Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/yLHtpggtpBu0r8w7OC0-EeJje3M.roa
File:                     yLHtpggtpBu0r8w7OC0-EeJje3M.roa (raw, json)
Hash identifier:          +I9BTbFUM10zba0e2cUamGK/0lX3tH7ljPmMRWVwra0=
Subject key identifier:   C8:B1:ED:A6:08:2D:A4:1B:B4:AF:CC:3B:38:2D:3E:11:E2:63:7B:73
Certificate issuer:       /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial:       018FEFB994482EB0781CB7C77128873A3251
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/yLHtpggtpBu0r8w7OC0-EeJje3M.roa
Signing time:             Thu 06 Jun 2024 22:44:27 +0000
ROA not before:           Thu 06 Jun 2024 22:44:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     45102
IP address blocks:        80.246.232.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Sun 11 Aug 2024 07:47:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:ef:b9:94:48:2e:b0:78:1c:b7:c7:71:28:87:3a:32:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
        Validity
            Not Before: Jun  6 22:44:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c8b1eda6082da41bb4afcc3b382d3e11e2637b73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:77:f3:e7:71:b2:69:9e:de:0a:da:f3:c8:47:
                    73:b2:80:a3:8d:75:8a:54:87:b3:db:18:eb:45:55:
                    d3:3c:65:cc:b6:7e:ee:76:dd:23:35:c4:56:d4:d7:
                    97:01:b3:a4:f5:a2:f1:47:97:e6:f6:a0:48:a4:03:
                    46:5b:48:92:6f:93:86:ee:fd:48:2d:5f:9c:9f:67:
                    ad:4b:74:83:7c:d2:d7:e7:d1:33:6d:14:6f:47:48:
                    68:9d:22:df:1f:33:0b:28:96:70:60:1a:c7:68:16:
                    05:c1:ff:02:ec:f0:15:a7:f6:5d:c6:4d:4c:3b:98:
                    10:c2:d1:59:77:18:c5:0e:6b:b6:08:8a:2d:d8:a7:
                    29:c3:29:48:22:77:0d:bb:43:08:7f:18:b3:d2:3e:
                    bb:6a:0f:ce:0b:f1:b0:ed:8e:ed:f9:64:d2:a0:ec:
                    6c:a8:92:51:4f:84:bc:dd:14:5f:22:76:44:68:69:
                    af:60:b5:95:b1:6d:58:4d:a9:2d:29:37:7c:f2:c4:
                    26:e3:c2:77:77:4e:3b:b8:87:1f:5d:5a:56:a0:a2:
                    5c:bd:35:59:b7:1b:6e:49:87:d7:96:82:be:81:4c:
                    6d:72:69:d6:53:36:1c:05:8d:6c:b3:12:15:ea:d5:
                    10:29:8d:56:0e:5a:40:f5:23:c6:b7:41:27:dc:4a:
                    a3:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:B1:ED:A6:08:2D:A4:1B:B4:AF:CC:3B:38:2D:3E:11:E2:63:7B:73
            X509v3 Authority Key Identifier:
                keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/yLHtpggtpBu0r8w7OC0-EeJje3M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.246.232.0/21

    Signature Algorithm: sha256WithRSAEncryption
         30:0e:b2:0b:b2:9f:61:fb:85:cf:d7:c2:9b:46:92:89:79:11:
         0f:0f:5a:a3:e7:01:16:09:fc:fc:dd:07:2f:ce:cc:41:19:4a:
         4b:8f:7c:b1:02:0e:40:9d:a2:ce:9b:cb:6b:a7:31:21:92:fa:
         63:a7:30:0e:19:01:ec:26:6e:f3:ce:45:15:10:6a:62:f2:9b:
         5f:2a:40:d0:be:5f:61:56:8b:8c:2b:46:a6:1d:16:0c:36:61:
         cf:5f:1a:e4:be:33:67:a0:4d:58:66:58:7d:28:95:3a:74:0f:
         73:c3:1d:c3:c8:d9:13:d0:bf:72:13:e1:89:1b:e8:55:e4:23:
         eb:b7:a4:0a:b1:06:8a:9d:f7:b4:87:58:1f:97:f2:c0:b2:9a:
         49:49:2f:01:28:e1:9b:91:61:7c:87:f5:e7:a0:e6:32:35:f0:
         05:52:68:1c:1e:86:75:b3:6d:9b:34:f6:dc:97:f7:e3:8d:50:
         0d:e3:7e:67:18:76:0f:01:1d:79:c3:cf:0b:ef:8d:c7:e9:10:
         cb:56:a4:d0:e4:12:a7:33:16:a6:fe:e3:44:1a:ad:ac:a2:3f:
         81:de:c3:09:b4:cc:b9:a0:10:43:ee:ef:3f:c6:ad:aa:1a:cf:
         9d:96:f1:e5:f3:72:c8:d6:fa:ca:3b:a6:4c:b3:37:e7:1f:81:
         fe:07:70:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/vuZRILrB4HLfHcSiHOjJRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjQwNjA2MjI0NDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGIxZWRhNjA4MmRhNDFiYjRhZmNjM2IzODJkM2UxMWUyNjM3YjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXfz53GyaZ7eCtrzyEdzsoCjjXWK
VIez2xjrRVXTPGXMtn7udt0jNcRW1NeXAbOk9aLxR5fm9qBIpANGW0iSb5OG7v1I
LV+cn2etS3SDfNLX59EzbRRvR0honSLfHzMLKJZwYBrHaBYFwf8C7PAVp/Zdxk1M
O5gQwtFZdxjFDmu2CIot2KcpwylIIncNu0MIfxiz0j67ag/OC/Gw7Y7t+WTSoOxs
qJJRT4S83RRfInZEaGmvYLWVsW1YTaktKTd88sQm48J3d047uIcfXVpWoKJcvTVZ
txtuSYfXloK+gUxtcmnWUzYcBY1ssxIV6tUQKY1WDlpA9SPGt0En3EqjeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMix7aYILaQbtK/MOzgtPhHiY3tzMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEveUxIdHBnZ3RwQnUwcjh3N09DMC1FZUpqZTNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUPboMA0G
CSqGSIb3DQEBCwUAA4IBAQAwDrILsp9h+4XP18KbRpKJeREPD1qj5wEWCfz83Qcv
zsxBGUpLj3yxAg5AnaLOm8trpzEhkvpjpzAOGQHsJm7zzkUVEGpi8ptfKkDQvl9h
VouMK0amHRYMNmHPXxrkvjNnoE1YZlh9KJU6dA9zwx3DyNkT0L9yE+GJG+hV5CPr
t6QKsQaKnfe0h1gfl/LAsppJSS8BKOGbkWF8h/XnoOYyNfAFUmgcHoZ1s22bNPbc
l/fjjVAN435nGHYPAR15w88L743H6RDLVqTQ5BKnMxam/uNEGq2soj+B3sMJtMy5
oBBD7u8/xq2qGs+dlvHl83LI1vrKO6ZMszfnH4H+B3CR
-----END CERTIFICATE-----
Generated at Sun Aug 11 10:00:56 2024 by rpki-client on console-ams.rpki-client.org