Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/3Fa52EAPT9ezz8_viiT1f0YNVrA.roa
File:                     3Fa52EAPT9ezz8_viiT1f0YNVrA.roa (raw, json)
Hash identifier:          +hfHHDP9blajSBS/O+Cmlv+RjC0Fs0t/52+E3kdHIhc=
Subject key identifier:   DC:56:B9:D8:40:0F:4F:D7:B3:CF:CF:EF:8A:24:F5:7F:46:0D:56:B0
Certificate issuer:       /CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
Certificate serial:       018A023951B879F773A47FF5E16E920F10E5
Authority key identifier: E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/3Fa52EAPT9ezz8_viiT1f0YNVrA.roa
Signing time:             Thu 17 Aug 2023 06:40:25 +0000
ROA not before:           Thu 17 Aug 2023 06:40:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203
IP address blocks:        212.138.64.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 17 Aug 2023 11:32:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:02:39:51:b8:79:f7:73:a4:7f:f5:e1:6e:92:0f:10:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
        Validity
            Not Before: Aug 17 06:40:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dc56b9d8400f4fd7b3cfcfef8a24f57f460d56b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:27:0e:cf:3b:c2:44:92:bf:15:0e:1c:78:b5:
                    30:51:48:9b:00:96:d5:55:be:36:66:cd:36:98:68:
                    40:f5:15:33:f3:5c:73:de:bf:7e:e7:ad:17:e1:a6:
                    8a:78:50:5c:98:3f:41:3b:61:37:c9:5b:96:a5:03:
                    b8:9e:ae:69:ae:3e:f7:ad:15:9a:06:f2:68:4e:c0:
                    bb:3a:e9:7a:bb:19:1d:00:b7:0d:67:74:de:ab:6a:
                    d8:87:fa:5e:8f:92:1e:ba:64:8d:13:3d:55:32:aa:
                    a8:e1:25:34:b8:24:7b:07:f1:37:ea:92:39:a4:cc:
                    e6:fe:13:97:af:95:1b:22:fd:bb:71:9a:38:4e:b2:
                    03:c8:f6:6a:0d:e6:14:a9:c2:3c:5c:74:d6:4d:36:
                    a2:6f:ad:f3:8c:2e:32:8d:b0:a3:cc:88:44:fb:bd:
                    b5:19:d8:82:46:17:50:df:f2:67:f4:e8:4c:90:06:
                    0c:49:12:1b:7d:88:45:c1:a6:63:72:28:60:ed:2a:
                    34:19:ab:6e:88:43:3e:45:38:97:cb:99:30:78:b5:
                    f7:57:b7:b4:ef:a7:30:15:b9:64:fc:31:8f:ea:23:
                    84:29:ab:3b:fa:68:85:cd:83:96:70:e0:c0:37:f2:
                    7c:d7:d0:32:b3:46:6e:7d:9f:ea:e5:95:a9:69:9d:
                    88:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:56:B9:D8:40:0F:4F:D7:B3:CF:CF:EF:8A:24:F5:7F:46:0D:56:B0
            X509v3 Authority Key Identifier:
                keyid:E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/3Fa52EAPT9ezz8_viiT1f0YNVrA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/6E31KvRgym-oySOkn1y3lepnB_c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.138.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:ca:98:78:69:20:de:4b:d7:e8:aa:bf:b6:ac:fe:f1:20:8a:
         40:49:82:77:77:66:cb:9d:8c:e5:ba:8f:61:82:36:66:33:1c:
         a4:43:4c:93:bb:6c:e7:0a:1b:3b:01:c0:5b:ce:47:87:a6:2c:
         dd:02:10:1f:a4:3e:92:1b:6c:dd:fa:4c:82:0b:d4:c1:26:32:
         c7:e5:4e:80:d4:07:77:a5:5f:99:d5:a6:97:c7:3e:38:58:42:
         d3:73:50:df:8b:33:6d:f0:6b:b9:da:f2:95:ba:35:5f:f6:14:
         f3:b4:12:1b:bf:3b:65:14:b7:d1:40:8c:cb:67:2e:4f:49:7f:
         1d:fd:b2:d1:71:92:a7:e8:36:9b:58:fe:ea:96:ff:16:48:c8:
         9f:5a:40:74:f3:61:e8:2b:86:54:13:d3:fe:bd:64:b6:ee:31:
         45:27:31:a8:d6:18:44:c9:27:e5:5d:cc:0c:67:62:1f:64:e0:
         e6:45:ae:0a:6a:b0:23:e3:52:b0:8f:e7:b8:20:4f:53:2d:7c:
         93:d5:b1:6b:4f:0d:b3:b5:3a:1f:01:32:e1:c4:1c:f3:f0:a5:
         80:ad:92:f0:de:66:b4:08:ea:35:ba:aa:dc:30:8f:61:4f:e5:
         55:ee:ec:b3:d4:d2:c9:73:76:bb:33:e9:41:c0:8e:2a:22:14:
         45:e1:d0:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoCOVG4efdzpH/14W6SDxDlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NGRmNTJhZjQ2MGNhNmZhOGM5MjNhNDlmNWNiNzk1ZWE2
NzA3ZjcwHhcNMjMwODE3MDY0MDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzU2YjlkODQwMGY0ZmQ3YjNjZmNmZWY4YTI0ZjU3ZjQ2MGQ1NmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuScOzzvCRJK/FQ4ceLUwUUibAJbV
Vb42Zs02mGhA9RUz81xz3r9+560X4aaKeFBcmD9BO2E3yVuWpQO4nq5prj73rRWa
BvJoTsC7Oul6uxkdALcNZ3Teq2rYh/pej5IeumSNEz1VMqqo4SU0uCR7B/E36pI5
pMzm/hOXr5UbIv27cZo4TrIDyPZqDeYUqcI8XHTWTTaib63zjC4yjbCjzIhE+721
GdiCRhdQ3/Jn9OhMkAYMSRIbfYhFwaZjcihg7So0GatuiEM+RTiXy5kweLX3V7e0
76cwFblk/DGP6iOEKas7+miFzYOWcODAN/J819Ays0ZufZ/q5ZWpaZ2IAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNxWudhAD0/Xs8/P74ok9X9GDVawMB8GA1UdIwQY
MBaAFOhN9Sr0YMpvqMkjpJ9ct5XqZwf3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUt
OTRjMmZkYTM5ZWFkLzEvM0ZhNTJFQVBUOWV6ejhfdmlpVDFmMFlOVnJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUtOTRjMmZkYTM5ZWFk
LzEvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1IpAMA0G
CSqGSIb3DQEBCwUAA4IBAQCByph4aSDeS9foqr+2rP7xIIpASYJ3d2bLnYzluo9h
gjZmMxykQ0yTu2znChs7AcBbzkeHpizdAhAfpD6SG2zd+kyCC9TBJjLH5U6A1Ad3
pV+Z1aaXxz44WELTc1DfizNt8Gu52vKVujVf9hTztBIbvztlFLfRQIzLZy5PSX8d
/bLRcZKn6DabWP7qlv8WSMifWkB082HoK4ZUE9P+vWS27jFFJzGo1hhEySflXcwM
Z2IfZODmRa4KarAj41Kwj+e4IE9TLXyT1bFrTw2ztTofATLhxBzz8KWArZLw3ma0
COo1uqrcMI9hT+VV7uyz1NLJc3a7M+lBwI4qIhRF4dBg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:04 2024 by rpki-client on console-ams.rpki-client.org