Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/i5iBPpnMHHNj-X3xFbIb-LLkCsQ.roa
File:                     i5iBPpnMHHNj-X3xFbIb-LLkCsQ.roa (raw, json)
Hash identifier:          6Z6XiSvSgJZg7T5o6wqz2aclWgJn1TMe8dF6mdwEvy4=
Subject key identifier:   8B:98:81:3E:99:CC:1C:73:63:F9:7D:F1:15:B2:1B:F8:B2:E4:0A:C4
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       018B28ACCFB8A322784AD8CE519291AFD703
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/i5iBPpnMHHNj-X3xFbIb-LLkCsQ.roa
Signing time:             Fri 13 Oct 2023 10:54:55 +0000
ROA not before:           Fri 13 Oct 2023 10:54:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212815
IP address blocks:        80.71.239.0/24 maxlen: 24
                          80.71.237.0/24 maxlen: 24
                          80.71.234.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:28:ac:cf:b8:a3:22:78:4a:d8:ce:51:92:91:af:d7:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Oct 13 10:54:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8b98813e99cc1c7363f97df115b21bf8b2e40ac4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:4c:9e:7c:c1:f3:d8:d3:f2:c7:fd:64:44:f6:
                    85:f6:12:60:72:49:5e:d7:44:3d:0b:e0:1c:0d:79:
                    bb:dd:79:1d:33:f0:ae:03:60:35:2f:de:39:45:ef:
                    0c:f9:6c:ad:6b:a7:72:71:d9:bb:d9:b0:37:3a:f2:
                    34:52:61:10:d0:1d:8b:82:7a:e5:f4:d1:6b:c1:4f:
                    94:3d:aa:c5:80:2c:b2:67:d1:16:39:48:ce:7a:69:
                    50:c9:a6:97:7a:58:97:5e:94:02:13:db:27:d4:2c:
                    e5:7b:f7:2f:e9:e9:cf:8c:a5:cf:6b:49:24:38:79:
                    ef:71:8c:8b:24:b8:9c:d7:83:4c:2a:4c:ba:bc:ac:
                    40:10:82:84:ef:3b:79:2d:f2:8d:1c:74:aa:e7:9a:
                    89:90:bd:d0:c3:91:64:d7:26:c3:66:f3:19:d7:1f:
                    99:99:ef:c5:53:b8:71:5a:e8:db:48:b8:2a:ba:46:
                    08:3a:d9:c0:93:d5:75:74:39:fd:4e:b6:85:9b:4a:
                    c7:06:96:3e:95:c0:41:e3:90:17:d7:7c:65:3c:9f:
                    6d:61:30:1f:75:5e:28:a3:9a:3b:be:a4:00:88:31:
                    75:e9:7d:b4:93:5e:1a:60:4d:50:0c:f6:88:12:4f:
                    38:ed:eb:75:96:19:78:2d:c0:da:f4:c1:e6:3d:8e:
                    08:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:98:81:3E:99:CC:1C:73:63:F9:7D:F1:15:B2:1B:F8:B2:E4:0A:C4
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/i5iBPpnMHHNj-X3xFbIb-LLkCsQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.71.234.0/24
                  80.71.237.0/24
                  80.71.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:de:d4:f6:4d:1b:63:9b:aa:fb:25:42:91:e9:3a:b8:42:68:
         0a:20:ca:98:16:55:16:0f:80:e1:6b:bf:89:32:c6:44:40:0c:
         8f:a0:7c:aa:f5:ea:45:b6:94:c8:43:9e:cf:c6:0e:48:13:02:
         60:8c:a5:3f:12:f4:ee:f6:dc:68:c3:ba:0c:34:57:3b:1c:aa:
         4c:44:d3:84:57:61:d5:3b:52:81:a8:90:06:3f:8d:c9:11:c8:
         ac:53:cb:b1:e6:d1:31:50:19:d2:98:8c:ce:05:36:2a:98:2a:
         e7:7b:11:77:ac:77:71:65:5d:10:80:62:84:ba:4b:69:5f:1c:
         ea:c9:01:c3:14:b3:d2:22:ce:94:76:31:c8:53:e4:38:8f:89:
         37:8a:ce:da:c5:a1:7f:49:a2:77:64:b7:59:8d:03:ed:96:07:
         03:8f:eb:a8:8a:46:7b:9c:dc:e8:9c:96:db:98:23:33:22:4a:
         cd:d5:8b:9c:9f:f3:e5:ec:1b:f6:e9:38:1b:f7:e8:79:59:14:
         c5:0d:7b:49:af:91:30:d4:c4:0f:90:f7:5f:ce:51:1b:07:7a:
         9a:3f:68:24:95:e5:5f:10:df:25:8f:d3:cb:05:22:23:f4:54:
         44:dd:33:08:9d:dd:94:24:a2:2d:3f:bb:96:19:99:da:a2:0e:
         84:cd:c1:5f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsorM+4oyJ4StjOUZKRr9cDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMxMDEzMTA1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjk4ODEzZTk5Y2MxYzczNjNmOTdkZjExNWIyMWJmOGIyZTQwYWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0yefMHz2NPyx/1kRPaF9hJgckle
10Q9C+AcDXm73XkdM/CuA2A1L945Re8M+Wyta6dycdm72bA3OvI0UmEQ0B2Lgnrl
9NFrwU+UParFgCyyZ9EWOUjOemlQyaaXeliXXpQCE9sn1Czle/cv6enPjKXPa0kk
OHnvcYyLJLic14NMKky6vKxAEIKE7zt5LfKNHHSq55qJkL3Qw5Fk1ybDZvMZ1x+Z
me/FU7hxWujbSLgqukYIOtnAk9V1dDn9TraFm0rHBpY+lcBB45AX13xlPJ9tYTAf
dV4oo5o7vqQAiDF16X20k14aYE1QDPaIEk847et1lhl4LcDa9MHmPY4I/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIuYgT6ZzBxzY/l98RWyG/iy5ArEMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvaTVpQlBwbk1ISE5qLVgzeEZiSWItTExrQ3NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUEfqAwQA
UEftAwQAUEfvMA0GCSqGSIb3DQEBCwUAA4IBAQAT3tT2TRtjm6r7JUKR6Tq4QmgK
IMqYFlUWD4Dha7+JMsZEQAyPoHyq9epFtpTIQ57Pxg5IEwJgjKU/EvTu9txow7oM
NFc7HKpMRNOEV2HVO1KBqJAGP43JEcisU8ux5tExUBnSmIzOBTYqmCrnexF3rHdx
ZV0QgGKEuktpXxzqyQHDFLPSIs6UdjHIU+Q4j4k3is7axaF/SaJ3ZLdZjQPtlgcD
j+uoikZ7nNzonJbbmCMzIkrN1Yucn/Pl7Bv26Tgb9+h5WRTFDXtJr5Ew1MQPkPdf
zlEbB3qaP2gkleVfEN8lj9PLBSIj9FRE3TMInd2UJKItP7uWGZnaog6EzcFf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:36 2024 by rpki-client on console-ams.rpki-client.org