Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/Y3mnmYwbDOy4PAk2rfqYMVEL2qs.roa
File:                     Y3mnmYwbDOy4PAk2rfqYMVEL2qs.roa (raw, json)
Hash identifier:          jLusC2i7pV8LInyFG/aldzMGHJNRNV7BS/+eMkhCn40=
Subject key identifier:   63:79:A7:99:8C:1B:0C:EC:B8:3C:09:36:AD:FA:98:31:51:0B:DA:AB
Certificate issuer:       /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial:       018E739D31721581029D7285270744364856
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/Y3mnmYwbDOy4PAk2rfqYMVEL2qs.roa
Signing time:             Mon 25 Mar 2024 03:17:45 +0000
ROA not before:           Mon 25 Mar 2024 03:17:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        88.80.138.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 25 Mar 2024 13:56:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:73:9d:31:72:15:81:02:9d:72:85:27:07:44:36:48:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
        Validity
            Not Before: Mar 25 03:17:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6379a7998c1b0cecb83c0936adfa9831510bdaab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:ba:2b:e3:45:37:b7:c6:e5:3a:99:71:56:88:
                    52:a0:9b:c7:71:ba:bd:f0:e4:2d:db:6d:f3:dd:a5:
                    0d:37:e9:7d:09:92:70:54:ea:4a:fa:bf:e1:51:f4:
                    ed:7d:f8:74:20:e2:7d:99:35:43:81:9a:f7:f9:3f:
                    be:c7:af:96:47:2b:3c:e2:6d:6f:90:ba:ff:1e:0b:
                    80:bb:50:c8:ae:0f:32:69:29:ad:20:39:63:c8:c4:
                    9e:e2:02:47:b5:68:a9:b0:8b:4d:cd:b3:15:05:44:
                    71:3f:a8:0d:96:57:37:0e:67:b0:37:69:46:98:10:
                    ae:5d:3f:3f:9f:2d:68:be:56:04:1e:77:89:4a:46:
                    0a:b9:27:9f:cc:e7:2c:f3:85:be:20:b4:3b:50:3f:
                    62:90:b2:54:6d:7e:18:3d:6b:97:69:fc:5c:51:b0:
                    86:e6:bb:17:4e:86:79:f3:d8:a1:60:65:35:c4:50:
                    98:b9:7a:88:1e:85:23:d0:c0:73:9b:86:ed:ea:4f:
                    02:a9:76:42:35:e6:ef:3f:5d:c6:6f:ad:da:5e:be:
                    a2:99:3a:ad:af:5f:af:9b:73:d3:90:a9:65:10:13:
                    cc:d9:82:d8:25:24:5c:c8:48:32:48:5d:b2:19:31:
                    66:6d:8b:7c:e0:a4:15:46:ef:22:e0:4e:d7:fa:de:
                    03:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:79:A7:99:8C:1B:0C:EC:B8:3C:09:36:AD:FA:98:31:51:0B:DA:AB
            X509v3 Authority Key Identifier:
                keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/Y3mnmYwbDOy4PAk2rfqYMVEL2qs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.80.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:e0:b6:e7:50:a7:9a:75:cd:92:e8:6b:8d:14:fc:79:d7:54:
         7a:7b:46:a4:00:e2:73:02:b1:b0:7c:a0:a8:32:4b:c5:92:95:
         7b:36:5b:6b:c9:3a:eb:ae:5d:c1:f0:b0:5a:d5:1d:14:73:55:
         d8:27:fc:1d:7a:40:f0:0e:85:4e:85:fe:65:35:f4:3f:f3:f5:
         53:ee:0e:86:c0:b2:da:d6:8e:5a:29:f8:d2:2a:4e:5d:bc:34:
         34:a3:a6:f0:f6:0d:f6:70:a3:4f:dd:be:1a:db:ed:be:0b:b6:
         2d:b3:f3:ae:ab:c1:3c:fe:fb:81:7b:ce:59:05:a7:9d:ab:cd:
         bc:4f:c9:d5:c1:a5:bf:22:28:de:8d:a5:c6:a8:c1:09:25:de:
         40:12:35:9e:87:b5:0d:4e:05:4e:53:f8:35:58:62:eb:a6:99:
         34:94:84:b9:dd:b9:ad:f8:64:06:75:d2:33:c2:56:ef:ad:29:
         a6:0f:8a:95:13:e5:88:88:44:e0:a5:de:3b:82:2e:18:b9:6f:
         b5:3b:58:3f:ef:87:f0:ef:5e:2b:08:16:1d:53:db:a1:6f:c7:
         14:d9:fb:8b:62:ac:f8:ee:1d:a9:2e:05:78:5e:c0:8c:4e:9a:
         73:07:36:b0:9b:11:ab:b1:87:fd:c6:12:dc:b4:10:02:c1:7b:
         99:e0:05:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5znTFyFYECnXKFJwdENkhWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjQwMzI1MDMxNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mzc5YTc5OThjMWIwY2VjYjgzYzA5MzZhZGZhOTgzMTUxMGJkYWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLor40U3t8blOplxVohSoJvHcbq9
8OQt223z3aUNN+l9CZJwVOpK+r/hUfTtffh0IOJ9mTVDgZr3+T++x6+WRys84m1v
kLr/HguAu1DIrg8yaSmtIDljyMSe4gJHtWipsItNzbMVBURxP6gNllc3DmewN2lG
mBCuXT8/ny1ovlYEHneJSkYKuSefzOcs84W+ILQ7UD9ikLJUbX4YPWuXafxcUbCG
5rsXToZ589ihYGU1xFCYuXqIHoUj0MBzm4bt6k8CqXZCNebvP13Gb63aXr6imTqt
r1+vm3PTkKllEBPM2YLYJSRcyEgySF2yGTFmbYt84KQVRu8i4E7X+t4D+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGN5p5mMGwzsuDwJNq36mDFRC9qrMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvWTNtbm1Zd2JET3k0UEFrMnJmcVlNVkVMMnFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWFCKMA0G
CSqGSIb3DQEBCwUAA4IBAQAM4LbnUKeadc2S6GuNFPx511R6e0akAOJzArGwfKCo
MkvFkpV7NltryTrrrl3B8LBa1R0Uc1XYJ/wdekDwDoVOhf5lNfQ/8/VT7g6GwLLa
1o5aKfjSKk5dvDQ0o6bw9g32cKNP3b4a2+2+C7Yts/Ouq8E8/vuBe85ZBaedq828
T8nVwaW/IijejaXGqMEJJd5AEjWeh7UNTgVOU/g1WGLrppk0lIS53bmt+GQGddIz
wlbvrSmmD4qVE+WIiETgpd47gi4YuW+1O1g/74fw714rCBYdU9uhb8cU2fuLYqz4
7h2pLgV4XsCMTppzBzawmxGrsYf9xhLctBACwXuZ4AWX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:13 2024 by rpki-client on console-fra.rpki-client.org