Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/ce762b-dceb-4d5f-b1fb-77329a7e7dfe/1/y6OfGeW74BzNCXI-2cW9tA3VI-E.roa
File:                     y6OfGeW74BzNCXI-2cW9tA3VI-E.roa (raw, json)
Hash identifier:          8gxdbTO9HfDdII9XTCV10H1fi9psN/bPQ74voo3boyM=
Subject key identifier:   CB:A3:9F:19:E5:BB:E0:1C:CD:09:72:3E:D9:C5:BD:B4:0D:D5:23:E1
Certificate issuer:       /CN=3ed23945ff7561ee99d2e278e7388d045fadd314
Certificate serial:       018B8EC1ED8EDFC006B3BD5136C5016AE585
Authority key identifier: 3E:D2:39:45:FF:75:61:EE:99:D2:E2:78:E7:38:8D:04:5F:AD:D3:14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PtI5Rf91Ye6Z0uJ45ziNBF-t0xQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/ce762b-dceb-4d5f-b1fb-77329a7e7dfe/1/y6OfGeW74BzNCXI-2cW9tA3VI-E.roa
Signing time:             Thu 02 Nov 2023 06:39:15 +0000
ROA not before:           Thu 02 Nov 2023 06:39:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1741
IP address blocks:        157.24.0.0/16 maxlen: 16

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:29:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:8e:c1:ed:8e:df:c0:06:b3:bd:51:36:c5:01:6a:e5:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ed23945ff7561ee99d2e278e7388d045fadd314
        Validity
            Not Before: Nov  2 06:39:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cba39f19e5bbe01ccd09723ed9c5bdb40dd523e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:c0:c7:f7:51:ec:89:f9:67:f6:fd:41:36:ab:
                    33:5c:92:55:3e:4d:ab:a8:0c:23:67:4a:06:74:bd:
                    ef:a3:e1:8d:7b:04:0a:65:ee:13:6f:89:eb:6a:6a:
                    27:e7:d6:29:45:48:7f:02:a8:18:f7:9a:c8:7e:87:
                    83:4c:ee:b6:b1:fd:b1:86:45:1c:68:9e:5f:cb:df:
                    d8:7b:fc:3f:06:01:3d:00:5b:2b:26:51:2a:33:f9:
                    f8:61:67:b1:17:39:28:dd:80:54:cb:ef:61:d7:43:
                    86:16:82:05:a7:af:6f:9c:8b:3b:8f:f3:4e:2b:0b:
                    cb:a2:ec:ad:45:49:f5:97:84:7c:77:7b:42:7c:ec:
                    b2:30:63:44:e3:d8:1e:68:77:aa:25:eb:e3:8c:c8:
                    1c:6f:5e:1d:bf:9c:79:19:95:8b:14:eb:45:57:ff:
                    e7:89:d1:c3:df:04:86:6b:0a:86:0f:23:2e:05:88:
                    1b:9d:65:d6:2c:90:6f:7c:7f:75:4c:39:4f:b2:b5:
                    12:8a:39:1b:02:6c:0d:cc:6d:52:ed:73:ec:5f:24:
                    5c:8f:64:42:83:ec:16:b6:89:d2:d5:c4:28:a8:d6:
                    59:43:81:06:55:27:d2:ed:85:de:a7:c3:52:fb:c0:
                    8f:f0:c6:b2:00:91:74:f3:1e:69:0d:d4:20:a2:be:
                    bf:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:A3:9F:19:E5:BB:E0:1C:CD:09:72:3E:D9:C5:BD:B4:0D:D5:23:E1
            X509v3 Authority Key Identifier:
                keyid:3E:D2:39:45:FF:75:61:EE:99:D2:E2:78:E7:38:8D:04:5F:AD:D3:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PtI5Rf91Ye6Z0uJ45ziNBF-t0xQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ce762b-dceb-4d5f-b1fb-77329a7e7dfe/1/y6OfGeW74BzNCXI-2cW9tA3VI-E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ce762b-dceb-4d5f-b1fb-77329a7e7dfe/1/PtI5Rf91Ye6Z0uJ45ziNBF-t0xQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.24.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         5b:03:a4:d6:74:75:c0:7e:13:ed:07:cd:de:86:31:09:06:fb:
         88:ef:9b:05:91:08:11:55:d3:13:fe:e5:f6:e3:7b:d8:29:8c:
         dc:5d:78:ef:eb:b2:63:27:81:8c:36:70:98:2d:5b:d4:5b:96:
         2a:ad:04:3e:b3:b3:b6:51:9c:17:69:4c:5d:0c:b1:dc:e1:5a:
         41:73:fc:d6:78:73:12:aa:73:fd:18:ee:a5:c2:8b:dc:e1:53:
         5d:50:aa:cb:68:9e:3c:09:6d:a0:75:b3:5d:bc:8f:d9:ca:c9:
         6a:97:f3:52:9a:22:a3:25:f0:ab:62:9b:f7:bd:4f:f9:80:c1:
         0b:ba:6e:76:89:4d:31:47:81:4e:bb:d9:66:1a:65:24:d6:d5:
         7a:0f:62:48:77:dd:96:8a:a3:e2:ea:63:f7:20:86:75:a1:60:
         13:cb:c2:71:7a:8d:ea:02:55:ed:87:f4:24:82:f7:70:88:dc:
         b3:57:61:9c:b2:45:d3:04:b1:05:e5:19:31:07:e3:17:64:47:
         60:f9:69:44:10:fd:7e:3c:d9:c0:83:0c:38:83:34:55:56:18:
         c6:64:d6:c4:0c:13:1d:3a:db:0c:4c:b4:4d:ab:e0:8a:0d:2c:
         74:36:0d:88:7a:a8:b7:e8:a1:6d:42:42:b0:37:23:72:80:ac:
         b0:ce:4c:15
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYuOwe2O38AGs71RNsUBauWFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZDIzOTQ1ZmY3NTYxZWU5OWQyZTI3OGU3Mzg4ZDA0NWZh
ZGQzMTQwHhcNMjMxMTAyMDYzOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmEzOWYxOWU1YmJlMDFjY2QwOTcyM2VkOWM1YmRiNDBkZDUyM2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8DH91Hsifln9v1BNqszXJJVPk2r
qAwjZ0oGdL3vo+GNewQKZe4Tb4nramon59YpRUh/AqgY95rIfoeDTO62sf2xhkUc
aJ5fy9/Ye/w/BgE9AFsrJlEqM/n4YWexFzko3YBUy+9h10OGFoIFp69vnIs7j/NO
KwvLouytRUn1l4R8d3tCfOyyMGNE49geaHeqJevjjMgcb14dv5x5GZWLFOtFV//n
idHD3wSGawqGDyMuBYgbnWXWLJBvfH91TDlPsrUSijkbAmwNzG1S7XPsXyRcj2RC
g+wWtonS1cQoqNZZQ4EGVSfS7YXep8NS+8CP8MayAJF08x5pDdQgor6/HQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFMujnxnlu+AczQlyPtnFvbQN1SPhMB8GA1UdIwQY
MBaAFD7SOUX/dWHumdLieOc4jQRfrdMUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHRJNVJmOTFZZTZaMHVKNDV6aU5CRi10MHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9jZTc2MmItZGNlYi00ZDVmLWIxZmIt
NzczMjlhN2U3ZGZlLzEveTZPZkdlVzc0QnpOQ1hJLTJjVzl0QTNWSS1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9jZTc2MmItZGNlYi00ZDVmLWIxZmItNzczMjlhN2U3ZGZl
LzEvUHRJNVJmOTFZZTZaMHVKNDV6aU5CRi10MHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAnRgwDQYJ
KoZIhvcNAQELBQADggEBAFsDpNZ0dcB+E+0Hzd6GMQkG+4jvmwWRCBFV0xP+5fbj
e9gpjNxdeO/rsmMngYw2cJgtW9RbliqtBD6zs7ZRnBdpTF0MsdzhWkFz/NZ4cxKq
c/0Y7qXCi9zhU11QqstonjwJbaB1s128j9nKyWqX81KaIqMl8Ktim/e9T/mAwQu6
bnaJTTFHgU672WYaZSTW1XoPYkh33ZaKo+LqY/cghnWhYBPLwnF6jeoCVe2H9CSC
93CI3LNXYZyyRdMEsQXlGTEH4xdkR2D5aUQQ/X482cCDDDiDNFVWGMZk1sQMEx06
2wxMtE2r4IoNLHQ2DYh6qLfooW1CQrA3I3KArLDOTBU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:37 2024 by rpki-client on console-fra.rpki-client.org