Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/aa764d-f5ac-4acf-b2bd-9fdb5c55ae50/1/LyUttmolURUmKw8JgIoOft8eDME.roa
File:                     LyUttmolURUmKw8JgIoOft8eDME.roa (raw, json)
Hash identifier:          VkbdFmunqmJCCpWDge/aIM9dkvdq0m23eiI+GnDIwDM=
Subject key identifier:   2F:25:2D:B6:6A:25:51:15:26:2B:0F:09:80:8A:0E:7E:DF:1E:0C:C1
Certificate issuer:       /CN=2fb8280c6cb7db3e073950d535d6d8c705d90b87
Certificate serial:       01909451E962124081D07105B571863C3CD3
Authority key identifier: 2F:B8:28:0C:6C:B7:DB:3E:07:39:50:D5:35:D6:D8:C7:05:D9:0B:87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L7goDGy32z4HOVDVNdbYxwXZC4c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/aa764d-f5ac-4acf-b2bd-9fdb5c55ae50/1/LyUttmolURUmKw8JgIoOft8eDME.roa
Signing time:             Mon 08 Jul 2024 21:48:34 +0000
ROA not before:           Mon 08 Jul 2024 21:48:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        193.24.121.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 11 Jul 2024 06:43:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:94:51:e9:62:12:40:81:d0:71:05:b5:71:86:3c:3c:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2fb8280c6cb7db3e073950d535d6d8c705d90b87
        Validity
            Not Before: Jul  8 21:48:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2f252db66a255115262b0f09808a0e7edf1e0cc1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:d4:ec:0d:bc:63:64:f9:cb:9b:53:4d:e1:49:
                    06:59:65:b9:8c:33:74:06:8f:6a:e5:05:77:d4:90:
                    32:e1:a6:d2:d1:05:db:a7:bf:64:12:f3:4e:a1:1c:
                    bf:2d:5f:1f:b3:9f:a7:4d:92:72:0b:c1:6e:09:83:
                    8e:78:4c:0c:95:48:b8:19:ed:d3:85:ee:0d:f4:ad:
                    9c:1f:c1:98:65:75:b7:c0:ef:5d:b7:10:a5:61:b3:
                    14:af:5d:d1:ac:db:7a:a3:b5:15:6b:4f:f5:56:77:
                    8a:4d:e3:1a:59:e7:22:23:0a:14:57:61:39:d4:d0:
                    78:7a:3f:cf:7f:ec:ad:ae:43:60:00:78:68:66:1c:
                    54:fb:94:64:db:10:8a:de:25:c5:49:de:f7:14:31:
                    94:72:9e:73:e2:1f:96:a9:f4:5f:a1:30:f9:a9:68:
                    c6:fa:6d:bb:fd:ff:8e:7f:55:9b:bc:31:89:e5:98:
                    5b:98:ee:35:e7:25:e2:59:77:02:16:a6:64:a8:93:
                    61:24:f3:f5:42:32:72:da:f6:dd:5c:98:82:c9:e7:
                    c5:de:ad:d7:22:52:4d:cf:4f:67:fd:2c:7b:29:36:
                    79:7d:e5:d8:04:34:c5:c1:c0:9c:b8:7f:ff:ec:5e:
                    3e:ed:0a:7e:a0:47:bd:79:aa:ee:db:11:23:ff:41:
                    2e:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:25:2D:B6:6A:25:51:15:26:2B:0F:09:80:8A:0E:7E:DF:1E:0C:C1
            X509v3 Authority Key Identifier:
                keyid:2F:B8:28:0C:6C:B7:DB:3E:07:39:50:D5:35:D6:D8:C7:05:D9:0B:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L7goDGy32z4HOVDVNdbYxwXZC4c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/aa764d-f5ac-4acf-b2bd-9fdb5c55ae50/1/LyUttmolURUmKw8JgIoOft8eDME.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/aa764d-f5ac-4acf-b2bd-9fdb5c55ae50/1/L7goDGy32z4HOVDVNdbYxwXZC4c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.24.121.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c8:46:4e:bc:f3:c1:dc:77:2d:96:fb:0c:b7:97:db:6d:20:6b:
         45:1d:7c:ef:8e:ea:55:47:42:cd:00:7d:3f:09:57:d5:b4:d6:
         03:88:3d:d6:95:3c:d6:67:b6:a5:f1:d2:41:46:72:8e:fe:94:
         1b:49:06:98:fc:fe:fd:1f:74:e9:9f:3c:ad:bd:13:ab:79:31:
         0f:da:52:b1:1a:46:d4:d1:71:65:f5:d9:4c:f4:af:fd:35:2e:
         65:21:e9:62:1b:12:51:a8:a4:9f:f4:af:ac:67:65:a6:17:45:
         45:0f:47:07:74:a7:10:5e:2e:7a:94:ca:b4:cd:c2:e4:ca:c3:
         6b:87:d3:e2:b9:7a:a6:ce:d1:f3:85:de:d2:3a:9a:6e:26:05:
         a4:5e:b2:12:b5:bb:bc:ae:d8:fb:77:6f:fe:56:30:27:ed:90:
         05:d3:c0:15:d9:a6:a4:5d:bf:ee:aa:10:84:7a:18:6b:59:e7:
         c7:cd:6b:82:c4:26:cc:bc:48:a8:8a:72:97:4b:36:84:21:30:
         f0:ed:4b:ea:83:4d:55:8a:69:3d:4e:ea:c8:5c:30:9b:61:66:
         e8:91:20:75:a4:78:81:ea:6f:ff:8f:6f:3a:4c:f7:d5:37:70:
         20:c9:91:fb:0f:9d:f7:58:25:ae:23:dc:5c:68:ba:14:d8:57:
         a7:3a:bd:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZCUUeliEkCB0HEFtXGGPDzTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYjgyODBjNmNiN2RiM2UwNzM5NTBkNTM1ZDZkOGM3MDVk
OTBiODcwHhcNMjQwNzA4MjE0ODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjI1MmRiNjZhMjU1MTE1MjYyYjBmMDk4MDhhMGU3ZWRmMWUwY2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tTsDbxjZPnLm1NN4UkGWWW5jDN0
Bo9q5QV31JAy4abS0QXbp79kEvNOoRy/LV8fs5+nTZJyC8FuCYOOeEwMlUi4Ge3T
he4N9K2cH8GYZXW3wO9dtxClYbMUr13RrNt6o7UVa0/1VneKTeMaWeciIwoUV2E5
1NB4ej/Pf+ytrkNgAHhoZhxU+5Rk2xCK3iXFSd73FDGUcp5z4h+WqfRfoTD5qWjG
+m27/f+Of1WbvDGJ5ZhbmO415yXiWXcCFqZkqJNhJPP1QjJy2vbdXJiCyefF3q3X
IlJNz09n/Sx7KTZ5feXYBDTFwcCcuH//7F4+7Qp+oEe9earu2xEj/0EueQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC8lLbZqJVEVJisPCYCKDn7fHgzBMB8GA1UdIwQY
MBaAFC+4KAxst9s+BzlQ1TXW2McF2QuHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDdnb0RHeTMyejRIT1ZEVk5kYll4d1haQzRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9hYTc2NGQtZjVhYy00YWNmLWIyYmQt
OWZkYjVjNTVhZTUwLzEvTHlVdHRtb2xVUlVtS3c4SmdJb09mdDhlRE1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9hYTc2NGQtZjVhYy00YWNmLWIyYmQtOWZkYjVjNTVhZTUw
LzEvTDdnb0RHeTMyejRIT1ZEVk5kYll4d1haQzRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRh5MA0G
CSqGSIb3DQEBCwUAA4IBAQDIRk6888Hcdy2W+wy3l9ttIGtFHXzvjupVR0LNAH0/
CVfVtNYDiD3WlTzWZ7al8dJBRnKO/pQbSQaY/P79H3TpnzytvROreTEP2lKxGkbU
0XFl9dlM9K/9NS5lIeliGxJRqKSf9K+sZ2WmF0VFD0cHdKcQXi56lMq0zcLkysNr
h9PiuXqmztHzhd7SOppuJgWkXrIStbu8rtj7d2/+VjAn7ZAF08AV2aakXb/uqhCE
ehhrWefHzWuCxCbMvEioinKXSzaEITDw7Uvqg01Vimk9TurIXDCbYWbokSB1pHiB
6m//j286TPfVN3AgyZH7D533WCWuI9xcaLoU2FenOr1P
-----END CERTIFICATE-----
Generated at Thu Jul 11 07:51:13 2024 by rpki-client on console-fra.rpki-client.org