Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/fgQc7OTxOjKGk0rrb63bjBkFLSo.roa
File:                     fgQc7OTxOjKGk0rrb63bjBkFLSo.roa (raw, json)
Hash identifier:          mx7z3VcULJB2vq6X3bUFY80drXBD2cFwRky9JmXUvrM=
Subject key identifier:   7E:04:1C:EC:E4:F1:3A:32:86:93:4A:EB:6F:AD:DB:8C:19:05:2D:2A
Certificate issuer:       /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial:       018AAD16D971D141A6FBD5410F40FCA6FD45
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/fgQc7OTxOjKGk0rrb63bjBkFLSo.roa
Signing time:             Tue 19 Sep 2023 10:57:50 +0000
ROA not before:           Tue 19 Sep 2023 10:57:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57043
IP address blocks:        80.246.235.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 02 Oct 2023 23:26:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:ad:16:d9:71:d1:41:a6:fb:d5:41:0f:40:fc:a6:fd:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
        Validity
            Not Before: Sep 19 10:57:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7e041cece4f13a3286934aeb6faddb8c19052d2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:1b:ca:aa:f8:ac:28:08:d1:b8:6b:6a:b0:e8:
                    60:db:45:4e:24:df:89:5c:10:fa:9a:2d:8a:3d:80:
                    8f:a2:b0:4c:3b:c1:3f:c7:10:26:66:fb:70:1c:02:
                    0b:14:42:59:06:53:2f:49:b5:88:d3:ce:fd:de:3a:
                    44:05:90:6c:e4:61:4b:72:b3:28:1b:f4:3c:20:ba:
                    1d:cc:86:9c:31:4f:4a:36:05:4a:6d:89:94:d7:59:
                    1d:57:58:10:f0:c1:36:b7:c7:d4:88:16:d9:76:33:
                    34:8e:ac:bb:89:88:7f:e7:a5:42:52:ee:18:ad:22:
                    5e:5a:ba:e0:57:b1:3c:5d:58:ee:91:68:28:3f:5b:
                    ce:bd:db:c9:85:b5:80:94:5e:c7:98:50:d5:5c:fc:
                    9a:3f:39:f2:f8:c9:af:c9:b8:47:77:5d:cd:c4:ea:
                    02:00:09:35:04:cf:01:91:1c:91:3e:5e:4a:fc:ce:
                    a7:01:8d:89:36:76:31:7d:4d:d1:0b:25:e0:2f:0e:
                    5b:81:f2:80:84:12:73:85:37:31:7c:d9:45:34:c0:
                    6d:ed:a5:a7:7d:b1:f8:c9:57:69:22:8e:1a:78:bd:
                    4e:65:1a:bc:3b:d5:32:1f:9b:4b:50:18:4a:77:ca:
                    d7:d9:d3:70:68:56:eb:a2:48:fa:bb:ca:99:f8:8e:
                    4f:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:04:1C:EC:E4:F1:3A:32:86:93:4A:EB:6F:AD:DB:8C:19:05:2D:2A
            X509v3 Authority Key Identifier:
                keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/fgQc7OTxOjKGk0rrb63bjBkFLSo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.246.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:d1:5d:7b:fe:5b:66:a2:b9:6a:8a:be:56:86:6b:5a:ab:44:
         33:d1:31:56:18:1e:fc:40:ba:fc:22:4f:9a:05:0b:52:ca:1e:
         b5:36:6d:ea:29:9d:cb:45:68:72:8e:da:0a:44:96:ad:57:73:
         77:b6:79:c7:b9:09:87:48:d0:76:df:f9:dd:2e:f9:b1:ae:34:
         d2:df:2d:6c:16:2d:fe:70:7d:8c:9f:9a:6b:26:d6:b7:78:40:
         f5:39:b9:e6:d9:d3:88:d5:8e:ff:ea:f0:8c:38:97:57:82:fa:
         39:fd:c8:11:43:23:d1:8b:79:f8:f0:f4:2c:80:3e:b0:af:df:
         cc:59:14:9e:76:a7:9f:fe:5c:1e:42:57:be:a6:f0:5c:62:ee:
         a1:38:b0:bb:b9:09:92:4c:95:51:fe:94:b2:61:f8:fa:8f:0b:
         74:e5:8b:cb:02:35:26:fc:cd:9f:dc:7a:bd:15:01:54:47:8b:
         0c:5e:cd:a7:5a:fc:e3:ae:51:e9:84:ad:99:ad:77:56:33:2c:
         05:4c:35:4d:60:69:e6:fe:6c:e0:6c:57:03:0f:58:f0:cd:63:
         f5:b3:01:4f:05:f7:16:ae:a9:e1:64:0e:0e:3c:b9:c0:cb:e7:
         af:5e:52:b2:7d:a1:23:7d:16:72:88:d8:a6:dc:e3:74:87:58:
         a5:bf:ec:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqtFtlx0UGm+9VBD0D8pv1FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjMwOTE5MTA1NzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTA0MWNlY2U0ZjEzYTMyODY5MzRhZWI2ZmFkZGI4YzE5MDUyZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxvKqvisKAjRuGtqsOhg20VOJN+J
XBD6mi2KPYCPorBMO8E/xxAmZvtwHAILFEJZBlMvSbWI08793jpEBZBs5GFLcrMo
G/Q8ILodzIacMU9KNgVKbYmU11kdV1gQ8ME2t8fUiBbZdjM0jqy7iYh/56VCUu4Y
rSJeWrrgV7E8XVjukWgoP1vOvdvJhbWAlF7HmFDVXPyaPzny+MmvybhHd13NxOoC
AAk1BM8BkRyRPl5K/M6nAY2JNnYxfU3RCyXgLw5bgfKAhBJzhTcxfNlFNMBt7aWn
fbH4yVdpIo4aeL1OZRq8O9UyH5tLUBhKd8rX2dNwaFbrokj6u8qZ+I5P3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH4EHOzk8ToyhpNK62+t24wZBS0qMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvZmdRYzdPVHhPaktHazBycmI2M2JqQmtGTFNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUPbrMA0G
CSqGSIb3DQEBCwUAA4IBAQBv0V17/ltmorlqir5Whmtaq0Qz0TFWGB78QLr8Ik+a
BQtSyh61Nm3qKZ3LRWhyjtoKRJatV3N3tnnHuQmHSNB23/ndLvmxrjTS3y1sFi3+
cH2Mn5prJta3eED1Obnm2dOI1Y7/6vCMOJdXgvo5/cgRQyPRi3n48PQsgD6wr9/M
WRSedqef/lweQle+pvBcYu6hOLC7uQmSTJVR/pSyYfj6jwt05YvLAjUm/M2f3Hq9
FQFUR4sMXs2nWvzjrlHphK2ZrXdWMywFTDVNYGnm/mzgbFcDD1jwzWP1swFPBfcW
rqnhZA4OPLnAy+evXlKyfaEjfRZyiNim3ON0h1ilv+wJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:52 2024 by rpki-client on console-fra.rpki-client.org