Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/ispPmDFmwWpPCI9AW411QYqc4QI.roa
File:                     ispPmDFmwWpPCI9AW411QYqc4QI.roa (raw, json)
Hash identifier:          MVx/xt/brSgvuWGcyzkp6qxxIT2S98Ehptrdco8vJlo=
Subject key identifier:   8A:CA:4F:98:31:66:C1:6A:4F:08:8F:40:5B:8D:75:41:8A:9C:E1:02
Certificate issuer:       /CN=f571bbf1d3d3c0efe36de110392be0c7ac447a84
Certificate serial:       018571B0E52299CF991219C6A7069AEBC328
Authority key identifier: F5:71:BB:F1:D3:D3:C0:EF:E3:6D:E1:10:39:2B:E0:C7:AC:44:7A:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/ispPmDFmwWpPCI9AW411QYqc4QI.roa
Signing time:             Mon 02 Jan 2023 08:54:56 +0000
ROA not before:           Mon 02 Jan 2023 08:54:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201178
IP address blocks:        213.128.70.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:b0:e5:22:99:cf:99:12:19:c6:a7:06:9a:eb:c3:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f571bbf1d3d3c0efe36de110392be0c7ac447a84
        Validity
            Not Before: Jan  2 08:54:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8aca4f983166c16a4f088f405b8d75418a9ce102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:46:c2:e0:19:d9:22:eb:44:cb:3f:af:d1:89:
                    58:5f:b9:3c:4d:f8:ea:63:73:b3:ee:21:ab:21:02:
                    6d:1a:7a:b0:42:89:83:0b:f4:98:e8:6c:8e:86:86:
                    6c:08:47:89:e7:74:54:33:3b:45:a9:d3:10:c3:d5:
                    e1:c7:19:43:5a:7e:b2:70:c4:0e:f2:fe:7a:d1:1c:
                    19:32:b5:4d:cd:6b:60:f5:fa:8d:11:2c:00:f9:20:
                    0d:bd:aa:8f:8e:20:e2:b9:1b:b3:a5:5b:18:65:93:
                    33:25:07:33:8e:9f:9e:aa:4c:a1:69:e9:4d:32:53:
                    c7:2f:22:98:88:48:d9:76:f4:8c:db:d0:b0:0d:78:
                    ca:00:f6:89:a3:64:c6:b6:d6:cf:0f:d4:b9:d8:bb:
                    aa:25:6b:1f:d3:5c:cf:cb:cf:9b:bf:29:68:8e:14:
                    ab:52:e2:8e:e2:3a:f2:68:18:9c:bb:c7:c8:b1:cd:
                    16:a2:3d:49:c1:64:3d:4c:54:be:4e:d8:de:85:de:
                    57:41:1f:3b:17:0b:3e:a0:7f:5d:4e:2e:4c:34:3a:
                    73:81:ed:b8:61:20:10:1a:a9:e5:5e:ed:da:97:10:
                    d3:81:5b:83:87:ea:16:9f:77:ae:5a:5f:47:75:86:
                    03:24:8b:6c:e7:d5:01:52:a2:c1:a9:fb:b8:37:4a:
                    e4:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:CA:4F:98:31:66:C1:6A:4F:08:8F:40:5B:8D:75:41:8A:9C:E1:02
            X509v3 Authority Key Identifier:
                keyid:F5:71:BB:F1:D3:D3:C0:EF:E3:6D:E1:10:39:2B:E0:C7:AC:44:7A:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/ispPmDFmwWpPCI9AW411QYqc4QI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.128.70.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:03:59:b0:61:dc:ee:87:c2:79:0b:23:0f:e4:9a:b0:92:99:
         a2:f0:2c:4e:32:b6:76:9c:1f:62:f9:86:9d:27:08:46:c2:fd:
         ed:65:1f:97:90:c2:0b:c7:25:4e:6c:99:94:34:6f:9c:a9:1d:
         b8:b4:9a:5f:21:79:ab:b4:91:cc:05:e4:bd:4e:47:5b:e0:b2:
         fc:6e:c4:e0:1f:61:dd:f6:bc:d1:b1:89:da:3b:df:a4:d6:10:
         eb:95:f0:2b:1b:99:ee:0b:3d:e6:e1:f7:36:01:3f:f8:c9:19:
         1c:af:79:1f:ab:2c:7d:5f:03:5d:b6:fa:01:64:aa:86:3c:db:
         e5:ae:ff:5c:7b:71:93:30:46:ac:c8:2c:9b:1b:c4:9b:2f:0f:
         28:6d:85:f4:19:81:4d:d2:f9:a8:a7:74:e4:19:35:16:9d:05:
         86:f0:cd:a8:d7:73:61:28:7a:bc:31:3c:a2:f4:5b:a8:80:26:
         6c:0f:4f:f2:f5:d4:a2:b3:58:06:e8:2e:28:bc:54:be:6a:ae:
         e1:36:69:32:13:09:ab:d4:f6:1c:5b:e8:8a:fd:ce:30:a0:f6:
         f3:34:6d:e0:d9:c3:34:79:37:81:6c:c5:11:12:0a:51:df:f3:
         79:c2:c5:40:8b:60:41:5c:20:44:36:e3:ad:8f:4a:22:2d:ca:
         5e:55:57:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxsOUimc+ZEhnGpwaa68MoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NzFiYmYxZDNkM2MwZWZlMzZkZTExMDM5MmJlMGM3YWM0
NDdhODQwHhcNMjMwMTAyMDg1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWNhNGY5ODMxNjZjMTZhNGYwODhmNDA1YjhkNzU0MThhOWNlMTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUbC4BnZIutEyz+v0YlYX7k8Tfjq
Y3Oz7iGrIQJtGnqwQomDC/SY6GyOhoZsCEeJ53RUMztFqdMQw9XhxxlDWn6ycMQO
8v560RwZMrVNzWtg9fqNESwA+SANvaqPjiDiuRuzpVsYZZMzJQczjp+eqkyhaelN
MlPHLyKYiEjZdvSM29CwDXjKAPaJo2TGttbPD9S52LuqJWsf01zPy8+bvylojhSr
UuKO4jryaBicu8fIsc0Woj1JwWQ9TFS+Ttjehd5XQR87Fws+oH9dTi5MNDpzge24
YSAQGqnlXu3alxDTgVuDh+oWn3euWl9HdYYDJIts59UBUqLBqfu4N0rkIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIrKT5gxZsFqTwiPQFuNdUGKnOECMB8GA1UdIwQY
MBaAFPVxu/HT08Dv423hEDkr4MesRHqEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVhHNzhkUFR3T19qYmVFUU9Tdmd4NnhFZW9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82ODMwM2YtZThiMC00ZmUwLTk2YjYt
YTk2NTdlYjFmOGQ3LzEvaXNwUG1ERm13V3BQQ0k5QVc0MTFRWXFjNFFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82ODMwM2YtZThiMC00ZmUwLTk2YjYtYTk2NTdlYjFmOGQ3
LzEvOVhHNzhkUFR3T19qYmVFUU9Tdmd4NnhFZW9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1YBGMA0G
CSqGSIb3DQEBCwUAA4IBAQAuA1mwYdzuh8J5CyMP5Jqwkpmi8CxOMrZ2nB9i+Yad
JwhGwv3tZR+XkMILxyVObJmUNG+cqR24tJpfIXmrtJHMBeS9Tkdb4LL8bsTgH2Hd
9rzRsYnaO9+k1hDrlfArG5nuCz3m4fc2AT/4yRkcr3kfqyx9XwNdtvoBZKqGPNvl
rv9ce3GTMEasyCybG8SbLw8obYX0GYFN0vmop3TkGTUWnQWG8M2o13NhKHq8MTyi
9FuogCZsD0/y9dSis1gG6C4ovFS+aq7hNmkyEwmr1PYcW+iK/c4woPbzNG3g2cM0
eTeBbMUREgpR3/N5wsVAi2BBXCBENuOtj0oiLcpeVVcP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:17 2024 by rpki-client on console-fra.rpki-client.org