Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/2kB3tik6ocjZl9vqfv3Lu9Mtud4.roa
File:                     2kB3tik6ocjZl9vqfv3Lu9Mtud4.roa (raw, json)
Hash identifier:          9w4myHJdYIW6ILOI6xnXlb9ErIGzGhIQG2HmfB9qtHY=
Subject key identifier:   DA:40:77:B6:29:3A:A1:C8:D9:97:DB:EA:7E:FD:CB:BB:D3:2D:B9:DE
Certificate issuer:       /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial:       018D03E4C51A8E20B6816373090900F3D90A
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/2kB3tik6ocjZl9vqfv3Lu9Mtud4.roa
Signing time:             Sat 13 Jan 2024 17:35:40 +0000
ROA not before:           Sat 13 Jan 2024 17:35:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     19437
IP address blocks:        80.246.232.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Fri 02 Feb 2024 09:34:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:03:e4:c5:1a:8e:20:b6:81:63:73:09:09:00:f3:d9:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
        Validity
            Not Before: Jan 13 17:35:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=da4077b6293aa1c8d997dbea7efdcbbbd32db9de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:36:7a:8f:cb:20:df:45:5d:3d:50:ed:3d:7a:
                    50:83:7f:c7:7b:82:dc:e4:1c:49:23:8a:b4:72:70:
                    e7:c6:18:cf:84:5f:ab:56:c9:34:04:d7:51:6a:d1:
                    55:a6:e1:1d:87:9a:e1:1e:59:63:15:14:23:d4:8a:
                    98:aa:83:39:f3:f6:63:f3:21:83:47:a1:c4:12:b0:
                    b1:3e:30:2a:86:2d:64:ba:bf:fc:01:40:21:73:85:
                    18:24:b3:4c:eb:3f:8b:ba:41:dd:25:85:2b:8c:03:
                    59:c1:ad:49:d0:1f:61:52:94:7b:f7:14:9a:e7:ed:
                    3b:4a:b4:fd:1d:b9:1f:28:df:be:4f:cd:12:3b:25:
                    85:e4:0a:f5:ea:60:46:0c:e4:eb:41:3a:33:e9:14:
                    53:3f:6d:14:dc:d3:77:b4:e6:77:25:86:78:d3:9d:
                    3f:dc:d6:eb:5f:43:4e:bf:4a:c5:0c:ef:6f:d7:98:
                    f1:59:24:83:a8:59:1e:a3:54:c0:26:07:f4:13:1f:
                    10:d8:82:77:72:c9:fe:97:f5:e5:9e:a4:44:33:e2:
                    5c:93:e3:12:10:6a:ad:0b:8c:53:4e:27:b6:47:54:
                    db:8a:40:85:f7:26:1f:34:96:04:38:9e:f4:31:c3:
                    b8:b6:a0:2b:35:47:32:f5:db:89:9a:b9:9f:29:f8:
                    72:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:40:77:B6:29:3A:A1:C8:D9:97:DB:EA:7E:FD:CB:BB:D3:2D:B9:DE
            X509v3 Authority Key Identifier:
                keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/2kB3tik6ocjZl9vqfv3Lu9Mtud4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.246.232.0/21

    Signature Algorithm: sha256WithRSAEncryption
         22:26:ac:b2:1e:ce:a9:11:bf:3b:55:b5:76:ab:80:d0:b2:17:
         8e:d2:47:e4:b0:68:de:26:33:9e:82:77:68:2b:29:49:60:b0:
         60:46:3e:bd:70:b9:0e:35:3e:37:3c:36:15:44:e2:78:73:56:
         f4:6b:5a:e4:30:de:50:70:b9:16:d1:5d:34:f4:50:cf:69:33:
         b6:0f:93:ef:a3:10:35:93:3e:0b:36:ee:3f:b4:61:4b:c2:2a:
         a2:7f:e6:ae:0b:21:6e:82:7c:ad:f2:85:c4:4a:96:c1:36:d5:
         27:0a:8b:56:80:c0:1b:50:80:27:88:16:e5:c7:c3:82:10:ca:
         2e:1a:3c:92:1f:0e:bc:75:f8:d8:7c:f2:fa:70:8f:3c:93:db:
         c0:0b:9e:3a:14:46:0a:c8:e3:e8:6d:08:76:10:30:62:54:39:
         f2:a3:ee:e6:bf:79:2c:23:a6:a8:bf:b3:f6:d8:92:93:7a:bc:
         4b:57:49:3e:35:57:b0:74:70:a1:40:58:36:d1:fe:a4:c2:26:
         1b:3b:e1:b1:5f:33:75:37:cc:12:b4:99:6d:a5:30:7d:96:dc:
         71:e9:76:11:14:24:7c:56:25:77:e2:03:4a:98:98:d2:95:5f:
         77:8c:3b:9a:82:cd:20:89:0b:b7:89:fa:c1:d4:6c:4b:b7:b7:
         b7:a9:da:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0D5MUajiC2gWNzCQkA89kKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjQwMTEzMTczNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTQwNzdiNjI5M2FhMWM4ZDk5N2RiZWE3ZWZkY2JiYmQzMmRiOWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzZ6j8sg30VdPVDtPXpQg3/He4Lc
5BxJI4q0cnDnxhjPhF+rVsk0BNdRatFVpuEdh5rhHlljFRQj1IqYqoM58/Zj8yGD
R6HEErCxPjAqhi1kur/8AUAhc4UYJLNM6z+LukHdJYUrjANZwa1J0B9hUpR79xSa
5+07SrT9HbkfKN++T80SOyWF5Ar16mBGDOTrQToz6RRTP20U3NN3tOZ3JYZ4050/
3NbrX0NOv0rFDO9v15jxWSSDqFkeo1TAJgf0Ex8Q2IJ3csn+l/XlnqREM+Jck+MS
EGqtC4xTTie2R1TbikCF9yYfNJYEOJ70McO4tqArNUcy9duJmrmfKfhy2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNpAd7YpOqHI2Zfb6n79y7vTLbneMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvMmtCM3RpazZvY2pabDl2cWZ2M0x1OU10dWQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUPboMA0G
CSqGSIb3DQEBCwUAA4IBAQAiJqyyHs6pEb87VbV2q4DQsheO0kfksGjeJjOegndo
KylJYLBgRj69cLkONT43PDYVROJ4c1b0a1rkMN5QcLkW0V009FDPaTO2D5PvoxA1
kz4LNu4/tGFLwiqif+auCyFugnyt8oXESpbBNtUnCotWgMAbUIAniBblx8OCEMou
GjySHw68dfjYfPL6cI88k9vAC546FEYKyOPobQh2EDBiVDnyo+7mv3ksI6aov7P2
2JKTerxLV0k+NVewdHChQFg20f6kwiYbO+GxXzN1N8wStJltpTB9ltxx6XYRFCR8
ViV34gNKmJjSlV93jDuags0giQu3ifrB1GxLt7e3qdr6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:52 2024 by rpki-client on console-fra.rpki-client.org