Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/lfQlNyIG86HjT4WE1ZW8fTYx4s8.roa
File:                     lfQlNyIG86HjT4WE1ZW8fTYx4s8.roa (raw, json)
Hash identifier:          2So7MWuW4TZAKkS7kQGP5FypCkaE+CyZXDUA+xTgEeo=
Subject key identifier:   95:F4:25:37:22:06:F3:A1:E3:4F:85:84:D5:95:BC:7D:36:31:E2:CF
Certificate issuer:       /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial:       018A9815F4CABFC408D8F8DF6BDB483D0D53
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/lfQlNyIG86HjT4WE1ZW8fTYx4s8.roa
Signing time:             Fri 15 Sep 2023 09:04:50 +0000
ROA not before:           Fri 15 Sep 2023 09:04:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25107
IP address blocks:        80.233.138.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:98:15:f4:ca:bf:c4:08:d8:f8:df:6b:db:48:3d:0d:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
        Validity
            Not Before: Sep 15 09:04:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=95f425372206f3a1e34f8584d595bc7d3631e2cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:1e:63:58:68:76:a6:55:73:4a:20:a5:d2:67:
                    3c:21:44:9f:9b:f6:6e:73:8d:79:c2:d4:0b:f3:ec:
                    a4:5b:bb:f2:eb:48:d2:5e:c4:d1:04:d2:39:dc:92:
                    63:4b:11:cf:5e:32:6e:f9:32:4b:d3:7a:97:04:e1:
                    bb:8c:08:df:88:a3:5b:ed:d5:36:1b:a2:fd:0b:44:
                    07:0b:6f:f0:ab:58:cc:70:f2:6a:78:96:31:9a:f1:
                    43:65:79:bc:8f:bd:25:45:6e:cc:07:a8:4c:92:eb:
                    8a:de:fa:75:53:7a:71:24:ce:d2:42:f6:e0:ea:6f:
                    a2:a8:19:41:ee:26:5c:ab:3d:9d:f6:f6:8e:bf:d8:
                    af:0a:2d:77:65:51:79:de:e0:0f:76:dc:b9:42:cc:
                    d1:b8:c2:c4:08:41:f4:55:a8:d0:1b:7f:94:32:fc:
                    9f:6d:cb:4c:f9:ee:ad:25:06:9e:1d:54:5f:f1:6e:
                    a9:8f:cd:ec:4b:e6:d8:51:aa:fc:c0:30:5a:95:c2:
                    38:00:83:22:22:55:59:c2:67:9c:f4:e8:fd:c8:f0:
                    0f:56:81:2f:64:bb:11:d9:97:10:de:35:1c:67:22:
                    6b:e7:39:04:ea:9a:8e:78:3d:1b:f1:2e:b8:9d:9d:
                    73:45:b1:e2:76:c3:02:0a:6e:44:db:a1:38:76:ef:
                    be:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:F4:25:37:22:06:F3:A1:E3:4F:85:84:D5:95:BC:7D:36:31:E2:CF
            X509v3 Authority Key Identifier:
                keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/lfQlNyIG86HjT4WE1ZW8fTYx4s8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.233.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:25:69:5e:9f:9b:7d:2b:11:81:fe:1e:a0:9e:46:e4:cd:02:
         6e:c0:59:b2:d7:58:a2:99:94:7a:ff:0f:dc:1f:a5:d7:45:0f:
         1f:9f:52:32:35:30:7f:71:a8:bf:9b:4b:46:80:bd:a5:ba:78:
         32:37:b5:00:84:f7:01:dd:71:1c:cf:d3:5a:61:d9:7c:15:b3:
         c2:d2:b7:7a:7f:3e:f0:a4:28:02:42:88:7d:c3:65:fe:74:c4:
         df:c7:d9:ff:df:a9:04:02:e9:68:94:64:03:ab:6e:f6:df:11:
         89:e0:56:2b:a3:12:52:a1:10:f5:7f:86:1e:1d:96:7e:ea:ca:
         0b:a0:b1:2d:23:97:1c:16:18:d5:3b:8d:14:ee:97:14:13:ec:
         82:1b:42:62:b3:7a:ef:83:5e:45:35:de:9e:71:0a:37:cd:66:
         88:a0:04:a2:6c:96:bd:be:36:02:13:6e:17:38:73:66:6c:6a:
         eb:71:f6:eb:5b:01:33:8d:d9:fb:8b:b6:43:e6:5f:91:b1:98:
         2f:54:ab:32:e4:62:a0:ef:f5:b9:5c:07:4f:c8:45:bd:5b:c0:
         41:eb:97:ff:b2:bd:3d:a2:75:84:d9:91:67:be:c6:0f:28:f7:
         f1:97:02:0e:3b:6b:f5:37:2e:03:f5:48:86:6a:6a:07:06:db:
         b6:c5:82:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqYFfTKv8QI2Pjfa9tIPQ1TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYmUwN2NiMWZkNGYxZTNjOTIyMzAzYjY3MGE4ODFiODJl
NjE0OTEwHhcNMjMwOTE1MDkwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWY0MjUzNzIyMDZmM2ExZTM0Zjg1ODRkNTk1YmM3ZDM2MzFlMmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlR5jWGh2plVzSiCl0mc8IUSfm/Zu
c415wtQL8+ykW7vy60jSXsTRBNI53JJjSxHPXjJu+TJL03qXBOG7jAjfiKNb7dU2
G6L9C0QHC2/wq1jMcPJqeJYxmvFDZXm8j70lRW7MB6hMkuuK3vp1U3pxJM7SQvbg
6m+iqBlB7iZcqz2d9vaOv9ivCi13ZVF53uAPdty5QszRuMLECEH0VajQG3+UMvyf
bctM+e6tJQaeHVRf8W6pj83sS+bYUar8wDBalcI4AIMiIlVZwmec9Oj9yPAPVoEv
ZLsR2ZcQ3jUcZyJr5zkE6pqOeD0b8S64nZ1zRbHidsMCCm5E26E4du++UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJX0JTciBvOh40+FhNWVvH02MeLPMB8GA1UdIwQY
MBaAFOO+B8sf1PHjySIwO2cKiBuC5hSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMt
ZDRlZTFkMzg5ZTBkLzEvbGZRbE55SUc4NkhqVDRXRTFaVzhmVFl4NHM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMtZDRlZTFkMzg5ZTBk
LzEvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUOmKMA0G
CSqGSIb3DQEBCwUAA4IBAQB0JWlen5t9KxGB/h6gnkbkzQJuwFmy11iimZR6/w/c
H6XXRQ8fn1IyNTB/cai/m0tGgL2lungyN7UAhPcB3XEcz9NaYdl8FbPC0rd6fz7w
pCgCQoh9w2X+dMTfx9n/36kEAulolGQDq2723xGJ4FYroxJSoRD1f4YeHZZ+6soL
oLEtI5ccFhjVO40U7pcUE+yCG0Jis3rvg15FNd6ecQo3zWaIoASibJa9vjYCE24X
OHNmbGrrcfbrWwEzjdn7i7ZD5l+RsZgvVKsy5GKg7/W5XAdPyEW9W8BB65f/sr09
onWE2ZFnvsYPKPfxlwIOO2v1Ny4D9UiGamoHBtu2xYLJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:47 2024 by rpki-client on console-ams.rpki-client.org