Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/3zrp9Jg2kWyeFq7Iym24M0_9uck.roa
File:                     3zrp9Jg2kWyeFq7Iym24M0_9uck.roa (raw, json)
Hash identifier:          joulySnrrxt++ZKc7NzyhutgMAcz6m0SLgTqi9aG730=
Subject key identifier:   DF:3A:E9:F4:98:36:91:6C:9E:16:AE:C8:CA:6D:B8:33:4F:FD:B9:C9
Certificate issuer:       /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial:       01856F5DD07AD009BB671C33ADB320607D17
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/3zrp9Jg2kWyeFq7Iym24M0_9uck.roa
Signing time:             Sun 01 Jan 2023 22:04:57 +0000
ROA not before:           Sun 01 Jan 2023 22:04:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202453
IP address blocks:        80.120.13.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:d0:7a:d0:09:bb:67:1c:33:ad:b3:20:60:7d:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
        Validity
            Not Before: Jan  1 22:04:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=df3ae9f49836916c9e16aec8ca6db8334ffdb9c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:ef:65:6e:2d:8d:f6:53:7e:6e:76:b3:2a:21:
                    b5:90:f5:2e:98:38:38:2f:e5:90:25:47:fb:13:37:
                    c0:32:69:52:ff:c5:a9:f7:74:d6:a9:af:a2:98:05:
                    a2:f2:3c:ca:ed:ef:dd:86:bf:5a:c2:bf:b4:88:8b:
                    92:7b:9e:29:25:b5:3d:82:ec:db:d4:5e:7b:8e:0d:
                    36:e0:ad:bc:8c:ac:44:fa:a6:c5:51:2e:5a:19:60:
                    5d:56:ba:5d:40:a8:3d:0e:60:4a:7a:f6:d0:63:48:
                    3c:f6:7d:e6:64:f9:dc:4a:7e:6f:4c:d8:1e:47:a4:
                    dc:ad:87:06:28:a3:88:cd:cf:97:29:df:23:52:21:
                    8b:4a:01:21:5c:68:8f:5f:6e:1d:af:54:11:0d:7d:
                    ce:c3:d0:c6:8b:3f:92:89:c7:7c:a5:55:e8:71:ff:
                    7e:11:54:d1:7f:5f:88:f1:22:ae:d7:5f:f8:21:d4:
                    e8:e5:ea:22:d0:6a:40:e0:4c:b7:01:f8:bf:96:5e:
                    94:10:16:f3:31:10:a9:c2:bf:ef:30:78:8c:80:8b:
                    7d:e3:b9:5f:78:bd:12:6c:e1:f1:cb:bf:13:67:57:
                    7b:7d:07:0f:43:21:b9:83:bc:5a:7b:2f:a5:57:65:
                    a1:9d:85:a6:37:73:f5:85:34:6f:64:d2:44:c0:5e:
                    9b:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:3A:E9:F4:98:36:91:6C:9E:16:AE:C8:CA:6D:B8:33:4F:FD:B9:C9
            X509v3 Authority Key Identifier:
                keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/3zrp9Jg2kWyeFq7Iym24M0_9uck.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.120.13.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ba:e6:78:46:1b:b5:92:99:57:99:ef:8e:6d:ee:ae:13:64:ef:
         3f:cc:22:32:55:fd:56:32:75:8a:b0:98:10:09:21:8b:9c:49:
         38:85:1a:34:0d:2d:c5:0e:4c:86:e3:97:27:63:02:79:42:4c:
         4d:48:79:35:bc:7b:10:c1:3b:99:99:eb:fc:0b:8b:37:5a:9d:
         6e:4b:b1:98:41:9c:97:43:53:c2:5b:9e:ee:6f:98:67:36:bd:
         de:36:99:8b:70:9d:33:cd:24:c5:6b:20:11:5a:73:d2:82:c2:
         51:82:b3:62:de:23:a6:18:a4:76:29:e0:c9:8e:59:50:50:f4:
         b4:1e:84:fa:4a:de:09:76:30:96:1c:1d:4d:f0:3e:bd:c5:f3:
         b6:e8:a0:ee:91:37:d5:57:05:d8:c5:e1:54:ba:d4:68:25:ff:
         e3:c0:bc:cd:2b:0f:b6:c7:a1:7b:fb:89:29:7a:06:f0:6d:72:
         d3:91:33:03:fd:6d:04:3b:9c:80:8c:07:7b:b4:0f:77:12:2a:
         a7:91:cc:29:cd:b0:8d:fd:8c:f3:e1:4a:14:3e:e9:c6:3f:de:
         7b:07:5e:9e:84:25:d2:c5:23:6d:28:54:80:02:16:eb:d7:8d:
         60:f7:a9:c5:cc:45:4d:e5:1a:0f:e6:ea:1f:78:21:0a:dd:5c:
         74:a4:df:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXdB60Am7ZxwzrbMgYH0XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjMwMTAxMjIwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjNhZTlmNDk4MzY5MTZjOWUxNmFlYzhjYTZkYjgzMzRmZmRiOWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuO9lbi2N9lN+bnazKiG1kPUumDg4
L+WQJUf7EzfAMmlS/8Wp93TWqa+imAWi8jzK7e/dhr9awr+0iIuSe54pJbU9guzb
1F57jg024K28jKxE+qbFUS5aGWBdVrpdQKg9DmBKevbQY0g89n3mZPncSn5vTNge
R6TcrYcGKKOIzc+XKd8jUiGLSgEhXGiPX24dr1QRDX3Ow9DGiz+Sicd8pVXocf9+
EVTRf1+I8SKu11/4IdTo5eoi0GpA4Ey3Afi/ll6UEBbzMRCpwr/vMHiMgIt947lf
eL0SbOHxy78TZ1d7fQcPQyG5g7xaey+lV2WhnYWmN3P1hTRvZNJEwF6bqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN866fSYNpFsnhauyMptuDNP/bnJMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvM3pycDlKZzJrV3llRnE3SXltMjRNMF85dWNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUHgNMA0G
CSqGSIb3DQEBCwUAA4IBAQC65nhGG7WSmVeZ745t7q4TZO8/zCIyVf1WMnWKsJgQ
CSGLnEk4hRo0DS3FDkyG45cnYwJ5QkxNSHk1vHsQwTuZmev8C4s3Wp1uS7GYQZyX
Q1PCW57ub5hnNr3eNpmLcJ0zzSTFayARWnPSgsJRgrNi3iOmGKR2KeDJjllQUPS0
HoT6St4JdjCWHB1N8D69xfO26KDukTfVVwXYxeFUutRoJf/jwLzNKw+2x6F7+4kp
egbwbXLTkTMD/W0EO5yAjAd7tA93EiqnkcwpzbCN/Yzz4UoUPunGP957B16ehCXS
xSNtKFSAAhbr141g96nFzEVN5RoP5uofeCEK3Vx0pN+G
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:38 2024 by rpki-client on console-fra.rpki-client.org