Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/NcPRpuS5iDX0kzAI4rtm1Ca2ZP0.roa
File:                     NcPRpuS5iDX0kzAI4rtm1Ca2ZP0.roa (raw, json)
Hash identifier:          AIVNxmfqz2cTxQ1d+7cC0Z2gJwZvBLRXmUggtkQ3Etw=
Subject key identifier:   35:C3:D1:A6:E4:B9:88:35:F4:93:30:08:E2:BB:66:D4:26:B6:64:FD
Certificate issuer:       /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial:       018571155ABEFA50A0C271B35C1A424B72E2
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/NcPRpuS5iDX0kzAI4rtm1Ca2ZP0.roa
Signing time:             Mon 02 Jan 2023 06:05:02 +0000
ROA not before:           Mon 02 Jan 2023 06:05:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201581
IP address blocks:        217.153.116.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:15:5a:be:fa:50:a0:c2:71:b3:5c:1a:42:4b:72:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
        Validity
            Not Before: Jan  2 06:05:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=35c3d1a6e4b98835f4933008e2bb66d426b664fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:1c:ad:71:6c:a2:c3:c7:96:66:6f:3e:3c:f9:
                    fc:ba:cf:2e:74:95:88:1e:b7:a5:8c:47:ba:fd:6c:
                    85:8c:69:47:91:15:e6:98:18:c6:e5:dd:69:72:5f:
                    de:f5:0c:00:91:eb:c9:39:1b:a2:50:eb:0d:e0:1f:
                    0e:b8:eb:35:5a:8c:98:0b:3a:27:7b:88:ef:46:93:
                    14:26:fd:d6:0e:ad:8d:d5:ae:a0:3d:bd:8c:c4:92:
                    46:4a:05:88:f3:ed:a0:d6:1f:7b:d4:14:3e:31:70:
                    6f:f9:a1:57:16:b2:54:8d:bf:17:99:73:9e:41:68:
                    4c:0d:61:aa:ec:f0:89:64:6d:e8:9b:37:56:5d:31:
                    b1:b8:93:8f:3d:b2:e0:f8:24:e1:51:96:23:b8:25:
                    b7:43:86:95:9c:93:47:6c:06:d1:69:b3:7b:d1:a6:
                    b6:ec:28:ff:4b:88:8d:c0:19:c3:01:d0:1c:e6:b7:
                    54:bf:cd:11:56:dd:5b:62:2e:8a:e5:95:fd:c4:bb:
                    c9:27:c0:9f:ff:d8:a1:8d:5c:ad:3c:28:0a:63:73:
                    2c:85:7a:6e:1c:c2:a1:b1:6d:be:fe:3e:31:c3:32:
                    60:cd:a4:5a:7b:39:08:fb:a4:fe:50:e6:5f:2c:c0:
                    05:51:ed:e9:59:d0:ef:ee:51:2e:50:c1:fa:96:59:
                    7c:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:C3:D1:A6:E4:B9:88:35:F4:93:30:08:E2:BB:66:D4:26:B6:64:FD
            X509v3 Authority Key Identifier:
                keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/NcPRpuS5iDX0kzAI4rtm1Ca2ZP0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.153.116.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:94:7a:c1:7e:23:fb:4a:0a:f5:7d:d8:be:73:12:8e:0e:af:
         c4:0a:97:08:96:8b:0d:67:91:ea:f7:37:b6:65:58:bc:3a:21:
         8d:96:0d:83:6c:e7:65:5a:ac:45:88:a7:e0:80:61:f8:1a:f1:
         ef:ea:36:4b:c3:5d:6e:cc:f3:1a:a9:28:3a:08:6e:81:35:c3:
         0d:0c:aa:a4:c0:d4:07:42:a4:a9:8c:cc:63:48:c7:f9:8b:9a:
         ae:83:87:34:8a:9f:dd:70:4f:58:d6:74:8e:c4:c7:34:43:e9:
         15:43:31:19:9a:93:bc:59:87:41:aa:6e:fd:75:8a:51:ab:8e:
         58:a4:34:8d:26:c1:39:83:e8:f1:3b:b2:b4:07:a2:2b:34:04:
         2f:4b:1a:76:b5:3f:81:19:c4:72:1b:7f:19:56:b9:ca:67:d8:
         5f:af:1d:12:5a:d0:ec:2e:1b:c8:db:d9:57:6a:44:fb:37:aa:
         87:12:11:cd:1f:28:38:9b:e4:35:4b:84:d1:c3:ae:51:4e:0a:
         18:74:7f:07:99:87:cd:c0:4c:f6:16:17:54:f7:ea:3c:9b:49:
         2c:0b:48:74:67:dc:fb:8e:eb:02:ba:bb:01:59:de:93:fe:ca:
         7c:42:8b:0d:69:04:37:fa:dd:f4:13:48:1d:16:65:84:f4:7f:
         9d:8a:6e:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFVq++lCgwnGzXBpCS3LiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwMTAyMDYwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWMzZDFhNmU0Yjk4ODM1ZjQ5MzMwMDhlMmJiNjZkNDI2YjY2NGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6RytcWyiw8eWZm8+PPn8us8udJWI
HreljEe6/WyFjGlHkRXmmBjG5d1pcl/e9QwAkevJORuiUOsN4B8OuOs1WoyYCzon
e4jvRpMUJv3WDq2N1a6gPb2MxJJGSgWI8+2g1h971BQ+MXBv+aFXFrJUjb8XmXOe
QWhMDWGq7PCJZG3omzdWXTGxuJOPPbLg+CThUZYjuCW3Q4aVnJNHbAbRabN70aa2
7Cj/S4iNwBnDAdAc5rdUv80RVt1bYi6K5ZX9xLvJJ8Cf/9ihjVytPCgKY3MshXpu
HMKhsW2+/j4xwzJgzaRaezkI+6T+UOZfLMAFUe3pWdDv7lEuUMH6lll8tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDXD0abkuYg19JMwCOK7ZtQmtmT9MB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvTmNQUnB1UzVpRFgwa3pBSTRydG0xQ2EyWlAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2Zl0MA0G
CSqGSIb3DQEBCwUAA4IBAQAMlHrBfiP7Sgr1fdi+cxKODq/ECpcIlosNZ5Hq9ze2
ZVi8OiGNlg2DbOdlWqxFiKfggGH4GvHv6jZLw11uzPMaqSg6CG6BNcMNDKqkwNQH
QqSpjMxjSMf5i5qug4c0ip/dcE9Y1nSOxMc0Q+kVQzEZmpO8WYdBqm79dYpRq45Y
pDSNJsE5g+jxO7K0B6IrNAQvSxp2tT+BGcRyG38ZVrnKZ9hfrx0SWtDsLhvI29lX
akT7N6qHEhHNHyg4m+Q1S4TRw65RTgoYdH8HmYfNwEz2FhdU9+o8m0ksC0h0Z9z7
jusCursBWd6T/sp8QosNaQQ3+t30E0gdFmWE9H+dim7+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:32 2024 by rpki-client on console-ams.rpki-client.org