Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/CCElNl75k-DjuRrFRiW4PUr9I88.roa
File:                     CCElNl75k-DjuRrFRiW4PUr9I88.roa (raw, json)
Hash identifier:          N8WYdLSgrQ5zcH7Fz13hPOYV3JIWXuK1LjOnLsPaRaM=
Subject key identifier:   08:21:25:36:5E:F9:93:E0:E3:B9:1A:C5:46:25:B8:3D:4A:FD:23:CF
Certificate issuer:       /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial:       01856FCB8F2AB0226AE8B7D56D129CBAE7B8
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/CCElNl75k-DjuRrFRiW4PUr9I88.roa
Signing time:             Mon 02 Jan 2023 00:04:49 +0000
ROA not before:           Mon 02 Jan 2023 00:04:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199871
IP address blocks:        151.252.199.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:cb:8f:2a:b0:22:6a:e8:b7:d5:6d:12:9c:ba:e7:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
        Validity
            Not Before: Jan  2 00:04:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=082125365ef993e0e3b91ac54625b83d4afd23cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:fa:5a:28:94:eb:1b:8c:95:da:5d:c3:b8:ba:
                    31:a9:0f:b2:09:20:d4:a9:f1:c4:6d:5c:3d:c1:b5:
                    a4:94:4d:7e:82:dd:05:6f:48:69:d2:02:59:23:b8:
                    d2:27:50:7e:0a:64:45:68:c4:01:ca:cb:93:17:4b:
                    12:37:ab:30:af:78:83:3b:bc:dd:03:74:d3:e1:f3:
                    83:87:cd:4b:ae:d3:8a:34:d3:c3:18:17:45:10:fd:
                    10:2c:5b:b7:be:69:74:80:12:d8:76:53:6b:c3:e5:
                    09:4f:31:08:02:05:91:82:7b:d4:e5:3a:a9:93:34:
                    7f:96:2b:1a:d6:0e:81:91:98:1d:f1:a6:b9:55:03:
                    b2:ac:96:8a:a5:93:8f:da:b0:35:99:aa:24:61:ed:
                    68:ab:68:87:2d:95:ac:e4:67:e7:17:02:27:cc:7c:
                    19:d8:cd:7b:90:d7:00:ef:77:9e:2b:29:db:05:ba:
                    7f:96:68:e7:bf:77:2a:61:a5:0f:8f:aa:f7:49:4f:
                    8a:13:6d:28:14:d2:d2:33:d0:3d:fc:90:0a:4f:32:
                    42:d5:90:c6:c4:17:15:57:fc:cd:af:c3:9f:bb:f0:
                    fb:a9:26:51:8f:aa:27:82:50:db:ed:e3:11:05:e8:
                    a0:51:9f:a0:86:08:4b:fa:d1:6e:12:e5:9d:14:1e:
                    c9:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:21:25:36:5E:F9:93:E0:E3:B9:1A:C5:46:25:B8:3D:4A:FD:23:CF
            X509v3 Authority Key Identifier:
                keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/CCElNl75k-DjuRrFRiW4PUr9I88.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  151.252.199.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:03:99:2e:ae:55:8b:5e:aa:0c:02:d7:fd:ac:37:8e:ce:21:
         22:58:d1:27:0f:6d:7f:b3:61:5c:3e:71:d7:fc:2e:2b:5d:8f:
         52:54:75:1d:ef:45:5a:ed:a8:f1:b8:30:d1:8a:4b:81:84:17:
         ff:1d:c9:a0:d1:49:b5:80:49:59:83:5e:20:29:ea:50:ab:56:
         e0:a8:47:3f:83:03:7f:e2:53:b4:9b:a9:63:ea:b2:69:0a:35:
         13:19:36:f5:23:7b:2b:e7:da:3c:75:d6:41:a5:1c:17:0f:5c:
         fa:0f:ab:55:b4:86:90:dd:fb:fa:f7:23:bb:e7:0b:28:44:8a:
         ab:48:eb:73:1a:7b:6a:20:5d:41:71:32:4e:38:57:44:0a:fb:
         2b:c8:cf:ee:96:7f:7d:c6:6d:26:74:85:d5:90:15:a7:1b:a1:
         55:42:8e:fd:23:bb:2e:56:a7:f9:cc:a2:85:0b:13:ac:b9:74:
         d6:ae:26:ca:0e:b9:06:dd:cf:ff:02:f7:d4:c9:7e:61:ea:79:
         6c:b6:1e:7c:bc:2d:95:65:a5:4a:e1:46:0b:72:16:d0:66:f2:
         38:0e:2e:01:dc:55:26:85:8b:1e:87:f2:e7:01:2d:4c:96:a6:
         1d:60:28:9c:9c:16:91:28:73:0e:37:3a:7d:a8:62:2d:17:9b:
         c2:04:46:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy48qsCJq6LfVbRKcuue4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0
MzQwYjMwHhcNMjMwMTAyMDAwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODIxMjUzNjVlZjk5M2UwZTNiOTFhYzU0NjI1YjgzZDRhZmQyM2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivpaKJTrG4yV2l3DuLoxqQ+yCSDU
qfHEbVw9wbWklE1+gt0Fb0hp0gJZI7jSJ1B+CmRFaMQBysuTF0sSN6swr3iDO7zd
A3TT4fODh81LrtOKNNPDGBdFEP0QLFu3vml0gBLYdlNrw+UJTzEIAgWRgnvU5Tqp
kzR/lisa1g6BkZgd8aa5VQOyrJaKpZOP2rA1maokYe1oq2iHLZWs5GfnFwInzHwZ
2M17kNcA73eeKynbBbp/lmjnv3cqYaUPj6r3SU+KE20oFNLSM9A9/JAKTzJC1ZDG
xBcVV/zNr8Ofu/D7qSZRj6onglDb7eMRBeigUZ+ghghL+tFuEuWdFB7J6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAghJTZe+ZPg47kaxUYluD1K/SPPMB8GA1UdIwQY
MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt
NGE2Zjg2ODMyNjVjLzEvQ0NFbE5sNzVrLURqdVJyRlJpVzRQVXI5STg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQtNGE2Zjg2ODMyNjVj
LzEvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/zHMA0G
CSqGSIb3DQEBCwUAA4IBAQCmA5kurlWLXqoMAtf9rDeOziEiWNEnD21/s2FcPnHX
/C4rXY9SVHUd70Va7ajxuDDRikuBhBf/Hcmg0Um1gElZg14gKepQq1bgqEc/gwN/
4lO0m6lj6rJpCjUTGTb1I3sr59o8ddZBpRwXD1z6D6tVtIaQ3fv69yO75wsoRIqr
SOtzGntqIF1BcTJOOFdECvsryM/uln99xm0mdIXVkBWnG6FVQo79I7suVqf5zKKF
CxOsuXTWribKDrkG3c//AvfUyX5h6nlsth58vC2VZaVK4UYLchbQZvI4Di4B3FUm
hYseh/LnAS1MlqYdYCicnBaRKHMONzp9qGItF5vCBEZW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:24 2024 by rpki-client on console-fra.rpki-client.org