Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/a8RqMXlCX4zFQuoUJvCSUHwAAxI.roa
File:                     a8RqMXlCX4zFQuoUJvCSUHwAAxI.roa (raw, json)
Hash identifier:          /0gUwBrQhpylo1QW+MC8xS1OAqHbJn5bBAkfZwW5sZA=
Subject key identifier:   6B:C4:6A:31:79:42:5F:8C:C5:42:EA:14:26:F0:92:50:7C:00:03:12
Certificate issuer:       /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial:       018DDFA635C107D9A36A4A01B0C976B562EC
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/a8RqMXlCX4zFQuoUJvCSUHwAAxI.roa
Signing time:             Sun 25 Feb 2024 09:43:48 +0000
ROA not before:           Sun 25 Feb 2024 09:43:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     21859
IP address blocks:        88.80.138.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 25 Mar 2024 03:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:df:a6:35:c1:07:d9:a3:6a:4a:01:b0:c9:76:b5:62:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
        Validity
            Not Before: Feb 25 09:43:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6bc46a3179425f8cc542ea1426f092507c000312
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:5c:df:a2:88:da:e9:e6:5f:98:bc:2d:7d:5f:
                    69:c7:ac:b3:11:a5:24:9f:d2:d1:61:4c:24:6c:b4:
                    36:34:80:80:a7:f7:8d:05:6c:44:8b:c5:d0:31:95:
                    55:01:3d:14:69:75:c4:8f:3e:57:70:da:ad:24:82:
                    9d:cd:e3:2a:b8:fb:85:ef:87:b1:8f:aa:56:43:dc:
                    62:10:6d:5d:d7:58:b1:33:79:a1:f3:ed:e1:eb:ba:
                    27:36:e4:85:5d:a5:c4:05:26:2b:0f:58:2e:a8:32:
                    f3:8a:2c:87:23:92:7e:c1:fc:f1:c0:fb:47:d6:5a:
                    fc:b0:cd:ea:1c:4d:27:de:10:00:bd:96:e7:cd:c5:
                    92:63:72:5c:86:d7:28:e1:7c:12:74:5f:b5:76:fd:
                    f2:8c:db:ef:1b:ef:72:1a:d0:58:9e:b0:3b:f5:03:
                    3d:9f:37:1f:d2:37:96:29:c1:8d:ac:2b:32:70:0c:
                    4b:06:5a:39:31:5c:56:87:36:ae:94:a4:c5:2c:e5:
                    d9:52:91:56:c9:3e:df:9f:9c:a1:de:be:62:7d:87:
                    ec:be:ec:4f:c5:9c:d8:90:13:e8:c3:97:e8:ab:36:
                    b4:d3:45:ed:5c:7b:df:98:50:13:31:34:13:47:d1:
                    fc:d2:c8:3d:f5:b1:1b:d5:aa:35:2f:98:b6:e5:79:
                    e3:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:C4:6A:31:79:42:5F:8C:C5:42:EA:14:26:F0:92:50:7C:00:03:12
            X509v3 Authority Key Identifier:
                keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/a8RqMXlCX4zFQuoUJvCSUHwAAxI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.80.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:dc:d1:a5:43:5e:dd:76:b5:4e:36:d1:36:be:c3:87:7f:b9:
         a5:b1:13:9f:66:1d:ce:92:28:10:9f:d4:6b:de:37:e6:24:e9:
         3a:97:d4:02:3b:ce:88:9d:cc:ea:99:a8:c6:cb:8c:be:bd:19:
         68:12:5d:90:77:1d:22:29:20:b1:b1:11:9e:e5:f0:fb:d8:bb:
         01:f3:21:34:b1:84:34:fd:0b:78:65:0f:6a:20:20:cc:b2:83:
         16:af:7a:c6:e3:63:e7:e8:b4:a2:f8:dd:bf:4c:1b:df:2d:0b:
         2a:7d:90:4f:56:04:b1:8e:13:47:e2:34:6b:2c:28:1b:70:24:
         0d:20:ab:fc:af:c1:42:a3:93:d2:a5:79:65:0b:89:b7:66:07:
         b1:c1:10:a6:80:2a:46:68:d3:9d:82:f9:8c:40:50:9b:d7:ab:
         ba:3c:b9:21:bf:99:21:d4:36:f4:9d:77:6d:86:b0:b9:b0:cc:
         8b:a6:9d:e7:73:c8:27:03:1e:4e:58:65:3e:e5:b6:04:64:5e:
         31:ff:c4:0d:83:c9:76:9b:14:31:fa:df:0b:c5:2b:f8:ab:0c:
         ec:80:b4:5a:ee:27:d8:f9:52:3a:b5:fd:d9:29:4a:29:a3:f5:
         a7:90:ea:47:2f:0a:3a:57:54:75:f1:20:2a:15:7c:a1:1f:26:
         c6:3a:67:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3fpjXBB9mjakoBsMl2tWLsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjQwMjI1MDk0MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmM0NmEzMTc5NDI1ZjhjYzU0MmVhMTQyNmYwOTI1MDdjMDAwMzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlzfooja6eZfmLwtfV9px6yzEaUk
n9LRYUwkbLQ2NICAp/eNBWxEi8XQMZVVAT0UaXXEjz5XcNqtJIKdzeMquPuF74ex
j6pWQ9xiEG1d11ixM3mh8+3h67onNuSFXaXEBSYrD1guqDLziiyHI5J+wfzxwPtH
1lr8sM3qHE0n3hAAvZbnzcWSY3Jchtco4XwSdF+1dv3yjNvvG+9yGtBYnrA79QM9
nzcf0jeWKcGNrCsycAxLBlo5MVxWhzaulKTFLOXZUpFWyT7fn5yh3r5ifYfsvuxP
xZzYkBPow5foqza000XtXHvfmFATMTQTR9H80sg99bEb1ao1L5i25XnjhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGvEajF5Ql+MxULqFCbwklB8AAMSMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvYThScU1YbENYNHpGUXVvVUp2Q1NVSHdBQXhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWFCKMA0G
CSqGSIb3DQEBCwUAA4IBAQBM3NGlQ17ddrVONtE2vsOHf7mlsROfZh3OkigQn9Rr
3jfmJOk6l9QCO86InczqmajGy4y+vRloEl2Qdx0iKSCxsRGe5fD72LsB8yE0sYQ0
/Qt4ZQ9qICDMsoMWr3rG42Pn6LSi+N2/TBvfLQsqfZBPVgSxjhNH4jRrLCgbcCQN
IKv8r8FCo5PSpXllC4m3ZgexwRCmgCpGaNOdgvmMQFCb16u6PLkhv5kh1Db0nXdt
hrC5sMyLpp3nc8gnAx5OWGU+5bYEZF4x/8QNg8l2mxQx+t8LxSv4qwzsgLRa7ifY
+VI6tf3ZKUopo/WnkOpHLwo6V1R18SAqFXyhHybGOmej
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:20 2024 by rpki-client on console-ams.rpki-client.org