Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/_NcS99Qcr04tC8s7VI-2g25Cigo.roa
File:                     _NcS99Qcr04tC8s7VI-2g25Cigo.roa (raw, json)
Hash identifier:          xLddQTjb8+olFaeMbJ/RILWeHeqRygS6395u88CDKWU=
Subject key identifier:   FC:D7:12:F7:D4:1C:AF:4E:2D:0B:CB:3B:54:8F:B6:83:6E:42:8A:0A
Certificate issuer:       /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial:       0186B661B147CB5A446F812584A61C260160
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/_NcS99Qcr04tC8s7VI-2g25Cigo.roa
Signing time:             Mon 06 Mar 2023 10:05:00 +0000
ROA not before:           Mon 06 Mar 2023 10:05:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60721
IP address blocks:        87.254.17.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 16 Jun 2023 08:40:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:b6:61:b1:47:cb:5a:44:6f:81:25:84:a6:1c:26:01:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
        Validity
            Not Before: Mar  6 10:05:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fcd712f7d41caf4e2d0bcb3b548fb6836e428a0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:27:8b:07:27:b6:3a:30:85:97:c7:94:58:4b:
                    df:fa:5d:ac:24:bd:a7:99:15:7a:ec:6e:b6:c5:ea:
                    4d:af:36:1a:82:79:22:78:e3:a3:ba:43:a9:fc:a0:
                    34:e3:ce:1c:ac:1a:ed:41:3d:05:7e:e3:3c:3f:bf:
                    4e:80:83:68:f1:64:45:40:a1:37:48:34:23:b5:8c:
                    16:39:1c:b5:b8:ba:2a:1f:41:20:40:2c:49:a8:c0:
                    b5:48:5f:a3:93:13:70:c8:48:da:cb:1f:79:0e:6a:
                    05:a2:f2:ea:1a:bc:4a:e7:f0:eb:9c:ad:a6:4c:68:
                    2f:79:b5:5b:58:77:6e:41:f1:4e:4c:df:10:ba:33:
                    82:b1:cc:b6:75:1f:a0:f0:93:0e:fd:ad:09:d4:60:
                    d3:c2:eb:e3:69:fa:cf:f0:ed:83:6d:c8:e5:88:41:
                    48:8b:03:ee:9b:a5:25:bc:24:8b:39:83:db:59:a9:
                    e6:e9:99:73:81:6f:52:57:8c:64:4d:ca:11:d8:9a:
                    5a:ce:19:c5:49:9b:9e:2b:53:b3:0a:9a:f0:85:ed:
                    90:21:36:db:ae:ad:bc:77:b1:d2:fc:b7:80:3a:fd:
                    95:2b:0f:ab:2c:cd:33:8b:52:ea:44:ae:08:a1:b4:
                    da:27:30:86:b6:92:86:c6:18:8f:dd:cd:b9:01:36:
                    d0:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:D7:12:F7:D4:1C:AF:4E:2D:0B:CB:3B:54:8F:B6:83:6E:42:8A:0A
            X509v3 Authority Key Identifier:
                keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/_NcS99Qcr04tC8s7VI-2g25Cigo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.254.17.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:cc:b1:0d:ff:23:36:8e:ed:98:7b:d7:50:ba:9e:df:37:db:
         69:1f:a5:83:49:13:a8:8f:25:7d:2e:1b:3f:13:47:58:22:00:
         fa:bf:ff:96:9f:04:a0:c8:81:09:97:a6:86:ba:02:05:4c:60:
         67:a8:2c:2f:6c:ce:17:b0:4c:eb:c4:a5:06:9d:e8:95:a2:d0:
         22:aa:5e:6a:84:18:ec:39:e9:f4:ec:85:5f:9d:8b:53:a0:1b:
         72:46:5a:30:6e:69:0a:cb:a9:a7:ac:7e:46:5a:0b:85:53:45:
         5c:9d:42:82:15:61:6b:51:be:32:be:a9:3e:dd:3c:9e:1e:3b:
         97:d8:bd:4f:97:ed:01:d4:d2:3f:e2:1c:62:40:8e:96:de:67:
         98:5e:43:43:00:a9:b2:91:4e:11:de:7e:9d:03:3d:52:c8:f9:
         15:d8:a7:23:14:38:a7:1e:28:bd:f0:1c:53:12:53:00:24:85:
         a2:1b:14:03:50:e8:d0:cc:11:4c:a0:25:5b:34:c5:21:ee:7e:
         28:af:c1:e2:a7:4a:44:d2:63:77:33:03:3c:5f:ce:a3:62:c6:
         3d:a9:38:e8:58:e7:ce:1d:5c:c9:be:7b:17:56:3d:a0:94:98:
         f7:93:27:fc:00:c4:58:a3:25:0d:42:30:22:40:e2:74:74:16:
         03:a9:8a:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa2YbFHy1pEb4ElhKYcJgFgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMwMzA2MTAwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2Q3MTJmN2Q0MWNhZjRlMmQwYmNiM2I1NDhmYjY4MzZlNDI4YTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApieLBye2OjCFl8eUWEvf+l2sJL2n
mRV67G62xepNrzYagnkieOOjukOp/KA0484crBrtQT0FfuM8P79OgINo8WRFQKE3
SDQjtYwWORy1uLoqH0EgQCxJqMC1SF+jkxNwyEjayx95DmoFovLqGrxK5/DrnK2m
TGgvebVbWHduQfFOTN8QujOCscy2dR+g8JMO/a0J1GDTwuvjafrP8O2DbcjliEFI
iwPum6UlvCSLOYPbWanm6ZlzgW9SV4xkTcoR2JpazhnFSZueK1OzCprwhe2QITbb
rq28d7HS/LeAOv2VKw+rLM0zi1LqRK4IobTaJzCGtpKGxhiP3c25ATbQDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPzXEvfUHK9OLQvLO1SPtoNuQooKMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvX05jUzk5UWNyMDR0QzhzN1ZJLTJnMjVDaWdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/4RMA0G
CSqGSIb3DQEBCwUAA4IBAQAIzLEN/yM2ju2Ye9dQup7fN9tpH6WDSROojyV9Lhs/
E0dYIgD6v/+WnwSgyIEJl6aGugIFTGBnqCwvbM4XsEzrxKUGneiVotAiql5qhBjs
Oen07IVfnYtToBtyRlowbmkKy6mnrH5GWguFU0VcnUKCFWFrUb4yvqk+3TyeHjuX
2L1Pl+0B1NI/4hxiQI6W3meYXkNDAKmykU4R3n6dAz1SyPkV2KcjFDinHii98BxT
ElMAJIWiGxQDUOjQzBFMoCVbNMUh7n4or8Hip0pE0mN3MwM8X86jYsY9qTjoWOfO
HVzJvnsXVj2glJj3kyf8AMRYoyUNQjAiQOJ0dBYDqYqN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:22 2024 by rpki-client on console-ams.rpki-client.org