Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/bacc77-df30-4941-be33-dcb5b9e88e9a/1/N8Ypu4iZuyRnIxmxDb6CByz9VPk.roa
File:                     N8Ypu4iZuyRnIxmxDb6CByz9VPk.roa (raw, json)
Hash identifier:          VPHCWOrr+aeBtKPb+GjZ3BAzX5NHG5vpxOKuV2RlT5s=
Subject key identifier:   37:C6:29:BB:88:99:BB:24:67:23:19:B1:0D:BE:82:07:2C:FD:54:F9
Certificate issuer:       /CN=2b1707889794cea0622bd4921d6bdbdd56ef0b06
Certificate serial:       018D1690D964334838FA74B98E3FDA64E772
Authority key identifier: 2B:17:07:88:97:94:CE:A0:62:2B:D4:92:1D:6B:DB:DD:56:EF:0B:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KxcHiJeUzqBiK9SSHWvb3VbvCwY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/bacc77-df30-4941-be33-dcb5b9e88e9a/1/N8Ypu4iZuyRnIxmxDb6CByz9VPk.roa
Signing time:             Wed 17 Jan 2024 08:36:48 +0000
ROA not before:           Wed 17 Jan 2024 08:36:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212067
IP address blocks:        83.97.72.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 22 Jan 2024 06:38:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:16:90:d9:64:33:48:38:fa:74:b9:8e:3f:da:64:e7:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b1707889794cea0622bd4921d6bdbdd56ef0b06
        Validity
            Not Before: Jan 17 08:36:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=37c629bb8899bb24672319b10dbe82072cfd54f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:78:de:17:c8:cc:8e:97:f9:cc:70:ae:2f:d5:
                    df:6d:4a:bd:48:2f:d6:1d:d2:62:61:df:07:b7:7f:
                    be:25:71:cb:8c:12:60:44:5b:f5:6f:0f:2b:aa:7f:
                    87:f2:02:9c:dc:35:74:fa:6b:68:d7:ea:c3:25:53:
                    8b:0a:75:75:6c:3e:4d:5c:e5:6b:40:c4:d1:73:e7:
                    92:7f:46:6e:74:3a:21:d1:74:67:8d:c0:99:e3:05:
                    5a:ce:b3:60:98:bf:37:33:cb:6a:2c:2b:94:3e:6c:
                    74:c9:49:30:c3:74:91:25:0f:2f:ef:30:1d:cf:91:
                    c3:80:1c:92:09:e7:4d:d1:eb:f7:9c:ce:f4:50:1f:
                    47:00:db:ef:22:2b:e2:66:40:5f:10:b9:c7:2f:7e:
                    10:d3:f6:c7:35:d3:26:63:76:53:96:f8:11:fc:cb:
                    33:26:b3:fe:8e:2a:fe:0d:73:8f:e3:ff:6b:43:e2:
                    0d:b7:5b:73:b8:0b:47:0a:11:ef:71:4e:27:f3:51:
                    ee:44:29:09:12:d9:e1:21:ef:3c:f8:72:94:bf:8a:
                    e1:a4:a5:06:da:d5:e3:c6:e2:0f:15:e4:f1:ac:20:
                    e8:65:e8:d2:d9:4b:32:73:69:af:a0:c8:64:61:a9:
                    24:20:a2:d0:1b:9e:e5:49:28:6c:a6:3c:79:0f:1b:
                    6b:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:C6:29:BB:88:99:BB:24:67:23:19:B1:0D:BE:82:07:2C:FD:54:F9
            X509v3 Authority Key Identifier:
                keyid:2B:17:07:88:97:94:CE:A0:62:2B:D4:92:1D:6B:DB:DD:56:EF:0B:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxcHiJeUzqBiK9SSHWvb3VbvCwY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bacc77-df30-4941-be33-dcb5b9e88e9a/1/N8Ypu4iZuyRnIxmxDb6CByz9VPk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bacc77-df30-4941-be33-dcb5b9e88e9a/1/KxcHiJeUzqBiK9SSHWvb3VbvCwY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.97.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:64:68:ee:61:cc:31:01:7f:4e:fc:8e:15:95:21:32:7b:5e:
         c6:07:bb:5a:72:3e:5b:8c:4f:47:5e:0f:c2:b3:66:c2:0e:91:
         6b:b8:b9:d8:91:92:28:fd:fa:89:64:49:aa:5f:95:82:08:bb:
         76:9f:aa:e3:66:e7:fe:62:25:71:7c:c1:a4:f6:4e:3b:f2:fb:
         42:d3:7c:65:d1:e7:57:0d:e7:e3:31:ea:38:6f:29:18:91:42:
         2f:32:d4:a2:f0:ae:60:46:95:79:19:aa:ea:19:e6:d4:ec:4d:
         bc:23:32:81:54:22:1b:b5:a1:1c:55:98:17:6d:aa:72:43:f5:
         07:64:4c:39:13:84:a5:f6:8f:67:c7:1c:3a:0d:b2:b5:4b:46:
         b4:cd:32:f6:67:de:9a:df:46:b5:54:58:c7:98:e9:4a:b9:2e:
         c3:a1:3f:cf:10:6c:73:7e:20:78:6e:fb:8e:f0:6a:68:06:6d:
         22:f8:e4:ee:d5:b7:ba:cf:94:61:fb:79:bb:76:fb:a1:63:a9:
         0a:75:b2:49:5f:4e:ed:62:bc:50:2c:1c:38:74:c5:58:1f:f6:
         1a:57:19:f7:cc:79:16:bd:3e:49:c3:ba:45:de:c8:b5:46:1b:
         28:b1:d3:f2:66:dd:12:d9:01:66:ea:cf:22:82:80:1c:f6:b2:
         c2:0b:5c:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0WkNlkM0g4+nS5jj/aZOdyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTcwNzg4OTc5NGNlYTA2MjJiZDQ5MjFkNmJkYmRkNTZl
ZjBiMDYwHhcNMjQwMTE3MDgzNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2M2MjliYjg4OTliYjI0NjcyMzE5YjEwZGJlODIwNzJjZmQ1NGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHjeF8jMjpf5zHCuL9XfbUq9SC/W
HdJiYd8Ht3++JXHLjBJgRFv1bw8rqn+H8gKc3DV0+mto1+rDJVOLCnV1bD5NXOVr
QMTRc+eSf0ZudDoh0XRnjcCZ4wVazrNgmL83M8tqLCuUPmx0yUkww3SRJQ8v7zAd
z5HDgBySCedN0ev3nM70UB9HANvvIiviZkBfELnHL34Q0/bHNdMmY3ZTlvgR/Msz
JrP+jir+DXOP4/9rQ+INt1tzuAtHChHvcU4n81HuRCkJEtnhIe88+HKUv4rhpKUG
2tXjxuIPFeTxrCDoZejS2Usyc2mvoMhkYakkIKLQG57lSShspjx5Dxtr3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDfGKbuImbskZyMZsQ2+ggcs/VT5MB8GA1UdIwQY
MBaAFCsXB4iXlM6gYivUkh1r291W7wsGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hjSGlKZVV6cUJpSzlTU0hXdmIzVmJ2Q3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9iYWNjNzctZGYzMC00OTQxLWJlMzMt
ZGNiNWI5ZTg4ZTlhLzEvTjhZcHU0aVp1eVJuSXhteERiNkNCeXo5VlBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9iYWNjNzctZGYzMC00OTQxLWJlMzMtZGNiNWI5ZTg4ZTlh
LzEvS3hjSGlKZVV6cUJpSzlTU0hXdmIzVmJ2Q3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU2FIMA0G
CSqGSIb3DQEBCwUAA4IBAQByZGjuYcwxAX9O/I4VlSEye17GB7tacj5bjE9HXg/C
s2bCDpFruLnYkZIo/fqJZEmqX5WCCLt2n6rjZuf+YiVxfMGk9k478vtC03xl0edX
DefjMeo4bykYkUIvMtSi8K5gRpV5GarqGebU7E28IzKBVCIbtaEcVZgXbapyQ/UH
ZEw5E4Sl9o9nxxw6DbK1S0a0zTL2Z96a30a1VFjHmOlKuS7DoT/PEGxzfiB4bvuO
8GpoBm0i+OTu1be6z5Rh+3m7dvuhY6kKdbJJX07tYrxQLBw4dMVYH/YaVxn3zHkW
vT5Jw7pF3si1RhsosdPyZt0S2QFm6s8igoAc9rLCC1wJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:49 2024 by rpki-client on console-fra.rpki-client.org