Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/1-kJFcEIAUtNo1hDbSX_mlm2Qc78.roa
File:                     1-kJFcEIAUtNo1hDbSX_mlm2Qc78.roa (raw, json)
Hash identifier:          0mHrPdG8Sqr3W5WLCtSrXzqq9WYTwy65L8R7W1KA010=
Subject key identifier:   FA:42:45:70:42:00:52:D3:68:D6:10:DB:49:7F:E6:96:6D:90:73:BF
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       018AFB797F6276D7F492B95191887C896E05
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/1-kJFcEIAUtNo1hDbSX_mlm2Qc78.roa
Signing time:             Wed 04 Oct 2023 16:15:58 +0000
ROA not before:           Wed 04 Oct 2023 16:15:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211373
IP address blocks:        178.253.33.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:31:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:fb:79:7f:62:76:d7:f4:92:b9:51:91:88:7c:89:6e:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Oct  4 16:15:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fa424570420052d368d610db497fe6966d9073bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:8f:d6:07:7b:53:7a:e3:ba:12:e8:a3:74:5e:
                    78:64:29:7f:21:dc:ee:91:09:4b:bd:11:4b:33:1e:
                    ff:a9:29:d9:b9:ef:38:c0:5b:93:2b:b7:dc:09:0b:
                    d1:09:22:0e:4c:3c:05:c0:a1:4a:bc:71:7b:1b:35:
                    7a:72:0b:ff:63:ce:85:d0:1a:fb:77:95:11:c6:66:
                    ee:fb:4d:3d:b4:5a:b8:73:6a:12:12:04:9c:bd:cb:
                    76:87:fa:73:a1:be:45:40:e2:f0:e1:f9:5a:2f:9d:
                    ec:57:13:e0:16:a4:e6:b7:a7:b4:ed:5c:75:35:b6:
                    79:7a:14:82:64:1b:8f:91:a8:4c:f5:f4:e8:5c:dc:
                    7d:12:98:1d:a7:5c:fe:1a:7c:ef:92:f0:80:14:24:
                    d4:0e:9f:c0:c6:0e:f8:e2:6a:dd:8c:91:3c:25:ec:
                    9c:df:a9:e4:f6:e4:40:89:57:04:6f:de:40:7e:25:
                    44:85:14:ff:7d:d0:c4:48:eb:5c:3c:44:27:7b:6a:
                    68:79:a5:4e:12:a3:10:5e:4b:32:48:05:61:ce:6d:
                    ca:39:26:9f:f6:9a:fe:4d:2e:53:9e:4b:e5:5f:56:
                    c6:98:8b:9a:38:64:24:0b:04:de:4d:ef:86:a9:29:
                    e6:3b:92:32:60:c6:ed:0d:94:cc:92:26:f8:53:71:
                    b2:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:42:45:70:42:00:52:D3:68:D6:10:DB:49:7F:E6:96:6D:90:73:BF
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/1-kJFcEIAUtNo1hDbSX_mlm2Qc78.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.253.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:db:95:6b:5c:1f:2a:8b:37:b3:85:0a:d2:4c:21:f0:bc:88:
         17:58:e3:e2:3e:df:48:9d:41:43:3e:fe:b5:60:ce:bb:2c:61:
         07:70:a5:a1:08:82:11:be:3e:c5:75:50:41:9a:0d:18:bc:44:
         2b:d4:b1:e7:13:6e:d8:9f:05:49:14:82:a5:6c:b0:db:47:50:
         d4:64:73:01:60:dd:7f:ae:90:c7:c0:3f:6e:83:4a:3b:b2:c1:
         34:1c:81:4b:cb:b2:aa:84:a1:f5:72:6f:60:48:b5:66:3b:e3:
         71:4e:92:fd:62:1e:07:2a:29:77:1a:66:3b:70:57:08:09:ca:
         92:86:3d:34:75:22:28:8d:00:5e:d1:da:8b:16:ef:f8:17:6d:
         20:1c:cd:d1:08:48:ae:f3:a0:5f:ce:88:9c:21:e6:98:d9:8d:
         67:9f:a0:0c:67:70:b5:84:73:b4:b3:a6:47:71:45:ee:86:9c:
         54:98:de:a6:e8:83:e8:e9:07:09:d1:e2:c5:38:e5:72:d6:6e:
         7e:1f:c4:03:47:78:6e:99:85:c6:7e:f8:de:4c:5d:5c:b6:45:
         f6:c5:e6:a8:77:cc:90:43:2e:88:29:38:b7:0f:66:5a:d4:e1:
         e2:86:6b:3e:84:67:44:48:46:8c:92:bd:2f:83:32:76:5d:d6:
         af:2d:c2:34
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYr7eX9idtf0krlRkYh8iW4FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMxMDA0MTYxNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTQyNDU3MDQyMDA1MmQzNjhkNjEwZGI0OTdmZTY5NjZkOTA3M2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4/WB3tTeuO6EuijdF54ZCl/Idzu
kQlLvRFLMx7/qSnZue84wFuTK7fcCQvRCSIOTDwFwKFKvHF7GzV6cgv/Y86F0Br7
d5URxmbu+009tFq4c2oSEgScvct2h/pzob5FQOLw4flaL53sVxPgFqTmt6e07Vx1
NbZ5ehSCZBuPkahM9fToXNx9Epgdp1z+GnzvkvCAFCTUDp/Axg744mrdjJE8Jeyc
36nk9uRAiVcEb95AfiVEhRT/fdDESOtcPEQne2poeaVOEqMQXksySAVhzm3KOSaf
9pr+TS5TnkvlX1bGmIuaOGQkCwTeTe+GqSnmO5IyYMbtDZTMkib4U3GyxwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPpCRXBCAFLTaNYQ20l/5pZtkHO/MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvMS1rSkZjRUlBVXRObzFoRGJTWF9tbG0yUWM3OC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjgvNDEwOTMwLTlkNjUtNGJlOC05ZWJhLWY5OGRhNTRhZjQz
NC8xL3duZU40cW0tbUFJU0E0TG5VTkZaNlZoeXdxNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALL9ITAN
BgkqhkiG9w0BAQsFAAOCAQEAYNuVa1wfKos3s4UK0kwh8LyIF1jj4j7fSJ1BQz7+
tWDOuyxhB3CloQiCEb4+xXVQQZoNGLxEK9Sx5xNu2J8FSRSCpWyw20dQ1GRzAWDd
f66Qx8A/boNKO7LBNByBS8uyqoSh9XJvYEi1ZjvjcU6S/WIeByopdxpmO3BXCAnK
koY9NHUiKI0AXtHaixbv+BdtIBzN0QhIrvOgX86InCHmmNmNZ5+gDGdwtYRztLOm
R3FF7oacVJjepuiD6OkHCdHixTjlctZufh/EA0d4bpmFxn743kxdXLZF9sXmqHfM
kEMuiCk4tw9mWtTh4oZrPoRnREhGjJK9L4Mydl3Wry3CNA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:18 2024 by rpki-client on console-ams.rpki-client.org