Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/PfGsR1bMJIVUAwuhKtgKsRuE3aU.roa
File:                     PfGsR1bMJIVUAwuhKtgKsRuE3aU.roa (raw, json)
Hash identifier:          +LGtcxb78wbxXZFFlfNTyKaiz/i27ob8Joq7Y5bq2xo=
Subject key identifier:   3D:F1:AC:47:56:CC:24:85:54:03:0B:A1:2A:D8:0A:B1:1B:84:DD:A5
Certificate issuer:       /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial:       018EE0A533D9F00D84B3933BCEA46F0903C0
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/PfGsR1bMJIVUAwuhKtgKsRuE3aU.roa
Signing time:             Mon 15 Apr 2024 07:25:06 +0000
ROA not before:           Mon 15 Apr 2024 07:25:06 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        80.246.229.0/24 maxlen: 24
                          80.246.230.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 17 Apr 2024 07:06:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:e0:a5:33:d9:f0:0d:84:b3:93:3b:ce:a4:6f:09:03:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
        Validity
            Not Before: Apr 15 07:25:06 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3df1ac4756cc248554030ba12ad80ab11b84dda5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:ff:90:da:81:1a:1d:d3:d5:e7:dc:06:6f:ec:
                    a3:c6:c2:c3:e0:aa:2f:61:85:8d:b3:60:ca:e7:cf:
                    a4:a8:71:0e:1a:66:62:3d:26:f6:9a:4d:90:27:53:
                    f5:b0:1e:14:ed:11:3f:37:f5:29:f7:8c:91:49:d2:
                    25:f2:d1:4c:6a:10:17:7d:ab:6f:f8:5d:da:c4:23:
                    26:50:72:65:51:66:23:2d:87:6e:66:69:8e:c6:b0:
                    5f:dd:12:18:af:6c:38:54:72:4d:d3:27:20:e8:13:
                    dc:d5:0d:8b:1a:f5:8b:8f:b7:db:05:e8:9c:b1:8a:
                    78:2a:a6:0f:0f:25:75:a2:67:82:2d:48:c5:00:3a:
                    7b:ce:0b:7e:85:ac:de:5c:d3:af:fb:2f:57:f2:fa:
                    66:79:f7:ac:ae:7c:6a:13:14:fc:1a:86:6b:a1:c7:
                    b9:e7:31:8d:9a:23:2d:ad:79:cd:50:08:2c:67:64:
                    fa:89:d4:ce:65:99:12:31:bc:75:e5:70:32:ae:b8:
                    e1:3b:03:b9:6f:52:bf:df:b5:c2:5b:dd:0a:6f:0f:
                    56:64:16:68:dc:1f:81:a1:79:07:c1:11:1a:4d:01:
                    e3:99:d2:b6:02:e2:f4:4a:76:d7:20:e1:90:f8:0e:
                    2b:b1:dd:f6:f9:fe:1c:9c:f5:76:8d:08:7b:a1:7d:
                    f3:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:F1:AC:47:56:CC:24:85:54:03:0B:A1:2A:D8:0A:B1:1B:84:DD:A5
            X509v3 Authority Key Identifier:
                keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/PfGsR1bMJIVUAwuhKtgKsRuE3aU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.246.229.0-80.246.230.255

    Signature Algorithm: sha256WithRSAEncryption
         6c:93:44:63:13:a7:46:bf:80:4c:23:ec:ed:c4:29:92:5a:78:
         a7:24:be:6c:36:6d:bc:f4:de:66:95:bf:5a:66:ef:03:34:a0:
         1c:22:2a:05:2e:68:f3:56:81:db:41:bd:8c:4b:73:ab:6e:a8:
         87:07:73:01:16:0f:94:5a:ca:4f:85:38:cc:0c:69:81:6d:6d:
         06:c0:a0:ec:60:34:29:d6:71:30:49:3c:b5:20:5f:e4:9a:d7:
         37:6f:3a:e3:db:3c:23:9b:da:5a:1c:8e:e1:8e:6d:b3:c9:39:
         00:95:96:00:ab:6a:15:73:53:ef:a6:66:04:91:89:d6:96:33:
         a0:53:13:5f:9c:e6:f9:0f:e7:fc:e7:88:8f:c7:86:25:71:29:
         dc:75:e5:13:7a:d9:23:b2:02:1a:01:05:b0:4e:d1:d4:5e:72:
         6b:23:c2:a7:0e:7d:ba:55:88:c4:ec:28:fb:f7:dd:f1:6f:d8:
         38:51:20:1e:b4:ce:e2:b3:d9:2a:0b:09:e3:dd:8f:37:e8:df:
         2c:27:fd:13:d1:a9:2d:64:8f:73:1b:c1:7b:33:6c:77:2e:e4:
         b4:b3:5c:3c:1c:2d:4f:3a:22:d9:29:b4:29:77:4a:6e:8c:ae:
         05:c2:57:93:b0:db:fa:22:ed:98:4e:36:3d:3b:6c:3d:32:f3:
         b8:c7:a3:cd
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY7gpTPZ8A2Es5M7zqRvCQPAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjQwNDE1MDcyNTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGYxYWM0NzU2Y2MyNDg1NTQwMzBiYTEyYWQ4MGFiMTFiODRkZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgf+Q2oEaHdPV59wGb+yjxsLD4Kov
YYWNs2DK58+kqHEOGmZiPSb2mk2QJ1P1sB4U7RE/N/Up94yRSdIl8tFMahAXfatv
+F3axCMmUHJlUWYjLYduZmmOxrBf3RIYr2w4VHJN0ycg6BPc1Q2LGvWLj7fbBeic
sYp4KqYPDyV1omeCLUjFADp7zgt+hazeXNOv+y9X8vpmefesrnxqExT8GoZroce5
5zGNmiMtrXnNUAgsZ2T6idTOZZkSMbx15XAyrrjhOwO5b1K/37XCW90Kbw9WZBZo
3B+BoXkHwREaTQHjmdK2AuL0SnbXIOGQ+A4rsd32+f4cnPV2jQh7oX3zFwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFD3xrEdWzCSFVAMLoSrYCrEbhN2lMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvUGZHc1IxYk1KSVZVQXd1aEt0Z0tzUnVFM2FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABQ9uUD
BABQ9uYwDQYJKoZIhvcNAQELBQADggEBAGyTRGMTp0a/gEwj7O3EKZJaeKckvmw2
bbz03maVv1pm7wM0oBwiKgUuaPNWgdtBvYxLc6tuqIcHcwEWD5Rayk+FOMwMaYFt
bQbAoOxgNCnWcTBJPLUgX+Sa1zdvOuPbPCOb2locjuGObbPJOQCVlgCrahVzU++m
ZgSRidaWM6BTE1+c5vkP5/zniI/HhiVxKdx15RN62SOyAhoBBbBO0dRecmsjwqcO
fbpViMTsKPv33fFv2DhRIB60zuKz2SoLCePdjzfo3ywn/RPRqS1kj3MbwXszbHcu
5LSzXDwcLU86ItkptCl3Sm6MrgXCV5Ow2/oi7ZhONj07bD0y87jHo80=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:31 2024 by rpki-client on console-ams.rpki-client.org