Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/336db3-71a8-43ef-9b9f-6a6c6e096071/1/lRKYFXaMAQQ7aNsw8qQ6Q-zLAi8.roa
File:                     lRKYFXaMAQQ7aNsw8qQ6Q-zLAi8.roa (raw, json)
Hash identifier:          ryWbNB+918KNrrfh1iDD6CRUOvpjMu/xde6ke5bLmfQ=
Subject key identifier:   95:12:98:15:76:8C:01:04:3B:68:DB:30:F2:A4:3A:43:EC:CB:02:2F
Certificate issuer:       /CN=d2581479dee3b5994f11c9d9564631bf5a404c07
Certificate serial:       018AB2325F5F314FF78EAA6BE348C7B195A0
Authority key identifier: D2:58:14:79:DE:E3:B5:99:4F:11:C9:D9:56:46:31:BF:5A:40:4C:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0lgUed7jtZlPEcnZVkYxv1pATAc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/336db3-71a8-43ef-9b9f-6a6c6e096071/1/lRKYFXaMAQQ7aNsw8qQ6Q-zLAi8.roa
Signing time:             Wed 20 Sep 2023 10:46:00 +0000
ROA not before:           Wed 20 Sep 2023 10:46:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2200
IP address blocks:        134.59.0.0/16 maxlen: 16

Validation:               Failed, certificate revoked on Wed 20 Sep 2023 11:40:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b2:32:5f:5f:31:4f:f7:8e:aa:6b:e3:48:c7:b1:95:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2581479dee3b5994f11c9d9564631bf5a404c07
        Validity
            Not Before: Sep 20 10:46:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=95129815768c01043b68db30f2a43a43eccb022f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:6c:7d:08:ff:0b:cd:e7:cf:e3:7a:37:5b:92:
                    08:21:0d:3b:f6:a3:73:a0:97:8b:8d:0b:28:1c:88:
                    97:10:d5:43:11:e6:a1:66:ed:89:a1:47:5c:c8:b4:
                    0a:91:cb:e6:e1:5d:c9:8a:e4:88:0c:6a:bc:fe:ec:
                    e8:c7:5c:d8:71:fa:07:38:80:f7:74:a6:52:7a:5d:
                    0e:dd:73:c4:50:da:05:90:b5:18:1f:92:85:98:cc:
                    52:3c:00:7c:dc:ac:2f:9f:a5:e0:d7:68:76:6a:e2:
                    60:be:e0:49:1a:20:88:c9:32:91:3b:fd:0e:a7:82:
                    94:90:65:83:7e:55:0e:a6:2d:8b:d9:8f:93:34:04:
                    0a:30:0e:3a:b3:31:cf:5b:af:51:b3:bb:50:e5:11:
                    55:5d:03:71:18:54:a2:50:7b:c2:d3:4c:5b:c5:35:
                    70:24:71:90:f0:f8:2b:06:1f:cf:53:1c:ee:41:31:
                    51:e4:08:fc:67:55:1a:52:64:9b:51:a3:bc:56:82:
                    1f:f9:88:b3:44:07:63:be:5c:b1:3e:ed:2f:e7:d8:
                    e5:3d:17:ff:4c:0e:5a:7e:03:e6:2f:93:6e:cd:15:
                    7a:5c:39:b2:8d:79:fc:bd:88:53:b5:31:0d:f6:b9:
                    ec:19:b1:4d:a2:2c:f4:1c:af:7f:92:ae:18:de:2d:
                    f2:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:12:98:15:76:8C:01:04:3B:68:DB:30:F2:A4:3A:43:EC:CB:02:2F
            X509v3 Authority Key Identifier:
                keyid:D2:58:14:79:DE:E3:B5:99:4F:11:C9:D9:56:46:31:BF:5A:40:4C:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0lgUed7jtZlPEcnZVkYxv1pATAc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/336db3-71a8-43ef-9b9f-6a6c6e096071/1/lRKYFXaMAQQ7aNsw8qQ6Q-zLAi8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/336db3-71a8-43ef-9b9f-6a6c6e096071/1/0lgUed7jtZlPEcnZVkYxv1pATAc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  134.59.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         7b:1d:13:c7:7e:99:ae:78:84:2e:5d:05:4a:58:56:2d:6a:a9:
         a8:1b:2d:bd:c2:49:d2:85:ab:8d:cf:7c:4d:9e:e4:2c:62:52:
         6b:7f:80:6a:dd:c8:a6:99:d5:14:bc:54:fb:86:80:59:12:6e:
         60:25:02:61:0e:14:2f:7e:ea:ce:3f:2b:3d:36:3a:6d:0f:27:
         5c:2a:2b:b2:8c:f0:7f:d6:a3:8c:e4:a0:25:db:04:ea:59:26:
         f9:3d:ef:54:3a:5e:b8:90:bc:1b:03:a1:3b:86:f4:16:74:4c:
         60:77:07:05:ac:8a:1d:df:b8:a2:3d:5d:eb:43:bc:04:94:33:
         fd:bd:1b:4d:0c:0c:9a:53:3d:b6:96:b3:8d:16:42:8b:85:69:
         66:69:28:4e:0c:f8:35:12:5d:8e:58:73:c5:ad:64:ed:3a:b8:
         4b:32:b8:1d:a8:29:6f:a5:47:68:33:b5:d3:b3:fd:50:b5:32:
         e7:d8:99:4f:d9:98:f6:40:82:fe:61:f6:68:9e:4f:bc:eb:54:
         34:ee:1c:31:e3:09:8e:05:91:74:27:ac:03:b3:65:2a:34:a8:
         aa:c7:ad:bd:62:e7:d8:f1:6c:e3:5c:2a:c3:f1:05:53:a8:9b:
         b8:1c:7f:14:bf:21:0a:95:ce:81:37:4a:41:13:52:20:3d:05:
         2d:3e:b2:59
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYqyMl9fMU/3jqpr40jHsZWgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNTgxNDc5ZGVlM2I1OTk0ZjExYzlkOTU2NDYzMWJmNWE0
MDRjMDcwHhcNMjMwOTIwMTA0NjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTEyOTgxNTc2OGMwMTA0M2I2OGRiMzBmMmE0M2E0M2VjY2IwMjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGx9CP8LzefP43o3W5IIIQ079qNz
oJeLjQsoHIiXENVDEeahZu2JoUdcyLQKkcvm4V3JiuSIDGq8/uzox1zYcfoHOID3
dKZSel0O3XPEUNoFkLUYH5KFmMxSPAB83Kwvn6Xg12h2auJgvuBJGiCIyTKRO/0O
p4KUkGWDflUOpi2L2Y+TNAQKMA46szHPW69Rs7tQ5RFVXQNxGFSiUHvC00xbxTVw
JHGQ8PgrBh/PUxzuQTFR5Aj8Z1UaUmSbUaO8VoIf+YizRAdjvlyxPu0v59jlPRf/
TA5afgPmL5NuzRV6XDmyjXn8vYhTtTEN9rnsGbFNoiz0HK9/kq4Y3i3ygQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFJUSmBV2jAEEO2jbMPKkOkPsywIvMB8GA1UdIwQY
MBaAFNJYFHne47WZTxHJ2VZGMb9aQEwHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGxnVWVkN2p0WmxQRWNuWlZrWXh2MXBBVEFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8zMzZkYjMtNzFhOC00M2VmLTliOWYt
NmE2YzZlMDk2MDcxLzEvbFJLWUZYYU1BUVE3YU5zdzhxUTZRLXpMQWk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8zMzZkYjMtNzFhOC00M2VmLTliOWYtNmE2YzZlMDk2MDcx
LzEvMGxnVWVkN2p0WmxQRWNuWlZrWXh2MXBBVEFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAhjswDQYJ
KoZIhvcNAQELBQADggEBAHsdE8d+ma54hC5dBUpYVi1qqagbLb3CSdKFq43PfE2e
5CxiUmt/gGrdyKaZ1RS8VPuGgFkSbmAlAmEOFC9+6s4/Kz02Om0PJ1wqK7KM8H/W
o4zkoCXbBOpZJvk971Q6XriQvBsDoTuG9BZ0TGB3BwWsih3fuKI9XetDvASUM/29
G00MDJpTPbaWs40WQouFaWZpKE4M+DUSXY5Yc8WtZO06uEsyuB2oKW+lR2gztdOz
/VC1MufYmU/ZmPZAgv5h9mieT7zrVDTuHDHjCY4FkXQnrAOzZSo0qKrHrb1i59jx
bONcKsPxBVOom7gcfxS/IQqVzoE3SkETUiA9BS0+slk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:43 2024 by rpki-client on console-fra.rpki-client.org