Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/6ef23e-99ba-4c69-92e3-6bb7080409b4/1/rOMIfTdduXjftcfsIcVudMdvGEU.roa
File:                     rOMIfTdduXjftcfsIcVudMdvGEU.roa (raw, json)
Hash identifier:          Ty3xLw/bD4UlvXIVwmXmnn9UWhwR4xwJRpum8J5anfc=
Subject key identifier:   AC:E3:08:7D:37:5D:B9:78:DF:B5:C7:EC:21:C5:6E:74:C7:6F:18:45
Certificate issuer:       /CN=4fb3a8a4a0d8c5ae01a9695b041ed2c6d0296a9e
Certificate serial:       01856B40F9FB5A0C1BDF4A8B6D4872148B45
Authority key identifier: 4F:B3:A8:A4:A0:D8:C5:AE:01:A9:69:5B:04:1E:D2:C6:D0:29:6A:9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T7OopKDYxa4BqWlbBB7SxtApap4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/6ef23e-99ba-4c69-92e3-6bb7080409b4/1/rOMIfTdduXjftcfsIcVudMdvGEU.roa
Signing time:             Sun 01 Jan 2023 02:54:58 +0000
ROA not before:           Sun 01 Jan 2023 02:54:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209856
IP address blocks:        176.124.59.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:40:f9:fb:5a:0c:1b:df:4a:8b:6d:48:72:14:8b:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fb3a8a4a0d8c5ae01a9695b041ed2c6d0296a9e
        Validity
            Not Before: Jan  1 02:54:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ace3087d375db978dfb5c7ec21c56e74c76f1845
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:6b:a9:94:6e:b9:a6:4c:4e:c4:82:ea:c3:9a:
                    b3:5d:97:50:92:37:49:1a:0b:81:97:6f:5b:13:02:
                    0a:81:cc:a5:5a:c9:a4:07:54:aa:72:f9:3c:78:55:
                    28:0f:ab:e6:d9:19:4b:0f:56:77:cf:c6:bb:36:18:
                    78:c1:26:00:eb:98:d7:a5:f1:8d:e7:32:c6:16:4c:
                    9e:2a:0b:da:1d:bb:e6:ba:b9:27:ed:78:6e:f7:7e:
                    a3:2c:2e:06:e1:20:ea:d0:c8:f0:03:59:da:33:0c:
                    8a:e3:d7:28:16:1d:12:84:98:e1:55:e1:c2:20:4c:
                    48:b7:f7:40:79:d8:55:00:b7:14:c9:a5:3d:93:4d:
                    c7:dd:5c:58:03:f7:eb:14:a6:d7:7e:92:75:e3:6b:
                    7e:0d:a9:27:36:18:20:50:01:2c:dd:cb:9d:7a:c5:
                    94:01:bd:38:26:13:21:e7:88:65:ee:d8:96:1e:41:
                    50:dc:20:b9:8a:bb:94:6a:7f:13:20:6b:16:77:fc:
                    2f:35:69:8a:22:99:70:4d:18:12:6d:33:17:79:67:
                    36:1d:b1:12:63:01:61:d9:01:a0:1c:b6:b3:89:19:
                    fc:ec:04:22:7f:9e:ed:ef:06:29:d3:72:b5:a7:e3:
                    10:e3:c7:f3:cd:ef:d8:8a:99:59:d0:f1:5c:f1:3e:
                    30:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:E3:08:7D:37:5D:B9:78:DF:B5:C7:EC:21:C5:6E:74:C7:6F:18:45
            X509v3 Authority Key Identifier:
                keyid:4F:B3:A8:A4:A0:D8:C5:AE:01:A9:69:5B:04:1E:D2:C6:D0:29:6A:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T7OopKDYxa4BqWlbBB7SxtApap4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/6ef23e-99ba-4c69-92e3-6bb7080409b4/1/rOMIfTdduXjftcfsIcVudMdvGEU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/6ef23e-99ba-4c69-92e3-6bb7080409b4/1/T7OopKDYxa4BqWlbBB7SxtApap4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.124.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:4e:89:12:95:ad:79:13:84:d8:e6:9b:9a:c9:6d:43:86:01:
         ee:0c:f4:40:1c:32:a5:e8:d0:f6:c4:ee:86:0d:97:97:c9:d0:
         46:41:65:6c:16:3d:bb:46:b0:ff:24:3e:69:e4:d5:ba:a2:b8:
         98:c4:6f:76:1b:65:6d:dd:83:d0:9a:3e:65:6e:db:25:83:ed:
         2b:b1:49:d2:a1:e2:1e:3a:e5:a3:f3:4b:32:7e:91:be:4a:49:
         e3:79:3f:fc:27:fa:ab:38:bc:1c:22:06:c4:c7:6d:f7:9e:10:
         a0:03:c8:0e:16:b2:9f:f8:ed:51:f8:c5:f2:f6:55:34:68:f4:
         f8:cb:a3:4a:6a:05:92:eb:0f:0b:5a:98:31:be:a6:6f:28:b6:
         b0:3c:44:fd:28:39:a0:14:d1:a4:fd:1f:34:ff:ad:91:22:6c:
         a5:6d:51:be:65:d1:38:58:ff:75:69:cd:cb:de:d2:94:d4:a9:
         27:c8:65:b0:d0:a3:b2:76:e5:f7:b3:28:3c:53:93:66:8f:52:
         d1:41:11:e8:02:ae:96:78:83:11:06:47:ad:39:ed:82:f6:1e:
         95:9e:d2:15:ab:c0:9c:18:aa:ea:80:23:d3:d4:a4:20:77:ff:
         55:fd:e9:ba:41:2d:f8:27:c3:6b:13:67:5b:17:1a:bf:3d:23:
         85:34:7f:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrQPn7Wgwb30qLbUhyFItFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYjNhOGE0YTBkOGM1YWUwMWE5Njk1YjA0MWVkMmM2ZDAy
OTZhOWUwHhcNMjMwMTAxMDI1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2UzMDg3ZDM3NWRiOTc4ZGZiNWM3ZWMyMWM1NmU3NGM3NmYxODQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGuplG65pkxOxILqw5qzXZdQkjdJ
GguBl29bEwIKgcylWsmkB1Sqcvk8eFUoD6vm2RlLD1Z3z8a7Nhh4wSYA65jXpfGN
5zLGFkyeKgvaHbvmurkn7Xhu936jLC4G4SDq0MjwA1naMwyK49coFh0ShJjhVeHC
IExIt/dAedhVALcUyaU9k03H3VxYA/frFKbXfpJ142t+DaknNhggUAEs3cudesWU
Ab04JhMh54hl7tiWHkFQ3CC5iruUan8TIGsWd/wvNWmKIplwTRgSbTMXeWc2HbES
YwFh2QGgHLaziRn87AQif57t7wYp03K1p+MQ48fzze/YiplZ0PFc8T4wnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKzjCH03Xbl437XH7CHFbnTHbxhFMB8GA1UdIwQY
MBaAFE+zqKSg2MWuAalpWwQe0sbQKWqeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDdPb3BLRFl4YTRCcVdsYkJCN1N4dEFwYXA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi82ZWYyM2UtOTliYS00YzY5LTkyZTMt
NmJiNzA4MDQwOWI0LzEvck9NSWZUZGR1WGpmdGNmc0ljVnVkTWR2R0VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi82ZWYyM2UtOTliYS00YzY5LTkyZTMtNmJiNzA4MDQwOWI0
LzEvVDdPb3BLRFl4YTRCcVdsYkJCN1N4dEFwYXA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHw7MA0G
CSqGSIb3DQEBCwUAA4IBAQB+TokSla15E4TY5puayW1DhgHuDPRAHDKl6ND2xO6G
DZeXydBGQWVsFj27RrD/JD5p5NW6oriYxG92G2Vt3YPQmj5lbtslg+0rsUnSoeIe
OuWj80syfpG+SknjeT/8J/qrOLwcIgbEx233nhCgA8gOFrKf+O1R+MXy9lU0aPT4
y6NKagWS6w8LWpgxvqZvKLawPET9KDmgFNGk/R80/62RImylbVG+ZdE4WP91ac3L
3tKU1KknyGWw0KOyduX3syg8U5Nmj1LRQRHoAq6WeIMRBketOe2C9h6VntIVq8Cc
GKrqgCPT1KQgd/9V/em6QS34J8NrE2dbFxq/PSOFNH/h
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:57 2024 by rpki-client on console-ams.rpki-client.org