Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/E3kMM0BpKy4CHHcYXhPXCvuMHCY.roa
File:                     E3kMM0BpKy4CHHcYXhPXCvuMHCY.roa (raw, json)
Hash identifier:          PmMIWHdRgdr/PGuRPQOqViizHTlm8ME1AZ00tauDFa0=
Subject key identifier:   13:79:0C:33:40:69:2B:2E:02:1C:77:18:5E:13:D7:0A:FB:8C:1C:26
Certificate issuer:       /CN=aebf394e2f1b251c88d988a87161084580786ef5
Certificate serial:       018571F9FD6C66F0194C1B7B865E72731134
Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/E3kMM0BpKy4CHHcYXhPXCvuMHCY.roa
Signing time:             Mon 02 Jan 2023 10:14:46 +0000
ROA not before:           Mon 02 Jan 2023 10:14:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20824
IP address blocks:        178.249.165.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:f9:fd:6c:66:f0:19:4c:1b:7b:86:5e:72:73:11:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5
        Validity
            Not Before: Jan  2 10:14:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=13790c3340692b2e021c77185e13d70afb8c1c26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:85:bc:34:59:19:63:87:ee:40:83:41:16:e8:
                    ac:33:49:e7:88:44:65:f0:93:c2:9c:cb:c6:90:a1:
                    ae:a4:ad:ca:5d:49:5c:41:c4:65:25:65:f6:87:a3:
                    47:da:14:59:97:d8:28:4d:3f:07:82:e8:80:22:b1:
                    6b:3d:fd:90:52:aa:d3:32:f5:fb:fb:ce:2c:0d:9e:
                    2a:bf:c2:89:7a:77:31:8f:02:3e:cc:5a:a5:80:d8:
                    3a:b2:91:90:08:49:c9:98:be:b6:00:cf:0e:61:a5:
                    b3:6f:96:fd:e2:2c:f1:89:26:b5:4d:f2:df:91:3e:
                    e1:c7:23:69:3b:48:40:b6:b4:4d:fa:25:90:b5:70:
                    9c:fc:ae:b1:b1:51:81:64:1d:24:c7:9a:5f:6c:09:
                    4f:a2:80:18:c9:f5:10:dc:cd:5e:93:2d:2e:b0:34:
                    15:7c:b0:ae:ce:dd:55:2c:ba:36:00:94:2b:61:e2:
                    d3:89:cf:c3:22:c7:72:01:d9:e3:1b:c8:13:a4:d6:
                    96:57:bb:b8:37:1b:9d:4b:eb:bb:46:52:aa:78:64:
                    2b:6d:03:1a:5c:ba:73:33:7f:24:de:df:c3:74:6c:
                    ef:b7:ce:fa:94:6c:5b:40:96:e1:61:3e:d3:67:6c:
                    48:93:08:50:42:61:27:75:7a:8c:83:58:e9:1d:1b:
                    23:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:79:0C:33:40:69:2B:2E:02:1C:77:18:5E:13:D7:0A:FB:8C:1C:26
            X509v3 Authority Key Identifier:
                keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/E3kMM0BpKy4CHHcYXhPXCvuMHCY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.249.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:10:a6:a2:8d:46:8d:07:6b:4b:43:87:51:17:49:30:d6:1f:
         9e:c4:0c:56:74:7e:3c:28:23:08:ed:f1:a3:8d:e1:af:48:c2:
         d8:74:8e:59:ce:55:59:6e:c0:4b:1f:34:1b:99:1b:9d:ee:32:
         f7:0d:aa:7e:7c:43:6c:09:54:e2:13:09:cf:e4:5d:f2:b8:8b:
         42:e1:e1:48:87:ff:37:99:0c:45:7c:04:5e:3b:2f:e5:29:2e:
         80:e8:8f:0e:6b:c9:ae:d7:40:65:3f:4c:03:fe:94:ed:04:e2:
         91:53:55:ff:de:16:ff:cb:46:a1:4d:b7:40:14:93:57:7f:85:
         95:a0:4a:57:b4:ce:c0:c2:4b:e7:ae:49:0f:d9:4e:e6:d8:eb:
         70:ea:d8:ae:b0:36:20:a0:4e:25:a5:fd:e3:63:d7:d0:3b:22:
         a0:6a:e9:07:1d:5e:cb:97:9b:e2:3d:f2:b5:6f:a8:d0:74:19:
         ac:13:c4:ba:86:cd:06:ee:6e:47:20:da:90:84:42:27:07:18:
         be:3a:10:a9:db:2b:a1:04:ab:56:b9:4b:cc:a6:82:f6:24:37:
         68:4c:27:3c:ca:58:3c:62:bf:72:08:bc:13:a2:0f:be:db:db:
         34:7b:f4:db:08:b2:1a:1d:3a:77:d4:15:78:dc:e6:e5:88:86:
         9a:11:c9:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+f1sZvAZTBt7hl5ycxE0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYmYzOTRlMmYxYjI1MWM4OGQ5ODhhODcxNjEwODQ1ODA3
ODZlZjUwHhcNMjMwMTAyMTAxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzc5MGMzMzQwNjkyYjJlMDIxYzc3MTg1ZTEzZDcwYWZiOGMxYzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4W8NFkZY4fuQINBFuisM0nniERl
8JPCnMvGkKGupK3KXUlcQcRlJWX2h6NH2hRZl9goTT8HguiAIrFrPf2QUqrTMvX7
+84sDZ4qv8KJencxjwI+zFqlgNg6spGQCEnJmL62AM8OYaWzb5b94izxiSa1TfLf
kT7hxyNpO0hAtrRN+iWQtXCc/K6xsVGBZB0kx5pfbAlPooAYyfUQ3M1eky0usDQV
fLCuzt1VLLo2AJQrYeLTic/DIsdyAdnjG8gTpNaWV7u4NxudS+u7RlKqeGQrbQMa
XLpzM38k3t/DdGzvt876lGxbQJbhYT7TZ2xIkwhQQmEndXqMg1jpHRsjWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBN5DDNAaSsuAhx3GF4T1wr7jBwmMB8GA1UdIwQY
MBaAFK6/OU4vGyUciNmIqHFhCEWAeG71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2It
NjFlN2Y0MGQ1ZGQ2LzEvRTNrTU0wQnBLeTRDSEhjWVhoUFhDdnVNSENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2ItNjFlN2Y0MGQ1ZGQ2
LzEvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsvmlMA0G
CSqGSIb3DQEBCwUAA4IBAQBUEKaijUaNB2tLQ4dRF0kw1h+exAxWdH48KCMI7fGj
jeGvSMLYdI5ZzlVZbsBLHzQbmRud7jL3Dap+fENsCVTiEwnP5F3yuItC4eFIh/83
mQxFfAReOy/lKS6A6I8Oa8mu10BlP0wD/pTtBOKRU1X/3hb/y0ahTbdAFJNXf4WV
oEpXtM7AwkvnrkkP2U7m2Otw6tiusDYgoE4lpf3jY9fQOyKgaukHHV7Ll5viPfK1
b6jQdBmsE8S6hs0G7m5HINqQhEInBxi+OhCp2yuhBKtWuUvMpoL2JDdoTCc8ylg8
Yr9yCLwTog++29s0e/TbCLIaHTp31BV43ObliIaaEclH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:46 2024 by rpki-client on console-fra.rpki-client.org