Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/Ft8h2C6_hBc0xpyUsf-dNqSAACU.roa
File:                     Ft8h2C6_hBc0xpyUsf-dNqSAACU.roa (raw, json)
Hash identifier:          1KeBenZ96FHsUOZgqeSXyqhcozMm8QDaTX4lD6dxWTM=
Subject key identifier:   16:DF:21:D8:2E:BF:84:17:34:C6:9C:94:B1:FF:9D:36:A4:80:00:25
Certificate issuer:       /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial:       018B7D78459B61BC9A58EFDA4FF747F938DB
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/Ft8h2C6_hBc0xpyUsf-dNqSAACU.roa
Signing time:             Sun 29 Oct 2023 22:05:15 +0000
ROA not before:           Sun 29 Oct 2023 22:05:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15828
IP address blocks:        128.65.164.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:7d:78:45:9b:61:bc:9a:58:ef:da:4f:f7:47:f9:38:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
        Validity
            Not Before: Oct 29 22:05:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=16df21d82ebf841734c69c94b1ff9d36a4800025
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:ec:1e:d0:02:33:f1:5c:81:62:03:ee:7d:da:
                    4d:64:c0:02:72:ce:75:32:34:94:ab:a4:10:27:0f:
                    0e:ac:e4:3d:e1:7b:f7:94:7c:2a:5e:2a:a3:57:95:
                    34:10:9d:19:54:51:87:f9:aa:bb:08:30:ad:72:00:
                    56:7e:89:48:6e:1b:e0:99:90:df:6f:2a:2a:80:70:
                    9c:c9:d5:c5:0d:ff:a2:8e:6d:ec:12:33:2a:61:b9:
                    dc:2e:25:1f:f5:e2:a2:46:57:55:1f:3c:57:7f:0c:
                    47:2f:2a:01:63:19:08:dc:10:b4:93:83:f2:fb:91:
                    97:87:95:10:cd:99:31:53:f0:0c:2a:03:77:17:8a:
                    67:a6:f1:d6:2a:ed:53:0d:d9:60:86:51:1c:3b:84:
                    99:d7:8d:0f:a5:40:5c:1e:da:87:25:5d:36:de:80:
                    2a:78:de:00:80:a1:0c:ef:14:1b:74:ea:0a:ef:36:
                    f9:da:11:a5:08:64:1e:91:5e:ff:e5:58:30:53:0d:
                    b7:c4:da:70:5f:5b:e2:62:b6:b7:b6:20:f0:e7:49:
                    5b:f2:48:05:ee:e0:f9:94:b1:36:a4:3e:2b:45:ae:
                    d8:0e:4a:19:b3:24:87:d2:a1:1d:fd:9c:cc:6b:70:
                    36:ae:a4:f0:5c:e9:78:bb:6d:91:f5:6f:3e:62:2a:
                    d4:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:DF:21:D8:2E:BF:84:17:34:C6:9C:94:B1:FF:9D:36:A4:80:00:25
            X509v3 Authority Key Identifier:
                keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/Ft8h2C6_hBc0xpyUsf-dNqSAACU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  128.65.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:23:79:a4:df:37:f0:52:15:7c:ff:79:e6:6d:ac:99:61:13:
         1d:26:a2:23:34:de:1b:3a:0c:41:d5:7c:45:39:15:6c:1d:af:
         61:68:d8:47:3a:c5:92:6f:00:89:79:d6:bb:23:db:e1:d2:6b:
         a2:f1:86:71:7a:ef:9e:05:b4:25:42:74:9f:e6:5a:69:5f:c5:
         9e:af:8c:1b:30:73:cd:00:0e:c7:85:17:1c:4e:48:60:87:0a:
         71:a3:5f:b7:b8:ae:8d:2a:b4:f4:6d:7d:d2:e8:dc:74:35:e4:
         2b:b6:06:6a:26:fc:16:22:4a:12:c8:99:bc:d1:bb:de:d7:29:
         de:d0:d7:8d:83:98:0a:b2:2b:81:4d:29:34:a6:ae:cb:e7:97:
         58:93:e1:a0:1e:b0:99:62:94:34:99:6a:94:0d:1e:e9:de:37:
         72:32:85:60:d4:a6:b4:b0:7e:d9:a5:9f:a0:90:16:b0:ae:16:
         29:58:4d:4b:65:c7:6a:42:a2:9e:70:7c:cd:a4:af:c6:41:51:
         a1:d8:af:b9:0f:d1:c1:13:90:ab:29:56:ab:a4:c7:c5:c9:17:
         5a:86:1e:b9:f1:0f:9d:66:b3:30:36:87:3d:19:95:94:2f:2b:
         d0:e0:76:ad:81:bf:9e:d1:f4:41:64:06:8d:a1:6f:ac:cf:28:
         00:c9:34:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYt9eEWbYbyaWO/aT/dH+TjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjMxMDI5MjIwNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmRmMjFkODJlYmY4NDE3MzRjNjljOTRiMWZmOWQzNmE0ODAwMDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlewe0AIz8VyBYgPufdpNZMACcs51
MjSUq6QQJw8OrOQ94Xv3lHwqXiqjV5U0EJ0ZVFGH+aq7CDCtcgBWfolIbhvgmZDf
byoqgHCcydXFDf+ijm3sEjMqYbncLiUf9eKiRldVHzxXfwxHLyoBYxkI3BC0k4Py
+5GXh5UQzZkxU/AMKgN3F4pnpvHWKu1TDdlghlEcO4SZ140PpUBcHtqHJV023oAq
eN4AgKEM7xQbdOoK7zb52hGlCGQekV7/5VgwUw23xNpwX1viYra3tiDw50lb8kgF
7uD5lLE2pD4rRa7YDkoZsySH0qEd/ZzMa3A2rqTwXOl4u22R9W8+YirUiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBbfIdguv4QXNMaclLH/nTakgAAlMB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvRnQ4aDJDNl9oQmMweHB5VXNmLWROcVNBQUNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgEGkMA0G
CSqGSIb3DQEBCwUAA4IBAQBCI3mk3zfwUhV8/3nmbayZYRMdJqIjNN4bOgxB1XxF
ORVsHa9haNhHOsWSbwCJeda7I9vh0mui8YZxeu+eBbQlQnSf5lppX8Wer4wbMHPN
AA7HhRccTkhghwpxo1+3uK6NKrT0bX3S6Nx0NeQrtgZqJvwWIkoSyJm80bve1yne
0NeNg5gKsiuBTSk0pq7L55dYk+GgHrCZYpQ0mWqUDR7p3jdyMoVg1Ka0sH7ZpZ+g
kBawrhYpWE1LZcdqQqKecHzNpK/GQVGh2K+5D9HBE5CrKVarpMfFyRdahh658Q+d
ZrMwNoc9GZWULyvQ4Hatgb+e0fRBZAaNoW+szygAyTRQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:24 2024 by rpki-client on console-ams.rpki-client.org