Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/acb956-e1b5-4682-80b8-e7232f8448b0/1/lUWNE9YMWQObayOdZLf0FyRpP8s.roa
File:                     lUWNE9YMWQObayOdZLf0FyRpP8s.roa (raw, json)
Hash identifier:          WkJUJowgesMAZgsYOwpwn45K3DZSkBkVc3QJGNwNbMo=
Subject key identifier:   95:45:8D:13:D6:0C:59:03:9B:6B:23:9D:64:B7:F4:17:24:69:3F:CB
Certificate issuer:       /CN=877c20737116bc6d5e5b224931cf13dd7f79f95b
Certificate serial:       01856F5481A6949884A7982FC7AB6DA6CF77
Authority key identifier: 87:7C:20:73:71:16:BC:6D:5E:5B:22:49:31:CF:13:DD:7F:79:F9:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h3wgc3EWvG1eWyJJMc8T3X95-Vs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/acb956-e1b5-4682-80b8-e7232f8448b0/1/lUWNE9YMWQObayOdZLf0FyRpP8s.roa
Signing time:             Sun 01 Jan 2023 21:54:47 +0000
ROA not before:           Sun 01 Jan 2023 21:54:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25540
IP address blocks:        185.13.214.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:54:81:a6:94:98:84:a7:98:2f:c7:ab:6d:a6:cf:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=877c20737116bc6d5e5b224931cf13dd7f79f95b
        Validity
            Not Before: Jan  1 21:54:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=95458d13d60c59039b6b239d64b7f41724693fcb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:af:8f:81:b6:f1:28:ad:c7:25:cb:55:80:23:
                    da:d0:ce:55:da:98:e2:05:ee:c4:de:95:71:ee:c6:
                    a1:1c:3f:4b:dc:ab:15:9a:cd:ac:eb:b6:65:e9:3a:
                    f7:0e:6e:bc:51:ad:9c:03:29:1e:b7:d9:97:54:66:
                    b9:88:17:44:12:69:da:a3:74:29:bf:5c:34:e2:58:
                    3c:69:8b:81:39:dd:7a:fa:3e:b5:ff:1a:ed:d1:fe:
                    b7:69:9d:e7:93:13:01:bb:aa:29:fe:e8:49:0a:af:
                    5c:b3:1e:dd:5e:b6:05:e5:2e:99:4c:2e:fc:43:17:
                    2d:3f:e6:cf:2f:9b:d8:1c:91:a3:67:4e:f5:69:d5:
                    02:04:04:9f:24:a7:f1:7b:4f:a9:4f:8a:03:5a:cb:
                    68:fb:65:5f:f3:a5:5e:6b:0d:c4:4e:ac:b7:5a:06:
                    65:a2:d2:cf:72:cd:81:55:16:cf:6f:0e:3c:61:d0:
                    8d:fd:e8:91:76:01:3c:25:51:ee:77:1e:1b:42:64:
                    65:e7:a4:69:4a:6a:8b:fd:c2:c6:d1:59:b2:71:b1:
                    4a:d0:7e:11:d3:e2:5c:aa:63:f5:49:a4:51:ed:4b:
                    27:94:24:9d:a2:2d:9d:91:87:14:01:62:56:83:01:
                    55:96:17:f7:70:75:56:40:e6:1f:27:d1:cc:e9:9c:
                    fd:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:45:8D:13:D6:0C:59:03:9B:6B:23:9D:64:B7:F4:17:24:69:3F:CB
            X509v3 Authority Key Identifier:
                keyid:87:7C:20:73:71:16:BC:6D:5E:5B:22:49:31:CF:13:DD:7F:79:F9:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3wgc3EWvG1eWyJJMc8T3X95-Vs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/acb956-e1b5-4682-80b8-e7232f8448b0/1/lUWNE9YMWQObayOdZLf0FyRpP8s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/acb956-e1b5-4682-80b8-e7232f8448b0/1/h3wgc3EWvG1eWyJJMc8T3X95-Vs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.13.214.0/23

    Signature Algorithm: sha256WithRSAEncryption
         09:b1:67:86:d4:73:54:8b:11:04:74:48:7f:5c:c0:32:0a:a7:
         dc:5c:2b:61:ac:5a:71:d8:88:94:9e:ae:9d:78:95:9f:0e:b9:
         bc:32:f1:25:40:87:1c:7d:43:aa:1c:40:87:09:7e:1d:87:f9:
         33:06:60:68:37:cb:cf:65:09:ec:fe:1b:a4:59:ec:22:31:b3:
         22:50:b4:a9:17:b6:aa:8a:27:f1:01:03:c8:7a:01:8f:e4:1f:
         2f:d7:6f:4a:db:5c:b1:e7:43:02:49:3a:27:af:c8:61:52:42:
         a5:0b:fb:11:11:07:cc:2b:5a:fa:b3:09:6b:38:88:07:01:66:
         fd:ed:6b:d0:ec:53:b0:60:d3:ae:f9:3c:70:01:83:dd:a5:1e:
         2c:51:82:b3:06:7b:20:6a:2f:61:b7:f0:6e:e5:f0:48:c6:3d:
         2d:3c:5d:79:aa:de:07:11:65:e5:41:05:d6:ab:22:51:bd:90:
         5e:9b:8f:4c:58:63:67:ab:bd:50:4c:58:64:9f:3f:fa:37:cd:
         de:75:cb:18:06:7e:7d:49:2a:df:e3:19:04:86:df:5b:35:77:
         df:ba:90:1e:59:90:f7:4c:14:71:88:a8:32:13:e9:db:2d:10:
         82:fa:93:de:b9:73:67:d6:37:95:9f:18:5b:5b:e0:a8:41:9e:
         ac:e1:a6:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvVIGmlJiEp5gvx6ttps93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3N2MyMDczNzExNmJjNmQ1ZTViMjI0OTMxY2YxM2RkN2Y3
OWY5NWIwHhcNMjMwMTAxMjE1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTQ1OGQxM2Q2MGM1OTAzOWI2YjIzOWQ2NGI3ZjQxNzI0NjkzZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnq+PgbbxKK3HJctVgCPa0M5V2pji
Be7E3pVx7sahHD9L3KsVms2s67Zl6Tr3Dm68Ua2cAyket9mXVGa5iBdEEmnao3Qp
v1w04lg8aYuBOd16+j61/xrt0f63aZ3nkxMBu6op/uhJCq9csx7dXrYF5S6ZTC78
QxctP+bPL5vYHJGjZ071adUCBASfJKfxe0+pT4oDWsto+2Vf86Veaw3ETqy3WgZl
otLPcs2BVRbPbw48YdCN/eiRdgE8JVHudx4bQmRl56RpSmqL/cLG0VmycbFK0H4R
0+JcqmP1SaRR7UsnlCSdoi2dkYcUAWJWgwFVlhf3cHVWQOYfJ9HM6Zz9EQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJVFjRPWDFkDm2sjnWS39BckaT/LMB8GA1UdIwQY
MBaAFId8IHNxFrxtXlsiSTHPE91/eflbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDN3Z2MzRVd2RzFlV3lKSk1jOFQzWDk1LVZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hY2I5NTYtZTFiNS00NjgyLTgwYjgt
ZTcyMzJmODQ0OGIwLzEvbFVXTkU5WU1XUU9iYXlPZFpMZjBGeVJwUDhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hY2I5NTYtZTFiNS00NjgyLTgwYjgtZTcyMzJmODQ0OGIw
LzEvaDN3Z2MzRVd2RzFlV3lKSk1jOFQzWDk1LVZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuQ3WMA0G
CSqGSIb3DQEBCwUAA4IBAQAJsWeG1HNUixEEdEh/XMAyCqfcXCthrFpx2IiUnq6d
eJWfDrm8MvElQIccfUOqHECHCX4dh/kzBmBoN8vPZQns/hukWewiMbMiULSpF7aq
iifxAQPIegGP5B8v129K21yx50MCSTonr8hhUkKlC/sREQfMK1r6swlrOIgHAWb9
7WvQ7FOwYNOu+TxwAYPdpR4sUYKzBnsgai9ht/Bu5fBIxj0tPF15qt4HEWXlQQXW
qyJRvZBem49MWGNnq71QTFhknz/6N83edcsYBn59SSrf4xkEht9bNXffupAeWZD3
TBRxiKgyE+nbLRCC+pPeuXNn1jeVnxhbW+CoQZ6s4aaQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:43 2024 by rpki-client on console-fra.rpki-client.org