Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RkzyI5_JTZ9_LjaZeoNJZ6-Ltoo.roa
File:                     RkzyI5_JTZ9_LjaZeoNJZ6-Ltoo.roa (raw, json)
Hash identifier:          4x2R8KDhmqEMmm7Gfr+TZyp9Nu64vZQT74aie4508kA=
Subject key identifier:   46:4C:F2:23:9F:C9:4D:9F:7F:2E:36:99:7A:83:49:67:AF:8B:B6:8A
Certificate issuer:       /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial:       018FE1A7E51155B0837D3945B28F0B9B9225
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RkzyI5_JTZ9_LjaZeoNJZ6-Ltoo.roa
Signing time:             Tue 04 Jun 2024 05:10:27 +0000
ROA not before:           Tue 04 Jun 2024 05:10:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 04 Jun 2024 06:04:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:e1:a7:e5:11:55:b0:83:7d:39:45:b2:8f:0b:9b:92:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
        Validity
            Not Before: Jun  4 05:10:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=464cf2239fc94d9f7f2e36997a834967af8bb68a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:d1:cc:db:00:72:7f:57:ef:53:e0:3a:d1:27:
                    b2:1e:9b:92:0f:34:d4:b3:21:62:9f:73:ef:21:e6:
                    a8:2e:c0:92:2a:0e:d4:48:83:73:2b:b3:17:0a:27:
                    94:41:38:a5:eb:17:b6:0c:20:b3:bb:9a:bf:fa:7f:
                    cf:50:f0:30:70:d6:a9:84:19:98:56:2d:01:6c:1e:
                    80:3d:09:57:2f:1b:00:09:e1:fb:04:39:c9:bd:ae:
                    b4:82:28:e3:08:cd:8f:ac:85:29:29:39:db:a2:97:
                    62:10:21:a0:00:2d:15:b2:36:2a:66:2f:3b:91:87:
                    e0:0e:0a:b1:97:e4:f5:e2:94:5b:4b:7e:ad:af:46:
                    ec:b5:f0:cc:42:d9:c4:88:26:20:7d:ab:4e:d7:00:
                    76:93:c6:bd:89:46:2b:ce:b5:50:26:6f:6c:8f:98:
                    cb:e1:2c:1b:a2:7a:10:2e:b2:8b:b6:bd:18:16:ba:
                    9f:46:83:0d:b4:ad:dc:63:7b:21:f8:9b:ce:e5:e8:
                    47:ec:35:2d:c7:7b:1f:b3:9d:2b:cd:dd:87:60:00:
                    62:8a:89:47:89:dd:fa:21:78:f9:0d:54:fa:8e:e3:
                    e1:57:f2:e3:cd:9f:e3:1d:a9:74:1e:9c:35:78:17:
                    e3:ba:43:2a:6c:fc:e4:ee:1c:c2:b8:46:bd:6f:db:
                    3e:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:4C:F2:23:9F:C9:4D:9F:7F:2E:36:99:7A:83:49:67:AF:8B:B6:8A
            X509v3 Authority Key Identifier:
                keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RkzyI5_JTZ9_LjaZeoNJZ6-Ltoo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         15:66:78:9c:ba:79:f6:ff:88:86:e5:71:a8:ff:c0:20:74:69:
         19:22:be:d0:3f:d8:20:82:7f:05:c3:c8:c8:67:cf:4c:58:48:
         1a:59:06:3f:e2:e1:bf:cb:73:11:a9:c0:08:90:a0:fe:2f:f4:
         6e:65:a1:43:c6:7b:1d:c0:79:ab:d3:19:78:34:72:fb:92:88:
         de:d7:b6:16:98:2a:1e:1e:50:52:30:71:f3:65:93:9c:d3:21:
         06:d0:20:90:f4:1c:4f:8e:f4:8b:da:dc:d6:89:ed:cc:0a:27:
         68:ed:f4:80:43:ca:c3:cd:67:c0:c8:de:d6:a9:9d:a9:21:33:
         b1:b8:80:11:88:3c:98:80:82:e5:ca:91:13:31:bf:e0:c8:cf:
         c9:88:a7:27:19:03:e3:cc:1a:1d:9e:4d:c1:ca:8f:8b:48:10:
         b8:61:88:87:dd:45:ea:b0:5f:57:8d:1c:7d:71:26:f6:33:8c:
         64:16:ac:42:39:ff:aa:01:93:61:d4:31:1f:17:d7:b6:4b:12:
         6a:2b:af:d8:7b:52:af:30:b2:54:68:75:ba:d0:88:7e:0c:10:
         e8:ce:1a:4b:a7:cf:51:17:6d:50:a7:62:0d:db:15:f0:01:cf:
         16:48:93:50:6b:71:9d:15:3a:20:78:75:1d:f9:bf:ec:dc:1c:
         1d:80:c4:f3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/hp+URVbCDfTlFso8Lm5IlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA0MDUxMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjRjZjIyMzlmYzk0ZDlmN2YyZTM2OTk3YTgzNDk2N2FmOGJiNjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NHM2wByf1fvU+A60SeyHpuSDzTU
syFin3PvIeaoLsCSKg7USINzK7MXCieUQTil6xe2DCCzu5q/+n/PUPAwcNaphBmY
Vi0BbB6APQlXLxsACeH7BDnJva60gijjCM2PrIUpKTnbopdiECGgAC0VsjYqZi87
kYfgDgqxl+T14pRbS36tr0bstfDMQtnEiCYgfatO1wB2k8a9iUYrzrVQJm9sj5jL
4SwbonoQLrKLtr0YFrqfRoMNtK3cY3sh+JvO5ehH7DUtx3sfs50rzd2HYABiiolH
id36IXj5DVT6juPhV/LjzZ/jHal0Hpw1eBfjukMqbPzk7hzCuEa9b9s+mwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEZM8iOfyU2ffy42mXqDSWevi7aKMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUmt6eUk1X0pUWjlfTGphWmVvTkpaNi1MdG9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABVmeJy6efb/iIblcaj/
wCB0aRkivtA/2CCCfwXDyMhnz0xYSBpZBj/i4b/LcxGpwAiQoP4v9G5loUPGex3A
eavTGXg0cvuSiN7XthaYKh4eUFIwcfNlk5zTIQbQIJD0HE+O9Iva3NaJ7cwKJ2jt
9IBDysPNZ8DI3tapnakhM7G4gBGIPJiAguXKkRMxv+DIz8mIpycZA+PMGh2eTcHK
j4tIELhhiIfdReqwX1eNHH1xJvYzjGQWrEI5/6oBk2HUMR8X17ZLEmorr9h7Uq8w
slRodbrQiH4MEOjOGkunz1EXbVCnYg3bFfABzxZIk1BrcZ0VOiB4dR35v+zcHB2A
xPM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:52 2024 by rpki-client on console-fra.rpki-client.org