Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/4R-llM7Avzw1ZWqseav3m8jdLps.roa
File:                     4R-llM7Avzw1ZWqseav3m8jdLps.roa (raw, json)
Hash identifier:          Z89hQ3reTzDjegimEtD4T1ZRS9O7mBni9Z8Cy0H7dVo=
Subject key identifier:   E1:1F:A5:94:CE:C0:BF:3C:35:65:6A:AC:79:AB:F7:9B:C8:DD:2E:9B
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       018CC8DE84ADC466356A7FC527376C3A08BF
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/4R-llM7Avzw1ZWqseav3m8jdLps.roa
Signing time:             Tue 02 Jan 2024 06:31:15 +0000
ROA not before:           Tue 02 Jan 2024 06:31:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49981
IP address blocks:        85.209.163.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 24 Mar 2024 06:59:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:de:84:ad:c4:66:35:6a:7f:c5:27:37:6c:3a:08:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Jan  2 06:31:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e11fa594cec0bf3c35656aac79abf79bc8dd2e9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:34:3f:20:26:0b:f0:cb:26:d7:51:84:61:51:
                    a9:99:b9:e3:e7:97:d3:be:17:ce:64:d7:38:e2:5c:
                    27:80:e7:58:ac:e8:00:44:43:5a:b5:f9:58:01:26:
                    ad:3d:31:94:26:a7:6e:a0:77:c3:d5:73:d0:bd:8f:
                    ad:3f:0d:f0:67:fd:ef:8a:a3:18:f7:4e:c5:61:13:
                    b5:94:ac:15:e8:fb:02:a4:db:43:4e:6d:2f:aa:ca:
                    76:f8:d2:9a:e6:8a:db:4b:90:7b:d9:8b:c1:8a:ec:
                    52:7b:9a:d3:0a:5e:ad:63:51:aa:36:8b:ea:96:0b:
                    58:d9:0d:96:41:15:01:a7:a2:bd:a5:3a:cf:7d:ec:
                    12:55:a7:58:1a:fb:f7:51:60:93:08:bd:36:8a:e3:
                    79:1d:e0:6e:28:45:15:7d:f2:dd:7e:5c:c6:f7:e6:
                    e6:70:19:0e:08:19:b4:37:ac:05:8d:82:6e:15:14:
                    eb:3e:07:e3:8d:5d:9a:f6:fe:92:6e:31:88:bb:b1:
                    66:0a:48:98:ba:9d:9c:8b:6c:4d:ba:d8:d2:47:fd:
                    4b:02:81:5d:b4:a2:1f:39:54:b5:00:75:d7:88:dc:
                    76:13:c1:da:75:26:25:56:10:53:16:92:c3:62:02:
                    3d:d1:b5:99:66:f2:a8:68:64:43:5c:bd:98:fd:e9:
                    6b:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:1F:A5:94:CE:C0:BF:3C:35:65:6A:AC:79:AB:F7:9B:C8:DD:2E:9B
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/4R-llM7Avzw1ZWqseav3m8jdLps.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.209.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:b7:4d:66:ab:0b:1b:87:11:a3:da:8e:1f:50:ce:37:c1:69:
         ed:ab:27:e9:c2:a8:94:c6:92:3e:a8:e9:7d:d7:66:27:d0:80:
         2e:99:7c:f0:ba:9d:84:1c:d4:8d:1d:3d:8e:ea:3e:62:46:b4:
         8a:cf:f8:2b:66:a6:13:16:c9:7d:5d:77:6a:5b:3b:ac:69:7d:
         a7:5c:b7:19:85:2f:cc:05:a7:99:c2:66:e0:53:6b:e7:a3:d8:
         56:a3:96:ce:fe:fd:e3:d7:16:c7:49:9e:e4:93:10:94:74:e0:
         df:04:6c:40:6b:cc:c1:7b:07:51:9d:4a:3d:c3:d4:ca:f8:76:
         bb:db:be:c1:e8:c4:aa:90:fd:20:76:da:5b:8f:ce:3f:e7:53:
         0e:cb:5c:81:0f:b0:6d:e6:99:aa:e2:4d:8a:86:d9:97:59:9e:
         83:19:67:0d:8a:65:4b:ad:b5:c8:3b:ef:08:1c:80:6c:4c:c6:
         bc:e8:a1:1f:4b:9d:2a:cf:99:8e:6d:58:06:3c:64:dd:49:78:
         57:9e:c0:0d:c5:28:0b:3d:cf:fe:65:9f:15:c3:89:7a:71:37:
         95:0f:ef:a9:b1:9a:47:7b:a0:32:10:3b:fe:4d:5d:d8:4e:c4:
         8b:b0:cd:3c:f6:a7:b0:8a:ad:71:48:67:64:f3:7e:c7:71:d5:
         df:36:16:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3oStxGY1an/FJzdsOgi/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMTAyMDYzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTFmYTU5NGNlYzBiZjNjMzU2NTZhYWM3OWFiZjc5YmM4ZGQyZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzQ/ICYL8Msm11GEYVGpmbnj55fT
vhfOZNc44lwngOdYrOgARENatflYASatPTGUJqduoHfD1XPQvY+tPw3wZ/3viqMY
907FYRO1lKwV6PsCpNtDTm0vqsp2+NKa5orbS5B72YvBiuxSe5rTCl6tY1GqNovq
lgtY2Q2WQRUBp6K9pTrPfewSVadYGvv3UWCTCL02iuN5HeBuKEUVffLdflzG9+bm
cBkOCBm0N6wFjYJuFRTrPgfjjV2a9v6SbjGIu7FmCkiYup2ci2xNutjSR/1LAoFd
tKIfOVS1AHXXiNx2E8HadSYlVhBTFpLDYgI90bWZZvKoaGRDXL2Y/elrPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOEfpZTOwL88NWVqrHmr95vI3S6bMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvNFItbGxNN0F2encxWldxc2VhdjNtOGpkTHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdGjMA0G
CSqGSIb3DQEBCwUAA4IBAQB7t01mqwsbhxGj2o4fUM43wWntqyfpwqiUxpI+qOl9
12Yn0IAumXzwup2EHNSNHT2O6j5iRrSKz/grZqYTFsl9XXdqWzusaX2nXLcZhS/M
BaeZwmbgU2vno9hWo5bO/v3j1xbHSZ7kkxCUdODfBGxAa8zBewdRnUo9w9TK+Ha7
277B6MSqkP0gdtpbj84/51MOy1yBD7Bt5pmq4k2KhtmXWZ6DGWcNimVLrbXIO+8I
HIBsTMa86KEfS50qz5mObVgGPGTdSXhXnsANxSgLPc/+ZZ8Vw4l6cTeVD++psZpH
e6AyEDv+TV3YTsSLsM089qewiq1xSGdk837HcdXfNhb4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:24 2024 by rpki-client on console-fra.rpki-client.org