Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/Zqema1kXOOMCnwtZ7wkocwaeZEE.roa
File:                     Zqema1kXOOMCnwtZ7wkocwaeZEE.roa (raw, json)
Hash identifier:          pK+Ok4rGrINimoenPsfutsfpK3bxuG2BeIVdfvpRgDQ=
Subject key identifier:   66:A7:A6:6B:59:17:38:E3:02:9F:0B:59:EF:09:28:73:06:9E:64:41
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       018CCA2A457092F9EAD7775D00BD16272779
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/Zqema1kXOOMCnwtZ7wkocwaeZEE.roa
Signing time:             Tue 02 Jan 2024 12:33:37 +0000
ROA not before:           Tue 02 Jan 2024 12:33:37 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     47585
IP address blocks:        80.71.230.0/24 maxlen: 24
                          81.29.157.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 12 Feb 2024 14:29:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:45:70:92:f9:ea:d7:77:5d:00:bd:16:27:27:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Jan  2 12:33:37 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=66a7a66b591738e3029f0b59ef092873069e6441
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:c5:27:aa:25:ec:e9:65:ff:76:0c:cc:ce:d7:
                    0e:f6:e7:fe:19:ad:f2:42:aa:8f:30:39:bb:39:93:
                    b6:95:e6:17:ec:ff:a0:81:6f:c0:c4:53:4f:fa:a3:
                    71:03:e1:fd:1e:7e:18:50:bd:67:8d:2b:e2:18:b3:
                    3d:79:25:21:06:76:6d:81:3f:c3:70:95:26:c8:2c:
                    5d:2a:d9:fa:e0:86:e9:21:8d:a7:60:ed:c3:e7:48:
                    91:21:98:7d:be:05:43:47:1b:d7:cd:1f:c0:31:ca:
                    f9:a6:c7:e5:da:10:f7:e6:85:35:06:b0:8c:ca:58:
                    11:ff:77:54:5f:26:06:7b:3f:3b:dd:df:ae:cf:fa:
                    83:6c:16:24:d3:aa:cc:a6:d2:1b:cf:24:43:c1:99:
                    a2:12:04:c6:0c:aa:68:d9:d3:ce:1e:8f:35:60:64:
                    00:e8:08:93:24:df:41:48:ae:43:fc:fb:ea:a6:db:
                    d8:d3:90:4e:19:66:fd:ba:cd:7a:5f:c3:57:13:14:
                    39:da:06:11:d3:9e:40:38:32:24:ab:63:73:ab:4f:
                    44:2c:67:8b:00:33:b2:5b:14:f3:b5:ab:bd:89:68:
                    a1:b6:24:ca:4b:85:ba:d2:ec:95:8d:b4:0e:ad:fc:
                    20:95:14:b8:98:0b:51:1e:97:14:2d:cb:25:0a:d5:
                    7d:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:A7:A6:6B:59:17:38:E3:02:9F:0B:59:EF:09:28:73:06:9E:64:41
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/Zqema1kXOOMCnwtZ7wkocwaeZEE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.71.230.0/24
                  81.29.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:8d:59:41:e9:f0:1a:22:c4:1d:c7:b3:e1:4b:af:3f:2f:15:
         7a:0b:26:20:89:56:9c:45:0b:7a:4e:63:3b:e1:54:0c:72:d9:
         b5:d0:66:c9:6c:73:f3:e4:f9:46:f7:02:27:2c:07:eb:95:d3:
         b3:a2:7e:ca:75:9b:09:02:fd:03:4d:f9:8c:06:80:54:35:27:
         ff:f5:a9:b8:5a:6f:33:a3:48:25:cf:ce:3b:11:ee:02:b4:a2:
         d7:cd:03:d8:08:ab:ee:9a:71:8c:6d:45:50:65:d6:8e:68:72:
         77:6b:cd:56:31:00:13:87:a8:f7:33:d7:08:b1:3b:4a:9d:25:
         43:47:68:6a:58:d3:78:f0:d3:94:3e:80:25:13:58:89:fa:4c:
         8f:4c:94:d1:58:32:4c:99:6e:f7:42:a2:6c:04:e4:26:d9:8e:
         56:70:3a:02:0d:82:aa:2c:69:8f:4f:b6:f9:35:1d:2e:25:fb:
         0c:da:84:1a:07:85:6e:cf:93:d7:63:da:d1:4f:c0:28:bb:9d:
         02:cd:97:7c:e6:a0:82:b3:f3:4c:d5:94:2d:24:50:1e:db:9e:
         62:e6:94:28:a2:a4:e0:8b:c9:cb:a7:a2:f0:44:6a:d6:02:4c:
         a4:95:5e:d1:54:ec:22:d8:56:9b:f2:93:cd:ae:1d:c5:da:9e:
         59:f9:5b:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKkVwkvnq13ddAL0WJyd5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjQwMTAyMTIzMzM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmE3YTY2YjU5MTczOGUzMDI5ZjBiNTllZjA5Mjg3MzA2OWU2NDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8UnqiXs6WX/dgzMztcO9uf+Ga3y
QqqPMDm7OZO2leYX7P+ggW/AxFNP+qNxA+H9Hn4YUL1njSviGLM9eSUhBnZtgT/D
cJUmyCxdKtn64IbpIY2nYO3D50iRIZh9vgVDRxvXzR/AMcr5psfl2hD35oU1BrCM
ylgR/3dUXyYGez873d+uz/qDbBYk06rMptIbzyRDwZmiEgTGDKpo2dPOHo81YGQA
6AiTJN9BSK5D/PvqptvY05BOGWb9us16X8NXExQ52gYR055AODIkq2Nzq09ELGeL
ADOyWxTztau9iWihtiTKS4W60uyVjbQOrfwglRS4mAtRHpcULcslCtV9bQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGanpmtZFzjjAp8LWe8JKHMGnmRBMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvWnFlbWExa1hPT01Dbnd0Wjd3a29jd2FlWkVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUEfmAwQA
UR2dMA0GCSqGSIb3DQEBCwUAA4IBAQBwjVlB6fAaIsQdx7PhS68/LxV6CyYgiVac
RQt6TmM74VQMctm10GbJbHPz5PlG9wInLAfrldOzon7KdZsJAv0DTfmMBoBUNSf/
9am4Wm8zo0glz847Ee4CtKLXzQPYCKvumnGMbUVQZdaOaHJ3a81WMQATh6j3M9cI
sTtKnSVDR2hqWNN48NOUPoAlE1iJ+kyPTJTRWDJMmW73QqJsBOQm2Y5WcDoCDYKq
LGmPT7b5NR0uJfsM2oQaB4Vuz5PXY9rRT8Aou50CzZd85qCCs/NM1ZQtJFAe255i
5pQooqTgi8nLp6LwRGrWAkyklV7RVOwi2Fab8pPNrh3F2p5Z+Vtl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:35 2024 by rpki-client on console-ams.rpki-client.org