Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/_7iVFtTb3-nLnp25gJ4NSXYOjks.roa
File:                     _7iVFtTb3-nLnp25gJ4NSXYOjks.roa (raw, json)
Hash identifier:          CGQWa6zN23g9eQK9iwWasDcIYjvopy45haiS0EDUChY=
Subject key identifier:   FF:B8:95:16:D4:DB:DF:E9:CB:9E:9D:B9:80:9E:0D:49:76:0E:8E:4B
Certificate issuer:       /CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
Certificate serial:       018E18E196643F04E0BAC18C8CD148FE9F00
Authority key identifier: 46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/_7iVFtTb3-nLnp25gJ4NSXYOjks.roa
Signing time:             Thu 07 Mar 2024 12:27:01 +0000
ROA not before:           Thu 07 Mar 2024 12:27:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     3561
IP address blocks:        130.193.3.0/24 maxlen: 24
                          185.253.3.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 30 Apr 2024 15:06:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:18:e1:96:64:3f:04:e0:ba:c1:8c:8c:d1:48:fe:9f:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
        Validity
            Not Before: Mar  7 12:27:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ffb89516d4dbdfe9cb9e9db9809e0d49760e8e4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:9d:62:c8:90:5b:43:df:77:ae:88:87:29:00:
                    68:ec:59:10:7c:9c:40:7a:6a:e9:75:1a:2a:d0:7f:
                    57:3d:f0:15:19:26:29:3a:53:79:fe:41:00:03:5c:
                    6a:8c:63:8a:1d:e9:3a:f4:e3:ca:b9:0c:37:e5:c5:
                    f1:51:6c:16:b2:46:df:c6:6e:41:e6:cc:58:35:27:
                    d7:97:d3:2e:ba:00:43:9a:72:f9:2d:d7:c7:98:78:
                    5b:77:e7:8a:a0:a1:98:e6:f2:bb:89:04:d9:83:96:
                    78:c2:1d:63:1a:b2:ba:26:70:80:85:0f:90:6c:7f:
                    59:cf:a8:3d:6a:2b:e3:47:c5:94:ab:f3:11:e5:3e:
                    d2:1d:62:48:03:93:38:a3:59:17:40:5d:26:68:6c:
                    a1:c6:12:f2:c5:bf:ac:f7:0c:e1:25:0b:a7:1f:86:
                    74:11:19:c6:c4:28:cc:17:6e:a3:6f:13:43:ab:4c:
                    68:99:83:ad:5c:ba:80:b4:7e:da:32:a4:82:ee:62:
                    46:a3:73:68:07:73:7b:84:f4:cc:94:59:5e:a1:cb:
                    d8:04:36:47:06:09:ce:28:a1:66:5a:66:41:7c:fe:
                    ba:79:43:c0:86:c5:3f:11:59:58:31:77:d8:fd:35:
                    ad:21:c7:5a:dc:cb:f2:30:dc:2f:46:3f:d7:5c:45:
                    ce:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:B8:95:16:D4:DB:DF:E9:CB:9E:9D:B9:80:9E:0D:49:76:0E:8E:4B
            X509v3 Authority Key Identifier:
                keyid:46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/_7iVFtTb3-nLnp25gJ4NSXYOjks.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/RotZLzEQvGw1JJqCcaDawamssM4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.193.3.0/24
                  185.253.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:03:6e:14:26:36:22:ed:34:aa:76:88:f5:9a:f9:c3:40:24:
         51:99:07:fe:99:7b:69:26:71:8c:a4:14:4b:96:a1:b6:aa:29:
         61:23:df:94:c8:a5:e1:9a:32:2e:5f:44:20:1f:57:6f:7e:04:
         05:c7:70:32:d4:25:b8:12:eb:59:02:c4:9a:c7:f6:ea:76:7e:
         42:1c:61:81:5b:44:4d:da:4e:62:a4:7b:de:e7:14:ca:8f:7a:
         2a:bc:29:9a:c0:65:d2:03:75:1a:7c:cc:51:46:10:f8:8d:43:
         bc:5c:0e:1e:09:7d:27:a3:ac:ef:1c:98:c4:f5:db:a3:90:47:
         73:d9:4b:bc:c1:12:a9:bf:b5:4b:a6:b5:46:c6:40:59:d8:50:
         4d:81:25:bd:cc:de:85:b9:57:b6:a6:dd:ea:92:04:81:ca:93:
         6c:dc:c1:e4:74:b3:ad:31:a7:ac:76:d1:51:19:2c:4a:a0:4e:
         ce:03:17:0d:e0:57:e0:08:5f:7b:99:76:ca:b1:b8:ca:36:07:
         38:3f:f6:6a:20:3b:ab:48:e1:42:ac:e7:22:fc:9b:05:15:a1:
         14:ea:1b:8b:1e:9f:b8:6f:5d:ba:26:ae:d1:78:f4:33:95:ef:
         f6:ad:f4:9c:b1:31:6b:fc:41:94:c4:ba:3a:c8:73:92:d1:ad:
         c1:04:5a:4a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4Y4ZZkPwTgusGMjNFI/p8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGI1OTJmMzExMGJjNmMzNTI0OWE4MjcxYTBkYWMxYTlh
Y2IwY2UwHhcNMjQwMzA3MTIyNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmI4OTUxNmQ0ZGJkZmU5Y2I5ZTlkYjk4MDllMGQ0OTc2MGU4ZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZ1iyJBbQ993roiHKQBo7FkQfJxA
emrpdRoq0H9XPfAVGSYpOlN5/kEAA1xqjGOKHek69OPKuQw35cXxUWwWskbfxm5B
5sxYNSfXl9MuugBDmnL5LdfHmHhbd+eKoKGY5vK7iQTZg5Z4wh1jGrK6JnCAhQ+Q
bH9Zz6g9aivjR8WUq/MR5T7SHWJIA5M4o1kXQF0maGyhxhLyxb+s9wzhJQunH4Z0
ERnGxCjMF26jbxNDq0xomYOtXLqAtH7aMqSC7mJGo3NoB3N7hPTMlFleocvYBDZH
BgnOKKFmWmZBfP66eUPAhsU/EVlYMXfY/TWtIcda3MvyMNwvRj/XXEXOZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP+4lRbU29/py56duYCeDUl2Do5LMB8GA1UdIwQY
MBaAFEaLWS8xELxsNSSagnGg2sGprLDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTct
MDUwMzc0OWFkZWEwLzEvXzdpVkZ0VGIzLW5MbnAyNWdKNE5TWFlPamtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTctMDUwMzc0OWFkZWEw
LzEvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAgsEDAwQA
uf0DMA0GCSqGSIb3DQEBCwUAA4IBAQBeA24UJjYi7TSqdoj1mvnDQCRRmQf+mXtp
JnGMpBRLlqG2qilhI9+UyKXhmjIuX0QgH1dvfgQFx3Ay1CW4EutZAsSax/bqdn5C
HGGBW0RN2k5ipHve5xTKj3oqvCmawGXSA3UafMxRRhD4jUO8XA4eCX0no6zvHJjE
9dujkEdz2Uu8wRKpv7VLprVGxkBZ2FBNgSW9zN6FuVe2pt3qkgSBypNs3MHkdLOt
MaesdtFRGSxKoE7OAxcN4FfgCF97mXbKsbjKNgc4P/ZqIDurSOFCrOci/JsFFaEU
6huLHp+4b126Jq7RePQzle/2rfScsTFr/EGUxLo6yHOS0a3BBFpK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:19 2024 by rpki-client on console-fra.rpki-client.org