Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/Znf9Fyt8FLeJQtNGBZyg0HeUtSc.roa
File:                     Znf9Fyt8FLeJQtNGBZyg0HeUtSc.roa (raw, json)
Hash identifier:          HWVuTX3KOz/l/AoeSOR66NP+VV21JuLVpRjbbsp54L4=
Subject key identifier:   66:77:FD:17:2B:7C:14:B7:89:42:D3:46:05:9C:A0:D0:77:94:B5:27
Certificate issuer:       /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial:       018E28EBDD3BF3DF50D182D3FDF3019B9400
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/Znf9Fyt8FLeJQtNGBZyg0HeUtSc.roa
Signing time:             Sun 10 Mar 2024 15:12:10 +0000
ROA not before:           Sun 10 Mar 2024 15:12:10 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        80.246.230.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 22 Mar 2024 15:39:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:28:eb:dd:3b:f3:df:50:d1:82:d3:fd:f3:01:9b:94:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
        Validity
            Not Before: Mar 10 15:12:10 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6677fd172b7c14b78942d346059ca0d07794b527
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:db:ae:9f:1a:e5:a0:6e:7e:5e:87:b9:4f:39:
                    ff:0d:b1:f7:3d:14:d8:4b:b1:c7:86:cc:d6:11:86:
                    e0:3a:05:9f:03:0a:19:11:d0:65:3a:89:7c:87:20:
                    50:99:e0:6d:e4:31:4d:51:67:1d:f6:2f:ec:a0:f6:
                    2c:80:17:e5:a1:60:41:e2:4b:a1:f2:67:46:8d:1c:
                    c9:80:a5:97:63:d5:64:35:ac:18:5e:7e:35:39:bc:
                    c5:d7:15:c8:b1:96:85:c2:81:35:83:b4:1b:89:5d:
                    35:b3:82:af:32:92:9a:e1:1b:32:fc:f4:6a:2a:2f:
                    99:bb:06:d8:82:3a:91:26:84:08:14:2d:5b:6e:12:
                    8e:93:4f:33:4e:93:81:47:aa:10:e0:a5:06:07:4b:
                    29:83:61:bf:e1:98:85:15:ca:9d:1b:ee:59:19:36:
                    f4:f5:b2:bb:eb:8b:64:5e:4c:d6:88:a7:03:b1:ba:
                    de:61:ea:ed:a0:da:a1:38:ce:b3:72:db:b8:60:94:
                    b3:5a:a2:1d:2e:f5:e7:bc:20:db:c7:d0:f9:29:cd:
                    83:39:94:1c:84:15:8d:3a:8d:99:d3:46:cd:84:71:
                    0a:aa:fb:ab:ea:4f:ea:31:7c:b6:26:6f:e4:74:ea:
                    ae:df:b0:13:57:a9:bf:32:0f:9a:a2:f6:96:5b:4f:
                    56:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:77:FD:17:2B:7C:14:B7:89:42:D3:46:05:9C:A0:D0:77:94:B5:27
            X509v3 Authority Key Identifier:
                keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/Znf9Fyt8FLeJQtNGBZyg0HeUtSc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.246.230.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:62:cb:03:d0:ca:1f:42:f8:74:3a:42:51:fa:55:62:e3:c6:
         9f:3b:05:56:2f:2a:08:5d:a5:ae:43:ab:68:08:ec:26:38:6d:
         05:97:93:0d:fd:ab:b0:47:9e:4f:8c:b2:f3:3e:0a:5b:3c:cf:
         b2:3a:33:eb:8f:fb:8b:5b:8e:4a:cd:c3:cd:38:3a:10:fb:2e:
         9d:b1:cc:e9:f0:99:8f:db:c4:94:e0:ac:1a:df:1c:af:03:ff:
         f9:dd:5c:9e:7d:e8:47:76:41:e8:6b:31:43:69:43:11:bd:c9:
         1f:f1:54:63:a8:26:02:6a:a4:39:7e:94:64:8d:b2:eb:36:32:
         7e:d8:d2:62:8b:20:03:4d:9b:84:b7:87:53:c0:48:fa:8f:cc:
         f0:10:f7:5f:78:d5:b8:06:97:07:e1:47:71:ca:b0:88:cb:43:
         36:d6:fa:e9:1d:dd:d0:0c:39:f8:02:93:b4:25:45:67:0b:e7:
         f7:f4:56:82:63:fe:5f:66:43:63:1b:0b:79:0c:b8:48:79:95:
         d9:77:1d:e7:3f:21:5f:04:36:2d:42:a3:bb:21:33:e1:be:bd:
         23:87:a9:de:93:7d:57:52:74:3d:77:3c:d2:a8:05:c3:f7:7f:
         47:eb:43:2d:55:6e:57:eb:da:c2:fb:ff:af:ca:ce:bd:1f:5f:
         48:6d:9a:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4o6907899Q0YLT/fMBm5QAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjQwMzEwMTUxMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Njc3ZmQxNzJiN2MxNGI3ODk0MmQzNDYwNTljYTBkMDc3OTRiNTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9uunxrloG5+Xoe5Tzn/DbH3PRTY
S7HHhszWEYbgOgWfAwoZEdBlOol8hyBQmeBt5DFNUWcd9i/soPYsgBfloWBB4kuh
8mdGjRzJgKWXY9VkNawYXn41ObzF1xXIsZaFwoE1g7QbiV01s4KvMpKa4Rsy/PRq
Ki+ZuwbYgjqRJoQIFC1bbhKOk08zTpOBR6oQ4KUGB0spg2G/4ZiFFcqdG+5ZGTb0
9bK764tkXkzWiKcDsbreYertoNqhOM6zctu4YJSzWqIdLvXnvCDbx9D5Kc2DOZQc
hBWNOo2Z00bNhHEKqvur6k/qMXy2Jm/kdOqu37ATV6m/Mg+aovaWW09WvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGZ3/RcrfBS3iULTRgWcoNB3lLUnMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvWm5mOUZ5dDhGTGVKUXROR0JaeWcwSGVVdFNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUPbmMA0G
CSqGSIb3DQEBCwUAA4IBAQCUYssD0MofQvh0OkJR+lVi48afOwVWLyoIXaWuQ6to
COwmOG0Fl5MN/auwR55PjLLzPgpbPM+yOjPrj/uLW45KzcPNODoQ+y6dsczp8JmP
28SU4Kwa3xyvA//53VyefehHdkHoazFDaUMRvckf8VRjqCYCaqQ5fpRkjbLrNjJ+
2NJiiyADTZuEt4dTwEj6j8zwEPdfeNW4BpcH4UdxyrCIy0M21vrpHd3QDDn4ApO0
JUVnC+f39FaCY/5fZkNjGwt5DLhIeZXZdx3nPyFfBDYtQqO7ITPhvr0jh6nek31X
UnQ9dzzSqAXD939H60MtVW5X69rC+/+vys69H19IbZqO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:31 2024 by rpki-client on console-ams.rpki-client.org