Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/XWlRouX054OrFdXiWdb99aEFJh0.roa
File:                     XWlRouX054OrFdXiWdb99aEFJh0.roa (raw, json)
Hash identifier:          yeqALIhYpt8KJ/Pl1Z6MT7O7HX58NxZpstaayZqkP0Q=
Subject key identifier:   5D:69:51:A2:E5:F4:E7:83:AB:15:D5:E2:59:D6:FD:F5:A1:05:26:1D
Certificate issuer:       /CN=2b9efb5878d3b3634dc1ccb90ac48e0b89d1c879
Certificate serial:       01856DA63221C12ED6F2189778C49CDEC517
Authority key identifier: 2B:9E:FB:58:78:D3:B3:63:4D:C1:CC:B9:0A:C4:8E:0B:89:D1:C8:79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K577WHjTs2NNwcy5CsSOC4nRyHk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/XWlRouX054OrFdXiWdb99aEFJh0.roa
Signing time:             Sun 01 Jan 2023 14:04:46 +0000
ROA not before:           Sun 01 Jan 2023 14:04:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6697
IP address blocks:        178.159.240.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:a6:32:21:c1:2e:d6:f2:18:97:78:c4:9c:de:c5:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b9efb5878d3b3634dc1ccb90ac48e0b89d1c879
        Validity
            Not Before: Jan  1 14:04:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5d6951a2e5f4e783ab15d5e259d6fdf5a105261d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:f1:21:72:0f:0a:bc:e1:86:57:f6:2e:5f:81:
                    83:d0:61:03:30:c5:a8:72:78:11:4d:6e:87:bf:34:
                    68:c9:ca:a4:6a:03:54:cb:fa:cc:80:b8:b0:88:e8:
                    bc:17:de:08:93:b1:ad:ea:ff:83:47:b0:08:84:de:
                    9b:18:64:1a:7d:3c:2a:8e:9e:39:f4:b1:a8:f9:60:
                    8f:12:ac:46:d2:6f:de:18:b4:6a:6a:c2:11:7b:e4:
                    14:13:f2:70:25:6e:57:c6:76:1a:23:f5:2d:96:6a:
                    bf:8a:70:c5:d0:4f:df:ea:9b:c9:2c:08:03:b9:2f:
                    9b:5e:98:4c:1c:7c:98:3c:07:52:16:26:10:35:fc:
                    4b:11:a7:6a:6e:1f:41:97:18:4d:16:7f:02:02:39:
                    82:48:b2:9e:ff:d5:9e:27:b8:41:e8:53:2e:11:89:
                    91:8c:af:47:df:8f:78:63:bc:72:be:80:de:02:1a:
                    d6:08:31:5a:2b:f4:cd:ef:55:02:aa:7f:f7:c2:7f:
                    cc:62:39:5a:64:e3:4f:40:68:69:d7:14:24:d9:cf:
                    da:c3:3c:b1:3d:4c:a1:ae:4e:a2:80:07:a5:99:15:
                    09:91:29:e4:54:72:8a:85:cc:eb:3f:ee:f4:3e:90:
                    66:70:cc:2c:57:ef:b7:ed:58:47:18:82:e3:44:71:
                    81:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:69:51:A2:E5:F4:E7:83:AB:15:D5:E2:59:D6:FD:F5:A1:05:26:1D
            X509v3 Authority Key Identifier:
                keyid:2B:9E:FB:58:78:D3:B3:63:4D:C1:CC:B9:0A:C4:8E:0B:89:D1:C8:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K577WHjTs2NNwcy5CsSOC4nRyHk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/XWlRouX054OrFdXiWdb99aEFJh0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/K577WHjTs2NNwcy5CsSOC4nRyHk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.159.240.0/21

    Signature Algorithm: sha256WithRSAEncryption
         87:c3:45:22:12:ad:90:34:9c:58:3e:b7:cb:a1:75:ae:de:bb:
         a5:a0:a9:5d:12:a5:c9:39:e2:1b:8c:60:3e:14:ee:80:b2:36:
         54:50:e8:ed:30:7f:45:1e:d5:a8:5a:50:6d:55:e5:ee:ca:0b:
         18:da:ea:c4:e9:4e:7c:b9:d2:d6:d2:3f:68:9c:cb:fd:69:0a:
         d8:9f:47:78:ae:c4:a2:5f:55:cf:2a:61:6d:61:77:36:29:b3:
         7f:8f:f3:ba:31:58:35:0b:19:ed:45:38:9e:c9:c4:8d:02:ed:
         f8:f7:27:77:cf:da:98:ff:2e:af:0d:c3:25:52:9a:6d:94:7d:
         0e:9b:70:24:14:f4:3a:7f:d5:a2:9e:ff:11:20:28:f4:f8:d0:
         2a:ae:ed:ca:c8:ea:e4:63:45:61:eb:5b:1a:a2:5a:09:69:7b:
         32:be:f3:1d:fc:7f:7a:2b:eb:84:c5:0f:9c:ba:75:c6:6d:d0:
         c9:2c:bc:f8:a4:d4:30:02:ab:c7:8f:92:ff:54:94:bb:93:1c:
         8c:18:74:08:9d:61:58:62:45:31:14:dc:03:a2:f7:b4:a5:d9:
         9e:7f:7b:c9:78:50:ea:83:71:a0:c3:d3:b7:83:e2:b0:df:c0:
         84:bb:7f:56:0c:34:ae:f0:bc:ed:a7:f2:8b:b8:0e:05:fc:cf:
         42:a3:5b:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtpjIhwS7W8hiXeMSc3sUXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOWVmYjU4NzhkM2IzNjM0ZGMxY2NiOTBhYzQ4ZTBiODlk
MWM4NzkwHhcNMjMwMTAxMTQwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDY5NTFhMmU1ZjRlNzgzYWIxNWQ1ZTI1OWQ2ZmRmNWExMDUyNjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPEhcg8KvOGGV/YuX4GD0GEDMMWo
cngRTW6HvzRoycqkagNUy/rMgLiwiOi8F94Ik7Gt6v+DR7AIhN6bGGQafTwqjp45
9LGo+WCPEqxG0m/eGLRqasIRe+QUE/JwJW5XxnYaI/Utlmq/inDF0E/f6pvJLAgD
uS+bXphMHHyYPAdSFiYQNfxLEadqbh9BlxhNFn8CAjmCSLKe/9WeJ7hB6FMuEYmR
jK9H3494Y7xyvoDeAhrWCDFaK/TN71UCqn/3wn/MYjlaZONPQGhp1xQk2c/awzyx
PUyhrk6igAelmRUJkSnkVHKKhczrP+70PpBmcMwsV++37VhHGILjRHGBBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF1pUaLl9OeDqxXV4lnW/fWhBSYdMB8GA1UdIwQY
MBaAFCue+1h407NjTcHMuQrEjguJ0ch5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzU3N1dIalRzMk5Od2N5NUNzU09DNG5SeUhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9kMDM2MDgtM2M2Ny00MjNkLWIxOGQt
NGJjZDNkNTg0NjNhLzEvWFdsUm91WDA1NE9yRmRYaVdkYjk5YUVGSmgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9kMDM2MDgtM2M2Ny00MjNkLWIxOGQtNGJjZDNkNTg0NjNh
LzEvSzU3N1dIalRzMk5Od2N5NUNzU09DNG5SeUhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsp/wMA0G
CSqGSIb3DQEBCwUAA4IBAQCHw0UiEq2QNJxYPrfLoXWu3ruloKldEqXJOeIbjGA+
FO6AsjZUUOjtMH9FHtWoWlBtVeXuygsY2urE6U58udLW0j9onMv9aQrYn0d4rsSi
X1XPKmFtYXc2KbN/j/O6MVg1CxntRTieycSNAu349yd3z9qY/y6vDcMlUpptlH0O
m3AkFPQ6f9Winv8RICj0+NAqru3KyOrkY0Vh61saoloJaXsyvvMd/H96K+uExQ+c
unXGbdDJLLz4pNQwAqvHj5L/VJS7kxyMGHQInWFYYkUxFNwDove0pdmef3vJeFDq
g3Ggw9O3g+Kw38CEu39WDDSu8Lztp/KLuA4F/M9Co1vZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:10 2024 by rpki-client on console-ams.rpki-client.org