Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/gCDclUJ3KJsV4cJa1cxf7N7gHno.roa
File:                     gCDclUJ3KJsV4cJa1cxf7N7gHno.roa (raw, json)
Hash identifier:          zysYEBQF0uHrc0EPOnV6tVW42zURPCVoV37s1iANxkE=
Subject key identifier:   80:20:DC:95:42:77:28:9B:15:E1:C2:5A:D5:CC:5F:EC:DE:E0:1E:7A
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       01856F54B7FEA9593EEEEFF5274A64C49CE9
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/gCDclUJ3KJsV4cJa1cxf7N7gHno.roa
Signing time:             Sun 01 Jan 2023 21:55:01 +0000
ROA not before:           Sun 01 Jan 2023 21:55:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58212
IP address blocks:        80.71.227.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 18 Apr 2023 17:04:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:54:b7:fe:a9:59:3e:ee:ef:f5:27:4a:64:c4:9c:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Jan  1 21:55:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8020dc954277289b15e1c25ad5cc5fecdee01e7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:d2:67:65:e0:15:50:d7:e6:cc:31:9b:67:01:
                    8e:d5:9e:d1:ec:cf:17:4c:ba:b0:6a:fa:d3:44:72:
                    a3:78:7a:7d:b2:3c:df:c4:e0:df:4b:46:58:9c:72:
                    e1:12:42:87:eb:e1:40:28:dd:95:d9:c1:39:21:f1:
                    fd:c2:f2:8a:4c:cc:ea:25:ff:fb:68:2c:6c:46:d7:
                    7e:36:93:76:52:b0:26:7c:c9:6e:48:03:9c:97:0c:
                    e5:6a:4a:6d:4f:55:f6:d7:36:95:62:d3:1b:fd:f4:
                    09:0d:c9:a2:d9:10:bc:fa:b0:5c:0e:c3:19:45:2a:
                    70:7a:dc:6d:08:35:93:11:c4:02:ef:f3:e9:8a:fe:
                    a1:4e:fa:c2:c9:75:20:e2:8d:10:85:02:20:eb:68:
                    49:d8:96:74:f7:19:71:23:59:d7:44:36:36:ef:6e:
                    b5:f5:b8:84:d8:bc:7e:df:58:a3:65:56:d7:68:da:
                    50:6a:a9:45:c7:3c:17:26:67:b6:2b:5f:f0:f7:75:
                    d9:e5:b5:74:5b:04:e3:5e:f3:03:8d:f3:cc:36:aa:
                    1b:f6:c0:c7:69:bd:10:78:02:e7:75:68:78:f1:cb:
                    f0:d4:13:7a:b4:c2:33:46:c6:0e:7e:20:14:63:44:
                    76:9e:2e:bd:9f:af:3f:92:2f:e5:52:8a:7b:f9:ea:
                    5b:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:20:DC:95:42:77:28:9B:15:E1:C2:5A:D5:CC:5F:EC:DE:E0:1E:7A
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/gCDclUJ3KJsV4cJa1cxf7N7gHno.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.71.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:8a:fa:f5:3e:42:1e:69:e7:08:9e:49:05:5f:d0:d5:7f:77:
         43:54:2a:12:6c:5d:24:1a:00:e3:d3:95:58:7f:3f:01:1b:96:
         aa:3a:60:47:6b:02:62:c6:07:b6:5b:fe:35:78:25:92:d7:33:
         16:70:0b:c7:81:a5:28:fe:9b:c5:cd:36:46:e7:d5:e9:c4:d9:
         cd:6e:df:c4:15:8a:e2:9a:98:5e:8b:6a:dd:ee:67:28:12:75:
         b5:c0:d5:fb:7c:ab:b2:6d:1f:57:39:0b:df:44:f6:ef:e6:20:
         03:37:3f:d5:a5:f0:b9:f1:c7:57:c3:51:48:c7:1d:7e:c8:ef:
         71:97:2e:10:cf:99:64:9c:1e:83:0d:d1:74:20:05:e8:3b:dc:
         7a:cb:ef:19:77:df:08:2a:ed:02:b5:5c:1a:29:53:a6:37:42:
         3c:4c:1a:83:db:c6:6e:e1:80:05:91:34:ea:d8:d3:2f:c0:25:
         00:61:91:7b:ab:05:38:eb:41:55:d3:eb:50:d0:a9:d7:9a:f1:
         89:3d:ce:66:e9:6c:92:46:60:b8:2e:70:e2:fd:6a:94:42:be:
         eb:af:85:12:9e:3d:93:0a:ac:20:45:07:cc:ee:aa:95:d0:58:
         db:1e:6b:fa:b1:2f:15:18:e2:d7:94:b6:dc:b3:56:98:a3:78:
         15:f2:8b:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvVLf+qVk+7u/1J0pkxJzpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwMTAxMjE1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDIwZGM5NTQyNzcyODliMTVlMWMyNWFkNWNjNWZlY2RlZTAxZTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdJnZeAVUNfmzDGbZwGO1Z7R7M8X
TLqwavrTRHKjeHp9sjzfxODfS0ZYnHLhEkKH6+FAKN2V2cE5IfH9wvKKTMzqJf/7
aCxsRtd+NpN2UrAmfMluSAOclwzlakptT1X21zaVYtMb/fQJDcmi2RC8+rBcDsMZ
RSpwetxtCDWTEcQC7/Ppiv6hTvrCyXUg4o0QhQIg62hJ2JZ09xlxI1nXRDY27261
9biE2Lx+31ijZVbXaNpQaqlFxzwXJme2K1/w93XZ5bV0WwTjXvMDjfPMNqob9sDH
ab0QeALndWh48cvw1BN6tMIzRsYOfiAUY0R2ni69n68/ki/lUop7+epbgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIAg3JVCdyibFeHCWtXMX+ze4B56MB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvZ0NEY2xVSjNLSnNWNGNKYTFjeGY3TjdnSG5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEfjMA0G
CSqGSIb3DQEBCwUAA4IBAQBaivr1PkIeaecInkkFX9DVf3dDVCoSbF0kGgDj05VY
fz8BG5aqOmBHawJixge2W/41eCWS1zMWcAvHgaUo/pvFzTZG59XpxNnNbt/EFYri
mphei2rd7mcoEnW1wNX7fKuybR9XOQvfRPbv5iADNz/VpfC58cdXw1FIxx1+yO9x
ly4Qz5lknB6DDdF0IAXoO9x6y+8Zd98IKu0CtVwaKVOmN0I8TBqD28Zu4YAFkTTq
2NMvwCUAYZF7qwU460FV0+tQ0KnXmvGJPc5m6WySRmC4LnDi/WqUQr7rr4USnj2T
CqwgRQfM7qqV0FjbHmv6sS8VGOLXlLbcs1aYo3gV8ouw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:40 2024 by rpki-client on console-fra.rpki-client.org