Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/12JxnS8rSenOMZjlrhkyRQstNP4.roa
File:                     12JxnS8rSenOMZjlrhkyRQstNP4.roa (raw, json)
Hash identifier:          CF5yDtyYrj8/ppR4znZKycQ07hRY71DCio/LjKj2AlU=
Subject key identifier:   D7:62:71:9D:2F:2B:49:E9:CE:31:98:E5:AE:19:32:45:0B:2D:34:FE
Certificate issuer:       /CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Certificate serial:       018CEEFF588B18FF7498266463E219C7A4EB
Authority key identifier: BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/12JxnS8rSenOMZjlrhkyRQstNP4.roa
Signing time:             Tue 09 Jan 2024 16:12:40 +0000
ROA not before:           Tue 09 Jan 2024 16:12:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        2.58.115.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 26 Feb 2024 15:39:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ee:ff:58:8b:18:ff:74:98:26:64:63:e2:19:c7:a4:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba60a4d874d9601c8142c352f80c56a43276cd47
        Validity
            Not Before: Jan  9 16:12:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d762719d2f2b49e9ce3198e5ae1932450b2d34fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:b0:72:b1:07:cc:8f:d8:ae:2f:a1:4d:7d:3c:
                    55:37:11:81:a7:ed:44:88:fe:fd:45:75:6a:a4:2f:
                    12:0d:4c:0d:33:9f:49:ef:43:2f:a2:4d:1c:42:75:
                    41:90:62:af:a1:74:12:3f:8e:ac:5a:33:35:d3:42:
                    c0:e2:78:6a:b1:db:dd:58:83:ca:da:46:4f:42:3b:
                    8e:8e:d1:3d:de:fb:7e:7e:86:49:1a:35:b2:66:31:
                    bd:ff:8c:9c:d6:f8:4f:ca:d9:a8:8f:6e:ff:b7:10:
                    88:6b:00:99:38:cc:40:00:bd:18:05:98:d6:9f:9b:
                    bd:ee:6a:3a:c2:dd:70:3a:5c:c3:d3:6a:f2:6e:35:
                    08:ec:cd:c3:cf:12:1d:a6:4e:9c:f4:f4:ec:2e:42:
                    5a:7e:40:b2:55:0e:62:8d:96:30:7c:bc:be:e5:62:
                    27:e1:5a:d6:5e:cd:24:f7:7b:34:dd:cb:e7:95:49:
                    b6:3e:f8:e1:01:46:8b:41:cb:96:ed:a1:fc:7f:28:
                    0e:c7:fc:70:d4:81:74:d4:2b:f3:2a:69:f2:13:9b:
                    17:55:90:14:b0:c0:46:65:4a:41:bb:db:86:ca:68:
                    2d:50:ac:2b:d4:d3:b1:b1:0e:b8:a4:61:84:e8:f1:
                    63:ea:1c:36:9e:cc:bf:a5:ce:4e:f7:2a:1a:59:83:
                    5f:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:62:71:9D:2F:2B:49:E9:CE:31:98:E5:AE:19:32:45:0B:2D:34:FE
            X509v3 Authority Key Identifier:
                keyid:BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/12JxnS8rSenOMZjlrhkyRQstNP4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:a6:64:02:a2:ac:1d:72:dc:0b:e2:4d:f3:a0:97:a1:4d:36:
         e4:6d:8f:f8:f3:7d:74:2d:34:d5:c3:4a:98:c0:55:af:b6:c9:
         cf:f7:e8:c0:a4:25:12:89:99:8e:b8:c2:5c:d6:ed:46:8d:03:
         f1:a2:d2:96:22:6a:1c:41:10:73:11:b6:3b:ac:40:22:e8:49:
         e5:09:6c:fa:81:a2:91:a8:36:e0:f2:77:16:38:4a:14:15:1e:
         74:0b:06:98:9c:c0:20:25:84:88:2d:f8:df:7e:39:ac:7d:bf:
         de:2e:ea:cc:7e:b6:08:05:90:28:9e:95:e9:48:5e:3e:19:20:
         f7:48:2b:55:94:03:3b:36:e0:72:5c:bb:f1:d6:9f:0e:e5:84:
         d0:30:5d:5e:e2:50:ee:05:38:e8:fd:5d:d8:53:74:2e:49:fc:
         7f:ef:73:52:42:b9:31:21:2f:27:ea:87:5d:fe:92:c2:62:ed:
         29:9a:eb:9f:b8:0d:11:85:37:6e:94:70:5b:85:cc:b6:66:65:
         db:f4:24:12:0a:e8:3e:7d:e6:d4:96:74:9a:ee:8a:06:dc:91:
         16:22:55:e0:66:ed:20:b5:ce:92:2b:d2:4a:dd:17:2f:c2:cf:
         32:24:d6:fb:9a:8b:a3:d9:2f:42:b3:ca:12:37:02:a4:f2:23:
         b0:bd:25:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzu/1iLGP90mCZkY+IZx6TrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjBhNGQ4NzRkOTYwMWM4MTQyYzM1MmY4MGM1NmE0MzI3
NmNkNDcwHhcNMjQwMTA5MTYxMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzYyNzE5ZDJmMmI0OWU5Y2UzMTk4ZTVhZTE5MzI0NTBiMmQzNGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LBysQfMj9iuL6FNfTxVNxGBp+1E
iP79RXVqpC8SDUwNM59J70Mvok0cQnVBkGKvoXQSP46sWjM100LA4nhqsdvdWIPK
2kZPQjuOjtE93vt+foZJGjWyZjG9/4yc1vhPytmoj27/txCIawCZOMxAAL0YBZjW
n5u97mo6wt1wOlzD02rybjUI7M3DzxIdpk6c9PTsLkJafkCyVQ5ijZYwfLy+5WIn
4VrWXs0k93s03cvnlUm2PvjhAUaLQcuW7aH8fygOx/xw1IF01CvzKmnyE5sXVZAU
sMBGZUpBu9uGymgtUKwr1NOxsQ64pGGE6PFj6hw2nsy/pc5O9yoaWYNfNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNdicZ0vK0npzjGY5a4ZMkULLTT+MB8GA1UdIwQY
MBaAFLpgpNh02WAcgULDUvgMVqQyds1HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWIt
ZTVhMzc3OGJlM2FkLzEvMTJKeG5TOHJTZW5PTVpqbHJoa3lSUXN0TlA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWItZTVhMzc3OGJlM2Fk
LzEvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjpzMA0G
CSqGSIb3DQEBCwUAA4IBAQB9pmQCoqwdctwL4k3zoJehTTbkbY/48310LTTVw0qY
wFWvtsnP9+jApCUSiZmOuMJc1u1GjQPxotKWImocQRBzEbY7rEAi6EnlCWz6gaKR
qDbg8ncWOEoUFR50CwaYnMAgJYSILfjffjmsfb/eLurMfrYIBZAonpXpSF4+GSD3
SCtVlAM7NuByXLvx1p8O5YTQMF1e4lDuBTjo/V3YU3QuSfx/73NSQrkxIS8n6odd
/pLCYu0pmuufuA0RhTdulHBbhcy2ZmXb9CQSCug+febUlnSa7ooG3JEWIlXgZu0g
tc6SK9JK3Rcvws8yJNb7mouj2S9Cs8oSNwKk8iOwvSUj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:08 2024 by rpki-client on console-fra.rpki-client.org