Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/OdffVt8dGid_5DWlHRx6hYbDHpI.roa
File:                     OdffVt8dGid_5DWlHRx6hYbDHpI.roa (raw, json)
Hash identifier:          vYRejbsN+ZijqnxsKaFbWTMpJ/uD7LHqbZeiiK/a8YQ=
Subject key identifier:   39:D7:DF:56:DF:1D:1A:27:7F:E4:35:A5:1D:1C:7A:85:86:C3:1E:92
Certificate issuer:       /CN=69507f066f2bb0389dd88436074e1426114f2d92
Certificate serial:       018CC649F3B1781EB18F6B67EC92EAD27D6A
Authority key identifier: 69:50:7F:06:6F:2B:B0:38:9D:D8:84:36:07:4E:14:26:11:4F:2D:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aVB_Bm8rsDid2IQ2B04UJhFPLZI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/OdffVt8dGid_5DWlHRx6hYbDHpI.roa
Signing time:             Mon 01 Jan 2024 18:29:44 +0000
ROA not before:           Mon 01 Jan 2024 18:29:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     52000
IP address blocks:        178.208.87.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 14 Jun 2024 16:54:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:49:f3:b1:78:1e:b1:8f:6b:67:ec:92:ea:d2:7d:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69507f066f2bb0389dd88436074e1426114f2d92
        Validity
            Not Before: Jan  1 18:29:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=39d7df56df1d1a277fe435a51d1c7a8586c31e92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:22:08:94:27:0b:8b:c2:ad:a5:cd:b8:5f:49:
                    3b:d2:85:18:01:ab:97:cd:f2:33:aa:9e:f6:22:34:
                    8d:92:81:ad:0d:97:43:c3:32:30:30:56:00:f8:fa:
                    e8:0b:ea:b1:a0:16:ff:21:9c:4e:39:6e:d7:54:36:
                    ca:b3:ca:46:fc:fc:37:64:6b:44:84:c0:16:1b:1c:
                    9b:10:c0:03:72:84:26:6a:97:b2:23:69:3e:39:d3:
                    af:a4:99:b7:a1:c6:79:3c:e8:93:6e:bf:ee:2c:e7:
                    53:b2:02:1b:62:18:1a:1d:6f:8d:02:f8:3e:71:1e:
                    0f:c2:83:66:67:84:35:04:be:62:be:db:8a:b0:25:
                    14:fd:00:bf:20:30:b1:30:8a:d9:5a:e2:51:12:41:
                    48:fa:bf:97:28:12:58:ba:42:c1:b3:55:48:33:b1:
                    11:98:da:9c:e3:d5:64:e2:c3:63:d8:d4:fd:3f:1b:
                    0a:a4:90:0d:d6:97:9b:94:45:3e:c5:b7:11:78:e2:
                    b7:c7:60:e7:1d:17:8e:1f:cf:d3:2a:af:33:63:c6:
                    0f:a2:c0:18:9f:87:6d:72:16:7a:ca:07:07:f4:75:
                    15:f9:62:44:1f:03:d2:08:a5:58:d5:1b:7e:dd:4b:
                    e7:cb:4f:22:eb:4b:6e:ed:e5:1e:db:4d:7e:08:06:
                    08:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:D7:DF:56:DF:1D:1A:27:7F:E4:35:A5:1D:1C:7A:85:86:C3:1E:92
            X509v3 Authority Key Identifier:
                keyid:69:50:7F:06:6F:2B:B0:38:9D:D8:84:36:07:4E:14:26:11:4F:2D:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aVB_Bm8rsDid2IQ2B04UJhFPLZI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/OdffVt8dGid_5DWlHRx6hYbDHpI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/aVB_Bm8rsDid2IQ2B04UJhFPLZI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.208.87.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:9d:6d:ec:93:9f:07:fd:f3:00:69:2e:ed:c5:dd:4a:84:ee:
         b3:b1:a4:df:97:4c:3c:6e:13:ae:e6:43:5a:2a:fe:a5:fd:c0:
         0c:76:4e:59:55:d3:95:5e:7a:94:9a:eb:21:c6:e1:4d:f7:81:
         e0:19:b8:76:33:01:d4:8c:f5:1e:52:ff:d5:bc:b1:bc:26:be:
         57:78:21:30:ce:87:51:14:9f:c9:00:b7:9b:40:22:9b:61:4b:
         e1:81:7b:a1:85:e1:d3:e3:66:db:0b:80:7d:5b:d4:4b:77:12:
         e3:00:7f:a9:ab:05:82:d2:c3:57:18:26:35:2b:1c:06:b1:ac:
         43:7c:3d:1a:1b:3c:98:9d:61:22:4b:7e:df:b0:b3:40:ec:4a:
         92:43:9d:0d:d7:2a:47:01:d2:a8:4a:1b:f2:f5:6f:00:1e:f0:
         35:69:5e:02:11:df:0c:6f:9c:c8:6e:14:6f:cc:8c:c0:34:b6:
         a0:94:03:14:71:66:cf:90:2c:b3:db:c3:d9:1d:44:8a:d4:1a:
         c4:d0:76:ce:d7:72:54:bd:13:95:e5:84:39:91:6c:02:8f:e6:
         7c:ab:4f:00:4b:a3:42:5f:7d:88:7b:74:97:63:6c:72:20:ba:
         f2:0c:df:3b:af:4e:b0:a8:41:ef:64:fe:ca:7f:f6:09:3b:63:
         37:90:bc:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSfOxeB6xj2tn7JLq0n1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NTA3ZjA2NmYyYmIwMzg5ZGQ4ODQzNjA3NGUxNDI2MTE0
ZjJkOTIwHhcNMjQwMTAxMTgyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWQ3ZGY1NmRmMWQxYTI3N2ZlNDM1YTUxZDFjN2E4NTg2YzMxZTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviIIlCcLi8Ktpc24X0k70oUYAauX
zfIzqp72IjSNkoGtDZdDwzIwMFYA+ProC+qxoBb/IZxOOW7XVDbKs8pG/Pw3ZGtE
hMAWGxybEMADcoQmapeyI2k+OdOvpJm3ocZ5POiTbr/uLOdTsgIbYhgaHW+NAvg+
cR4PwoNmZ4Q1BL5ivtuKsCUU/QC/IDCxMIrZWuJREkFI+r+XKBJYukLBs1VIM7ER
mNqc49Vk4sNj2NT9PxsKpJAN1peblEU+xbcReOK3x2DnHReOH8/TKq8zY8YPosAY
n4dtchZ6ygcH9HUV+WJEHwPSCKVY1Rt+3Uvny08i60tu7eUe201+CAYIoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDnX31bfHRonf+Q1pR0ceoWGwx6SMB8GA1UdIwQY
MBaAFGlQfwZvK7A4ndiENgdOFCYRTy2SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVZCX0JtOHJzRGlkMklRMkIwNFVKaEZQTFpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9iZjgzMzgtODc1Mi00ZDU1LTljMzEt
MGUxYjhmZWE4OTEzLzEvT2RmZlZ0OGRHaWRfNURXbEhSeDZoWWJESHBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9iZjgzMzgtODc1Mi00ZDU1LTljMzEtMGUxYjhmZWE4OTEz
LzEvYVZCX0JtOHJzRGlkMklRMkIwNFVKaEZQTFpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstBXMA0G
CSqGSIb3DQEBCwUAA4IBAQBTnW3sk58H/fMAaS7txd1KhO6zsaTfl0w8bhOu5kNa
Kv6l/cAMdk5ZVdOVXnqUmushxuFN94HgGbh2MwHUjPUeUv/VvLG8Jr5XeCEwzodR
FJ/JALebQCKbYUvhgXuhheHT42bbC4B9W9RLdxLjAH+pqwWC0sNXGCY1KxwGsaxD
fD0aGzyYnWEiS37fsLNA7EqSQ50N1ypHAdKoShvy9W8AHvA1aV4CEd8Mb5zIbhRv
zIzANLaglAMUcWbPkCyz28PZHUSK1BrE0HbO13JUvROV5YQ5kWwCj+Z8q08AS6NC
X32Ie3SXY2xyILryDN87r06wqEHvZP7Kf/YJO2M3kLzU
-----END CERTIFICATE-----
Generated at Fri Jun 14 18:56:28 2024 by rpki-client on console-fra.rpki-client.org