Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/OptQDLwG4gKf1jy-fi9_QxYp10M.roa
File:                     OptQDLwG4gKf1jy-fi9_QxYp10M.roa (raw, json)
Hash identifier:          PsmmOuupHwP6jKm7rkamw6fXxe9OvgIE6nuDPbkiGkY=
Subject key identifier:   3A:9B:50:0C:BC:06:E2:02:9F:D6:3C:BE:7E:2F:7F:43:16:29:D7:43
Certificate issuer:       /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial:       018C9826F1DEA9B19A33786FB189BB434957
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/OptQDLwG4gKf1jy-fi9_QxYp10M.roa
Signing time:             Sat 23 Dec 2023 19:28:58 +0000
ROA not before:           Sat 23 Dec 2023 19:28:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        80.246.232.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:98:26:f1:de:a9:b1:9a:33:78:6f:b1:89:bb:43:49:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
        Validity
            Not Before: Dec 23 19:28:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3a9b500cbc06e2029fd63cbe7e2f7f431629d743
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:20:41:0d:07:d4:8c:0f:46:4a:4d:e2:8e:8c:
                    e8:9b:2c:f6:89:2d:27:de:0b:ee:50:b7:57:4b:a5:
                    e1:76:d8:eb:20:d2:9a:ad:e3:de:dc:93:f3:19:ba:
                    24:14:25:b3:25:19:cf:be:29:4e:8c:e9:fe:12:30:
                    a9:ad:aa:f8:d2:60:13:97:76:eb:85:bd:b2:b8:3e:
                    b1:14:90:db:e5:42:90:fa:fa:01:50:53:60:e5:db:
                    73:4b:bc:e2:07:5d:ef:c6:5c:ea:ff:04:3a:0f:8c:
                    c2:7b:74:65:2a:ba:b3:b9:ae:b2:a9:12:ff:b6:f9:
                    fc:81:2a:d8:85:82:9f:f5:2e:2c:15:dd:33:69:48:
                    29:aa:41:81:68:3a:62:95:39:1f:55:35:01:b5:86:
                    9b:18:a2:13:6a:8f:0e:1a:57:70:55:dc:5d:bb:78:
                    ee:8a:f9:60:18:44:2e:86:a9:c2:75:38:68:0f:29:
                    5e:90:03:1f:de:f4:8d:cd:07:20:10:a3:d0:b5:03:
                    65:33:b0:6b:bc:d4:af:ba:ec:92:10:17:3f:4a:c4:
                    11:bb:61:d5:0a:54:3e:c5:c2:d5:b0:a0:6d:82:10:
                    61:8a:77:27:32:8a:5f:e6:b1:b1:77:28:bb:37:be:
                    5f:68:70:26:a3:1f:fb:2e:58:e7:15:4b:6b:71:8f:
                    27:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:9B:50:0C:BC:06:E2:02:9F:D6:3C:BE:7E:2F:7F:43:16:29:D7:43
            X509v3 Authority Key Identifier:
                keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/OptQDLwG4gKf1jy-fi9_QxYp10M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.246.232.0/21

    Signature Algorithm: sha256WithRSAEncryption
         77:5b:d4:70:a2:80:8d:08:3f:40:95:e9:87:92:83:33:54:fb:
         36:77:fc:55:25:79:f9:c9:71:26:a5:55:1a:21:0d:61:2c:0c:
         83:b5:a4:69:74:65:b7:d8:58:b9:49:2e:91:3f:18:b1:d9:6b:
         c6:55:f1:f9:48:64:a1:c0:f5:94:ee:56:d3:40:38:3f:14:a2:
         ad:c1:1e:da:9a:09:cf:6c:d6:92:13:0a:bd:2d:37:0d:40:a3:
         a3:34:b9:5e:14:bf:93:b6:c4:0c:2f:f6:b6:e2:19:c5:dd:41:
         49:48:51:66:f7:33:e0:f8:3c:53:85:1a:f0:2e:d1:ae:44:75:
         e0:1e:ae:26:74:2e:d5:e6:5d:42:0d:64:cf:68:53:ae:33:7d:
         70:06:39:7d:77:ab:26:3e:a7:60:ef:78:46:22:d1:83:0a:bd:
         b1:9a:31:3f:1a:2c:28:72:dc:4f:03:1c:8d:3d:c2:33:04:18:
         35:a7:fd:5f:f9:4c:0b:35:49:b8:b3:bf:de:7d:ef:0a:18:2a:
         47:6d:73:91:c7:28:a6:78:0c:39:8e:9f:5b:f2:37:b1:6a:8c:
         07:90:4b:71:7c:11:f7:e8:dd:36:1c:d0:37:f0:a2:0a:ed:cd:
         f8:ad:34:12:85:a8:18:28:45:c1:f6:6d:ad:f5:17:fb:dd:b6:
         d1:81:92:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyYJvHeqbGaM3hvsYm7Q0lXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjMxMjIzMTkyODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTliNTAwY2JjMDZlMjAyOWZkNjNjYmU3ZTJmN2Y0MzE2MjlkNzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryBBDQfUjA9GSk3ijozomyz2iS0n
3gvuULdXS6XhdtjrINKarePe3JPzGbokFCWzJRnPvilOjOn+EjCprar40mATl3br
hb2yuD6xFJDb5UKQ+voBUFNg5dtzS7ziB13vxlzq/wQ6D4zCe3RlKrqzua6yqRL/
tvn8gSrYhYKf9S4sFd0zaUgpqkGBaDpilTkfVTUBtYabGKITao8OGldwVdxdu3ju
ivlgGEQuhqnCdThoDylekAMf3vSNzQcgEKPQtQNlM7BrvNSvuuySEBc/SsQRu2HV
ClQ+xcLVsKBtghBhincnMopf5rGxdyi7N75faHAmox/7LljnFUtrcY8nWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDqbUAy8BuICn9Y8vn4vf0MWKddDMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvT3B0UURMd0c0Z0tmMWp5LWZpOV9ReFlwMTBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUPboMA0G
CSqGSIb3DQEBCwUAA4IBAQB3W9RwooCNCD9AlemHkoMzVPs2d/xVJXn5yXEmpVUa
IQ1hLAyDtaRpdGW32Fi5SS6RPxix2WvGVfH5SGShwPWU7lbTQDg/FKKtwR7amgnP
bNaSEwq9LTcNQKOjNLleFL+TtsQML/a24hnF3UFJSFFm9zPg+DxThRrwLtGuRHXg
Hq4mdC7V5l1CDWTPaFOuM31wBjl9d6smPqdg73hGItGDCr2xmjE/GiwoctxPAxyN
PcIzBBg1p/1f+UwLNUm4s7/efe8KGCpHbXORxyimeAw5jp9b8jexaowHkEtxfBH3
6N02HNA38KIK7c34rTQShagYKEXB9m2t9Rf73bbRgZJU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:52 2024 by rpki-client on console-fra.rpki-client.org