Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/vS1CWu4fHMi6bmebHrEuyGKPTc4.roa
File:                     vS1CWu4fHMi6bmebHrEuyGKPTc4.roa (raw, json)
Hash identifier:          rTdPqGd01doR37IKE/w/KfrpU3A8mFV80AEP263ySEY=
Subject key identifier:   BD:2D:42:5A:EE:1F:1C:C8:BA:6E:67:9B:1E:B1:2E:C8:62:8F:4D:CE
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018C8314C8340FDA3C1BE02D700A17CF5AFD
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/vS1CWu4fHMi6bmebHrEuyGKPTc4.roa
Signing time:             Tue 19 Dec 2023 17:17:06 +0000
ROA not before:           Tue 19 Dec 2023 17:17:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14080
IP address blocks:        78.142.241.0/24 maxlen: 24
                          2a10:7404::/32 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:83:14:c8:34:0f:da:3c:1b:e0:2d:70:0a:17:cf:5a:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Dec 19 17:17:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bd2d425aee1f1cc8ba6e679b1eb12ec8628f4dce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:68:cc:fb:0d:ee:71:08:21:14:8e:f1:6c:a1:
                    bb:c5:6e:08:a0:40:2f:0f:33:89:a6:fa:4c:de:ea:
                    5c:a7:ce:de:98:bd:07:db:86:ba:f2:03:a8:31:a7:
                    27:54:b2:ec:0b:99:db:46:3d:2c:52:b8:74:f1:b1:
                    65:03:97:bc:5c:25:87:0f:2b:b9:92:83:bd:d6:5f:
                    e0:c3:b3:70:00:9b:93:fb:d5:f6:aa:e7:fd:1e:f2:
                    26:35:8e:66:54:48:ec:f0:6a:a1:2a:dd:46:7e:85:
                    38:9b:a0:57:31:2a:ad:1c:44:d6:f3:f6:f4:18:4a:
                    1c:38:fa:bf:1e:49:ab:b4:1e:a5:9d:a8:40:fd:c2:
                    ee:af:93:fc:c3:37:a1:a7:82:4a:19:47:6f:cd:ca:
                    42:ab:b9:ae:92:7f:91:f2:ee:59:7a:77:e8:3b:8e:
                    fa:9f:50:86:ae:a8:b6:03:11:4b:6d:ef:29:dc:5d:
                    4b:70:3b:1c:f4:77:c6:a0:5c:f7:76:97:b6:c9:9b:
                    57:39:73:63:f1:c2:20:2c:d8:44:f2:f3:3e:87:e6:
                    ea:4b:59:4b:0a:f2:ef:43:f9:27:2f:db:26:1f:7b:
                    b9:14:56:98:d4:92:52:20:e3:9b:f3:2a:b5:b8:60:
                    77:e0:a5:b7:2f:44:01:b5:b5:b7:31:bd:ab:4c:ff:
                    07:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:2D:42:5A:EE:1F:1C:C8:BA:6E:67:9B:1E:B1:2E:C8:62:8F:4D:CE
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/vS1CWu4fHMi6bmebHrEuyGKPTc4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.142.241.0/24
                IPv6:
                  2a10:7404::/32

    Signature Algorithm: sha256WithRSAEncryption
         3d:b8:67:50:4e:bf:74:61:ca:8a:e7:57:af:fe:de:3a:0e:7e:
         e6:81:44:1f:5f:30:ca:3f:cb:e7:11:ed:08:f5:ee:0d:f6:6f:
         20:9e:27:b4:50:8f:f8:b2:5e:19:bd:b8:3f:d3:10:83:9d:bb:
         c1:b9:47:85:36:44:a1:b0:d0:4f:f4:74:96:37:ba:d8:be:c2:
         0f:d6:c5:84:d1:6b:e5:58:ac:35:27:d7:c1:7c:2d:fd:d9:7a:
         9f:b2:3e:b9:0d:89:ce:88:33:e0:4e:3f:ea:08:a4:1c:2f:e6:
         b0:99:d6:5d:2f:ee:d6:98:9c:42:1c:26:26:5a:ba:89:19:14:
         f0:be:b5:2b:de:53:ef:44:dc:ec:71:ed:ba:f4:e6:39:3c:ca:
         ff:e7:ac:2b:55:b1:56:f4:b2:e9:ad:52:67:e5:78:d2:d3:3a:
         cd:13:79:34:3c:2a:d7:8a:de:85:29:e0:01:a1:76:2a:57:a3:
         6c:81:ea:fb:3e:cb:30:b9:5d:2e:cd:99:e5:0f:dd:a8:ca:d2:
         69:6b:a2:e0:60:4c:7e:75:1b:57:db:78:43:7a:40:5a:8d:6c:
         43:4b:90:32:52:9b:a1:e6:56:11:7f:31:4f:2a:44:d0:f2:59:
         4c:fd:8a:cf:5f:41:65:40:14:c6:1e:f9:b6:22:6b:64:10:ed:
         76:84:85:a9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYyDFMg0D9o8G+AtcAoXz1r9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMjE5MTcxNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDJkNDI1YWVlMWYxY2M4YmE2ZTY3OWIxZWIxMmVjODYyOGY0ZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWjM+w3ucQghFI7xbKG7xW4IoEAv
DzOJpvpM3upcp87emL0H24a68gOoMacnVLLsC5nbRj0sUrh08bFlA5e8XCWHDyu5
koO91l/gw7NwAJuT+9X2quf9HvImNY5mVEjs8GqhKt1GfoU4m6BXMSqtHETW8/b0
GEocOPq/HkmrtB6lnahA/cLur5P8wzehp4JKGUdvzcpCq7mukn+R8u5ZenfoO476
n1CGrqi2AxFLbe8p3F1LcDsc9HfGoFz3dpe2yZtXOXNj8cIgLNhE8vM+h+bqS1lL
CvLvQ/knL9smH3u5FFaY1JJSIOOb8yq1uGB34KW3L0QBtbW3Mb2rTP8H6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL0tQlruHxzIum5nmx6xLshij03OMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdlMxQ1d1NGZITWk2Ym1lYkhyRXV5R0tQVGM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQATo7xMA0E
AgACMAcDBQAqEHQEMA0GCSqGSIb3DQEBCwUAA4IBAQA9uGdQTr90YcqK51ev/t46
Dn7mgUQfXzDKP8vnEe0I9e4N9m8gnie0UI/4sl4Zvbg/0xCDnbvBuUeFNkShsNBP
9HSWN7rYvsIP1sWE0WvlWKw1J9fBfC392Xqfsj65DYnOiDPgTj/qCKQcL+awmdZd
L+7WmJxCHCYmWrqJGRTwvrUr3lPvRNzsce269OY5PMr/56wrVbFW9LLprVJn5XjS
0zrNE3k0PCrXit6FKeABoXYqV6Nsger7PsswuV0uzZnlD92oytJpa6LgYEx+dRtX
23hDekBajWxDS5AyUpuh5lYRfzFPKkTQ8llM/YrPX0FlQBTGHvm2ImtkEO12hIWp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:14 2024 by rpki-client on console-ams.rpki-client.org