Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/7Aik4q4jRaP7fL-OXKf3H8KWKkk.roa
File:                     7Aik4q4jRaP7fL-OXKf3H8KWKkk.roa (raw, json)
Hash identifier:          /rPkQgZn504/m8dtcjCZXyfnFH66WsRrfkGC+3euK50=
Subject key identifier:   EC:08:A4:E2:AE:23:45:A3:FB:7C:BF:8E:5C:A7:F7:1F:C2:96:2A:49
Certificate issuer:       /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial:       01856ED4D6EE4AF083FA7CC6243B0ADCC29A
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/7Aik4q4jRaP7fL-OXKf3H8KWKkk.roa
Signing time:             Sun 01 Jan 2023 19:35:20 +0000
ROA not before:           Sun 01 Jan 2023 19:35:20 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211975
IP address blocks:        141.98.139.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 17 Mar 2023 12:35:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d4:d6:ee:4a:f0:83:fa:7c:c6:24:3b:0a:dc:c2:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
        Validity
            Not Before: Jan  1 19:35:20 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ec08a4e2ae2345a3fb7cbf8e5ca7f71fc2962a49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:13:1a:47:cd:7b:5c:90:3d:3e:82:45:31:71:
                    99:7b:42:8d:01:0b:f7:02:e1:38:6d:6d:10:1c:7d:
                    2b:9f:5d:2a:fa:a5:03:e7:8f:de:78:44:68:e0:38:
                    78:43:d4:23:2c:51:2b:de:da:00:6b:57:3d:6c:21:
                    78:b5:21:8c:62:f7:f8:95:84:0f:67:8f:a1:33:ce:
                    58:ca:a9:65:3a:7e:2b:4c:7f:18:c2:03:bf:cc:02:
                    f0:54:b5:be:70:d8:bf:1d:9f:23:30:73:fe:b7:ee:
                    20:12:a7:d1:7e:45:e8:9a:3f:03:82:1c:3f:52:f3:
                    40:72:d0:33:8c:62:58:f9:db:67:8f:81:c3:3a:35:
                    d6:6c:da:4e:36:c2:41:0d:b7:22:fc:80:88:d7:13:
                    87:c0:1f:89:1b:cf:d5:91:f5:4e:f2:82:7a:7f:3e:
                    e2:7c:1d:90:1b:d7:9a:5c:6a:f5:8e:03:46:9a:51:
                    45:d8:67:71:3d:83:4a:52:0d:73:24:aa:1a:be:2b:
                    39:64:e5:94:44:45:ee:74:83:e2:53:1f:58:94:b8:
                    b2:19:30:54:87:8f:d2:a0:db:51:e7:7c:e4:b5:78:
                    1c:80:eb:2f:56:92:98:dc:46:ce:22:a5:91:30:d0:
                    42:2a:7b:4b:b5:43:73:75:75:b1:a1:a3:72:4e:99:
                    41:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:08:A4:E2:AE:23:45:A3:FB:7C:BF:8E:5C:A7:F7:1F:C2:96:2A:49
            X509v3 Authority Key Identifier:
                keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/7Aik4q4jRaP7fL-OXKf3H8KWKkk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.98.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:9d:4a:9d:25:59:e4:d9:79:2e:04:02:c8:61:2d:63:4f:0b:
         19:4c:cb:ec:41:cc:b9:35:f4:67:40:d5:0c:0d:de:4e:3c:bf:
         e5:b3:ed:11:bc:61:45:d9:2a:7a:16:0d:0a:5a:f1:91:3f:0d:
         33:76:d2:24:79:ba:b0:f4:87:4c:d9:2c:2a:2a:1b:65:0e:08:
         a0:94:71:8a:77:f3:4f:28:e8:7c:79:dc:9f:49:f7:5c:c7:f6:
         54:ac:33:51:b7:af:f4:21:b8:67:13:7e:2f:3d:cf:6a:d7:49:
         69:8e:78:f8:d0:8a:90:11:02:8b:74:0d:f2:07:1d:46:d7:a7:
         7e:d9:dd:e0:78:3d:b5:c2:9c:cf:af:35:0c:95:18:a2:cd:4d:
         c5:e5:71:57:5b:ae:bd:c0:e6:7e:5a:e0:db:3a:35:69:e0:ee:
         90:a7:a1:ff:f6:42:c5:86:67:d0:b0:8d:bf:fa:4c:19:a5:55:
         26:6c:18:be:f6:41:61:08:95:7a:f4:ed:e8:aa:24:61:b8:c8:
         72:87:f8:32:71:2b:de:60:f4:35:0a:8d:40:b2:4c:e5:41:b3:
         d7:8f:0e:1f:57:93:4d:07:fc:ee:8e:32:bc:91:e0:8e:21:c7:
         8c:16:8f:9f:af:ce:9e:ca:9f:ba:8e:f9:33:fc:42:60:85:01:
         74:cb:ea:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1NbuSvCD+nzGJDsK3MKaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjMwMTAxMTkzNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzA4YTRlMmFlMjM0NWEzZmI3Y2JmOGU1Y2E3ZjcxZmMyOTYyYTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBMaR817XJA9PoJFMXGZe0KNAQv3
AuE4bW0QHH0rn10q+qUD54/eeERo4Dh4Q9QjLFEr3toAa1c9bCF4tSGMYvf4lYQP
Z4+hM85YyqllOn4rTH8YwgO/zALwVLW+cNi/HZ8jMHP+t+4gEqfRfkXomj8Dghw/
UvNActAzjGJY+dtnj4HDOjXWbNpONsJBDbci/ICI1xOHwB+JG8/VkfVO8oJ6fz7i
fB2QG9eaXGr1jgNGmlFF2GdxPYNKUg1zJKoavis5ZOWUREXudIPiUx9YlLiyGTBU
h4/SoNtR53zktXgcgOsvVpKY3EbOIqWRMNBCKntLtUNzdXWxoaNyTplB2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOwIpOKuI0Wj+3y/jlyn9x/ClipJMB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEvN0FpazRxNGpSYVA3ZkwtT1hLZjNIOEtXS2trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjWKLMA0G
CSqGSIb3DQEBCwUAA4IBAQBKnUqdJVnk2XkuBALIYS1jTwsZTMvsQcy5NfRnQNUM
Dd5OPL/ls+0RvGFF2Sp6Fg0KWvGRPw0zdtIkebqw9IdM2SwqKhtlDgiglHGKd/NP
KOh8edyfSfdcx/ZUrDNRt6/0IbhnE34vPc9q10lpjnj40IqQEQKLdA3yBx1G16d+
2d3geD21wpzPrzUMlRiizU3F5XFXW669wOZ+WuDbOjVp4O6Qp6H/9kLFhmfQsI2/
+kwZpVUmbBi+9kFhCJV69O3oqiRhuMhyh/gycSveYPQ1Co1AskzlQbPXjw4fV5NN
B/zujjK8keCOIceMFo+fr86eyp+6jvkz/EJghQF0y+oc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:09 2024 by rpki-client on console-fra.rpki-client.org