Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/b5d9e0-c6b4-46f6-b45e-c56f177709de/1/LrnJXFDFQaqt0UEOP6ue676EcS8.roa
File:                     LrnJXFDFQaqt0UEOP6ue676EcS8.roa (raw, json)
Hash identifier:          WWX8+4uSXP5zwRT6DlLy/dFHARYOEZszAcqy0cU1Jjg=
Subject key identifier:   2E:B9:C9:5C:50:C5:41:AA:AD:D1:41:0E:3F:AB:9E:EB:BE:84:71:2F
Certificate issuer:       /CN=0952ce4dd8640276f4c1841adb3a742f544924ea
Certificate serial:       018572B40B2E6E2B275179EE4EB6B3A4F035
Authority key identifier: 09:52:CE:4D:D8:64:02:76:F4:C1:84:1A:DB:3A:74:2F:54:49:24:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CVLOTdhkAnb0wYQa2zp0L1RJJOo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/b5d9e0-c6b4-46f6-b45e-c56f177709de/1/LrnJXFDFQaqt0UEOP6ue676EcS8.roa
Signing time:             Mon 02 Jan 2023 13:38:00 +0000
ROA not before:           Mon 02 Jan 2023 13:38:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2852
IP address blocks:        160.217.0.0/16 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:b4:0b:2e:6e:2b:27:51:79:ee:4e:b6:b3:a4:f0:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0952ce4dd8640276f4c1841adb3a742f544924ea
        Validity
            Not Before: Jan  2 13:38:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2eb9c95c50c541aaadd1410e3fab9eebbe84712f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:fd:17:0b:e4:bc:04:d1:8f:bf:aa:dc:e7:6a:
                    7d:f3:0d:ab:51:44:ff:5e:ed:5e:ee:73:28:bb:11:
                    f5:c1:c9:fa:ba:49:9e:f9:12:29:e5:0e:31:67:b6:
                    fc:18:b4:12:4f:7c:05:bb:61:5b:09:4d:08:62:78:
                    b2:11:56:5b:f0:ed:3f:8b:cb:ba:06:a0:71:2f:87:
                    6c:c3:df:1e:eb:17:59:cb:88:8d:6e:3e:be:2f:fb:
                    a5:49:81:0e:f8:42:b4:10:80:11:26:f4:ee:49:ad:
                    33:20:c6:64:76:fb:64:fa:32:25:a7:70:67:a5:85:
                    c5:ec:bf:20:d9:6b:d2:77:68:16:4f:bc:41:9b:93:
                    24:ea:04:56:a0:4a:0d:68:2e:25:f6:57:33:3d:74:
                    9e:cd:e5:b2:db:1b:22:02:d4:7d:88:70:c7:5b:cf:
                    0e:fe:bf:d0:6f:17:7f:ec:02:e8:61:28:f5:12:6b:
                    7d:66:5d:30:16:cb:cd:94:76:95:53:5a:8f:44:62:
                    3e:73:0c:d6:a8:eb:ea:44:3e:b5:ef:e2:de:cd:fe:
                    52:82:6f:fc:14:7d:b8:66:d3:ed:0d:92:40:1e:94:
                    c1:be:b8:33:f5:f8:c4:06:8e:ec:39:c5:dc:e5:d9:
                    09:97:28:31:85:eb:7b:15:f4:4c:0f:34:4a:3c:03:
                    1f:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:B9:C9:5C:50:C5:41:AA:AD:D1:41:0E:3F:AB:9E:EB:BE:84:71:2F
            X509v3 Authority Key Identifier:
                keyid:09:52:CE:4D:D8:64:02:76:F4:C1:84:1A:DB:3A:74:2F:54:49:24:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CVLOTdhkAnb0wYQa2zp0L1RJJOo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b5d9e0-c6b4-46f6-b45e-c56f177709de/1/LrnJXFDFQaqt0UEOP6ue676EcS8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b5d9e0-c6b4-46f6-b45e-c56f177709de/1/CVLOTdhkAnb0wYQa2zp0L1RJJOo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.217.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         61:7f:d7:91:e0:39:a8:61:e2:a0:83:bb:41:e2:9e:68:c0:4b:
         fe:75:ce:be:dd:74:29:d7:d3:44:c6:82:02:3e:5c:63:e9:cb:
         54:9e:ef:c0:43:82:11:96:a1:a2:66:51:47:2b:8c:94:8d:ec:
         c5:67:36:02:81:e1:02:50:fe:99:08:f0:69:09:f7:75:93:e7:
         99:d2:12:4a:e8:b9:f5:dd:a4:b1:80:f6:ec:f9:61:d7:0d:53:
         48:69:ca:45:cc:68:fa:2b:fd:b2:91:49:33:07:2f:7b:8f:2d:
         1e:f4:af:ae:bf:04:69:18:39:08:b7:89:88:fe:c6:55:d5:fe:
         bb:e9:93:a7:7a:51:38:39:ba:4f:79:5c:8e:01:a6:18:06:bb:
         f4:77:5b:01:83:c1:39:76:dc:cd:f0:94:6c:76:73:17:29:5b:
         cd:29:fd:f5:e4:b7:1f:36:49:83:25:83:6f:43:b0:bd:cb:e3:
         e6:27:0f:d9:ca:5d:4c:89:5f:b1:96:03:18:9d:04:32:b6:cd:
         94:a4:e3:59:8c:0c:0a:c7:16:47:e4:91:39:23:c7:8b:72:b7:
         72:19:26:89:8c:f4:2b:78:19:c1:10:a4:63:d3:9a:10:46:93:
         1b:1e:b9:21:45:76:4d:a3:85:20:7d:43:60:90:29:32:5d:cd:
         5e:ed:4d:8e
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVytAsubisnUXnuTrazpPA1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NTJjZTRkZDg2NDAyNzZmNGMxODQxYWRiM2E3NDJmNTQ0
OTI0ZWEwHhcNMjMwMTAyMTMzODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWI5Yzk1YzUwYzU0MWFhYWRkMTQxMGUzZmFiOWVlYmJlODQ3MTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhP0XC+S8BNGPv6rc52p98w2rUUT/
Xu1e7nMouxH1wcn6ukme+RIp5Q4xZ7b8GLQST3wFu2FbCU0IYniyEVZb8O0/i8u6
BqBxL4dsw98e6xdZy4iNbj6+L/ulSYEO+EK0EIARJvTuSa0zIMZkdvtk+jIlp3Bn
pYXF7L8g2WvSd2gWT7xBm5Mk6gRWoEoNaC4l9lczPXSezeWy2xsiAtR9iHDHW88O
/r/Qbxd/7ALoYSj1Emt9Zl0wFsvNlHaVU1qPRGI+cwzWqOvqRD617+Lezf5Sgm/8
FH24ZtPtDZJAHpTBvrgz9fjEBo7sOcXc5dkJlygxhet7FfRMDzRKPAMfeQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFC65yVxQxUGqrdFBDj+rnuu+hHEvMB8GA1UdIwQY
MBaAFAlSzk3YZAJ29MGEGts6dC9USSTqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ZMT1RkaGtBbmIwd1lRYTJ6cDBMMVJKSk9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9iNWQ5ZTAtYzZiNC00NmY2LWI0NWUt
YzU2ZjE3NzcwOWRlLzEvTHJuSlhGREZRYXF0MFVFT1A2dWU2NzZFY1M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9iNWQ5ZTAtYzZiNC00NmY2LWI0NWUtYzU2ZjE3NzcwOWRl
LzEvQ1ZMT1RkaGtBbmIwd1lRYTJ6cDBMMVJKSk9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAoNkwDQYJ
KoZIhvcNAQELBQADggEBAGF/15HgOahh4qCDu0HinmjAS/51zr7ddCnX00TGggI+
XGPpy1Se78BDghGWoaJmUUcrjJSN7MVnNgKB4QJQ/pkI8GkJ93WT55nSEkroufXd
pLGA9uz5YdcNU0hpykXMaPor/bKRSTMHL3uPLR70r66/BGkYOQi3iYj+xlXV/rvp
k6d6UTg5uk95XI4BphgGu/R3WwGDwTl23M3wlGx2cxcpW80p/fXktx82SYMlg29D
sL3L4+YnD9nKXUyJX7GWAxidBDK2zZSk41mMDArHFkfkkTkjx4tyt3IZJomM9Ct4
GcEQpGPTmhBGkxseuSFFdk2jhSB9Q2CQKTJdzV7tTY4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:36 2024 by rpki-client on console-fra.rpki-client.org