Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/coHWhV2ILLLUhLLMA2adkpd-wII.roa
File:                     coHWhV2ILLLUhLLMA2adkpd-wII.roa (raw, json)
Hash identifier:          XAEvyJu7MY1/ikgdXnvc4LP3QmRGZKc/14iFHanErnE=
Subject key identifier:   72:81:D6:85:5D:88:2C:B2:D4:84:B2:CC:03:66:9D:92:97:7E:C0:82
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       01856C541CDC901B1D35B74F59D1E7D53146
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/coHWhV2ILLLUhLLMA2adkpd-wII.roa
Signing time:             Sun 01 Jan 2023 07:55:29 +0000
ROA not before:           Sun 01 Jan 2023 07:55:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213279
IP address blocks:        2.57.252.0/24 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:54:1c:dc:90:1b:1d:35:b7:4f:59:d1:e7:d5:31:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 07:55:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7281d6855d882cb2d484b2cc03669d92977ec082
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:78:bb:b2:a8:ea:06:56:72:e7:53:0a:79:b0:
                    58:a0:89:23:a0:29:60:23:4c:a0:a5:b9:51:0b:38:
                    2d:44:8f:3c:d6:3c:c8:d0:91:b4:86:04:da:27:9b:
                    b5:f2:2e:b0:1c:94:d1:9e:7c:cb:23:f7:87:6c:fc:
                    35:3a:d4:e2:02:b3:2a:2b:e3:56:af:56:18:aa:b5:
                    20:55:f7:98:99:cf:f6:8d:5d:b4:b1:50:f5:6f:39:
                    be:29:bb:7d:eb:e9:d2:56:23:3d:d7:7c:d0:24:0f:
                    68:1b:95:39:de:44:e2:bd:99:75:fb:3a:93:cf:d1:
                    a8:5a:a2:a3:12:8a:86:db:b9:cb:1d:b2:c0:b4:14:
                    8c:aa:71:e8:e7:46:6d:19:ac:2f:2b:c4:af:1b:c9:
                    f2:1c:6f:09:72:1d:3d:0b:a1:a5:3d:c6:f3:ba:a1:
                    05:4c:1a:e7:cc:bb:f0:14:ad:22:b9:fb:d5:13:8e:
                    b0:61:09:0c:e2:86:cc:f0:22:4c:2e:cb:5a:9c:c4:
                    e8:3f:31:0e:c6:2d:79:ad:d6:12:2e:99:d2:c9:0a:
                    b6:11:04:4e:7f:4b:5d:2d:b6:26:2b:f8:51:31:c5:
                    a4:c0:d1:ab:e6:37:d9:27:89:5e:85:2b:bd:5b:84:
                    21:56:01:0f:35:c1:a5:2c:6d:79:d6:bd:da:72:c9:
                    22:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:81:D6:85:5D:88:2C:B2:D4:84:B2:CC:03:66:9D:92:97:7E:C0:82
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/coHWhV2ILLLUhLLMA2adkpd-wII.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.57.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:50:5a:b2:80:6c:38:fa:44:bc:39:34:24:1a:ee:17:22:86:
         30:84:60:f9:c0:29:db:f0:7b:70:9e:ba:cd:67:1b:56:07:f4:
         e0:e5:13:98:15:ab:a3:57:bf:cb:54:27:f1:7d:4b:5f:59:f9:
         47:29:e3:d5:5e:a6:33:3a:9b:9e:58:33:13:c4:27:e7:a6:03:
         cb:79:2f:49:91:a0:ef:fc:59:84:c0:0c:59:3c:02:c9:97:b3:
         c8:c6:34:b8:cd:03:bc:bb:8c:b4:d7:b6:ec:92:ed:64:40:88:
         7e:33:af:52:25:65:87:ad:f6:a8:f4:e1:34:02:d5:73:1f:4d:
         1b:d1:73:f2:03:ef:0f:a4:e8:3a:97:9b:51:ef:91:fa:cd:fd:
         90:da:85:b7:b7:1f:7c:6c:e0:e0:53:0b:32:04:c7:42:51:a1:
         8e:52:79:33:75:59:40:13:61:fc:d4:d2:d8:7a:01:31:13:3e:
         84:57:8f:98:50:49:3d:29:4f:7a:ed:80:5b:5d:6d:69:aa:a4:
         1d:ef:45:a5:2e:10:a3:ea:18:6f:43:eb:51:e9:92:2a:01:ec:
         7a:93:d8:67:25:89:17:62:f4:44:b6:d4:94:d6:c9:5e:4d:22:
         62:4d:f2:bb:16:ee:93:0a:d3:aa:91:1c:87:58:20:f6:90:99:
         95:ac:1d:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsVBzckBsdNbdPWdHn1TFGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjgxZDY4NTVkODgyY2IyZDQ4NGIyY2MwMzY2OWQ5Mjk3N2VjMDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3i7sqjqBlZy51MKebBYoIkjoClg
I0ygpblRCzgtRI881jzI0JG0hgTaJ5u18i6wHJTRnnzLI/eHbPw1OtTiArMqK+NW
r1YYqrUgVfeYmc/2jV20sVD1bzm+Kbt96+nSViM913zQJA9oG5U53kTivZl1+zqT
z9GoWqKjEoqG27nLHbLAtBSMqnHo50ZtGawvK8SvG8nyHG8Jch09C6GlPcbzuqEF
TBrnzLvwFK0iufvVE46wYQkM4obM8CJMLstanMToPzEOxi15rdYSLpnSyQq2EQRO
f0tdLbYmK/hRMcWkwNGr5jfZJ4lehSu9W4QhVgEPNcGlLG151r3acskiYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHKB1oVdiCyy1ISyzANmnZKXfsCCMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvY29IV2hWMklMTExVaExMTUEyYWRrcGQtd0lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjn8MA0G
CSqGSIb3DQEBCwUAA4IBAQB7UFqygGw4+kS8OTQkGu4XIoYwhGD5wCnb8HtwnrrN
ZxtWB/Tg5ROYFaujV7/LVCfxfUtfWflHKePVXqYzOpueWDMTxCfnpgPLeS9JkaDv
/FmEwAxZPALJl7PIxjS4zQO8u4y017bsku1kQIh+M69SJWWHrfao9OE0AtVzH00b
0XPyA+8PpOg6l5tR75H6zf2Q2oW3tx98bODgUwsyBMdCUaGOUnkzdVlAE2H81NLY
egExEz6EV4+YUEk9KU967YBbXW1pqqQd70WlLhCj6hhvQ+tR6ZIqAex6k9hnJYkX
YvREttSU1sleTSJiTfK7Fu6TCtOqkRyHWCD2kJmVrB1o
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:33 2024 by rpki-client on console-ams.rpki-client.org