Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/L2xMVNUM0bN1PUxxRd0q93Qj54k.roa
File:                     L2xMVNUM0bN1PUxxRd0q93Qj54k.roa (raw, json)
Hash identifier:          YVRsq/C9uXKeKPZgu2bn2MEETIY7tqqx/8ImXb0wNjE=
Subject key identifier:   2F:6C:4C:54:D5:0C:D1:B3:75:3D:4C:71:45:DD:2A:F7:74:23:E7:89
Certificate issuer:       /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial:       018571154F8484AE9D498FE08E2B21C2D3B3
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/L2xMVNUM0bN1PUxxRd0q93Qj54k.roa
Signing time:             Mon 02 Jan 2023 06:05:00 +0000
ROA not before:           Mon 02 Jan 2023 06:05:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43153
IP address blocks:        85.219.208.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:15:4f:84:84:ae:9d:49:8f:e0:8e:2b:21:c2:d3:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
        Validity
            Not Before: Jan  2 06:05:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2f6c4c54d50cd1b3753d4c7145dd2af77423e789
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:4d:d0:e9:f6:d1:c6:a2:46:75:7e:33:51:ef:
                    6d:5c:f6:19:b2:15:15:c6:06:b5:5f:5b:74:40:fc:
                    c8:1d:8d:5c:be:76:14:27:d2:c8:f4:9b:5a:8b:f5:
                    e4:8a:41:10:7b:bd:c3:74:07:48:5c:59:39:14:ee:
                    1f:b9:9b:b0:ed:82:69:cf:d0:ad:c4:59:66:d3:be:
                    b1:ed:8f:11:c5:fd:a2:33:23:6c:1b:7d:0e:64:c8:
                    42:91:b8:c7:d9:f6:40:77:7f:6d:fc:ab:1a:d4:dd:
                    33:fe:db:4b:d0:3b:86:ac:ee:cb:2d:d0:46:39:e6:
                    22:59:ad:ac:50:b9:8e:a8:64:ed:da:7a:fe:49:e2:
                    f6:4b:8e:47:67:fd:cd:24:04:53:e5:28:dc:49:97:
                    c5:7a:4e:e6:f6:28:88:2a:ae:e2:9c:05:26:c7:66:
                    6f:51:65:09:e8:21:ac:80:16:5a:eb:a4:a9:9d:be:
                    69:0e:48:72:b5:32:bd:02:3c:38:72:b2:32:36:b4:
                    e3:0f:09:22:7e:4d:1f:ca:fc:e4:0e:eb:fb:45:ea:
                    48:52:1b:6d:ac:13:60:79:aa:8d:85:52:c5:da:11:
                    70:72:fc:fd:4b:01:49:29:40:83:ca:1e:72:d5:f9:
                    cd:6a:d0:43:9e:df:e9:5a:fd:53:23:19:c0:9d:2e:
                    19:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:6C:4C:54:D5:0C:D1:B3:75:3D:4C:71:45:DD:2A:F7:74:23:E7:89
            X509v3 Authority Key Identifier:
                keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/L2xMVNUM0bN1PUxxRd0q93Qj54k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.219.208.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6a:57:03:ea:43:a8:d7:21:b1:25:76:f3:22:0b:2d:75:0b:8b:
         84:4f:ff:4e:0e:31:eb:06:c7:81:72:75:2b:ad:47:91:92:b3:
         00:3c:b2:79:07:39:90:fd:92:3e:54:0b:04:e9:41:42:10:0c:
         88:95:bc:3d:3f:f4:89:71:f4:97:e1:a6:4d:9f:cf:45:2c:20:
         97:78:a7:cf:c1:36:6b:94:f4:0a:4a:75:cf:68:c2:4e:ac:27:
         20:04:d7:36:8c:ec:c6:f1:e6:b4:6a:57:52:f4:45:f1:2a:2f:
         41:8c:a7:2b:d7:20:25:8d:8c:7e:69:8c:56:4c:4d:c1:c1:f5:
         98:d6:ab:67:f0:af:26:02:4b:2c:15:b4:94:15:a9:bd:30:30:
         52:2b:f5:97:9e:a8:a2:a6:a5:af:b0:91:c8:eb:79:c1:32:c0:
         1d:32:52:72:4b:65:39:c8:45:aa:c3:69:31:b7:87:93:c8:52:
         68:3c:9c:3b:57:0c:16:60:d7:58:8a:ac:3c:31:d9:4f:42:11:
         b5:60:be:24:79:b5:f4:c0:01:cb:08:a2:86:e6:95:8c:ce:fd:
         cb:65:59:dc:67:32:0b:43:02:ad:d0:fe:8d:00:51:92:3a:c3:
         11:ec:ad:9a:61:80:04:61:08:a7:ca:1e:51:02:42:9c:54:cb:
         de:23:37:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFU+EhK6dSY/gjishwtOzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwMTAyMDYwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjZjNGM1NGQ1MGNkMWIzNzUzZDRjNzE0NWRkMmFmNzc0MjNlNzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuU3Q6fbRxqJGdX4zUe9tXPYZshUV
xga1X1t0QPzIHY1cvnYUJ9LI9Jtai/XkikEQe73DdAdIXFk5FO4fuZuw7YJpz9Ct
xFlm076x7Y8Rxf2iMyNsG30OZMhCkbjH2fZAd39t/Ksa1N0z/ttL0DuGrO7LLdBG
OeYiWa2sULmOqGTt2nr+SeL2S45HZ/3NJART5SjcSZfFek7m9iiIKq7inAUmx2Zv
UWUJ6CGsgBZa66Spnb5pDkhytTK9Ajw4crIyNrTjDwkifk0fyvzkDuv7RepIUhtt
rBNgeaqNhVLF2hFwcvz9SwFJKUCDyh5y1fnNatBDnt/pWv1TIxnAnS4ZSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC9sTFTVDNGzdT1McUXdKvd0I+eJMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvTDJ4TVZOVU0wYk4xUFV4eFJkMHE5M1FqNTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVdvQMA0G
CSqGSIb3DQEBCwUAA4IBAQBqVwPqQ6jXIbEldvMiCy11C4uET/9ODjHrBseBcnUr
rUeRkrMAPLJ5BzmQ/ZI+VAsE6UFCEAyIlbw9P/SJcfSX4aZNn89FLCCXeKfPwTZr
lPQKSnXPaMJOrCcgBNc2jOzG8ea0aldS9EXxKi9BjKcr1yAljYx+aYxWTE3BwfWY
1qtn8K8mAkssFbSUFam9MDBSK/WXnqiipqWvsJHI63nBMsAdMlJyS2U5yEWqw2kx
t4eTyFJoPJw7VwwWYNdYiqw8MdlPQhG1YL4kebX0wAHLCKKG5pWMzv3LZVncZzIL
QwKt0P6NAFGSOsMR7K2aYYAEYQinyh5RAkKcVMveIzfh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:01 2024 by rpki-client on console-fra.rpki-client.org