Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/WsqDPB9fwnaDRUJFaRuwkUqwf-g.roa
File:                     WsqDPB9fwnaDRUJFaRuwkUqwf-g.roa (raw, json)
Hash identifier:          +TZOVNu6ZQFbY5fkEb19HJq3WpxiMhrebHELKnoLwFs=
Subject key identifier:   5A:CA:83:3C:1F:5F:C2:76:83:45:42:45:69:1B:B0:91:4A:B0:7F:E8
Certificate issuer:       /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial:       018E867345449CD8F80290487FCCF13E4FFC
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/WsqDPB9fwnaDRUJFaRuwkUqwf-g.roa
Signing time:             Thu 28 Mar 2024 19:04:45 +0000
ROA not before:           Thu 28 Mar 2024 19:04:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        80.246.230.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 04 Apr 2024 19:05:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:86:73:45:44:9c:d8:f8:02:90:48:7f:cc:f1:3e:4f:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
        Validity
            Not Before: Mar 28 19:04:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5aca833c1f5fc27683454245691bb0914ab07fe8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:23:62:da:90:7d:f9:1a:19:c5:4f:1a:f7:7a:
                    f2:f1:b7:ce:ed:a7:7b:ea:d5:36:b9:a1:9a:c0:f5:
                    99:4c:de:c9:27:a3:7e:e7:0f:fe:bc:cf:f0:bf:a2:
                    fd:52:ef:36:86:c0:2e:cc:78:3b:77:4b:8c:5e:f6:
                    b5:e2:3a:de:f1:9c:ac:b9:41:02:8b:f7:8f:8f:3b:
                    b8:6d:80:2d:3a:bd:69:05:26:65:f6:79:db:04:48:
                    fa:70:7a:aa:93:6e:41:79:7b:66:8c:10:3c:31:98:
                    9b:88:3b:1a:d9:7d:1f:d4:7d:71:cb:11:45:47:3b:
                    46:b7:32:3e:58:19:28:20:ff:a7:64:b6:36:c9:d2:
                    6d:4f:b9:e3:c3:58:71:ef:01:02:e5:6f:f1:de:98:
                    e1:b3:e2:1f:68:74:8a:3f:ec:5b:3c:8a:e8:97:a1:
                    bb:cd:65:78:04:d6:21:75:b4:1e:2f:7d:98:36:88:
                    d5:63:d9:e9:f7:9f:65:92:b9:a1:d5:d3:45:ab:b0:
                    56:4f:02:7b:5f:c5:4a:1b:72:14:9b:b0:92:7e:85:
                    b7:3f:1f:4f:63:b3:b6:10:ab:e4:bf:12:90:85:71:
                    5e:56:ad:5d:4a:7c:8d:1b:85:64:b3:f2:42:94:a0:
                    45:c3:8f:90:d6:08:ce:d0:14:89:59:b3:b2:10:31:
                    20:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:CA:83:3C:1F:5F:C2:76:83:45:42:45:69:1B:B0:91:4A:B0:7F:E8
            X509v3 Authority Key Identifier:
                keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/WsqDPB9fwnaDRUJFaRuwkUqwf-g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.246.230.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:4d:65:b7:cf:28:f5:b1:fd:48:78:26:fb:17:1f:2d:13:eb:
         a9:99:e0:4f:77:32:7f:39:34:80:9a:ec:c0:65:a2:fb:2f:23:
         ac:18:17:41:6b:e5:b4:83:29:ff:d0:8b:9d:e8:df:c4:6b:07:
         0c:74:c7:d5:50:13:f2:1c:8d:79:70:57:2f:97:36:13:37:39:
         56:f9:30:45:27:f1:cc:93:52:1d:8b:a8:ef:ed:7c:2f:cf:ba:
         b4:7b:da:e9:ad:0e:71:8f:45:2a:6e:67:5e:a3:14:19:31:10:
         98:f9:bf:3a:cc:56:dc:2d:dd:c4:fc:2f:3d:74:70:a2:79:4d:
         99:f8:9b:0d:a3:2c:ab:c9:d5:93:5f:d8:71:f7:d0:39:22:0b:
         1b:55:b5:54:27:2f:ee:ba:71:4e:88:86:32:28:38:bc:95:36:
         5e:6c:c1:8a:63:98:43:99:0c:57:4c:bf:5e:68:5f:09:8c:e3:
         44:9a:5d:ab:76:f5:e6:9f:9b:26:ac:cd:00:9a:ed:55:f1:cc:
         a7:c1:8e:50:3c:3c:9a:9e:88:98:c6:f4:05:0e:18:12:67:f8:
         28:9e:32:3a:b7:4a:19:3b:92:d1:2d:3f:4b:ca:f6:d0:be:8f:
         60:da:22:80:8d:8e:29:98:66:ff:3c:1d:a5:79:44:89:d2:50:
         92:d9:af:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6Gc0VEnNj4ApBIf8zxPk/8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjQwMzI4MTkwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWNhODMzYzFmNWZjMjc2ODM0NTQyNDU2OTFiYjA5MTRhYjA3ZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCNi2pB9+RoZxU8a93ry8bfO7ad7
6tU2uaGawPWZTN7JJ6N+5w/+vM/wv6L9Uu82hsAuzHg7d0uMXva14jre8ZysuUEC
i/ePjzu4bYAtOr1pBSZl9nnbBEj6cHqqk25BeXtmjBA8MZibiDsa2X0f1H1xyxFF
RztGtzI+WBkoIP+nZLY2ydJtT7njw1hx7wEC5W/x3pjhs+IfaHSKP+xbPIrol6G7
zWV4BNYhdbQeL32YNojVY9np959lkrmh1dNFq7BWTwJ7X8VKG3IUm7CSfoW3Px9P
Y7O2EKvkvxKQhXFeVq1dSnyNG4Vks/JClKBFw4+Q1gjO0BSJWbOyEDEgqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFrKgzwfX8J2g0VCRWkbsJFKsH/oMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvV3NxRFBCOWZ3bmFEUlVKRmFSdXdrVXF3Zi1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUPbmMA0G
CSqGSIb3DQEBCwUAA4IBAQCXTWW3zyj1sf1IeCb7Fx8tE+upmeBPdzJ/OTSAmuzA
ZaL7LyOsGBdBa+W0gyn/0Iud6N/EawcMdMfVUBPyHI15cFcvlzYTNzlW+TBFJ/HM
k1Idi6jv7Xwvz7q0e9rprQ5xj0UqbmdeoxQZMRCY+b86zFbcLd3E/C89dHCieU2Z
+JsNoyyrydWTX9hx99A5IgsbVbVUJy/uunFOiIYyKDi8lTZebMGKY5hDmQxXTL9e
aF8JjONEml2rdvXmn5smrM0Amu1V8cynwY5QPDyanoiYxvQFDhgSZ/gonjI6t0oZ
O5LRLT9LyvbQvo9g2iKAjY4pmGb/PB2leUSJ0lCS2a82
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:31 2024 by rpki-client on console-ams.rpki-client.org