Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/loQbyDCAI6c23RLf3uAOBHVUr78.roa
File:                     loQbyDCAI6c23RLf3uAOBHVUr78.roa (raw, json)
Hash identifier:          /m+SmpzAsz9ldx1W3XOWJwB4EwVbSnOlId2KXnHeUyA=
Subject key identifier:   96:84:1B:C8:30:80:23:A7:36:DD:12:DF:DE:E0:0E:04:75:54:AF:BF
Certificate issuer:       /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial:       018CC795223D195662F510FDF481481E0EC1
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/loQbyDCAI6c23RLf3uAOBHVUr78.roa
Signing time:             Tue 02 Jan 2024 00:31:28 +0000
ROA not before:           Tue 02 Jan 2024 00:31:28 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51248
IP address blocks:        81.25.71.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 27 May 2024 05:49:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:22:3d:19:56:62:f5:10:fd:f4:81:48:1e:0e:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
        Validity
            Not Before: Jan  2 00:31:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=96841bc8308023a736dd12dfdee00e047554afbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:f4:da:8b:f5:ae:54:fd:48:26:e2:f0:43:b9:
                    9f:76:78:1a:7b:8c:6b:82:aa:5e:70:9f:07:e2:95:
                    8a:21:d8:55:e2:8a:39:43:31:f8:19:1d:47:9c:10:
                    af:a3:54:ac:f4:8d:67:f7:47:3c:31:45:86:bc:b0:
                    b0:86:a9:dc:45:a9:23:71:ee:cb:61:26:58:02:8c:
                    88:78:45:dc:02:9c:9e:24:f3:4a:68:1c:c6:9c:f9:
                    92:1b:65:82:2b:a3:f4:58:0a:a6:94:52:26:a6:90:
                    b8:53:a5:7e:f8:d8:3e:47:08:73:76:d6:e3:8b:eb:
                    61:ab:ee:b7:55:65:b7:17:7c:6d:ca:89:30:88:f4:
                    0c:bf:fc:f4:c2:24:76:35:93:bc:11:c1:63:c1:24:
                    21:d6:41:0b:52:63:30:fc:fa:2b:17:82:4f:11:e5:
                    7a:a6:88:47:cc:a1:d8:15:a9:e3:f7:ae:2c:a2:a4:
                    97:6e:b8:e3:77:5c:3f:e6:f6:b1:48:13:4b:fd:bb:
                    cb:d6:31:1f:01:79:41:12:ac:3d:d1:31:b8:e2:4c:
                    a3:9d:b6:5e:a6:ea:7e:7d:99:86:b4:15:8b:8e:12:
                    5c:54:f7:dd:25:02:6b:06:ec:46:65:b3:39:2c:33:
                    b2:3f:4f:05:72:9e:54:1a:d2:22:3a:fa:8a:fa:6e:
                    c6:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:84:1B:C8:30:80:23:A7:36:DD:12:DF:DE:E0:0E:04:75:54:AF:BF
            X509v3 Authority Key Identifier:
                keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/loQbyDCAI6c23RLf3uAOBHVUr78.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.25.71.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:10:57:86:c8:70:2a:7f:6d:c1:6d:96:c3:e5:3b:dd:2d:31:
         07:e8:9e:4d:3b:67:68:52:d3:19:85:45:a4:64:f1:c7:58:a7:
         e1:a4:17:56:14:50:43:ac:e3:a0:dd:34:44:2e:4b:05:6b:79:
         7e:02:fc:fd:e8:5f:31:14:ec:40:f0:ca:37:40:94:bb:d5:15:
         93:76:bd:1c:cd:cf:f5:e3:63:14:9a:5e:bb:19:c2:25:08:ca:
         de:88:87:59:28:58:1b:92:9f:85:de:87:95:20:74:05:83:91:
         31:5b:3e:3a:df:bd:6f:1d:40:a5:01:cc:18:77:5d:0f:40:c7:
         e3:13:3f:3e:4e:b8:67:80:ca:fa:84:48:38:ef:2b:4d:f5:c3:
         da:c7:a4:43:2b:d1:3f:d8:1d:f3:2f:15:c0:30:d8:57:ac:db:
         b3:67:0c:30:3b:0b:de:c2:c0:45:14:02:9d:24:e4:8c:20:07:
         04:0f:af:67:32:75:4e:1e:91:39:7e:0c:9c:af:98:5e:14:d1:
         f5:fe:8a:5c:df:72:65:22:80:fa:6d:08:8a:e0:07:1f:b8:22:
         da:c8:76:40:fb:71:53:f0:09:f2:d1:75:1d:47:0d:ab:a8:1f:
         a1:57:20:6e:a8:7c:3d:57:2b:fe:91:93:73:04:c3:3b:05:33:
         07:1d:17:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlSI9GVZi9RD99IFIHg7BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjQwMTAyMDAzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Njg0MWJjODMwODAyM2E3MzZkZDEyZGZkZWUwMGUwNDc1NTRhZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfTai/WuVP1IJuLwQ7mfdngae4xr
gqpecJ8H4pWKIdhV4oo5QzH4GR1HnBCvo1Ss9I1n90c8MUWGvLCwhqncRakjce7L
YSZYAoyIeEXcApyeJPNKaBzGnPmSG2WCK6P0WAqmlFImppC4U6V++Ng+Rwhzdtbj
i+thq+63VWW3F3xtyokwiPQMv/z0wiR2NZO8EcFjwSQh1kELUmMw/PorF4JPEeV6
pohHzKHYFanj964soqSXbrjjd1w/5vaxSBNL/bvL1jEfAXlBEqw90TG44kyjnbZe
pup+fZmGtBWLjhJcVPfdJQJrBuxGZbM5LDOyP08Fcp5UGtIiOvqK+m7GAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJaEG8gwgCOnNt0S397gDgR1VK+/MB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvbG9RYnlEQ0FJNmMyM1JMZjN1QU9CSFZVcjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAURlHMA0G
CSqGSIb3DQEBCwUAA4IBAQAQEFeGyHAqf23BbZbD5TvdLTEH6J5NO2doUtMZhUWk
ZPHHWKfhpBdWFFBDrOOg3TRELksFa3l+Avz96F8xFOxA8Mo3QJS71RWTdr0czc/1
42MUml67GcIlCMreiIdZKFgbkp+F3oeVIHQFg5ExWz46371vHUClAcwYd10PQMfj
Ez8+TrhngMr6hEg47ytN9cPax6RDK9E/2B3zLxXAMNhXrNuzZwwwOwvewsBFFAKd
JOSMIAcED69nMnVOHpE5fgycr5heFNH1/opc33JlIoD6bQiK4AcfuCLayHZA+3FT
8Any0XUdRw2rqB+hVyBuqHw9Vyv+kZNzBMM7BTMHHRd5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:51 2024 by rpki-client on console-fra.rpki-client.org