Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/lktCpDvdEouBWoR7FYsXVhmzbTI.roa
File:                     lktCpDvdEouBWoR7FYsXVhmzbTI.roa (raw, json)
Hash identifier:          tAfpeV6l0g0+YAKBe/l3jbNYOVVghMQeAMvQozf9EnU=
Subject key identifier:   96:4B:42:A4:3B:DD:12:8B:81:5A:84:7B:15:8B:17:56:19:B3:6D:32
Certificate issuer:       /CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Certificate serial:       018B4E33BE93F632158EFB6837C944C4014D
Authority key identifier: BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/lktCpDvdEouBWoR7FYsXVhmzbTI.roa
Signing time:             Fri 20 Oct 2023 17:48:15 +0000
ROA not before:           Fri 20 Oct 2023 17:48:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        2.58.115.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Dec 2023 11:45:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:4e:33:be:93:f6:32:15:8e:fb:68:37:c9:44:c4:01:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba60a4d874d9601c8142c352f80c56a43276cd47
        Validity
            Not Before: Oct 20 17:48:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=964b42a43bdd128b815a847b158b175619b36d32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:50:dd:28:60:71:b5:fc:74:33:5b:87:8e:40:
                    ff:c4:49:39:cb:1a:1c:a7:0d:f6:71:0f:c9:0e:12:
                    39:89:ad:12:d6:b8:6b:83:04:8d:2e:fa:40:f8:ce:
                    29:31:97:e1:29:9b:76:6b:80:da:d7:69:8e:28:52:
                    65:8b:f4:fc:b8:80:30:52:74:35:97:a5:9a:ef:cc:
                    3b:c9:5d:bb:02:32:76:ec:e5:14:4e:eb:41:4b:98:
                    87:82:5d:38:fc:5f:19:bb:b7:3f:55:d2:bb:9b:e5:
                    ef:8e:dc:84:45:4b:ee:64:06:f5:17:93:a9:fd:9f:
                    bd:7a:8e:20:fa:9c:4f:b0:af:c3:cd:3c:2a:b2:91:
                    d3:45:5d:b8:18:77:25:30:5f:b7:0e:24:1e:c1:c3:
                    ce:4a:79:99:59:69:7b:b7:47:d9:62:24:96:cb:7a:
                    63:aa:50:32:c5:84:35:65:d9:be:38:35:6b:88:9f:
                    ca:6e:b0:d1:d1:4c:ed:31:c5:26:a0:6b:86:54:b2:
                    86:8d:07:fe:84:0b:f9:15:92:30:1f:fc:9a:96:54:
                    e3:23:9f:97:e3:27:ce:0e:4e:3b:18:ec:6e:55:f4:
                    8c:31:14:c5:b7:1e:13:16:38:28:ba:d0:f9:23:f4:
                    69:eb:97:be:f3:e1:d4:27:f1:42:8d:36:4f:37:ab:
                    2d:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:4B:42:A4:3B:DD:12:8B:81:5A:84:7B:15:8B:17:56:19:B3:6D:32
            X509v3 Authority Key Identifier:
                keyid:BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/lktCpDvdEouBWoR7FYsXVhmzbTI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:15:d4:d0:d4:c7:e5:d7:22:1c:d3:c5:5d:5b:0c:f3:47:99:
         4f:03:4f:58:0e:68:e7:7b:b0:45:2c:b0:f1:cf:d3:90:a0:92:
         ae:08:2b:3a:e0:85:42:39:f0:bc:84:f2:92:51:75:4c:7a:5a:
         c4:5e:dd:5b:ed:af:a7:f3:80:b3:b7:80:87:39:3d:d2:e4:50:
         81:51:ad:d7:9d:e1:52:ca:69:da:59:e9:27:4a:ff:92:04:aa:
         d4:0e:d8:03:09:54:c0:73:ea:13:d5:24:ec:d8:43:b2:c2:b6:
         07:3a:28:0c:12:33:7e:25:6a:f0:40:f8:00:c8:ac:27:2a:6e:
         6a:b3:5d:70:67:b4:3f:27:d8:42:7c:a9:bb:b8:8d:96:60:35:
         19:a3:28:8d:f5:07:06:bf:ef:ca:08:e3:42:dc:fb:f8:9f:ae:
         e5:95:9a:bc:d8:c4:ff:6f:44:ae:77:64:8f:99:5b:23:dd:08:
         b8:dd:7b:7c:9d:99:0c:a9:03:45:91:9c:b7:49:c0:d2:e8:58:
         c0:61:42:25:96:74:0c:7f:3a:04:4f:0f:6d:f9:85:20:2d:b3:
         0e:8c:ba:bc:b1:29:a0:5b:9f:0d:30:67:9f:be:ad:be:0d:36:
         0f:9f:0c:da:c3:bc:ea:b1:f8:9b:e1:5b:85:45:ca:08:1c:43:
         69:16:4f:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtOM76T9jIVjvtoN8lExAFNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjBhNGQ4NzRkOTYwMWM4MTQyYzM1MmY4MGM1NmE0MzI3
NmNkNDcwHhcNMjMxMDIwMTc0ODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjRiNDJhNDNiZGQxMjhiODE1YTg0N2IxNThiMTc1NjE5YjM2ZDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFDdKGBxtfx0M1uHjkD/xEk5yxoc
pw32cQ/JDhI5ia0S1rhrgwSNLvpA+M4pMZfhKZt2a4Da12mOKFJli/T8uIAwUnQ1
l6Wa78w7yV27AjJ27OUUTutBS5iHgl04/F8Zu7c/VdK7m+XvjtyERUvuZAb1F5Op
/Z+9eo4g+pxPsK/DzTwqspHTRV24GHclMF+3DiQewcPOSnmZWWl7t0fZYiSWy3pj
qlAyxYQ1Zdm+ODVriJ/KbrDR0UztMcUmoGuGVLKGjQf+hAv5FZIwH/yallTjI5+X
4yfODk47GOxuVfSMMRTFtx4TFjgoutD5I/Rp65e+8+HUJ/FCjTZPN6stnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJZLQqQ73RKLgVqEexWLF1YZs20yMB8GA1UdIwQY
MBaAFLpgpNh02WAcgULDUvgMVqQyds1HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWIt
ZTVhMzc3OGJlM2FkLzEvbGt0Q3BEdmRFb3VCV29SN0ZZc1hWaG16YlRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWItZTVhMzc3OGJlM2Fk
LzEvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjpzMA0G
CSqGSIb3DQEBCwUAA4IBAQA+FdTQ1Mfl1yIc08VdWwzzR5lPA09YDmjne7BFLLDx
z9OQoJKuCCs64IVCOfC8hPKSUXVMelrEXt1b7a+n84Czt4CHOT3S5FCBUa3XneFS
ymnaWeknSv+SBKrUDtgDCVTAc+oT1STs2EOywrYHOigMEjN+JWrwQPgAyKwnKm5q
s11wZ7Q/J9hCfKm7uI2WYDUZoyiN9QcGv+/KCONC3Pv4n67llZq82MT/b0Sud2SP
mVsj3Qi43Xt8nZkMqQNFkZy3ScDS6FjAYUIllnQMfzoETw9t+YUgLbMOjLq8sSmg
W58NMGefvq2+DTYPnwzaw7zqsfib4VuFRcoIHENpFk9B
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:08 2024 by rpki-client on console-fra.rpki-client.org