Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/fWXv4miZEFhITlMdJaxpIOU-0jY.roa
File:                     fWXv4miZEFhITlMdJaxpIOU-0jY.roa (raw, json)
Hash identifier:          OYhp8V0X9KB7arFuVYzO7Do6ZqNkZXKZIeihS9ITx/0=
Subject key identifier:   7D:65:EF:E2:68:99:10:58:48:4E:53:1D:25:AC:69:20:E5:3E:D2:36
Certificate issuer:       /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial:       0188306E0054F8947B3FADBE9A1ADB8B255B
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/fWXv4miZEFhITlMdJaxpIOU-0jY.roa
Signing time:             Thu 18 May 2023 19:54:55 +0000
ROA not before:           Thu 18 May 2023 19:54:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     18811
IP address blocks:        80.246.236.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 18 Jul 2023 09:23:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:30:6e:00:54:f8:94:7b:3f:ad:be:9a:1a:db:8b:25:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
        Validity
            Not Before: May 18 19:54:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7d65efe268991058484e531d25ac6920e53ed236
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:27:df:d8:3f:c6:a2:c1:8d:bd:77:62:df:36:
                    0a:35:7d:68:5a:87:0e:ae:3f:1b:76:fd:99:ea:b2:
                    00:11:fc:8b:b2:3e:53:92:63:8a:ab:ab:14:88:10:
                    ed:ed:d3:11:10:bf:1c:24:27:25:01:e8:4c:81:12:
                    a9:af:17:5e:98:99:15:53:04:fb:0f:ee:69:02:d3:
                    b3:b7:09:f9:46:e4:f3:f0:48:93:c4:8c:ad:4f:ec:
                    7a:27:73:7c:8c:a0:1b:4b:b2:ab:e2:19:72:9e:3d:
                    3d:0e:44:ea:da:cb:2a:b4:ad:02:e2:5c:1e:3b:85:
                    0d:55:1e:68:01:d6:21:fe:93:c6:ae:f5:92:32:8f:
                    d4:71:69:bf:14:ec:85:26:4e:1b:7f:ca:bb:85:18:
                    e1:56:e1:9d:84:4b:04:5d:5f:c3:b7:b8:d5:97:c9:
                    ee:20:29:e7:45:d3:ac:34:c3:b6:5e:df:1f:b8:0b:
                    bc:41:6b:b3:5a:30:96:cf:49:3e:ab:b7:40:0e:46:
                    c3:fd:a6:f4:93:5b:cb:91:7c:a5:c9:c6:3b:5d:de:
                    30:8e:2a:cb:d4:53:3a:1e:33:e8:6c:bb:e4:e8:db:
                    c3:e4:01:be:88:5f:2c:60:45:9b:b2:0c:42:7c:f1:
                    bb:36:42:63:77:ea:12:2c:bf:57:24:00:29:6c:0b:
                    4a:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:65:EF:E2:68:99:10:58:48:4E:53:1D:25:AC:69:20:E5:3E:D2:36
            X509v3 Authority Key Identifier:
                keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/fWXv4miZEFhITlMdJaxpIOU-0jY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.246.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4b:19:6a:23:ca:e1:65:88:97:05:5e:c1:f0:af:e5:30:f5:5e:
         b6:3e:81:d4:25:2d:95:44:99:44:e3:c8:a8:d7:b4:24:2b:52:
         77:d3:00:f5:d1:6c:f8:32:42:e6:62:b4:ac:d7:c3:a3:7b:e4:
         87:66:c1:02:ee:50:0d:bc:c3:70:1a:8b:b8:76:50:8e:77:32:
         ad:c0:1e:1a:e1:de:78:ae:a4:c8:fc:c0:b9:6b:83:3a:8b:26:
         69:90:de:04:5c:f4:b0:92:59:00:2d:22:26:93:9c:dc:21:fe:
         d3:5d:6d:a8:0e:14:f8:b2:6c:6c:4c:aa:21:5d:50:a3:30:68:
         2b:94:b8:ea:fe:ae:d5:f4:bd:6e:46:16:66:b4:2f:46:06:5e:
         96:8e:62:5d:a1:35:1b:06:ae:29:63:7a:71:ef:c8:35:5f:07:
         4d:dd:8a:43:d9:83:f2:13:ba:f0:4f:0a:c0:91:b3:10:04:9c:
         14:69:85:3f:58:33:4f:20:10:17:46:1e:77:84:32:9c:c6:aa:
         a5:f1:6f:db:fb:3b:35:49:73:ca:e2:74:9a:fb:f6:40:3a:41:
         35:e7:31:36:57:34:16:1b:26:07:7e:d7:f0:25:08:8d:f0:8d:
         8f:81:74:5e:5b:f9:fb:93:a8:f2:a0:a0:db:76:73:3f:53:33:
         ec:97:a8:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgwbgBU+JR7P62+mhrbiyVbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjMwNTE4MTk1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDY1ZWZlMjY4OTkxMDU4NDg0ZTUzMWQyNWFjNjkyMGU1M2VkMjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSff2D/GosGNvXdi3zYKNX1oWocO
rj8bdv2Z6rIAEfyLsj5TkmOKq6sUiBDt7dMREL8cJCclAehMgRKprxdemJkVUwT7
D+5pAtOztwn5RuTz8EiTxIytT+x6J3N8jKAbS7Kr4hlynj09DkTq2ssqtK0C4lwe
O4UNVR5oAdYh/pPGrvWSMo/UcWm/FOyFJk4bf8q7hRjhVuGdhEsEXV/Dt7jVl8nu
ICnnRdOsNMO2Xt8fuAu8QWuzWjCWz0k+q7dADkbD/ab0k1vLkXylycY7Xd4wjirL
1FM6HjPobLvk6NvD5AG+iF8sYEWbsgxCfPG7NkJjd+oSLL9XJAApbAtKzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH1l7+JomRBYSE5THSWsaSDlPtI2MB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvZldYdjRtaVpFRmhJVGxNZEpheHBJT1UtMGpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUPbsMA0G
CSqGSIb3DQEBCwUAA4IBAQBLGWojyuFliJcFXsHwr+Uw9V62PoHUJS2VRJlE48io
17QkK1J30wD10Wz4MkLmYrSs18Oje+SHZsEC7lANvMNwGou4dlCOdzKtwB4a4d54
rqTI/MC5a4M6iyZpkN4EXPSwklkALSImk5zcIf7TXW2oDhT4smxsTKohXVCjMGgr
lLjq/q7V9L1uRhZmtC9GBl6WjmJdoTUbBq4pY3px78g1XwdN3YpD2YPyE7rwTwrA
kbMQBJwUaYU/WDNPIBAXRh53hDKcxqql8W/b+zs1SXPK4nSa+/ZAOkE15zE2VzQW
GyYHftfwJQiN8I2PgXReW/n7k6jyoKDbdnM/UzPsl6jr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:52 2024 by rpki-client on console-fra.rpki-client.org