Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/loLgzG4FwuakWxaN7v3fU7CBddk.roa
File:                     loLgzG4FwuakWxaN7v3fU7CBddk.roa (raw, json)
Hash identifier:          6J2aMl0TM2hRxpWdCCBLJED6OASJmAN4ge9quQ0fpKo=
Subject key identifier:   96:82:E0:CC:6E:05:C2:E6:A4:5B:16:8D:EE:FD:DF:53:B0:81:75:D9
Certificate issuer:       /CN=5e8d3c0b6414c9c86e3c94a714dfb269cb5e9169
Certificate serial:       01856CF8716EB6EA41CA4F6FFA541F7B1001
Authority key identifier: 5E:8D:3C:0B:64:14:C9:C8:6E:3C:94:A7:14:DF:B2:69:CB:5E:91:69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xo08C2QUychuPJSnFN-yactekWk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/loLgzG4FwuakWxaN7v3fU7CBddk.roa
Signing time:             Sun 01 Jan 2023 10:54:59 +0000
ROA not before:           Sun 01 Jan 2023 10:54:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2484
IP address blocks:        194.0.9.0/24 maxlen: 24
                          2001:678:c::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:f8:71:6e:b6:ea:41:ca:4f:6f:fa:54:1f:7b:10:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e8d3c0b6414c9c86e3c94a714dfb269cb5e9169
        Validity
            Not Before: Jan  1 10:54:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9682e0cc6e05c2e6a45b168deefddf53b08175d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:1e:31:65:74:a7:c7:dc:48:0b:d6:6d:41:ec:
                    22:0e:e7:05:3b:ea:cb:ba:d0:48:b7:7d:a2:18:04:
                    bb:95:f3:ec:24:c0:ec:a2:f5:26:17:21:68:91:ba:
                    24:7a:bc:4a:68:00:f0:e8:28:e3:e1:1a:12:e9:c6:
                    aa:3d:eb:43:91:4d:5d:2b:c4:b8:ad:e9:e7:91:37:
                    99:a1:2d:97:42:a1:8e:b2:91:7c:97:f4:6a:a5:4d:
                    53:c7:95:42:dc:0a:ea:e2:41:ca:90:db:f3:5b:05:
                    95:ba:c0:3f:99:80:e4:95:2f:92:d1:0a:d4:b5:13:
                    da:22:3a:23:7d:70:98:fb:f1:74:9b:3b:31:05:76:
                    02:ba:73:6d:da:a0:51:5d:a3:61:d9:ab:05:8d:1d:
                    a4:53:bc:38:4c:40:78:ff:16:e2:de:f1:31:33:88:
                    2e:34:1d:4c:e9:62:ea:4d:4d:65:5b:83:79:27:28:
                    61:d8:96:c4:b3:b5:ba:3a:2c:f0:96:42:82:96:95:
                    f1:12:f5:f1:25:80:75:41:b2:36:88:ae:22:4b:b4:
                    d8:9f:fb:6e:33:67:70:7e:d2:e0:af:04:dc:f3:e7:
                    b6:76:6d:4f:d5:3a:18:f0:f7:33:21:2a:1f:55:5e:
                    0f:5f:bb:01:e3:61:51:48:5e:f6:46:cf:a6:d8:be:
                    c7:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:82:E0:CC:6E:05:C2:E6:A4:5B:16:8D:EE:FD:DF:53:B0:81:75:D9
            X509v3 Authority Key Identifier:
                keyid:5E:8D:3C:0B:64:14:C9:C8:6E:3C:94:A7:14:DF:B2:69:CB:5E:91:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xo08C2QUychuPJSnFN-yactekWk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/loLgzG4FwuakWxaN7v3fU7CBddk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/Xo08C2QUychuPJSnFN-yactekWk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.0.9.0/24
                IPv6:
                  2001:678:c::/48

    Signature Algorithm: sha256WithRSAEncryption
         4a:64:36:48:c7:6f:05:d6:07:00:91:86:bc:be:87:a2:8a:43:
         35:70:1b:97:80:df:74:1d:db:58:38:9c:79:08:0a:63:ed:cf:
         41:86:49:8e:e4:88:4a:1f:e0:00:88:6c:37:aa:32:02:82:48:
         2d:97:aa:94:9e:e0:43:29:fd:b3:d2:91:1e:ad:f4:7a:1b:a9:
         ca:04:da:36:cd:78:ba:e3:ab:88:62:bb:17:13:f6:7d:87:c7:
         a0:8e:23:28:d1:a1:d5:d9:f8:75:bb:3a:fe:dd:c0:f8:cd:6d:
         27:58:08:e6:4f:9c:e4:cb:a5:4e:ef:84:45:02:10:5b:67:76:
         c4:50:f4:6a:76:72:e7:a4:68:38:7d:e6:13:71:c0:6a:1d:e5:
         d9:1a:1b:03:fa:81:67:de:ab:3f:89:00:c1:ce:5c:4f:30:d8:
         41:2f:b9:65:c8:42:2c:35:24:7b:28:94:27:a5:d3:b4:c4:5b:
         d5:f6:ff:5b:df:4b:61:ce:88:5a:e0:ef:a6:7c:91:b7:01:20:
         92:8f:72:51:e1:ce:7d:c1:77:24:c7:12:0e:0c:fd:77:89:97:
         74:0b:af:32:28:70:52:cb:92:60:6a:1c:df:48:74:97:61:78:
         aa:ca:9d:f7:29:34:e5:8e:77:f3:34:9e:7f:47:47:5d:32:0d:
         2d:32:6b:82
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVs+HFutupByk9v+lQfexABMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOGQzYzBiNjQxNGM5Yzg2ZTNjOTRhNzE0ZGZiMjY5Y2I1
ZTkxNjkwHhcNMjMwMTAxMTA1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjgyZTBjYzZlMDVjMmU2YTQ1YjE2OGRlZWZkZGY1M2IwODE3NWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAix4xZXSnx9xIC9ZtQewiDucFO+rL
utBIt32iGAS7lfPsJMDsovUmFyFokbokerxKaADw6Cjj4RoS6caqPetDkU1dK8S4
rennkTeZoS2XQqGOspF8l/RqpU1Tx5VC3Arq4kHKkNvzWwWVusA/mYDklS+S0QrU
tRPaIjojfXCY+/F0mzsxBXYCunNt2qBRXaNh2asFjR2kU7w4TEB4/xbi3vExM4gu
NB1M6WLqTU1lW4N5Jyhh2JbEs7W6OizwlkKClpXxEvXxJYB1QbI2iK4iS7TYn/tu
M2dwftLgrwTc8+e2dm1P1ToY8PczISofVV4PX7sB42FRSF72Rs+m2L7HFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJaC4MxuBcLmpFsWje7931OwgXXZMB8GA1UdIwQY
MBaAFF6NPAtkFMnIbjyUpxTfsmnLXpFpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG8wOEMyUVV5Y2h1UEpTbkZOLXlhY3Rla1drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9lYzM1MzEtODJmOC00YjRkLWI1OTAt
MjM0MzA5NTA2MDljLzEvbG9MZ3pHNEZ3dWFrV3hhTjd2M2ZVN0NCZGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9lYzM1MzEtODJmOC00YjRkLWI1OTAtMjM0MzA5NTA2MDlj
LzEvWG8wOEMyUVV5Y2h1UEpTbkZOLXlhY3Rla1drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwgAJMA8E
AgACMAkDBwAgAQZ4AAwwDQYJKoZIhvcNAQELBQADggEBAEpkNkjHbwXWBwCRhry+
h6KKQzVwG5eA33Qd21g4nHkICmPtz0GGSY7kiEof4ACIbDeqMgKCSC2XqpSe4EMp
/bPSkR6t9HobqcoE2jbNeLrjq4hiuxcT9n2Hx6COIyjRodXZ+HW7Ov7dwPjNbSdY
COZPnOTLpU7vhEUCEFtndsRQ9Gp2cuekaDh95hNxwGod5dkaGwP6gWfeqz+JAMHO
XE8w2EEvuWXIQiw1JHsolCel07TEW9X2/1vfS2HOiFrg76Z8kbcBIJKPclHhzn3B
dyTHEg4M/XeJl3QLrzIocFLLkmBqHN9IdJdheKrKnfcpNOWOd/M0nn9HR10yDS0y
a4I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:50 2024 by rpki-client on console-ams.rpki-client.org