Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/ISSrXmfBt7mKwsi9WqQ_qXP9iQI.roa
File:                     ISSrXmfBt7mKwsi9WqQ_qXP9iQI.roa (raw, json)
Hash identifier:          7uMnvDihxdHTVptxe79eBgl0wpxbN/GrTSe6HBSCcLk=
Subject key identifier:   21:24:AB:5E:67:C1:B7:B9:8A:C2:C8:BD:5A:A4:3F:A9:73:FD:89:02
Certificate issuer:       /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial:       0185707077869F0E0378BB2AABBDFD16CCBF
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/ISSrXmfBt7mKwsi9WqQ_qXP9iQI.roa
Signing time:             Mon 02 Jan 2023 03:04:56 +0000
ROA not before:           Mon 02 Jan 2023 03:04:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41095
IP address blocks:        217.25.4.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:30:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:70:77:86:9f:0e:03:78:bb:2a:ab:bd:fd:16:cc:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
        Validity
            Not Before: Jan  2 03:04:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2124ab5e67c1b7b98ac2c8bd5aa43fa973fd8902
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:cd:06:aa:99:d4:28:f7:14:4f:13:f4:e2:48:
                    52:ce:93:c7:cb:b3:99:d5:0e:c3:0e:a7:ff:b7:10:
                    ce:be:75:71:2f:39:7e:f4:84:11:cf:e2:42:79:bc:
                    8f:6a:d2:34:ed:6e:2f:6d:a6:31:d9:91:2c:7b:49:
                    38:2b:d3:ea:85:f4:74:0f:f0:39:59:5e:a1:83:4e:
                    c7:19:00:6c:9c:16:08:54:b2:09:1e:b9:00:02:9e:
                    70:9a:3e:89:53:b7:7a:47:bf:0a:67:dd:c9:d2:9d:
                    26:84:4e:5d:da:9b:62:7e:07:33:50:41:b1:4b:3f:
                    77:d6:88:14:c2:ed:03:b4:3c:d9:60:cd:30:c4:49:
                    fa:6a:11:57:63:d1:1c:33:11:f8:ab:89:1b:37:ca:
                    8c:e9:8d:df:f7:1d:cb:fe:d9:f4:1a:47:3c:00:b2:
                    db:cb:2e:27:1f:eb:9e:58:00:2c:24:78:61:af:0e:
                    51:c0:7e:dc:4d:fa:7c:38:ac:7b:19:98:76:0c:00:
                    e6:4a:da:3b:9d:b3:fc:64:32:c7:2c:58:8c:8e:9f:
                    ab:dd:50:53:bd:3a:0f:ed:78:cf:ca:53:35:6b:2e:
                    b4:58:3a:87:c2:db:a7:e9:aa:73:10:dd:90:fd:8d:
                    fd:fb:58:30:dc:b5:e9:86:f5:5d:61:b0:b4:a0:ef:
                    4d:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:24:AB:5E:67:C1:B7:B9:8A:C2:C8:BD:5A:A4:3F:A9:73:FD:89:02
            X509v3 Authority Key Identifier:
                keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/ISSrXmfBt7mKwsi9WqQ_qXP9iQI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.25.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:33:ee:48:e4:6a:bb:8f:2b:62:02:ed:d9:6b:24:54:c8:a7:
         49:ec:7a:0e:61:94:ae:1c:9e:7c:b2:b0:b1:f8:bc:40:42:c2:
         99:cf:97:7b:ee:5d:24:33:db:d6:2d:97:4f:94:66:9b:90:1d:
         59:e0:5e:fb:b1:d9:ff:10:98:5d:5b:d9:47:cd:fe:37:60:3e:
         24:ed:06:ed:2a:24:57:cd:ff:be:e2:73:fa:44:e4:17:7c:9e:
         1a:af:85:6e:dd:b8:7f:37:2e:7b:b9:ae:3d:f3:4b:1b:da:d4:
         61:dd:89:69:69:5c:20:de:f9:08:bf:5a:a8:cc:99:d4:17:be:
         18:ff:43:3d:e3:c7:eb:8c:42:e5:46:20:d2:88:80:f9:58:7a:
         ee:a8:04:10:b6:48:1c:ae:3c:c1:2f:a0:fd:4d:98:8d:2e:79:
         cb:39:89:56:b8:eb:b5:20:3b:48:4f:0b:2a:f5:9c:79:2e:34:
         94:28:b7:73:b9:88:cb:a9:c1:98:21:19:ec:21:66:67:26:01:
         69:92:da:58:f8:35:44:62:01:a5:8b:d9:20:42:77:7c:b7:f5:
         a2:5f:4a:b8:1f:71:71:0c:13:4e:b6:0c:9b:f0:f8:63:12:1b:
         2f:cc:61:29:25:85:4a:dd:c0:07:15:13:7a:f4:dc:0f:0d:91:
         8f:cf:2c:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwcHeGnw4DeLsqq739Fsy/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMwMTAyMDMwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTI0YWI1ZTY3YzFiN2I5OGFjMmM4YmQ1YWE0M2ZhOTczZmQ4OTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy80GqpnUKPcUTxP04khSzpPHy7OZ
1Q7DDqf/txDOvnVxLzl+9IQRz+JCebyPatI07W4vbaYx2ZEse0k4K9PqhfR0D/A5
WV6hg07HGQBsnBYIVLIJHrkAAp5wmj6JU7d6R78KZ93J0p0mhE5d2ptifgczUEGx
Sz931ogUwu0DtDzZYM0wxEn6ahFXY9EcMxH4q4kbN8qM6Y3f9x3L/tn0Gkc8ALLb
yy4nH+ueWAAsJHhhrw5RwH7cTfp8OKx7GZh2DADmSto7nbP8ZDLHLFiMjp+r3VBT
vToP7XjPylM1ay60WDqHwtun6apzEN2Q/Y39+1gw3LXphvVdYbC0oO9NkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCEkq15nwbe5isLIvVqkP6lz/YkCMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvSVNTclhtZkJ0N21Ld3NpOVdxUV9xWFA5aVFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RkEMA0G
CSqGSIb3DQEBCwUAA4IBAQCnM+5I5Gq7jytiAu3ZayRUyKdJ7HoOYZSuHJ58srCx
+LxAQsKZz5d77l0kM9vWLZdPlGabkB1Z4F77sdn/EJhdW9lHzf43YD4k7QbtKiRX
zf++4nP6ROQXfJ4ar4Vu3bh/Ny57ua4980sb2tRh3YlpaVwg3vkIv1qozJnUF74Y
/0M948frjELlRiDSiID5WHruqAQQtkgcrjzBL6D9TZiNLnnLOYlWuOu1IDtITwsq
9Zx5LjSUKLdzuYjLqcGYIRnsIWZnJgFpktpY+DVEYgGli9kgQnd8t/WiX0q4H3Fx
DBNOtgyb8PhjEhsvzGEpJYVK3cAHFRN69NwPDZGPzyzk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:21 2024 by rpki-client on console-ams.rpki-client.org