Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/OzPbcD6_HeSO9_2Q8rwAtVdyK44.roa
File:                     OzPbcD6_HeSO9_2Q8rwAtVdyK44.roa (raw, json)
Hash identifier:          RuW6CYlZQlu2M7gTtc6kP3WuOCB9IrciS9HZt+5Ca/g=
Subject key identifier:   3B:33:DB:70:3E:BF:1D:E4:8E:F7:FD:90:F2:BC:00:B5:57:72:2B:8E
Certificate issuer:       /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial:       018D3F2B3189955C8CB5CF5FB22C358F5C77
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/OzPbcD6_HeSO9_2Q8rwAtVdyK44.roa
Signing time:             Thu 25 Jan 2024 05:50:11 +0000
ROA not before:           Thu 25 Jan 2024 05:50:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        88.80.139.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 26 Jan 2024 12:54:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:3f:2b:31:89:95:5c:8c:b5:cf:5f:b2:2c:35:8f:5c:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
        Validity
            Not Before: Jan 25 05:50:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3b33db703ebf1de48ef7fd90f2bc00b557722b8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:08:0b:22:42:6c:52:d7:13:cf:24:28:94:f0:
                    24:61:a5:0a:93:79:53:8b:7e:16:03:4e:05:16:65:
                    21:e5:a4:e1:22:0a:d6:be:e1:d3:7b:15:e5:f9:48:
                    96:20:71:89:ff:e6:c8:c4:b6:a8:27:73:27:59:3f:
                    01:16:22:6b:42:73:5f:50:75:2e:17:4b:97:97:c9:
                    c3:7f:a6:f1:71:7a:fc:a2:97:02:7f:56:a5:71:8a:
                    70:44:a4:2a:82:53:8f:9c:40:6b:1c:c0:57:26:ba:
                    af:fd:22:a0:b6:d1:f5:2c:36:91:87:a6:ae:ea:33:
                    b6:ab:fb:8c:c1:26:4d:b7:cb:ed:a9:47:1c:75:74:
                    a3:31:3d:e8:5c:ad:ee:9d:9f:b5:85:ac:65:e7:b9:
                    cf:2d:fd:ae:94:1f:62:32:7a:0d:4c:ce:fe:a6:84:
                    71:19:5d:eb:66:42:37:80:a8:7d:6f:15:1e:a5:17:
                    4d:80:06:d0:11:21:f3:d2:ab:e2:21:b3:1f:87:b2:
                    78:8a:91:d2:cd:24:ce:29:ab:f9:23:75:2d:ae:d6:
                    2e:99:91:fa:92:e7:d0:69:1d:3a:81:43:06:87:78:
                    bf:b8:27:5f:34:a7:ff:32:78:82:10:2c:7a:f8:89:
                    47:bb:17:8a:20:7c:ac:f4:5b:cc:c5:99:e6:fe:e2:
                    c6:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:33:DB:70:3E:BF:1D:E4:8E:F7:FD:90:F2:BC:00:B5:57:72:2B:8E
            X509v3 Authority Key Identifier:
                keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/OzPbcD6_HeSO9_2Q8rwAtVdyK44.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.80.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:2c:ee:67:0f:08:95:37:cf:27:c4:fa:4d:bd:73:cf:d2:35:
         92:6c:6e:d0:a1:f1:e4:17:5f:72:21:44:9e:dc:8f:ce:70:b5:
         f5:e7:b8:5b:25:b9:3c:72:2a:28:be:98:0d:4d:a2:2c:42:16:
         21:23:10:a8:2a:16:7e:f2:0c:55:6c:25:4b:5d:9d:d3:62:0a:
         83:83:a1:7c:5c:4f:8a:83:59:9f:75:03:00:7b:fc:b5:e9:a8:
         b3:6b:20:31:38:43:3e:0c:1e:55:b3:23:ff:19:d6:4a:46:38:
         1f:1b:fa:47:ec:30:ab:16:fe:57:e8:5b:f9:64:c1:84:93:a2:
         65:60:11:d1:f3:f0:0e:cf:66:23:f1:1a:10:8f:2f:e4:61:b2:
         f9:99:f0:ff:28:db:06:c9:ed:af:14:34:f1:af:e7:81:f2:af:
         cd:b3:6e:e7:1c:08:9d:4c:bd:ba:bd:4e:f7:5d:3d:b1:5e:24:
         be:18:18:4b:f8:e1:85:62:82:13:73:0c:7f:f7:a8:b5:3a:4b:
         16:ac:62:4d:5e:5f:73:64:9f:c9:d0:36:d3:b4:56:e2:92:f5:
         cb:e4:b1:cb:1a:44:6f:f7:8c:d3:d0:45:b1:c3:6b:ab:6a:a0:
         34:98:e2:a3:cb:51:93:52:56:4a:d9:34:03:22:8a:35:01:a7:
         92:54:5c:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0/KzGJlVyMtc9fsiw1j1x3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjQwMTI1MDU1MDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjMzZGI3MDNlYmYxZGU0OGVmN2ZkOTBmMmJjMDBiNTU3NzIyYjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwgLIkJsUtcTzyQolPAkYaUKk3lT
i34WA04FFmUh5aThIgrWvuHTexXl+UiWIHGJ/+bIxLaoJ3MnWT8BFiJrQnNfUHUu
F0uXl8nDf6bxcXr8opcCf1alcYpwRKQqglOPnEBrHMBXJrqv/SKgttH1LDaRh6au
6jO2q/uMwSZNt8vtqUccdXSjMT3oXK3unZ+1haxl57nPLf2ulB9iMnoNTM7+poRx
GV3rZkI3gKh9bxUepRdNgAbQESHz0qviIbMfh7J4ipHSzSTOKav5I3UtrtYumZH6
kufQaR06gUMGh3i/uCdfNKf/MniCECx6+IlHuxeKIHys9FvMxZnm/uLGwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDsz23A+vx3kjvf9kPK8ALVXciuOMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvT3pQYmNENl9IZVNPOV8yUThyd0F0VmR5SzQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWFCLMA0G
CSqGSIb3DQEBCwUAA4IBAQB1LO5nDwiVN88nxPpNvXPP0jWSbG7QofHkF19yIUSe
3I/OcLX157hbJbk8cioovpgNTaIsQhYhIxCoKhZ+8gxVbCVLXZ3TYgqDg6F8XE+K
g1mfdQMAe/y16aizayAxOEM+DB5VsyP/GdZKRjgfG/pH7DCrFv5X6Fv5ZMGEk6Jl
YBHR8/AOz2Yj8RoQjy/kYbL5mfD/KNsGye2vFDTxr+eB8q/Ns27nHAidTL26vU73
XT2xXiS+GBhL+OGFYoITcwx/96i1OksWrGJNXl9zZJ/J0DbTtFbikvXL5LHLGkRv
94zT0EWxw2uraqA0mOKjy1GTUlZK2TQDIoo1AaeSVFxI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:13 2024 by rpki-client on console-fra.rpki-client.org