Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/g2dvycIdQDuqCOxIXf8looBWYqc.roa
File:                     g2dvycIdQDuqCOxIXf8looBWYqc.roa (raw, json)
Hash identifier:          LSuScyux7k4NgZyYYe6bIowFLC0GmjffdPoIaImoyJU=
Subject key identifier:   83:67:6F:C9:C2:1D:40:3B:AA:08:EC:48:5D:FF:25:A2:80:56:62:A7
Certificate issuer:       /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial:       018570FBB48039B214A426C16D1259EA6B13
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/g2dvycIdQDuqCOxIXf8looBWYqc.roa
Signing time:             Mon 02 Jan 2023 05:37:02 +0000
ROA not before:           Mon 02 Jan 2023 05:37:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7018
IP address blocks:        2.58.54.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 06 Jan 2023 21:25:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:fb:b4:80:39:b2:14:a4:26:c1:6d:12:59:ea:6b:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
        Validity
            Not Before: Jan  2 05:37:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=83676fc9c21d403baa08ec485dff25a2805662a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:89:09:c8:78:a9:5d:60:75:ce:e4:08:5e:02:
                    77:7d:3b:92:c0:46:84:c6:92:91:c1:66:02:26:33:
                    46:f2:91:1c:87:79:15:51:46:1f:07:17:8c:90:fd:
                    5e:19:3a:bd:69:36:ce:82:f4:62:6d:71:1e:58:b6:
                    0d:33:b2:b9:6b:ce:99:e0:8a:f6:6c:52:1f:b7:fa:
                    f2:fb:93:29:34:99:47:1e:3d:66:23:f2:68:cb:41:
                    e5:bd:04:a5:00:b9:f3:1b:ba:c9:e5:4f:50:d7:7a:
                    52:9d:bc:0c:13:5c:ec:f3:f7:3f:58:f3:53:0e:2c:
                    bc:af:f9:42:94:b5:40:99:a6:76:e9:e0:85:13:e5:
                    b7:05:32:52:d5:b0:2c:2b:27:8f:dc:c7:b5:f7:e9:
                    f8:09:7b:2d:d8:4e:10:db:12:a8:3b:ce:59:9a:1a:
                    68:5a:8f:0a:c9:c1:5a:6c:42:5f:2f:8d:6e:23:83:
                    36:0d:16:8f:2d:fe:c5:16:6b:62:2e:7f:dc:27:7f:
                    3f:22:a3:f7:e8:0a:16:0c:e9:10:ca:c3:5b:bb:b4:
                    88:02:bb:78:b4:ad:50:9a:90:b9:45:2f:4c:0c:aa:
                    c6:4b:c4:83:95:25:bc:b5:b7:2f:48:c3:ce:08:0b:
                    f7:34:7b:c2:85:8e:60:3c:b6:3f:22:86:3f:a2:5c:
                    cf:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:67:6F:C9:C2:1D:40:3B:AA:08:EC:48:5D:FF:25:A2:80:56:62:A7
            X509v3 Authority Key Identifier:
                keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/g2dvycIdQDuqCOxIXf8looBWYqc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:e2:13:2d:8d:ab:11:7a:66:14:25:41:73:8f:ac:bf:96:60:
         66:25:49:e1:c3:da:1f:20:e3:b3:39:22:9e:46:b2:95:06:ca:
         0d:da:bf:7c:50:5d:90:41:7c:60:73:1a:c9:86:2d:d4:57:b6:
         a7:0c:83:dc:77:1d:cf:fd:41:e8:75:dc:b1:12:0c:27:e2:fa:
         8a:02:40:47:0e:7d:92:a8:7f:e1:a7:ee:bd:cc:a1:08:74:6d:
         48:98:ed:85:4f:e7:2f:6e:28:58:f7:2c:19:4e:52:ab:7d:d8:
         22:af:ab:88:71:b1:05:28:4c:ff:98:89:27:21:6c:a8:77:46:
         16:c9:22:cb:79:12:71:83:94:77:2a:bb:8c:05:90:2f:1d:76:
         59:fa:f6:d5:06:ca:1d:db:5d:c7:c2:28:e9:ac:fd:cb:17:9f:
         37:3a:57:10:97:ac:67:f2:f3:7d:9c:37:cf:1b:5a:4c:ff:aa:
         bc:32:22:49:47:fa:56:51:68:c5:22:39:77:09:e9:08:68:f5:
         6d:ee:52:7a:76:df:76:91:7d:02:e8:d7:ec:14:58:80:85:66:
         15:09:e4:d3:1e:ac:29:99:57:5d:b3:90:4f:29:d9:60:16:46:
         25:04:ef:98:e7:0f:70:72:dd:05:c5:6b:79:43:a4:8a:39:65:
         06:36:8d:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+7SAObIUpCbBbRJZ6msTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwMTAyMDUzNzAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzY3NmZjOWMyMWQ0MDNiYWEwOGVjNDg1ZGZmMjVhMjgwNTY2MmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4kJyHipXWB1zuQIXgJ3fTuSwEaE
xpKRwWYCJjNG8pEch3kVUUYfBxeMkP1eGTq9aTbOgvRibXEeWLYNM7K5a86Z4Ir2
bFIft/ry+5MpNJlHHj1mI/Joy0HlvQSlALnzG7rJ5U9Q13pSnbwME1zs8/c/WPNT
Diy8r/lClLVAmaZ26eCFE+W3BTJS1bAsKyeP3Me19+n4CXst2E4Q2xKoO85Zmhpo
Wo8KycFabEJfL41uI4M2DRaPLf7FFmtiLn/cJ38/IqP36AoWDOkQysNbu7SIArt4
tK1QmpC5RS9MDKrGS8SDlSW8tbcvSMPOCAv3NHvChY5gPLY/IoY/olzPBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFINnb8nCHUA7qgjsSF3/JaKAVmKnMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvZzJkdnljSWRRRHVxQ094SVhmOGxvb0JXWXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjo2MA0G
CSqGSIb3DQEBCwUAA4IBAQAY4hMtjasRemYUJUFzj6y/lmBmJUnhw9ofIOOzOSKe
RrKVBsoN2r98UF2QQXxgcxrJhi3UV7anDIPcdx3P/UHoddyxEgwn4vqKAkBHDn2S
qH/hp+69zKEIdG1ImO2FT+cvbihY9ywZTlKrfdgir6uIcbEFKEz/mIknIWyod0YW
ySLLeRJxg5R3KruMBZAvHXZZ+vbVBsod213HwijprP3LF583OlcQl6xn8vN9nDfP
G1pM/6q8MiJJR/pWUWjFIjl3CekIaPVt7lJ6dt92kX0C6NfsFFiAhWYVCeTTHqwp
mVdds5BPKdlgFkYlBO+Y5w9wct0FxWt5Q6SKOWUGNo0z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org