Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/iw_yoP3_D6_XcOJhI99kExWTSx8.roa
File:                     iw_yoP3_D6_XcOJhI99kExWTSx8.roa (raw, json)
Hash identifier:          uM1neuKjOtIuD/b1B+XwPDw4lk7+QRqwqSxhFUvF7j4=
Subject key identifier:   8B:0F:F2:A0:FD:FF:0F:AF:D7:70:E2:61:23:DF:64:13:15:93:4B:1F
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       018CCE259432B9CEA8C0A78565B9D627CB07
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/iw_yoP3_D6_XcOJhI99kExWTSx8.roa
Signing time:             Wed 03 Jan 2024 07:06:58 +0000
ROA not before:           Wed 03 Jan 2024 07:06:58 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     9009
IP address blocks:        80.71.225.0/24 maxlen: 24
                          80.71.232.0/24 maxlen: 24
                          81.29.149.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 10 Jan 2024 09:08:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ce:25:94:32:b9:ce:a8:c0:a7:85:65:b9:d6:27:cb:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Jan  3 07:06:58 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8b0ff2a0fdff0fafd770e26123df641315934b1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:22:97:c5:80:9e:89:b9:b6:74:55:b2:dc:a2:
                    f9:1d:c2:3c:0b:3d:3d:74:d7:3c:00:05:ea:62:d8:
                    15:14:69:55:9b:a3:f3:88:eb:57:6a:42:f9:5a:39:
                    ca:56:4e:db:9c:e4:11:85:9b:32:95:ed:8b:f1:12:
                    e0:8d:fc:b0:75:62:a4:67:73:79:e5:0c:79:d9:e1:
                    26:ef:1e:90:c7:2d:73:aa:0f:37:61:27:b1:97:bf:
                    61:ea:b6:8c:b4:3c:37:b7:f9:6e:81:60:eb:4e:e4:
                    d3:00:85:11:34:26:a6:1a:54:aa:6d:bd:47:14:93:
                    20:e1:91:c6:cd:78:d7:1a:1c:fa:9a:bc:d0:f0:56:
                    ae:97:a6:60:5e:b3:fe:aa:9b:07:2a:e6:19:03:6e:
                    9b:9d:93:f4:7d:9e:83:fe:3c:1a:d7:4f:bd:37:ff:
                    0f:f5:e9:11:e6:55:c0:93:49:44:1c:36:11:f0:41:
                    04:30:2f:ac:7a:8f:c3:cd:20:cd:a5:01:65:d9:ba:
                    79:d1:d6:71:69:2b:11:01:d2:da:95:73:6c:9b:47:
                    09:82:01:49:91:71:b5:ad:90:47:b4:f6:d7:ed:16:
                    d2:6c:65:95:d3:4d:43:e3:31:7e:ec:0e:3b:76:bf:
                    f4:89:ed:d7:6a:6e:4a:2b:51:ea:bc:50:48:60:24:
                    e8:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:0F:F2:A0:FD:FF:0F:AF:D7:70:E2:61:23:DF:64:13:15:93:4B:1F
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/iw_yoP3_D6_XcOJhI99kExWTSx8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.71.225.0/24
                  80.71.232.0/24
                  81.29.149.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:3e:2f:0f:5b:d2:30:8d:1c:35:25:3f:12:e5:f7:fb:90:b4:
         8a:a1:99:2c:43:50:03:dc:b6:90:29:d1:80:4e:29:9f:ea:56:
         84:3b:e2:67:63:4a:27:69:c1:de:55:fb:9d:3d:cf:11:de:b9:
         1e:ad:fa:af:02:6f:56:55:3b:f9:e3:85:ae:a7:fc:26:00:44:
         b6:ed:2e:0e:16:60:76:46:53:23:6e:0e:0d:dd:e5:ff:01:1d:
         12:5b:4b:93:66:1b:5b:ac:b6:ad:8a:ab:af:89:63:e2:c0:31:
         a9:cb:8c:92:f0:c8:7e:e7:fd:90:01:d4:99:a5:f5:60:59:89:
         fc:e4:9a:51:12:21:d3:62:cf:f3:2b:1c:73:0e:9c:53:f2:e1:
         48:ca:55:f2:21:d6:f1:fe:fd:91:87:f9:ae:98:3a:46:a9:c9:
         02:58:bd:f3:dd:ad:a8:93:e1:dc:b3:b6:0f:cf:8c:e2:5f:ca:
         d1:fd:ad:7a:19:05:f7:8d:71:b3:65:45:40:49:ca:93:68:49:
         e6:e1:6d:2d:b9:10:ce:ee:9d:46:1a:d1:5f:bc:1a:e7:f1:d4:
         c4:45:3a:16:68:0c:d7:c5:e7:d5:66:42:63:61:bc:0b:75:45:
         2c:23:73:74:34:6c:91:c2:f2:b8:a6:39:c4:57:0f:83:0e:71:
         fc:e7:89:f6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzOJZQyuc6owKeFZbnWJ8sHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjQwMTAzMDcwNjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjBmZjJhMGZkZmYwZmFmZDc3MGUyNjEyM2RmNjQxMzE1OTM0YjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyKXxYCeibm2dFWy3KL5HcI8Cz09
dNc8AAXqYtgVFGlVm6PziOtXakL5WjnKVk7bnOQRhZsyle2L8RLgjfywdWKkZ3N5
5Qx52eEm7x6Qxy1zqg83YSexl79h6raMtDw3t/lugWDrTuTTAIURNCamGlSqbb1H
FJMg4ZHGzXjXGhz6mrzQ8Faul6ZgXrP+qpsHKuYZA26bnZP0fZ6D/jwa10+9N/8P
9ekR5lXAk0lEHDYR8EEEMC+seo/DzSDNpQFl2bp50dZxaSsRAdLalXNsm0cJggFJ
kXG1rZBHtPbX7RbSbGWV001D4zF+7A47dr/0ie3Xam5KK1HqvFBIYCTo1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIsP8qD9/w+v13DiYSPfZBMVk0sfMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvaXdfeW9QM19ENl9YY09KaEk5OWtFeFdUU3g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUEfhAwQA
UEfoAwQAUR2VMA0GCSqGSIb3DQEBCwUAA4IBAQCWPi8PW9IwjRw1JT8S5ff7kLSK
oZksQ1AD3LaQKdGATimf6laEO+JnY0onacHeVfudPc8R3rkerfqvAm9WVTv544Wu
p/wmAES27S4OFmB2RlMjbg4N3eX/AR0SW0uTZhtbrLatiquviWPiwDGpy4yS8Mh+
5/2QAdSZpfVgWYn85JpREiHTYs/zKxxzDpxT8uFIylXyIdbx/v2Rh/mumDpGqckC
WL3z3a2ok+Hcs7YPz4ziX8rR/a16GQX3jXGzZUVAScqTaEnm4W0tuRDO7p1GGtFf
vBrn8dTERToWaAzXxefVZkJjYbwLdUUsI3N0NGyRwvK4pjnEVw+DDnH854n2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:36 2024 by rpki-client on console-ams.rpki-client.org