Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/dDumgTP1Q3Kd-r3hSJ_HKbjCVCU.roa
File:                     dDumgTP1Q3Kd-r3hSJ_HKbjCVCU.roa (raw, json)
Hash identifier:          y+2+ERs/8uy8hs55ZKUN99kZg5Ni9ES+KH/9N2iKkXI=
Subject key identifier:   74:3B:A6:81:33:F5:43:72:9D:FA:BD:E1:48:9F:C7:29:B8:C2:54:25
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       018C1EEA01AB5689581B92CDD672C2E69A01
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/dDumgTP1Q3Kd-r3hSJ_HKbjCVCU.roa
Signing time:             Thu 30 Nov 2023 06:28:21 +0000
ROA not before:           Thu 30 Nov 2023 06:28:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7018
IP address blocks:        80.71.224.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 11 Dec 2023 06:35:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:1e:ea:01:ab:56:89:58:1b:92:cd:d6:72:c2:e6:9a:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Nov 30 06:28:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=743ba68133f543729dfabde1489fc729b8c25425
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:4d:62:d9:80:5c:fd:3e:b3:31:bf:02:be:f1:
                    19:e8:99:0a:45:42:81:73:af:ab:aa:e3:18:58:0d:
                    71:47:d4:7c:f2:81:c4:de:23:60:76:37:f8:a4:54:
                    ca:f7:47:bd:c4:5f:e1:2b:b9:47:d0:18:e8:7b:07:
                    f9:56:2e:e3:c5:ca:f8:67:b9:31:5a:e0:3a:1d:29:
                    5e:d7:e1:6c:db:51:7a:8d:f6:2d:50:38:5e:ba:a4:
                    5e:14:76:07:00:d9:69:b3:cd:57:33:b3:d1:ea:30:
                    e5:6a:2c:1c:f3:a0:64:ff:e6:fa:8f:38:92:74:0f:
                    b5:0d:d8:b2:eb:a0:96:0d:b0:57:5b:9c:79:f8:1f:
                    f0:aa:be:95:0f:46:cf:93:01:93:94:53:04:19:22:
                    35:de:eb:66:0b:97:a0:d0:ed:53:be:d0:ce:70:7b:
                    36:af:1c:a0:bf:74:b3:15:81:4d:bb:7f:86:1b:42:
                    25:7e:b0:ec:28:89:a7:1a:d8:65:00:62:ad:60:cf:
                    18:b9:0b:35:a3:82:73:b3:59:4d:c3:2f:fe:40:f0:
                    6e:6e:d1:b1:d1:17:e0:d7:ee:b8:6d:ee:b6:ec:74:
                    1d:32:76:71:00:88:55:0d:fc:c0:b7:e3:5c:1f:e2:
                    54:ed:35:0b:66:d6:49:2f:2a:d6:7a:2f:1f:b1:68:
                    77:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:3B:A6:81:33:F5:43:72:9D:FA:BD:E1:48:9F:C7:29:B8:C2:54:25
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/dDumgTP1Q3Kd-r3hSJ_HKbjCVCU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.71.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:d0:3c:e5:86:cc:a5:3a:df:f9:67:6d:60:10:c9:70:ae:32:
         61:81:30:52:92:a8:64:c8:ab:18:d3:6b:4e:d6:6e:9d:e4:6e:
         72:c3:12:d4:56:a9:f4:9f:c6:57:9b:76:a0:0e:d9:b9:06:d2:
         dd:1c:23:92:c8:09:92:45:4b:18:7a:06:32:b8:b2:01:57:9d:
         55:7b:de:8b:6c:54:29:3a:92:39:0c:b4:00:37:c3:8c:2f:9f:
         f7:e9:3d:55:63:d4:1a:bb:fa:53:a7:54:86:26:73:4a:66:c3:
         70:b3:ea:28:3a:4f:9b:c9:19:d2:cc:d3:df:2c:a3:09:79:4c:
         76:6d:b2:1b:89:2d:21:39:f4:0c:52:30:20:74:c4:05:f7:80:
         73:ad:4d:90:0a:02:ce:c1:ba:e0:a1:9d:bc:e1:bc:1f:40:35:
         0f:b8:68:6f:10:37:fe:22:b4:a7:d4:08:b2:4a:43:51:05:4b:
         26:2a:0a:a7:2d:43:ea:8c:1a:84:76:39:da:7b:b6:57:b5:04:
         89:74:81:d6:02:b1:4c:6d:52:b8:d6:f4:65:aa:fe:26:ac:a1:
         e5:e3:b9:6b:55:a3:56:18:32:ad:57:7b:1b:03:bf:32:dd:58:
         a5:29:97:35:be:c3:54:22:16:f3:a5:8d:95:58:41:43:4d:5f:
         46:3e:cd:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwe6gGrVolYG5LN1nLC5poBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMxMTMwMDYyODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDNiYTY4MTMzZjU0MzcyOWRmYWJkZTE0ODlmYzcyOWI4YzI1NDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn01i2YBc/T6zMb8CvvEZ6JkKRUKB
c6+rquMYWA1xR9R88oHE3iNgdjf4pFTK90e9xF/hK7lH0Bjoewf5Vi7jxcr4Z7kx
WuA6HSle1+Fs21F6jfYtUDheuqReFHYHANlps81XM7PR6jDlaiwc86Bk/+b6jziS
dA+1Ddiy66CWDbBXW5x5+B/wqr6VD0bPkwGTlFMEGSI13utmC5eg0O1TvtDOcHs2
rxygv3SzFYFNu3+GG0IlfrDsKImnGthlAGKtYM8YuQs1o4Jzs1lNwy/+QPBubtGx
0Rfg1+64be627HQdMnZxAIhVDfzAt+NcH+JU7TULZtZJLyrWei8fsWh3twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHQ7poEz9UNynfq94Uifxym4wlQlMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvZER1bWdUUDFRM0tkLXIzaFNKX0hLYmpDVkNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEfgMA0G
CSqGSIb3DQEBCwUAA4IBAQAS0DzlhsylOt/5Z21gEMlwrjJhgTBSkqhkyKsY02tO
1m6d5G5ywxLUVqn0n8ZXm3agDtm5BtLdHCOSyAmSRUsYegYyuLIBV51Ve96LbFQp
OpI5DLQAN8OML5/36T1VY9Qau/pTp1SGJnNKZsNws+ooOk+byRnSzNPfLKMJeUx2
bbIbiS0hOfQMUjAgdMQF94BzrU2QCgLOwbrgoZ284bwfQDUPuGhvEDf+IrSn1Aiy
SkNRBUsmKgqnLUPqjBqEdjnae7ZXtQSJdIHWArFMbVK41vRlqv4mrKHl47lrVaNW
GDKtV3sbA78y3VilKZc1vsNUIhbzpY2VWEFDTV9GPs1Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:36 2024 by rpki-client on console-ams.rpki-client.org