Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/1CVyxdWhXd3hvtd0fHY9503goA8.roa
File:                     1CVyxdWhXd3hvtd0fHY9503goA8.roa (raw, json)
Hash identifier:          rWlDyWWrt9dbd8uO1agYZ47cpxKhsU7faAT+VDhg6Uo=
Subject key identifier:   D4:25:72:C5:D5:A1:5D:DD:E1:BE:D7:74:7C:76:3D:E7:4D:E0:A0:0F
Certificate issuer:       /CN=098b1c79bfae12a5b87f35c998bb60b3fa4e6621
Certificate serial:       01856CEF125744CF12E3BBFAA8A477DB8C70
Authority key identifier: 09:8B:1C:79:BF:AE:12:A5:B8:7F:35:C9:98:BB:60:B3:FA:4E:66:21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CYsceb-uEqW4fzXJmLtgs_pOZiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/1CVyxdWhXd3hvtd0fHY9503goA8.roa
Signing time:             Sun 01 Jan 2023 10:44:45 +0000
ROA not before:           Sun 01 Jan 2023 10:44:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16073
IP address blocks:        213.162.48.0/20 maxlen: 24

Validation:               Failed, certificate revoked on Tue 18 Jul 2023 09:24:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:ef:12:57:44:cf:12:e3:bb:fa:a8:a4:77:db:8c:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=098b1c79bfae12a5b87f35c998bb60b3fa4e6621
        Validity
            Not Before: Jan  1 10:44:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d42572c5d5a15ddde1bed7747c763de74de0a00f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:33:4d:0c:d8:cb:65:92:8b:e3:db:3b:f7:44:
                    fb:91:d5:49:96:d6:ab:3c:f1:3e:e4:6a:86:a5:d2:
                    81:c5:c9:c7:7c:db:c6:a1:f8:4b:59:54:7f:4f:dd:
                    a5:62:dc:e9:d5:2a:7e:82:0a:79:54:50:85:20:9f:
                    d4:03:ee:44:4a:6d:bd:f6:d7:f5:04:96:3a:4c:4b:
                    ea:e9:e1:84:fd:24:e3:0a:f5:bc:6c:de:f3:a7:78:
                    42:b5:32:93:95:0a:80:77:86:36:5c:d2:43:e4:48:
                    60:91:8e:c5:77:5c:59:d7:cb:66:88:06:d5:91:c1:
                    01:02:e7:4d:f2:bb:66:d0:9e:4b:4b:99:d1:53:63:
                    28:7c:c3:fa:21:e8:c6:b4:92:e3:e0:a2:5a:1f:06:
                    40:e0:0c:a5:19:c6:df:3d:e0:ef:1f:2c:2b:4a:e9:
                    33:cc:2a:dc:1d:85:ff:79:7c:5f:68:1c:42:3f:24:
                    63:5f:c1:f7:26:ae:c1:d0:89:fb:22:ae:11:c2:e3:
                    98:4d:25:5c:a3:86:1e:1b:57:bd:ee:e5:be:a8:51:
                    43:a0:74:9b:3c:c4:74:29:0f:18:55:6e:cb:a4:51:
                    07:70:e3:09:28:74:73:4e:f3:cb:83:52:14:33:4b:
                    d0:f0:1f:99:a7:14:e4:75:9a:68:9a:a2:0f:d7:cc:
                    6a:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:25:72:C5:D5:A1:5D:DD:E1:BE:D7:74:7C:76:3D:E7:4D:E0:A0:0F
            X509v3 Authority Key Identifier:
                keyid:09:8B:1C:79:BF:AE:12:A5:B8:7F:35:C9:98:BB:60:B3:FA:4E:66:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CYsceb-uEqW4fzXJmLtgs_pOZiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/1CVyxdWhXd3hvtd0fHY9503goA8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/CYsceb-uEqW4fzXJmLtgs_pOZiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.162.48.0/20

    Signature Algorithm: sha256WithRSAEncryption
         73:d9:41:db:3c:9e:b1:00:bd:6e:55:21:96:87:32:b6:6f:76:
         56:7c:3d:89:95:20:00:3c:6e:a3:64:62:a9:d5:77:7e:6a:4e:
         04:11:0a:b0:eb:5b:6a:30:ed:c5:36:2b:97:7c:f0:bf:30:b3:
         f0:52:bc:95:2e:d9:bf:6e:0d:2e:9d:56:bb:64:74:13:2b:14:
         7d:d0:30:5a:98:3c:63:5b:1c:01:9a:ae:84:d6:aa:20:95:d3:
         27:98:59:90:50:fc:0c:bb:f5:5a:e4:56:48:c9:51:3a:0b:82:
         ce:02:3c:4f:ab:d3:df:4c:f3:98:7e:f2:9b:c3:b6:4d:d8:aa:
         5f:70:90:a5:87:c5:9e:9b:83:16:a5:3c:97:43:27:5e:97:7a:
         be:9a:d0:aa:ca:bd:03:f5:40:ce:fd:3c:0c:83:0e:5d:9c:50:
         48:bf:f1:47:ec:26:d5:f2:df:3c:0e:46:f1:b2:2e:65:1d:93:
         3f:8a:ef:64:39:35:f8:b4:09:56:be:38:38:cd:b9:72:10:21:
         fb:9d:3f:b0:f2:85:1b:be:39:84:fb:ff:4b:7d:c9:ed:b7:cc:
         cc:d4:45:93:8e:40:aa:8d:63:a3:0e:af:dd:d5:a7:ee:d2:b7:
         ab:65:d0:83:34:ee:0c:d5:d9:32:6a:7e:e4:a5:b7:fa:fc:45:
         73:c4:c2:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs7xJXRM8S47v6qKR324xwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGIxYzc5YmZhZTEyYTViODdmMzVjOTk4YmI2MGIzZmE0
ZTY2MjEwHhcNMjMwMTAxMTA0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDI1NzJjNWQ1YTE1ZGRkZTFiZWQ3NzQ3Yzc2M2RlNzRkZTBhMDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTNNDNjLZZKL49s790T7kdVJltar
PPE+5GqGpdKBxcnHfNvGofhLWVR/T92lYtzp1Sp+ggp5VFCFIJ/UA+5ESm299tf1
BJY6TEvq6eGE/STjCvW8bN7zp3hCtTKTlQqAd4Y2XNJD5EhgkY7Fd1xZ18tmiAbV
kcEBAudN8rtm0J5LS5nRU2MofMP6IejGtJLj4KJaHwZA4AylGcbfPeDvHywrSukz
zCrcHYX/eXxfaBxCPyRjX8H3Jq7B0In7Iq4RwuOYTSVco4YeG1e97uW+qFFDoHSb
PMR0KQ8YVW7LpFEHcOMJKHRzTvPLg1IUM0vQ8B+ZpxTkdZpomqIP18xq2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNQlcsXVoV3d4b7XdHx2PedN4KAPMB8GA1UdIwQY
MBaAFAmLHHm/rhKluH81yZi7YLP6TmYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1lzY2ViLXVFcVc0ZnpYSm1MdGdzX3BPWmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC84ZGIwMDItOTA4MC00ZjBiLTg0NWIt
OWI3YzQ0ZGMxOTNiLzEvMUNWeXhkV2hYZDNodnRkMGZIWTk1MDNnb0E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC84ZGIwMDItOTA4MC00ZjBiLTg0NWItOWI3YzQ0ZGMxOTNi
LzEvQ1lzY2ViLXVFcVc0ZnpYSm1MdGdzX3BPWmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE1aIwMA0G
CSqGSIb3DQEBCwUAA4IBAQBz2UHbPJ6xAL1uVSGWhzK2b3ZWfD2JlSAAPG6jZGKp
1Xd+ak4EEQqw61tqMO3FNiuXfPC/MLPwUryVLtm/bg0unVa7ZHQTKxR90DBamDxj
WxwBmq6E1qogldMnmFmQUPwMu/Va5FZIyVE6C4LOAjxPq9PfTPOYfvKbw7ZN2Kpf
cJClh8Wem4MWpTyXQydel3q+mtCqyr0D9UDO/TwMgw5dnFBIv/FH7CbV8t88Dkbx
si5lHZM/iu9kOTX4tAlWvjg4zblyECH7nT+w8oUbvjmE+/9Lfcntt8zM1EWTjkCq
jWOjDq/d1afu0rerZdCDNO4M1dkyan7kpbf6/EVzxMKd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:59 2024 by rpki-client on console-fra.rpki-client.org