Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/l8R_EWaWy2SdKG3qUJdqpSIshgQ.roa
File:                     l8R_EWaWy2SdKG3qUJdqpSIshgQ.roa (raw, json)
Hash identifier:          3nvqN08TzVPe2byqm6GF/Nu40+p9Efk8mg9lIKMtWZ0=
Subject key identifier:   97:C4:7F:11:66:96:CB:64:9D:28:6D:EA:50:97:6A:A5:22:2C:86:04
Certificate issuer:       /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial:       01857115548DCC95497F9D9D9C432B95C867
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/l8R_EWaWy2SdKG3qUJdqpSIshgQ.roa
Signing time:             Mon 02 Jan 2023 06:05:01 +0000
ROA not before:           Mon 02 Jan 2023 06:05:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198216
IP address blocks:        157.25.68.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:15:54:8d:cc:95:49:7f:9d:9d:9c:43:2b:95:c8:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
        Validity
            Not Before: Jan  2 06:05:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=97c47f116696cb649d286dea50976aa5222c8604
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:d1:39:02:b4:96:0d:0f:65:0e:c6:e9:74:af:
                    77:f9:78:b2:29:cf:d5:20:c0:28:8f:1c:6f:0b:6c:
                    17:f1:2b:df:fa:30:55:9b:35:f5:cc:3b:28:6a:e6:
                    f9:e0:de:65:df:ce:fa:dc:c8:bf:39:b6:07:85:25:
                    d0:6c:e1:2c:d8:22:8c:83:60:d5:2a:cf:80:a8:d7:
                    b9:67:86:50:ce:94:56:33:21:e6:bb:3f:67:ba:b7:
                    d6:31:3d:30:c1:33:21:34:80:0f:f0:2f:c8:cb:43:
                    35:3b:93:49:de:98:1c:8c:93:4f:72:f2:14:2a:30:
                    e9:23:6d:cc:7b:2f:45:37:81:9c:5a:4e:6e:2d:22:
                    27:98:9c:d8:d6:1b:ba:45:0a:03:d0:c2:f1:4f:7f:
                    58:9f:44:49:94:08:f8:bf:12:b7:cd:10:b4:c0:47:
                    76:6a:5d:91:4c:79:b0:0d:89:4b:70:be:d0:4a:f3:
                    32:b1:c6:40:71:11:8e:09:b3:33:5c:71:50:71:87:
                    9c:b6:59:de:98:fc:73:77:62:5a:0f:5f:02:f7:96:
                    e8:42:56:1d:c1:83:48:12:7c:96:d4:59:d0:6c:55:
                    79:42:71:12:53:9a:96:69:8a:8c:e5:60:a1:bf:8f:
                    bf:e2:44:83:40:9e:59:7b:c4:43:31:b3:33:87:3b:
                    c7:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:C4:7F:11:66:96:CB:64:9D:28:6D:EA:50:97:6A:A5:22:2C:86:04
            X509v3 Authority Key Identifier:
                keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/l8R_EWaWy2SdKG3qUJdqpSIshgQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.25.68.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:3c:6e:c2:26:a1:0e:97:00:57:76:0a:3d:8a:be:eb:d1:80:
         73:87:a0:34:55:d1:79:06:2d:c2:d9:11:75:81:f6:cb:b2:b3:
         a3:84:b0:ba:0c:d1:d7:59:00:60:f9:45:ea:a2:6d:be:fd:0e:
         6e:93:37:aa:98:98:b5:66:a5:54:29:22:d7:06:05:de:b4:94:
         32:6a:cc:ef:e1:84:37:2a:63:f0:f7:14:3a:53:54:e5:8e:7a:
         05:1d:f9:a9:4b:84:1d:65:83:a7:80:16:51:36:5f:06:d8:ee:
         b4:04:75:20:7e:9d:58:1f:3c:53:0f:14:20:64:9f:e0:59:a4:
         37:85:92:5d:eb:6f:fb:6b:50:cc:66:15:27:3e:67:40:26:76:
         27:1b:28:3f:b1:ee:f3:df:b1:9a:8f:26:9a:e6:72:7e:ae:e5:
         c9:aa:75:87:47:fb:ec:96:1c:a2:7e:62:0d:d6:6f:3d:9a:03:
         95:71:01:61:d8:bc:e3:22:1e:0c:49:26:6d:9b:ed:a3:e3:2e:
         2b:42:5c:0b:ce:8f:4e:a3:8e:56:4b:59:f2:6a:f3:32:ed:c0:
         1a:ff:5d:dd:e9:aa:fc:c5:fb:34:8a:e2:35:6d:e4:8e:33:52:
         be:5b:b5:80:ef:d7:57:5f:d4:ba:bd:49:64:27:c8:3f:ca:5f:
         0a:8d:0b:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFVSNzJVJf52dnEMrlchnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwMTAyMDYwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2M0N2YxMTY2OTZjYjY0OWQyODZkZWE1MDk3NmFhNTIyMmM4NjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdE5ArSWDQ9lDsbpdK93+XiyKc/V
IMAojxxvC2wX8Svf+jBVmzX1zDsoaub54N5l38763Mi/ObYHhSXQbOEs2CKMg2DV
Ks+AqNe5Z4ZQzpRWMyHmuz9nurfWMT0wwTMhNIAP8C/Iy0M1O5NJ3pgcjJNPcvIU
KjDpI23Mey9FN4GcWk5uLSInmJzY1hu6RQoD0MLxT39Yn0RJlAj4vxK3zRC0wEd2
al2RTHmwDYlLcL7QSvMyscZAcRGOCbMzXHFQcYectlnemPxzd2JaD18C95boQlYd
wYNIEnyW1FnQbFV5QnESU5qWaYqM5WChv4+/4kSDQJ5Ze8RDMbMzhzvHjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJfEfxFmlstknSht6lCXaqUiLIYEMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvbDhSX0VXYVd5MlNkS0czcVVKZHFwU0lzaGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRlEMA0G
CSqGSIb3DQEBCwUAA4IBAQAJPG7CJqEOlwBXdgo9ir7r0YBzh6A0VdF5Bi3C2RF1
gfbLsrOjhLC6DNHXWQBg+UXqom2+/Q5ukzeqmJi1ZqVUKSLXBgXetJQyaszv4YQ3
KmPw9xQ6U1TljnoFHfmpS4QdZYOngBZRNl8G2O60BHUgfp1YHzxTDxQgZJ/gWaQ3
hZJd62/7a1DMZhUnPmdAJnYnGyg/se7z37Gajyaa5nJ+ruXJqnWHR/vslhyifmIN
1m89mgOVcQFh2LzjIh4MSSZtm+2j4y4rQlwLzo9Oo45WS1nyavMy7cAa/13d6ar8
xfs0iuI1beSOM1K+W7WA79dXX9S6vUlkJ8g/yl8KjQvi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:32 2024 by rpki-client on console-ams.rpki-client.org