Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ncpYgUR9ar1krJ_iRZ_Khthfya4.roa
File:                     ncpYgUR9ar1krJ_iRZ_Khthfya4.roa (raw, json)
Hash identifier:          6tGGjMIJSO/pnFKbpckLcN1tiYI3UeooKlh7tQtFFdc=
Subject key identifier:   9D:CA:58:81:44:7D:6A:BD:64:AC:9F:E2:45:9F:CA:86:D8:5F:C9:AE
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       01856C541DB2D4D2FE234FD59721F57FB0FE
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ncpYgUR9ar1krJ_iRZ_Khthfya4.roa
Signing time:             Sun 01 Jan 2023 07:55:29 +0000
ROA not before:           Sun 01 Jan 2023 07:55:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     393489
IP address blocks:        79.143.59.0/24 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:54:1d:b2:d4:d2:fe:23:4f:d5:97:21:f5:7f:b0:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 07:55:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9dca5881447d6abd64ac9fe2459fca86d85fc9ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:5c:99:36:df:03:50:43:dd:9c:e5:a0:41:97:
                    c2:c0:06:c9:03:a1:12:89:35:da:b5:3e:13:61:62:
                    51:39:6c:d5:0f:b3:df:2a:42:83:05:26:bf:9c:d1:
                    9e:41:1a:35:e3:48:78:f7:6c:77:dc:1e:2c:54:f5:
                    a2:82:ad:c0:32:1d:36:ab:96:42:72:3c:36:a1:6e:
                    a2:33:41:7f:02:e2:d5:6b:65:25:8c:84:77:3c:9f:
                    0d:f4:c7:6a:d5:80:ae:ee:ba:54:d0:af:d4:f9:74:
                    b2:3e:73:e4:d5:67:65:75:25:8d:c2:a7:0a:fb:73:
                    07:e3:34:6e:8e:6d:e7:69:bf:8c:63:ad:79:d8:c2:
                    03:ec:b0:6c:cc:0e:04:08:59:54:4b:7d:dd:ea:d0:
                    c4:62:83:18:50:eb:f2:0e:c7:47:10:d5:07:0e:0a:
                    cc:a1:3a:51:77:f1:50:8c:c6:07:eb:0c:db:a7:cd:
                    62:7e:9a:35:67:1d:e0:cb:ec:c8:5f:0d:ff:66:98:
                    f9:77:f5:64:6e:5f:6d:a9:ea:91:54:88:82:73:11:
                    e4:70:e1:fb:36:6f:25:88:ab:3f:06:fa:3b:da:9a:
                    4d:27:b1:c1:59:d0:99:ea:ed:6c:a9:08:9f:ec:ea:
                    5a:f8:5c:d3:87:89:6b:97:3a:b6:b6:b8:50:41:0f:
                    8a:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:CA:58:81:44:7D:6A:BD:64:AC:9F:E2:45:9F:CA:86:D8:5F:C9:AE
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ncpYgUR9ar1krJ_iRZ_Khthfya4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.143.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:be:da:73:61:fb:1e:99:be:ef:59:d3:ca:3e:54:7e:ec:b3:
         a9:35:bb:a8:14:58:28:91:8c:1f:0e:d3:63:40:5c:00:10:5c:
         b5:4e:e3:c8:20:f6:02:85:51:db:6c:3e:a5:96:78:04:f3:a0:
         c8:3c:ae:8c:ad:66:6b:ac:f6:0a:53:81:27:b6:aa:0d:57:15:
         29:2f:b5:6e:79:95:b2:d8:a5:23:55:ac:8e:15:d5:62:0d:1e:
         18:0a:55:30:38:db:c4:f1:07:2a:db:9e:aa:50:cd:ef:6e:65:
         b9:af:d7:5d:8d:32:de:e1:a9:be:5e:96:d9:91:0c:63:0c:0e:
         e6:5c:1b:70:42:85:52:55:79:39:c9:0f:85:91:cb:a1:61:c2:
         be:85:a7:d6:8e:01:21:ce:5d:d2:2d:df:ad:84:81:28:31:f5:
         f6:e0:98:1f:e6:7a:f7:75:eb:f2:e5:87:59:07:cd:0e:33:78:
         23:ee:16:b1:c7:02:60:5f:7a:d7:c9:28:a8:7e:f8:4a:ec:fc:
         12:c5:cf:ac:dd:8a:a4:fc:12:c3:32:c9:d3:a8:94:fd:46:aa:
         c9:8c:02:66:72:9c:a4:61:d9:59:14:ce:b8:7e:bc:95:21:65:
         23:98:d5:cd:9f:0c:a2:f9:9c:8b:24:b6:ea:1c:06:2f:b4:34:
         b4:ee:9f:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsVB2y1NL+I0/VlyH1f7D+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGNhNTg4MTQ0N2Q2YWJkNjRhYzlmZTI0NTlmY2E4NmQ4NWZjOWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFyZNt8DUEPdnOWgQZfCwAbJA6ES
iTXatT4TYWJROWzVD7PfKkKDBSa/nNGeQRo140h492x33B4sVPWigq3AMh02q5ZC
cjw2oW6iM0F/AuLVa2UljIR3PJ8N9Mdq1YCu7rpU0K/U+XSyPnPk1WdldSWNwqcK
+3MH4zRujm3nab+MY6152MID7LBszA4ECFlUS33d6tDEYoMYUOvyDsdHENUHDgrM
oTpRd/FQjMYH6wzbp81ifpo1Zx3gy+zIXw3/Zpj5d/Vkbl9tqeqRVIiCcxHkcOH7
Nm8liKs/Bvo72ppNJ7HBWdCZ6u1sqQif7Opa+FzTh4lrlzq2trhQQQ+KSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ3KWIFEfWq9ZKyf4kWfyobYX8muMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvbmNwWWdVUjlhcjFrckpfaVJaX0todGhmeWE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAT487MA0G
CSqGSIb3DQEBCwUAA4IBAQCMvtpzYfsemb7vWdPKPlR+7LOpNbuoFFgokYwfDtNj
QFwAEFy1TuPIIPYChVHbbD6llngE86DIPK6MrWZrrPYKU4EntqoNVxUpL7VueZWy
2KUjVayOFdViDR4YClUwONvE8Qcq256qUM3vbmW5r9ddjTLe4am+XpbZkQxjDA7m
XBtwQoVSVXk5yQ+FkcuhYcK+hafWjgEhzl3SLd+thIEoMfX24Jgf5nr3devy5YdZ
B80OM3gj7haxxwJgX3rXySiofvhK7PwSxc+s3Yqk/BLDMsnTqJT9RqrJjAJmcpyk
YdlZFM64fryVIWUjmNXNnwyi+ZyLJLbqHAYvtDS07p9f
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:46 2024 by rpki-client on console-fra.rpki-client.org