Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/e_OKZVZGzf0v_lvp9NbsWOCBRQg.roa
File:                     e_OKZVZGzf0v_lvp9NbsWOCBRQg.roa (raw, json)
Hash identifier:          UvVfBpB3WqHkg3zagR1dQaulKVWBYorihLShk5I/+90=
Subject key identifier:   7B:F3:8A:65:56:46:CD:FD:2F:FE:5B:E9:F4:D6:EC:58:E0:81:45:08
Certificate issuer:       /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial:       0186A85496E7FD08AE4284BA20BDE91CD64A
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/e_OKZVZGzf0v_lvp9NbsWOCBRQg.roa
Signing time:             Fri 03 Mar 2023 16:36:00 +0000
ROA not before:           Fri 03 Mar 2023 16:36:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208626
IP address blocks:        2.58.98.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:a8:54:96:e7:fd:08:ae:42:84:ba:20:bd:e9:1c:d6:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
        Validity
            Not Before: Mar  3 16:36:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7bf38a655646cdfd2ffe5be9f4d6ec58e0814508
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:d5:68:73:28:e0:08:6b:23:3d:52:a8:bd:9d:
                    e6:43:c5:90:41:38:2b:63:cf:77:3c:14:a6:a3:d2:
                    27:5b:ea:26:b6:d5:42:42:0d:98:ed:8e:1f:f5:8c:
                    ee:bf:73:4b:e7:41:61:43:d5:8b:ce:13:95:46:d5:
                    1b:99:c7:cd:d2:da:09:87:4f:48:ae:39:00:18:cf:
                    9a:c4:1b:ee:04:28:52:7c:1a:00:d0:25:18:5c:1b:
                    00:d7:03:6d:50:d8:01:ac:ea:e0:81:48:f9:da:7f:
                    0d:81:63:ff:03:86:89:9c:7c:e6:ac:89:b6:8b:50:
                    ea:26:ba:e9:93:16:07:17:da:f5:9f:3b:a5:ca:7d:
                    7e:61:2f:70:38:89:f8:76:f3:72:b5:0d:14:c2:9e:
                    5c:f5:9f:18:ff:1e:5d:4e:98:4d:19:35:67:7d:fc:
                    0f:29:e5:ae:0c:b8:27:4c:1d:f4:63:86:8f:98:8e:
                    70:db:5a:53:8c:80:70:51:1c:46:13:c2:aa:26:95:
                    df:d5:a8:8a:84:32:6e:e3:64:83:94:36:c0:a6:e1:
                    45:9c:46:0e:bf:4c:8c:96:46:84:69:85:ea:0f:ba:
                    d3:3b:ea:9c:21:33:7c:8d:1a:87:a2:7f:8c:a0:92:
                    fe:41:43:71:71:a8:0e:90:9a:0b:98:74:2a:11:95:
                    08:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:F3:8A:65:56:46:CD:FD:2F:FE:5B:E9:F4:D6:EC:58:E0:81:45:08
            X509v3 Authority Key Identifier:
                keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/e_OKZVZGzf0v_lvp9NbsWOCBRQg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:2c:52:93:c9:72:93:0a:4a:a3:04:f9:3f:1d:3d:a0:84:cf:
         3c:19:2c:19:7e:34:58:9d:30:83:6e:d4:8a:24:22:78:a9:c6:
         cb:af:ca:f6:80:19:4a:e7:9c:a2:70:1b:a3:d4:d0:f9:f8:41:
         7e:80:f8:46:6a:cf:6b:d6:26:8a:77:9d:74:3a:05:07:ce:7f:
         fd:9d:0f:61:ec:e1:9b:72:9d:47:a4:04:54:5e:2e:98:3d:90:
         bc:29:13:8f:93:65:01:e0:64:ff:60:91:36:fd:f7:2d:44:25:
         7a:e8:21:c3:7e:76:07:cf:b4:3f:bd:f9:10:4d:88:fb:71:6f:
         58:6e:6e:e3:b4:9c:34:9e:2e:2d:27:9d:e0:ba:87:80:89:5b:
         c7:4a:52:f4:da:fa:92:e6:50:33:74:e7:d6:e9:e9:34:48:bb:
         12:b9:2f:70:de:e2:cf:20:d2:60:99:ed:a6:6c:bf:2f:1a:d9:
         9f:d5:7c:7f:b5:aa:c3:a7:3f:54:69:fc:b7:96:66:bb:34:e4:
         bf:4a:fe:97:08:22:2e:b9:04:9e:74:5a:1d:82:c2:65:b8:fc:
         46:fa:c9:52:46:56:39:14:d4:29:f5:e1:ef:97:79:ca:27:91:
         b8:7b:24:0a:08:b4:e1:b1:55:f7:e3:91:6f:7b:76:4c:14:d8:
         e0:78:62:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaoVJbn/QiuQoS6IL3pHNZKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjMwMzAzMTYzNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmYzOGE2NTU2NDZjZGZkMmZmZTViZTlmNGQ2ZWM1OGUwODE0NTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptVocyjgCGsjPVKovZ3mQ8WQQTgr
Y893PBSmo9InW+omttVCQg2Y7Y4f9Yzuv3NL50FhQ9WLzhOVRtUbmcfN0toJh09I
rjkAGM+axBvuBChSfBoA0CUYXBsA1wNtUNgBrOrggUj52n8NgWP/A4aJnHzmrIm2
i1DqJrrpkxYHF9r1nzulyn1+YS9wOIn4dvNytQ0Uwp5c9Z8Y/x5dTphNGTVnffwP
KeWuDLgnTB30Y4aPmI5w21pTjIBwURxGE8KqJpXf1aiKhDJu42SDlDbApuFFnEYO
v0yMlkaEaYXqD7rTO+qcITN8jRqHon+MoJL+QUNxcagOkJoLmHQqEZUIjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHvzimVWRs39L/5b6fTW7FjggUUIMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvZV9PS1pWWkd6ZjB2X2x2cDlOYnNXT0NCUlFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjpiMA0G
CSqGSIb3DQEBCwUAA4IBAQByLFKTyXKTCkqjBPk/HT2ghM88GSwZfjRYnTCDbtSK
JCJ4qcbLr8r2gBlK55yicBuj1ND5+EF+gPhGas9r1iaKd510OgUHzn/9nQ9h7OGb
cp1HpARUXi6YPZC8KROPk2UB4GT/YJE2/fctRCV66CHDfnYHz7Q/vfkQTYj7cW9Y
bm7jtJw0ni4tJ53guoeAiVvHSlL02vqS5lAzdOfW6ek0SLsSuS9w3uLPINJgme2m
bL8vGtmf1Xx/tarDpz9Uafy3lma7NOS/Sv6XCCIuuQSedFodgsJluPxG+slSRlY5
FNQp9eHvl3nKJ5G4eyQKCLThsVX345Fve3ZMFNjgeGKe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:38 2024 by rpki-client on console-ams.rpki-client.org