Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/087513-d2d6-43c6-9b79-22f0aaa81327/1/jZKcMrgBaka3UvB9ukcuaGVSC0w.roa
File:                     jZKcMrgBaka3UvB9ukcuaGVSC0w.roa (raw, json)
Hash identifier:          9XwPLH599cs6cuaQF+yqGB8RRFQjKu5adFFRdbG7YkI=
Subject key identifier:   8D:92:9C:32:B8:01:6A:46:B7:52:F0:7D:BA:47:2E:68:65:52:0B:4C
Certificate issuer:       /CN=6eef3973d6e07681419bae867bd514545e7df5da
Certificate serial:       01856C4A3F60BDCDB595154403CDC738B5FD
Authority key identifier: 6E:EF:39:73:D6:E0:76:81:41:9B:AE:86:7B:D5:14:54:5E:7D:F5:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bu85c9bgdoFBm66Ge9UUVF599do.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/087513-d2d6-43c6-9b79-22f0aaa81327/1/jZKcMrgBaka3UvB9ukcuaGVSC0w.roa
Signing time:             Sun 01 Jan 2023 07:44:43 +0000
ROA not before:           Sun 01 Jan 2023 07:44:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8075
IP address blocks:        2.58.103.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:35:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:4a:3f:60:bd:cd:b5:95:15:44:03:cd:c7:38:b5:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6eef3973d6e07681419bae867bd514545e7df5da
        Validity
            Not Before: Jan  1 07:44:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8d929c32b8016a46b752f07dba472e6865520b4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:ba:c8:f9:14:43:28:21:52:ea:9a:41:ca:6b:
                    7e:3d:f6:c5:91:ad:0e:03:5a:bc:6d:e1:e6:1d:af:
                    f3:18:84:eb:6e:5a:7d:df:a7:58:a0:bc:1e:1e:7c:
                    19:0b:5a:cc:90:10:13:35:ce:2b:90:d7:ca:c0:44:
                    a3:69:e7:2b:a5:05:45:d3:56:de:55:03:80:bc:92:
                    79:8a:93:0e:71:dd:6a:52:bf:bb:84:d8:63:ec:1e:
                    66:03:9e:ca:d7:40:81:7c:f7:fa:3f:02:2c:1b:e3:
                    17:0c:58:bd:cc:e6:16:aa:15:9d:ce:4a:98:58:04:
                    94:ea:ad:79:bf:00:80:6a:f0:4f:39:98:6e:96:b2:
                    75:1a:6a:47:47:9e:be:96:c0:ec:ab:3e:6d:10:fb:
                    8b:5e:0a:84:2d:0d:16:1d:e6:49:bb:8e:95:ca:93:
                    5d:24:7e:25:51:68:74:73:f4:87:92:26:7b:09:ce:
                    d8:9e:f6:77:3e:4a:6f:ef:77:f1:ae:37:cf:6f:2c:
                    42:f8:15:23:2c:93:54:87:06:a8:98:f2:bd:37:76:
                    c5:45:13:95:35:dd:ad:17:d5:dc:b7:f9:c1:37:7c:
                    09:cf:42:cd:49:10:2d:10:e0:e5:e7:30:76:3c:e9:
                    4a:53:ec:76:19:ff:d5:fb:c8:04:aa:f3:3f:31:58:
                    8f:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:92:9C:32:B8:01:6A:46:B7:52:F0:7D:BA:47:2E:68:65:52:0B:4C
            X509v3 Authority Key Identifier:
                keyid:6E:EF:39:73:D6:E0:76:81:41:9B:AE:86:7B:D5:14:54:5E:7D:F5:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bu85c9bgdoFBm66Ge9UUVF599do.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/087513-d2d6-43c6-9b79-22f0aaa81327/1/jZKcMrgBaka3UvB9ukcuaGVSC0w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/087513-d2d6-43c6-9b79-22f0aaa81327/1/bu85c9bgdoFBm66Ge9UUVF599do.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:08:ee:85:f4:6d:11:8e:bb:a7:68:06:d2:ab:9d:4a:68:5b:
         f7:3e:24:1e:6d:9e:0d:f7:d8:43:99:b9:4d:c5:33:7f:8e:51:
         36:62:43:39:e4:5f:10:be:27:32:63:69:db:c0:7b:01:ac:88:
         a2:01:db:a7:69:09:26:0b:23:71:d1:5b:d8:c0:46:11:e6:1e:
         66:4b:d5:40:31:6a:6e:d8:48:dc:f8:08:cb:11:55:0b:67:49:
         d9:0b:d7:c6:fa:18:40:40:d7:4b:e1:c7:2e:36:bf:93:70:2d:
         10:a6:51:30:bf:ab:6f:0f:41:86:55:0f:9e:31:5a:ed:18:54:
         fa:e9:4b:f8:c5:b8:70:18:13:ac:c8:41:c9:57:a4:11:aa:b0:
         4e:fa:62:b9:9f:cd:6b:b0:fc:79:0e:ce:2c:ae:19:c0:1d:b4:
         82:c0:86:6a:92:83:cc:b5:12:2c:8e:52:e0:2e:a6:5b:5c:e3:
         78:6e:ca:e5:a9:4e:c0:69:75:38:83:50:b3:9d:cd:14:cb:62:
         ea:8f:34:16:f7:ba:fb:3e:67:e1:8a:9b:46:bf:7f:84:96:29:
         14:96:3b:27:0f:3c:a6:b7:db:20:9c:25:d4:9e:ad:ca:e7:b1:
         68:51:4f:64:d5:04:85:b4:aa:0a:85:3b:47:e8:65:bd:96:e4:
         22:17:5f:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsSj9gvc21lRVEA83HOLX9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlZWYzOTczZDZlMDc2ODE0MTliYWU4NjdiZDUxNDU0NWU3
ZGY1ZGEwHhcNMjMwMTAxMDc0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDkyOWMzMmI4MDE2YTQ2Yjc1MmYwN2RiYTQ3MmU2ODY1NTIwYjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLrI+RRDKCFS6ppBymt+PfbFka0O
A1q8beHmHa/zGITrblp936dYoLweHnwZC1rMkBATNc4rkNfKwESjaecrpQVF01be
VQOAvJJ5ipMOcd1qUr+7hNhj7B5mA57K10CBfPf6PwIsG+MXDFi9zOYWqhWdzkqY
WASU6q15vwCAavBPOZhulrJ1GmpHR56+lsDsqz5tEPuLXgqELQ0WHeZJu46VypNd
JH4lUWh0c/SHkiZ7Cc7YnvZ3Pkpv73fxrjfPbyxC+BUjLJNUhwaomPK9N3bFRROV
Nd2tF9Xct/nBN3wJz0LNSRAtEODl5zB2POlKU+x2Gf/V+8gEqvM/MViPtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI2SnDK4AWpGt1LwfbpHLmhlUgtMMB8GA1UdIwQY
MBaAFG7vOXPW4HaBQZuuhnvVFFReffXaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnU4NWM5Ymdkb0ZCbTY2R2U5VVVWRjU5OWRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8wODc1MTMtZDJkNi00M2M2LTliNzkt
MjJmMGFhYTgxMzI3LzEvalpLY01yZ0Jha2EzVXZCOXVrY3VhR1ZTQzB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8wODc1MTMtZDJkNi00M2M2LTliNzktMjJmMGFhYTgxMzI3
LzEvYnU4NWM5Ymdkb0ZCbTY2R2U5VVVWRjU5OWRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjpnMA0G
CSqGSIb3DQEBCwUAA4IBAQApCO6F9G0RjrunaAbSq51KaFv3PiQebZ4N99hDmblN
xTN/jlE2YkM55F8QvicyY2nbwHsBrIiiAdunaQkmCyNx0VvYwEYR5h5mS9VAMWpu
2Ejc+AjLEVULZ0nZC9fG+hhAQNdL4ccuNr+TcC0QplEwv6tvD0GGVQ+eMVrtGFT6
6Uv4xbhwGBOsyEHJV6QRqrBO+mK5n81rsPx5Ds4srhnAHbSCwIZqkoPMtRIsjlLg
LqZbXON4bsrlqU7AaXU4g1Cznc0Uy2LqjzQW97r7PmfhiptGv3+ElikUljsnDzym
t9sgnCXUnq3K57FoUU9k1QSFtKoKhTtH6GW9luQiF18V
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:33 2024 by rpki-client on console-ams.rpki-client.org