Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/I-t8NJqpSZ9AxdIb4Fd7zhESSnI.roa
File:                     I-t8NJqpSZ9AxdIb4Fd7zhESSnI.roa (raw, json)
Hash identifier:          /PfvFvNKobmg1AfSyfF6d4UdRKmQF9HqHUlRi/octRM=
Subject key identifier:   23:EB:7C:34:9A:A9:49:9F:40:C5:D2:1B:E0:57:7B:CE:11:12:4A:72
Certificate issuer:       /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial:       01856D2F3884C4E3E2501B22C4FF78F3867A
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/I-t8NJqpSZ9AxdIb4Fd7zhESSnI.roa
Signing time:             Sun 01 Jan 2023 11:54:49 +0000
ROA not before:           Sun 01 Jan 2023 11:54:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35638
IP address blocks:        84.239.21.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:2f:38:84:c4:e3:e2:50:1b:22:c4:ff:78:f3:86:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
        Validity
            Not Before: Jan  1 11:54:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=23eb7c349aa9499f40c5d21be0577bce11124a72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:18:3b:e0:ed:f2:09:ac:f0:b4:d1:d3:5c:88:
                    50:84:0e:32:32:b2:c1:f3:e2:d2:c3:b3:d4:3f:e6:
                    09:5d:91:c5:6f:80:70:9d:56:82:39:41:97:e1:83:
                    55:91:7b:86:0a:22:47:ad:67:8d:9b:6e:76:da:d9:
                    ce:5c:60:34:5f:45:97:c8:ae:77:a2:c2:8c:fa:67:
                    a9:1c:4e:35:1d:b4:7d:62:6a:21:23:0d:48:8a:88:
                    3c:8b:77:eb:74:e4:a6:61:2e:d2:bd:39:93:4a:65:
                    08:83:f1:31:ef:26:33:5d:c8:85:0e:09:0c:b2:b2:
                    7a:6f:dc:8f:bb:16:8e:f6:35:6f:2b:01:08:86:bf:
                    5d:1d:06:c2:41:0d:4d:24:8e:73:e6:e0:5e:99:58:
                    fc:44:6b:03:b5:73:57:d3:a5:68:35:3a:c6:b3:9b:
                    b1:8b:90:d2:a4:fa:bb:c4:e5:04:db:65:52:65:6a:
                    23:68:a0:48:05:bb:5a:9e:e1:6f:df:b9:c9:78:36:
                    bf:0e:1a:fe:da:37:21:00:a1:5a:1c:9e:fa:44:dd:
                    7b:a7:ae:28:be:14:3b:3a:dd:9a:52:f6:ea:fd:6d:
                    21:90:18:7e:96:55:ac:71:3e:2b:27:82:5c:56:0a:
                    27:ac:31:19:0e:07:d3:9f:04:ec:12:67:07:d8:f1:
                    74:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:EB:7C:34:9A:A9:49:9F:40:C5:D2:1B:E0:57:7B:CE:11:12:4A:72
            X509v3 Authority Key Identifier:
                keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/I-t8NJqpSZ9AxdIb4Fd7zhESSnI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.239.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:c3:2d:ea:2a:c4:3b:f5:be:0b:41:9f:3b:81:48:fa:18:f0:
         cb:23:94:3f:11:d1:19:6f:a2:b9:bb:d1:f0:1f:32:57:ad:6f:
         e7:a5:7d:ee:eb:24:a0:72:31:7a:d4:93:d1:83:e7:3b:ef:0f:
         38:7f:44:92:cb:8f:48:a5:30:e7:de:43:05:44:0e:fd:e0:ba:
         b2:06:07:5a:a4:a3:c2:f6:49:08:ac:d6:34:a9:0c:33:cb:f4:
         ed:84:c4:7a:7a:ff:f1:1e:12:1f:1b:d0:31:b3:b0:8b:65:86:
         23:70:f8:7e:6e:52:da:4f:79:f1:37:db:89:aa:1d:3d:ea:68:
         17:d1:73:42:e8:b7:68:99:fe:1e:45:bf:06:17:da:2d:b8:81:
         10:da:7d:f4:5b:f6:c8:e7:2d:5f:c9:39:b1:17:cc:95:56:0e:
         b2:17:7a:47:13:b2:cf:c1:24:0f:8b:34:37:60:09:87:7f:61:
         98:c2:29:63:db:7c:67:b7:2d:9d:8b:e4:66:79:24:5d:7c:4c:
         d4:3d:d8:44:23:fd:8e:0a:cd:dc:62:3d:d7:0b:aa:90:c0:28:
         2e:fd:e0:19:d1:88:f3:fb:54:d6:8f:88:6d:83:9a:ca:07:17:
         e8:da:df:f7:89:3e:35:1a:d6:d6:89:81:cd:09:a6:4b:8c:8a:
         a8:bf:57:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtLziExOPiUBsixP9484Z6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjMwMTAxMTE1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2ViN2MzNDlhYTk0OTlmNDBjNWQyMWJlMDU3N2JjZTExMTI0YTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Bg74O3yCazwtNHTXIhQhA4yMrLB
8+LSw7PUP+YJXZHFb4BwnVaCOUGX4YNVkXuGCiJHrWeNm2522tnOXGA0X0WXyK53
osKM+mepHE41HbR9YmohIw1Iiog8i3frdOSmYS7SvTmTSmUIg/Ex7yYzXciFDgkM
srJ6b9yPuxaO9jVvKwEIhr9dHQbCQQ1NJI5z5uBemVj8RGsDtXNX06VoNTrGs5ux
i5DSpPq7xOUE22VSZWojaKBIBbtanuFv37nJeDa/Dhr+2jchAKFaHJ76RN17p64o
vhQ7Ot2aUvbq/W0hkBh+llWscT4rJ4JcVgonrDEZDgfTnwTsEmcH2PF04wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCPrfDSaqUmfQMXSG+BXe84REkpyMB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEvSS10OE5KcXBTWjlBeGRJYjRGZDd6aEVTU25JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVO8VMA0G
CSqGSIb3DQEBCwUAA4IBAQB4wy3qKsQ79b4LQZ87gUj6GPDLI5Q/EdEZb6K5u9Hw
HzJXrW/npX3u6ySgcjF61JPRg+c77w84f0SSy49IpTDn3kMFRA794LqyBgdapKPC
9kkIrNY0qQwzy/TthMR6ev/xHhIfG9Axs7CLZYYjcPh+blLaT3nxN9uJqh096mgX
0XNC6Ldomf4eRb8GF9otuIEQ2n30W/bI5y1fyTmxF8yVVg6yF3pHE7LPwSQPizQ3
YAmHf2GYwilj23xnty2di+RmeSRdfEzUPdhEI/2OCs3cYj3XC6qQwCgu/eAZ0Yjz
+1TWj4htg5rKBxfo2t/3iT41GtbWiYHNCaZLjIqov1ds
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:02 2024 by rpki-client on console-fra.rpki-client.org