Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/lfLgJERBamRSHiG7PjYjcRq72Xk.roa
File:                     lfLgJERBamRSHiG7PjYjcRq72Xk.roa (raw, json)
Hash identifier:          VTVsw9mAWjBc/f3K7DZd3bHcd6s0vXpKOwjlYMwDhS8=
Subject key identifier:   95:F2:E0:24:44:41:6A:64:52:1E:21:BB:3E:36:23:71:1A:BB:D9:79
Certificate issuer:       /CN=ad109dee6fbdc256df911460ccc915d066a8ff8b
Certificate serial:       01856F66F3DDD3CE8510F34CC2A34A1CA228
Authority key identifier: AD:10:9D:EE:6F:BD:C2:56:DF:91:14:60:CC:C9:15:D0:66:A8:FF:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rRCd7m-9wlbfkRRgzMkV0Gao_4s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/lfLgJERBamRSHiG7PjYjcRq72Xk.roa
Signing time:             Sun 01 Jan 2023 22:14:56 +0000
ROA not before:           Sun 01 Jan 2023 22:14:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5414
IP address blocks:        84.20.93.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:66:f3:dd:d3:ce:85:10:f3:4c:c2:a3:4a:1c:a2:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad109dee6fbdc256df911460ccc915d066a8ff8b
        Validity
            Not Before: Jan  1 22:14:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=95f2e02444416a64521e21bb3e3623711abbd979
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:7b:db:96:e1:7a:38:34:4f:8a:ad:5f:52:f2:
                    fe:c9:e5:40:58:54:e6:a6:e0:54:4d:b6:eb:f1:9f:
                    d6:eb:b3:1f:4d:d5:f0:14:0e:e9:c6:44:58:ff:c5:
                    91:1e:da:80:99:69:7e:1e:79:8a:17:1e:cf:70:84:
                    2e:e0:92:2e:ff:14:30:70:f2:c3:0e:34:2a:1b:0d:
                    b0:32:23:a8:e2:75:4b:03:a7:5d:c1:ad:b2:ef:99:
                    ed:dc:e3:9a:df:51:9c:bf:b9:0f:ab:88:08:fc:a3:
                    de:a3:8f:57:60:0d:6a:da:9d:85:84:66:a7:1b:28:
                    b4:ac:9a:13:c4:25:f9:9b:f3:b7:80:c3:bb:63:89:
                    ae:86:b2:15:f5:b5:e8:96:bc:1c:a7:5e:36:1c:9a:
                    0a:2f:26:95:08:c9:8b:8f:b8:6f:b7:e2:e6:29:4e:
                    ca:3f:6d:0a:13:10:6a:ef:60:2f:d5:4b:22:e3:09:
                    68:41:b3:61:72:d9:06:e2:30:1f:9d:5b:75:a4:e2:
                    be:83:ce:62:60:a9:bc:df:f3:e9:dd:86:db:94:7c:
                    cd:32:0c:4a:ee:91:75:ba:46:77:24:4a:4f:24:44:
                    3b:c5:ff:58:c3:86:af:9c:fb:38:71:a0:45:db:d6:
                    ff:b4:5e:94:5f:42:d8:1a:ad:cd:9f:97:3f:af:41:
                    7f:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:F2:E0:24:44:41:6A:64:52:1E:21:BB:3E:36:23:71:1A:BB:D9:79
            X509v3 Authority Key Identifier:
                keyid:AD:10:9D:EE:6F:BD:C2:56:DF:91:14:60:CC:C9:15:D0:66:A8:FF:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rRCd7m-9wlbfkRRgzMkV0Gao_4s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/lfLgJERBamRSHiG7PjYjcRq72Xk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/rRCd7m-9wlbfkRRgzMkV0Gao_4s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.20.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ba:93:62:41:8a:c7:ea:97:8c:70:da:c6:95:f2:31:54:07:22:
         4b:ad:e0:9b:34:70:97:31:78:e5:c5:b8:b7:0a:51:e0:08:6c:
         07:d0:62:ac:d3:5c:0a:8a:80:be:47:48:07:77:5a:f1:b0:c7:
         4c:f9:61:e5:c3:26:a9:65:0b:96:5f:42:7f:38:23:03:e2:8d:
         ba:f7:5b:10:0e:f2:04:3b:ec:71:04:a8:52:a0:64:94:e7:6d:
         fd:da:ae:0a:df:10:38:99:f3:e8:b0:10:0a:5e:9b:d8:d4:38:
         16:e3:80:9f:ba:2f:aa:49:65:b0:87:d2:2a:6b:8c:88:24:26:
         c3:54:13:88:69:88:e1:83:0e:82:33:ef:66:eb:1d:31:71:72:
         d6:57:70:6d:2c:0a:90:33:17:e2:e5:76:bd:83:32:34:48:6e:
         e5:2f:c4:97:26:10:8a:45:1f:c2:7d:c0:74:9f:12:63:68:86:
         2d:ab:07:3d:c9:e4:69:21:f1:ca:98:5c:dc:59:6a:ce:a3:43:
         4e:c6:e9:b6:43:42:68:e9:b1:3c:39:2c:8b:d0:74:9c:5d:b5:
         bb:db:d5:b9:f9:9b:18:3f:c7:67:8c:e7:66:3f:05:87:73:1b:
         9a:ba:b8:16:25:8b:53:48:50:a3:0b:d5:8b:9f:e0:b5:20:45:
         c0:b3:b1:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZvPd086FEPNMwqNKHKIoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMTA5ZGVlNmZiZGMyNTZkZjkxMTQ2MGNjYzkxNWQwNjZh
OGZmOGIwHhcNMjMwMTAxMjIxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWYyZTAyNDQ0NDE2YTY0NTIxZTIxYmIzZTM2MjM3MTFhYmJkOTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3vbluF6ODRPiq1fUvL+yeVAWFTm
puBUTbbr8Z/W67MfTdXwFA7pxkRY/8WRHtqAmWl+HnmKFx7PcIQu4JIu/xQwcPLD
DjQqGw2wMiOo4nVLA6ddwa2y75nt3OOa31Gcv7kPq4gI/KPeo49XYA1q2p2FhGan
Gyi0rJoTxCX5m/O3gMO7Y4muhrIV9bXolrwcp142HJoKLyaVCMmLj7hvt+LmKU7K
P20KExBq72Av1Usi4wloQbNhctkG4jAfnVt1pOK+g85iYKm83/Pp3YbblHzNMgxK
7pF1ukZ3JEpPJEQ7xf9Yw4avnPs4caBF29b/tF6UX0LYGq3Nn5c/r0F/lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJXy4CREQWpkUh4huz42I3Eau9l5MB8GA1UdIwQY
MBaAFK0Qne5vvcJW35EUYMzJFdBmqP+LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclJDZDdtLTl3bGJma1JSZ3pNa1YwR2FvXzRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi80NjE1YmUtZTU2Ni00MjUzLTgzZWYt
ZjY2MjZiNjMzODNlLzEvbGZMZ0pFUkJhbVJTSGlHN1BqWWpjUnE3MlhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi80NjE1YmUtZTU2Ni00MjUzLTgzZWYtZjY2MjZiNjMzODNl
LzEvclJDZDdtLTl3bGJma1JSZ3pNa1YwR2FvXzRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVBRdMA0G
CSqGSIb3DQEBCwUAA4IBAQC6k2JBisfql4xw2saV8jFUByJLreCbNHCXMXjlxbi3
ClHgCGwH0GKs01wKioC+R0gHd1rxsMdM+WHlwyapZQuWX0J/OCMD4o2691sQDvIE
O+xxBKhSoGSU52392q4K3xA4mfPosBAKXpvY1DgW44Cfui+qSWWwh9Iqa4yIJCbD
VBOIaYjhgw6CM+9m6x0xcXLWV3BtLAqQMxfi5Xa9gzI0SG7lL8SXJhCKRR/CfcB0
nxJjaIYtqwc9yeRpIfHKmFzcWWrOo0NOxum2Q0Jo6bE8OSyL0HScXbW729W5+ZsY
P8dnjOdmPwWHcxuaurgWJYtTSFCjC9WLn+C1IEXAs7EB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:14 2024 by rpki-client on console-ams.rpki-client.org