98:51:a1:a7:81:a5:ef:bc:cf:19:60:a3:4a:9c:45:1f:
         56:df:0c:14:6b:67:61:22:2b:e7:3e:f6:35:b4:cb:b2:2f:99:
         54:53:2b:78:5f:e6:f2:17:69:4c:0f:f6:df:8a:ca:f9:19:f2:
         8a:37:22:3e:18:88:b1:d0:0b:96:d6:90:78:a3:92:0d:14:35:
         1e:9b:09:a3:af:fe:45:55:fc:b5:86:39:36:58:64:15:58:3e:
         8c:8d:f1:b7:e3:9f:10:1d:9e:5f:94:8a:18:63:90:b5:6b:21:
         32:b4:09:0c:eb:63:62:89:74:ba:23:e7:4d:c5:3a:28:f4:10:
         e5:3e:4d:a0:c9:02:b9:4a:91:26:c2:da:11:4c:01:d3:8f:2b:
         77:53:e3:70:8c:a1:9a:29:cd:fe:56:be:23:b4:37:62:c7:1e:
         61:29:e7:85:5c:4b:cb:94:2f:cd:c4:0a:04:67:2d:54:f9:c1:
         f4:6e:9d:d9:05:10:9e:41:cb:28:a0:c7:7b:04:ca:f4:73:6c:
         4d:cd:38:5a:e7:2f:5d:bd:47:25:6b:db:1a:c8:d4:fa:21:0b:
         6e:7a:5a:19:88:e2:59:0b:66:57:ed:eb:09:a7:42:c3:14:0f:
         1e:29:df:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvVLaBYqETrr/89DExnNLLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwMTAxMjE1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODczYWY2MzJlNDUwZGU2ZTg2MWJhYTNhZmE1NzU5OWE4YzUxZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLwFc23Uek0YnzrgvEsFZFqA0QPZ
qhdxlH709AnRL6ht9KO7sz7UszQ2ia5Jj2zWAfL9Om/ep5FJTaZOfcTzvhHz+KhU
48+pAh70tRROj9qNxfNazbW7gsZti+fXO2Bz4KoOeK6E6ORTTbMndbhgYAi+tORZ
Nyd0JFi+j4aMa9CJQA4lbsXxSeHjcgU3p7K1yXNZgP82th43NsVviAb3kncraA/x
Gcynj/2ZLZTB4dwCsh2zeH6vfkgA2eUQzThAH8cTqzSYuWU3ijXMIp7A+p64ebG8
6aUiIkFt07TMirwH4vv+Hndcyk8OOlcvk4CL+PeWlCr1SWYpT5hqbhSfSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDhzr2MuRQ3m6GG6o6+ldZmoxR3eMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvT0hPdll5NUZEZWJvWWJxanI2VjFtYWpGSGQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEftMA0G
CSqGSIb3DQEBCwUAA4IBAQAAPUwQsdazfRqOvlQ0dA7YeRKVTJhRoaeBpe+8zxlg
o0qcRR9W3wwUa2dhIivnPvY1tMuyL5lUUyt4X+byF2lMD/bfisr5GfKKNyI+GIix
0AuW1pB4o5INFDUemwmjr/5FVfy1hjk2WGQVWD6MjfG3458QHZ5flIoYY5C1ayEy
tAkM62NiiXS6I+dNxToo9BDlPk2gyQK5SpEmwtoRTAHTjyt3U+NwjKGaKc3+Vr4j
tDdixx5hKeeFXEvLlC/NxAoEZy1U+cH0bp3ZBRCeQcsooMd7BMr0c2xNzTha5y9d
vUcla9sayNT6IQtueloZiOJZC2ZX7esJp0LDFA8eKd/A
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:35 2024 by rpki-client on console-ams.rpki-client.org