Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/ridaOHCu08NN5YdgAzgBjSS9EU8.roa
File:                     ridaOHCu08NN5YdgAzgBjSS9EU8.roa (raw, json)
Hash identifier:          UqUfvbx0SZOnbNDjo5L8lDdKGX5odr1nTRwmJRhWy7I=
Subject key identifier:   AE:27:5A:38:70:AE:D3:C3:4D:E5:87:60:03:38:01:8D:24:BD:11:4F
Certificate issuer:       /CN=89b332d57ce14fab1ebd746817dd701062c74a88
Certificate serial:       018572B42EC0BCC59EBC0966FCBC55DA5DFF
Authority key identifier: 89:B3:32:D5:7C:E1:4F:AB:1E:BD:74:68:17:DD:70:10:62:C7:4A:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ibMy1XzhT6sevXRoF91wEGLHSog.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/ridaOHCu08NN5YdgAzgBjSS9EU8.roa
Signing time:             Mon 02 Jan 2023 13:38:09 +0000
ROA not before:           Mon 02 Jan 2023 13:38:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42308
IP address blocks:        83.173.127.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:b4:2e:c0:bc:c5:9e:bc:09:66:fc:bc:55:da:5d:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89b332d57ce14fab1ebd746817dd701062c74a88
        Validity
            Not Before: Jan  2 13:38:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ae275a3870aed3c34de587600338018d24bd114f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:e0:46:e3:ba:d9:50:6e:1d:68:81:7f:b1:46:
                    57:58:20:c5:53:ec:be:89:29:6a:4a:94:e3:25:47:
                    b2:f9:07:57:0f:04:ae:90:b8:19:0b:9b:26:3d:6e:
                    8f:8c:25:a6:a1:67:7f:d0:a2:8b:07:dd:5c:e2:34:
                    10:d7:48:94:0a:2e:2f:51:1b:55:6e:f6:3b:df:1c:
                    f3:91:23:b2:d2:ef:5d:cd:10:9a:f8:a4:c2:2a:78:
                    a6:20:aa:8a:4b:4c:79:f0:38:6c:34:54:9a:2f:9d:
                    b0:fe:fd:3a:7a:c3:7a:ee:87:4a:d4:fd:e5:ce:43:
                    72:80:5b:8d:ba:1e:29:d4:71:cc:3f:2e:1a:00:b2:
                    07:ae:73:ca:cc:12:38:04:60:ec:d0:28:32:20:25:
                    a5:a7:f2:29:56:ab:3a:4a:b5:37:4a:d2:e7:36:c4:
                    30:5b:97:4e:ad:dc:0b:d6:2b:04:d4:df:48:5b:ff:
                    91:0f:41:ac:a4:13:97:34:6f:90:1b:8c:8c:d1:34:
                    fb:d3:b4:cc:d4:b7:1b:75:00:9d:19:aa:b8:e1:07:
                    e4:e3:23:2f:6c:4f:b0:01:40:09:29:42:a4:e5:de:
                    91:4a:90:2f:19:35:fd:41:e4:72:23:99:54:7c:cd:
                    c8:4b:30:b9:9d:a2:c6:c7:48:8d:dc:24:d3:6a:da:
                    58:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:27:5A:38:70:AE:D3:C3:4D:E5:87:60:03:38:01:8D:24:BD:11:4F
            X509v3 Authority Key Identifier:
                keyid:89:B3:32:D5:7C:E1:4F:AB:1E:BD:74:68:17:DD:70:10:62:C7:4A:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibMy1XzhT6sevXRoF91wEGLHSog.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/ridaOHCu08NN5YdgAzgBjSS9EU8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/ibMy1XzhT6sevXRoF91wEGLHSog.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.173.127.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:52:ee:4d:c7:21:af:19:dd:3b:a9:9f:71:f1:51:c8:fe:c6:
         47:8b:a7:33:50:5b:58:f4:1c:e0:03:7c:59:38:1a:28:4b:88:
         23:25:ff:a4:b7:cf:d2:61:55:37:dc:70:00:f9:38:9f:42:ad:
         be:fc:9d:b3:42:45:e7:e3:54:58:ec:bb:c4:c5:4a:3b:8d:d2:
         40:b0:f2:6e:1d:31:16:1c:4c:7d:8a:43:ed:39:55:3c:89:83:
         cc:10:c5:49:1f:af:1a:23:d8:b8:c5:9a:67:66:aa:cf:f3:33:
         0f:d4:86:e8:85:a6:b5:12:b2:ab:b4:94:51:df:4f:e5:81:16:
         82:f2:0a:7b:fc:27:25:d0:af:4f:42:29:84:c6:60:07:65:68:
         62:65:83:68:c7:71:65:3e:9f:01:9d:8f:72:5f:03:87:5a:ab:
         9c:d2:92:9e:d4:c4:10:d3:4d:c1:ed:70:ce:1b:43:56:e4:c1:
         4e:4a:63:82:87:c7:e0:36:b2:28:62:02:43:ee:bc:ad:2d:b8:
         ae:63:2b:b2:e4:33:59:7e:b5:71:94:fd:3d:84:0a:88:68:bd:
         8c:20:6a:22:46:3f:96:c5:a7:02:55:a5:f0:a3:24:45:46:59:
         1f:dc:09:46:8a:57:c2:86:6c:36:af:c6:85:8a:af:00:54:3c:
         07:1b:fc:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVytC7AvMWevAlm/LxV2l3/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YjMzMmQ1N2NlMTRmYWIxZWJkNzQ2ODE3ZGQ3MDEwNjJj
NzRhODgwHhcNMjMwMTAyMTMzODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTI3NWEzODcwYWVkM2MzNGRlNTg3NjAwMzM4MDE4ZDI0YmQxMTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuBG47rZUG4daIF/sUZXWCDFU+y+
iSlqSpTjJUey+QdXDwSukLgZC5smPW6PjCWmoWd/0KKLB91c4jQQ10iUCi4vURtV
bvY73xzzkSOy0u9dzRCa+KTCKnimIKqKS0x58DhsNFSaL52w/v06esN67odK1P3l
zkNygFuNuh4p1HHMPy4aALIHrnPKzBI4BGDs0CgyICWlp/IpVqs6SrU3StLnNsQw
W5dOrdwL1isE1N9IW/+RD0GspBOXNG+QG4yM0TT707TM1LcbdQCdGaq44Qfk4yMv
bE+wAUAJKUKk5d6RSpAvGTX9QeRyI5lUfM3ISzC5naLGx0iN3CTTatpYpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK4nWjhwrtPDTeWHYAM4AY0kvRFPMB8GA1UdIwQY
MBaAFImzMtV84U+rHr10aBfdcBBix0qIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWJNeTFYemhUNnNldlhSb0Y5MXdFR0xIU29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84MTcxOWQtNDY3Yy00YWY3LWE4MjQt
NDZhMGRmNzc0ZmUxLzEvcmlkYU9IQ3UwOE5ONVlkZ0F6Z0JqU1M5RVU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84MTcxOWQtNDY3Yy00YWY3LWE4MjQtNDZhMGRmNzc0ZmUx
LzEvaWJNeTFYemhUNnNldlhSb0Y5MXdFR0xIU29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU61/MA0G
CSqGSIb3DQEBCwUAA4IBAQCWUu5NxyGvGd07qZ9x8VHI/sZHi6czUFtY9BzgA3xZ
OBooS4gjJf+kt8/SYVU33HAA+TifQq2+/J2zQkXn41RY7LvExUo7jdJAsPJuHTEW
HEx9ikPtOVU8iYPMEMVJH68aI9i4xZpnZqrP8zMP1Ibohaa1ErKrtJRR30/lgRaC
8gp7/Ccl0K9PQimExmAHZWhiZYNox3FlPp8BnY9yXwOHWquc0pKe1MQQ003B7XDO
G0NW5MFOSmOCh8fgNrIoYgJD7rytLbiuYyuy5DNZfrVxlP09hAqIaL2MIGoiRj+W
xacCVaXwoyRFRlkf3AlGilfChmw2r8aFiq8AVDwHG/zh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:53 2024 by rpki-client on console-fra.rpki-client.org