Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/2we-BoJRnhvhzWGOuH7xREy9I8s.roa
File:                     2we-BoJRnhvhzWGOuH7xREy9I8s.roa (raw, json)
Hash identifier:          V4cmMA2zlFyKycsKiIWFogprWnMp7248JR0KljP2fnM=
Subject key identifier:   DB:07:BE:06:82:51:9E:1B:E1:CD:61:8E:B8:7E:F1:44:4C:BD:23:CB
Certificate issuer:       /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial:       0187FA8DBC69FA322BFFB1304763EE763D62
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/2we-BoJRnhvhzWGOuH7xREy9I8s.roa
Signing time:             Mon 08 May 2023 08:50:05 +0000
ROA not before:           Mon 08 May 2023 08:50:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60117
IP address blocks:        87.254.8.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 10 May 2023 21:57:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:fa:8d:bc:69:fa:32:2b:ff:b1:30:47:63:ee:76:3d:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
        Validity
            Not Before: May  8 08:50:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=db07be0682519e1be1cd618eb87ef1444cbd23cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:45:81:58:d5:38:25:c7:58:fc:fd:16:d1:f1:
                    41:bc:aa:0c:f4:e3:ad:36:01:ce:b4:e7:68:0e:cd:
                    96:1c:7c:36:79:d8:6e:af:47:ef:fa:eb:06:88:40:
                    2a:21:be:62:66:47:b4:32:51:33:87:cd:8a:39:c4:
                    25:dd:83:c0:4b:3a:4f:a0:c2:e2:e4:c0:3e:d9:91:
                    fd:42:ed:90:69:40:fe:4c:3a:60:c2:6d:aa:2e:d3:
                    d8:ba:53:15:d3:35:17:75:8e:40:4e:33:a6:13:c6:
                    3a:7d:85:83:3b:1f:3e:20:f7:1b:6f:53:96:1b:69:
                    c4:d9:31:39:bb:12:6f:0f:66:4c:b4:9c:1e:05:e4:
                    24:36:2c:ef:66:4f:61:69:66:24:b8:21:e0:32:22:
                    1a:04:77:59:6a:28:59:55:e0:c7:aa:ae:23:94:10:
                    e4:14:bc:44:e5:30:59:01:97:ab:47:57:ff:e6:d4:
                    74:a0:13:58:32:46:f3:ab:e2:d5:42:15:de:5c:07:
                    a3:65:2d:1e:b1:ce:97:94:fc:36:af:4e:e0:be:17:
                    36:74:0c:0d:43:82:90:e7:1b:65:08:74:35:82:11:
                    ef:31:3b:fd:58:77:f5:2b:49:e6:e8:cb:7e:c6:a7:
                    e0:08:65:1b:6c:e2:10:96:72:f0:9d:6a:9f:dc:e5:
                    34:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:07:BE:06:82:51:9E:1B:E1:CD:61:8E:B8:7E:F1:44:4C:BD:23:CB
            X509v3 Authority Key Identifier:
                keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/2we-BoJRnhvhzWGOuH7xREy9I8s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.254.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:5e:21:52:20:ad:22:c6:f3:aa:c3:48:f2:59:95:90:ae:5a:
         81:55:17:e5:c6:0c:1a:bc:e4:c8:01:14:ee:3e:25:8f:6c:b9:
         3e:5b:61:1f:d1:a4:5b:17:9a:82:d9:32:32:4c:7b:23:be:39:
         95:cb:74:e5:10:b0:c6:21:66:d9:fb:81:87:5c:d2:ab:fa:78:
         64:ef:54:8d:52:92:10:d0:0b:c9:9e:8b:cd:a8:0d:48:cd:44:
         73:26:75:23:c8:8d:ab:fa:7b:e3:a9:6e:b0:a6:64:a5:ac:e8:
         86:0a:64:31:33:16:ea:94:cc:b0:1f:81:34:5a:23:51:c9:aa:
         ee:29:b1:e4:22:69:7b:45:4d:69:92:1f:77:b1:f8:07:3e:2c:
         9c:2f:be:62:d9:33:db:31:e1:d4:30:ee:fc:a6:f6:b7:5b:51:
         c8:fb:58:c7:3f:8b:27:de:d5:b3:03:1f:ce:1d:81:6e:16:0b:
         b3:47:5d:c9:cd:37:87:8f:6f:e8:07:5e:81:df:3e:e8:c9:95:
         b8:f1:83:e1:a6:4a:dd:ad:35:12:72:39:b0:62:81:e6:b1:6b:
         05:11:f4:99:ba:81:26:cd:2b:23:96:fe:ed:02:b0:5a:8a:15:
         c4:6c:b9:32:2e:bd:31:ea:db:37:1a:e1:75:4e:b6:fc:99:1f:
         cf:45:b7:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYf6jbxp+jIr/7EwR2Pudj1iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMwNTA4MDg1MDA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjA3YmUwNjgyNTE5ZTFiZTFjZDYxOGViODdlZjE0NDRjYmQyM2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0WBWNU4JcdY/P0W0fFBvKoM9OOt
NgHOtOdoDs2WHHw2edhur0fv+usGiEAqIb5iZke0MlEzh82KOcQl3YPASzpPoMLi
5MA+2ZH9Qu2QaUD+TDpgwm2qLtPYulMV0zUXdY5ATjOmE8Y6fYWDOx8+IPcbb1OW
G2nE2TE5uxJvD2ZMtJweBeQkNizvZk9haWYkuCHgMiIaBHdZaihZVeDHqq4jlBDk
FLxE5TBZAZerR1f/5tR0oBNYMkbzq+LVQhXeXAejZS0esc6XlPw2r07gvhc2dAwN
Q4KQ5xtlCHQ1ghHvMTv9WHf1K0nm6Mt+xqfgCGUbbOIQlnLwnWqf3OU0uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNsHvgaCUZ4b4c1hjrh+8URMvSPLMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvMndlLUJvSlJuaHZoeldHT3VIN3hSRXk5SThzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/4IMA0G
CSqGSIb3DQEBCwUAA4IBAQCrXiFSIK0ixvOqw0jyWZWQrlqBVRflxgwavOTIARTu
PiWPbLk+W2Ef0aRbF5qC2TIyTHsjvjmVy3TlELDGIWbZ+4GHXNKr+nhk71SNUpIQ
0AvJnovNqA1IzURzJnUjyI2r+nvjqW6wpmSlrOiGCmQxMxbqlMywH4E0WiNRyaru
KbHkIml7RU1pkh93sfgHPiycL75i2TPbMeHUMO78pva3W1HI+1jHP4sn3tWzAx/O
HYFuFguzR13JzTeHj2/oB16B3z7oyZW48YPhpkrdrTUScjmwYoHmsWsFEfSZuoEm
zSsjlv7tArBaihXEbLkyLr0x6ts3GuF1Trb8mR/PRbdK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:04 2024 by rpki-client on console-fra.rpki-client.org