Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/5zbsFYrZYvAmBqH97-sRcda_z5g.roa
File:                     5zbsFYrZYvAmBqH97-sRcda_z5g.roa (raw, json)
Hash identifier:          7dGEELsV3iI9/07A/VZcz5sop2OgyiFzpB2X3QErJeU=
Subject key identifier:   E7:36:EC:15:8A:D9:62:F0:26:06:A1:FD:EF:EB:11:71:D6:BF:CF:98
Certificate issuer:       /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial:       018A9816DF383272552E3A92EDF1D9CFFF85
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/5zbsFYrZYvAmBqH97-sRcda_z5g.roa
Signing time:             Fri 15 Sep 2023 09:05:50 +0000
ROA not before:           Fri 15 Sep 2023 09:05:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35407
IP address blocks:        80.233.251.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:98:16:df:38:32:72:55:2e:3a:92:ed:f1:d9:cf:ff:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
        Validity
            Not Before: Sep 15 09:05:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e736ec158ad962f02606a1fdefeb1171d6bfcf98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:e1:d0:c1:bf:e8:6a:c2:c7:63:e5:89:51:9a:
                    66:97:2c:7d:de:1d:9e:b2:5b:2e:02:6e:4f:d1:16:
                    0f:97:15:33:9b:b1:9e:50:55:b7:d2:10:61:1d:9b:
                    29:77:b9:91:7c:f4:d1:be:7f:04:a0:b7:22:89:e3:
                    a9:92:b7:6c:0c:b7:de:d5:6e:30:8f:00:fa:18:28:
                    d4:2c:a2:c6:ee:22:c9:a6:c2:50:d2:79:a5:c3:a8:
                    bc:1b:de:7d:fd:d0:7c:7f:24:75:f7:e7:e8:7a:bb:
                    fa:72:3d:f1:af:22:9f:53:3b:05:75:42:3c:15:e4:
                    b1:35:9d:bd:9f:83:87:c7:fc:57:97:72:28:e2:07:
                    9d:35:9e:f2:11:d7:74:a0:38:8c:86:21:2b:7c:a8:
                    a3:e9:30:4a:7f:c3:c9:e0:9b:e3:8e:b7:86:f9:16:
                    87:be:05:d4:21:e9:83:2b:05:2d:8b:cc:af:8e:21:
                    d5:04:a5:b3:13:a2:d7:71:8a:98:80:8a:63:e6:75:
                    f5:5f:76:da:8d:2b:37:23:fd:34:0b:00:ca:bb:3b:
                    12:e2:99:54:51:6e:c1:17:9b:88:3c:e9:01:4b:fd:
                    26:12:f5:0c:e4:44:f9:c6:68:2f:99:eb:77:a7:f3:
                    3d:c8:ce:13:a9:8f:e4:b7:ef:02:a4:30:7c:0a:52:
                    b2:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:36:EC:15:8A:D9:62:F0:26:06:A1:FD:EF:EB:11:71:D6:BF:CF:98
            X509v3 Authority Key Identifier:
                keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/5zbsFYrZYvAmBqH97-sRcda_z5g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.233.251.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:f8:33:83:4b:84:49:8c:24:9b:b8:a0:3a:b0:a2:0e:18:a8:
         40:e9:e0:02:c1:70:87:b1:1b:ab:74:cb:94:79:f7:26:e2:47:
         eb:1b:f2:c9:e7:f9:10:26:19:ac:b5:8f:c8:2c:44:64:6b:a5:
         a5:ce:aa:15:c5:e3:8c:83:fd:1e:1d:20:2a:c7:33:06:6a:1e:
         6c:a3:78:5a:a8:cd:f2:a5:f2:a4:33:e7:8a:62:64:78:b5:75:
         2d:eb:bf:c0:74:49:aa:44:d3:cb:ce:ff:bf:02:9a:58:b3:3e:
         d5:02:56:ee:c0:65:5c:4c:d1:4c:88:46:af:d3:15:25:26:ce:
         0e:76:e5:33:0f:10:34:8e:27:55:e2:6a:c0:24:11:2a:8d:e5:
         c4:bf:4e:4d:c1:5e:6e:d6:d7:78:e4:97:e4:78:4f:56:47:8a:
         d8:59:38:5a:db:a6:ce:ab:2c:0b:ec:b1:f2:09:3c:fd:b2:72:
         b6:51:60:5c:e5:34:48:49:a4:06:3a:10:13:1d:75:2e:13:e8:
         a6:c0:f5:f7:1f:30:2d:76:6c:b9:42:ae:77:80:33:83:1a:72:
         60:57:75:be:19:74:95:82:73:6d:0e:db:ab:6a:59:6e:d9:9d:
         a9:39:28:24:9d:a1:e4:b1:86:53:f0:0a:06:22:67:48:cb:47:
         40:84:cd:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqYFt84MnJVLjqS7fHZz/+FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYmUwN2NiMWZkNGYxZTNjOTIyMzAzYjY3MGE4ODFiODJl
NjE0OTEwHhcNMjMwOTE1MDkwNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzM2ZWMxNThhZDk2MmYwMjYwNmExZmRlZmViMTE3MWQ2YmZjZjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOHQwb/oasLHY+WJUZpmlyx93h2e
slsuAm5P0RYPlxUzm7GeUFW30hBhHZspd7mRfPTRvn8EoLciieOpkrdsDLfe1W4w
jwD6GCjULKLG7iLJpsJQ0nmlw6i8G959/dB8fyR19+foerv6cj3xryKfUzsFdUI8
FeSxNZ29n4OHx/xXl3Io4gedNZ7yEdd0oDiMhiErfKij6TBKf8PJ4JvjjreG+RaH
vgXUIemDKwUti8yvjiHVBKWzE6LXcYqYgIpj5nX1X3bajSs3I/00CwDKuzsS4plU
UW7BF5uIPOkBS/0mEvUM5ET5xmgvmet3p/M9yM4TqY/kt+8CpDB8ClKyRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOc27BWK2WLwJgah/e/rEXHWv8+YMB8GA1UdIwQY
MBaAFOO+B8sf1PHjySIwO2cKiBuC5hSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMt
ZDRlZTFkMzg5ZTBkLzEvNXpic0ZZclpZdkFtQnFIOTctc1JjZGFfejVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMtZDRlZTFkMzg5ZTBk
LzEvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUOn7MA0G
CSqGSIb3DQEBCwUAA4IBAQAs+DODS4RJjCSbuKA6sKIOGKhA6eACwXCHsRurdMuU
efcm4kfrG/LJ5/kQJhmstY/ILERka6WlzqoVxeOMg/0eHSAqxzMGah5so3haqM3y
pfKkM+eKYmR4tXUt67/AdEmqRNPLzv+/AppYsz7VAlbuwGVcTNFMiEav0xUlJs4O
duUzDxA0jidV4mrAJBEqjeXEv05NwV5u1td45JfkeE9WR4rYWTha26bOqywL7LHy
CTz9snK2UWBc5TRISaQGOhATHXUuE+imwPX3HzAtdmy5Qq53gDODGnJgV3W+GXSV
gnNtDturallu2Z2pOSgknaHksYZT8AoGImdIy0dAhM30
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:47 2024 by rpki-client on console-ams.rpki-client.org