Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/I9sHP80pZDku2K7UJAP_P3jlC4o.roa
File:                     I9sHP80pZDku2K7UJAP_P3jlC4o.roa (raw, json)
Hash identifier:          K+35FVpTuBeYv3yOKTUslxPkQN9Q3xQOwkqNavnhZSg=
Subject key identifier:   23:DB:07:3F:CD:29:64:39:2E:D8:AE:D4:24:03:FF:3F:78:E5:0B:8A
Certificate issuer:       /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial:       018DF9A7ED764E3AB1CB5A687B2C336D5BD7
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/I9sHP80pZDku2K7UJAP_P3jlC4o.roa
Signing time:             Fri 01 Mar 2024 10:55:48 +0000
ROA not before:           Fri 01 Mar 2024 10:55:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        80.246.229.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 05 Mar 2024 17:29:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:f9:a7:ed:76:4e:3a:b1:cb:5a:68:7b:2c:33:6d:5b:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
        Validity
            Not Before: Mar  1 10:55:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=23db073fcd2964392ed8aed42403ff3f78e50b8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:9a:b3:fe:78:1e:46:81:36:18:29:0b:ec:70:
                    2a:2a:48:4c:a8:c6:04:36:ed:97:0f:ad:51:e4:d1:
                    48:66:ef:92:57:dc:88:a6:06:7c:8f:bf:d0:4f:fa:
                    a5:e4:4c:5b:87:7f:8d:39:90:1c:09:c4:fe:16:02:
                    cf:94:92:d9:8d:bb:cb:9d:83:a9:76:02:e7:e9:34:
                    7e:90:a7:f8:52:b1:de:b2:98:4f:27:0a:9c:db:37:
                    8b:0f:30:64:9e:f3:9c:23:ca:5a:1d:dc:52:eb:6a:
                    32:39:0b:9c:5b:08:4a:ee:73:3f:e6:a3:7f:8a:df:
                    47:83:3a:61:0b:e1:61:1d:d8:58:55:08:d4:ea:10:
                    4a:15:f7:52:be:1d:ed:18:57:f3:c2:b1:45:d3:fe:
                    63:5e:ff:63:32:12:e9:41:9c:15:66:25:0a:5a:7b:
                    a1:26:dc:d0:2e:9b:49:30:1d:56:dc:0a:f6:8d:c0:
                    b1:e2:2c:ee:9a:bd:bd:2e:f9:6b:75:89:01:8c:ca:
                    e7:f6:c5:0f:84:a9:78:ae:02:94:1b:09:86:97:ad:
                    b1:5f:41:83:6a:29:bb:e8:e4:85:57:98:05:ad:e7:
                    1b:f7:1e:c4:d6:68:81:42:34:78:a7:df:50:07:0a:
                    4e:4e:2a:0a:2c:90:ef:05:18:e9:a8:42:aa:a1:76:
                    e9:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:DB:07:3F:CD:29:64:39:2E:D8:AE:D4:24:03:FF:3F:78:E5:0B:8A
            X509v3 Authority Key Identifier:
                keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/I9sHP80pZDku2K7UJAP_P3jlC4o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.246.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:d3:75:be:3d:0e:7d:cb:c6:4d:6a:5c:33:c0:b7:bc:70:ce:
         38:c2:aa:97:f6:be:05:b2:82:03:03:cd:7f:05:ad:20:02:6c:
         db:15:4e:13:50:ec:84:23:f7:29:2e:ac:03:c3:51:4b:94:cb:
         cf:82:d0:12:c3:13:dc:1a:cc:66:9d:96:40:d0:db:8a:08:63:
         04:62:b2:66:1b:ee:7c:c2:1e:0c:9b:f1:e0:b0:c7:9b:6a:0f:
         c0:4e:d6:79:2b:5d:4d:7f:9a:a4:01:0d:89:b4:61:00:5a:b9:
         bd:32:23:d0:8e:68:9d:6c:40:64:28:a0:a2:5c:c7:3e:94:40:
         4a:89:87:32:16:0a:ba:f5:ce:09:d3:24:61:bb:c1:cc:8b:af:
         db:b4:fd:c3:35:93:bf:a7:d8:ca:20:49:7c:a8:86:be:c1:11:
         96:fb:b9:7e:23:ec:c4:37:f9:83:17:37:ef:86:52:a8:e2:09:
         23:48:16:c6:43:45:cb:1c:4d:fd:8c:db:26:3d:5e:e3:1b:67:
         50:6c:73:78:5f:90:9d:5d:70:ec:1c:ab:4a:4d:dd:4d:9a:36:
         c9:23:c5:b3:5c:26:6e:50:0d:28:0f:2e:ff:19:f3:0d:e1:ad:
         4e:14:bc:37:fc:85:c9:12:c2:5a:f4:b2:4e:45:fb:6d:de:1c:
         6c:84:0d:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY35p+12Tjqxy1poeywzbVvXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjQwMzAxMTA1NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2RiMDczZmNkMjk2NDM5MmVkOGFlZDQyNDAzZmYzZjc4ZTUwYjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZqz/ngeRoE2GCkL7HAqKkhMqMYE
Nu2XD61R5NFIZu+SV9yIpgZ8j7/QT/ql5Exbh3+NOZAcCcT+FgLPlJLZjbvLnYOp
dgLn6TR+kKf4UrHesphPJwqc2zeLDzBknvOcI8paHdxS62oyOQucWwhK7nM/5qN/
it9HgzphC+FhHdhYVQjU6hBKFfdSvh3tGFfzwrFF0/5jXv9jMhLpQZwVZiUKWnuh
JtzQLptJMB1W3Ar2jcCx4izumr29LvlrdYkBjMrn9sUPhKl4rgKUGwmGl62xX0GD
aim76OSFV5gFrecb9x7E1miBQjR4p99QBwpOTioKLJDvBRjpqEKqoXbpWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCPbBz/NKWQ5Ltiu1CQD/z945QuKMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvSTlzSFA4MHBaRGt1Mks3VUpBUF9QM2psQzRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUPblMA0G
CSqGSIb3DQEBCwUAA4IBAQA003W+PQ59y8ZNalwzwLe8cM44wqqX9r4FsoIDA81/
Ba0gAmzbFU4TUOyEI/cpLqwDw1FLlMvPgtASwxPcGsxmnZZA0NuKCGMEYrJmG+58
wh4Mm/HgsMebag/ATtZ5K11Nf5qkAQ2JtGEAWrm9MiPQjmidbEBkKKCiXMc+lEBK
iYcyFgq69c4J0yRhu8HMi6/btP3DNZO/p9jKIEl8qIa+wRGW+7l+I+zEN/mDFzfv
hlKo4gkjSBbGQ0XLHE39jNsmPV7jG2dQbHN4X5CdXXDsHKtKTd1NmjbJI8WzXCZu
UA0oDy7/GfMN4a1OFLw3/IXJEsJa9LJORftt3hxshA2q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:31 2024 by rpki-client on console-ams.rpki-client.org