Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/OaBpmomEeJEPvDlP6UBhoIgR3_A.roa
File:                     OaBpmomEeJEPvDlP6UBhoIgR3_A.roa (raw, json)
Hash identifier:          RC2aSyBZt/p497e7D4rMctQZnM81tnjPBlFbI931tqg=
Subject key identifier:   39:A0:69:9A:89:84:78:91:0F:BC:39:4F:E9:40:61:A0:88:11:DF:F0
Certificate issuer:       /CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
Certificate serial:       01856FD4FB50C8B573BC87D0D3A1119ABAAE
Authority key identifier: 25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/OaBpmomEeJEPvDlP6UBhoIgR3_A.roa
Signing time:             Mon 02 Jan 2023 00:15:06 +0000
ROA not before:           Mon 02 Jan 2023 00:15:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     139138
IP address blocks:        199.182.239.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:30:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:d4:fb:50:c8:b5:73:bc:87:d0:d3:a1:11:9a:ba:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
        Validity
            Not Before: Jan  2 00:15:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=39a0699a898478910fbc394fe94061a08811dff0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:aa:ee:b0:c0:f6:53:56:b8:bc:4b:61:1a:61:
                    39:2d:77:3a:5a:77:8a:3d:e5:09:01:41:72:d5:da:
                    48:0a:17:48:9c:1c:4a:6f:7e:d4:9c:8c:e1:fd:8e:
                    81:0e:62:e5:36:31:85:43:41:1c:7b:83:35:b8:18:
                    dd:29:ef:17:a2:9c:45:c1:b5:75:ba:c9:6b:2b:03:
                    7b:84:ea:a6:ef:f4:55:ad:7b:d2:99:44:b7:86:64:
                    3f:60:10:79:b7:f8:1c:d0:0e:c7:08:b6:98:b1:cb:
                    16:fe:6a:0e:fb:ba:a7:b8:44:7b:5e:a5:43:a3:8d:
                    05:bb:be:88:24:94:b0:73:20:f7:ec:ca:63:bc:61:
                    e0:5a:bf:a0:f5:6b:1b:ca:ab:b2:54:57:01:ae:f8:
                    fc:20:07:e5:f6:e0:2a:b2:61:17:05:5b:93:ef:ed:
                    ee:5e:6b:97:ec:b2:bf:f0:d0:f5:08:94:96:8e:70:
                    8c:91:1a:ef:fd:b3:34:1f:cc:03:57:9f:09:61:92:
                    01:96:b4:49:93:cb:9e:59:91:39:03:b0:3c:23:cb:
                    1f:47:b3:83:7a:42:7d:97:83:e6:dc:3a:44:0c:d8:
                    2b:63:c9:01:bd:74:b9:b8:d5:7e:96:14:1c:72:df:
                    84:75:2e:3f:38:9a:d2:f0:9f:50:e1:99:74:89:0c:
                    97:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:A0:69:9A:89:84:78:91:0F:BC:39:4F:E9:40:61:A0:88:11:DF:F0
            X509v3 Authority Key Identifier:
                keyid:25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/OaBpmomEeJEPvDlP6UBhoIgR3_A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/JXdsd_jr5wlMoAes4anAv9wrOuw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.182.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:58:4e:16:f0:31:e6:f4:60:2e:c3:fa:be:41:67:f8:41:b9:
         25:a6:e0:dd:1d:fd:f3:90:e4:2b:6f:7a:44:0a:00:d8:66:14:
         c7:8f:d2:b2:9b:c7:7c:4a:bc:0f:c6:70:fb:db:4c:fa:93:00:
         de:ed:67:9a:2f:7c:4a:40:0b:80:e4:b4:90:e3:1e:27:c1:9f:
         93:f4:af:8d:99:34:de:89:25:e1:a0:c1:3a:f4:dc:dc:0d:14:
         af:ca:6d:bf:03:f1:9c:2c:71:22:e9:18:52:07:9b:68:c7:af:
         d4:b7:d0:d1:10:41:a1:5a:47:44:f8:7e:e1:1e:ab:e9:89:19:
         8e:2c:5d:2e:77:9d:bf:fa:04:da:48:e5:d0:73:c8:f1:cf:6d:
         d4:47:6c:4f:2c:d5:d0:fb:29:67:a6:ec:64:84:a9:78:40:c4:
         7b:28:ec:e5:20:d3:bc:ca:c1:f0:34:2a:8f:a8:7d:9c:c7:61:
         f8:4d:2a:a3:03:a6:66:94:b6:80:71:d6:79:89:66:55:ae:c9:
         98:5c:ad:5c:89:1d:cf:9b:e3:4f:8f:ee:0a:97:ba:11:16:6f:
         04:64:47:11:b4:97:e8:8f:0f:2f:6f:4b:a2:87:cf:5c:8f:74:
         05:4b:a6:9d:a8:ec:ed:36:cb:ad:73:ab:9f:f4:1a:1b:13:d8:
         e4:c0:7c:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1PtQyLVzvIfQ06ERmrquMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1Nzc2Yzc3ZjhlYmU3MDk0Y2EwMDdhY2UxYTljMGJmZGMy
YjNhZWMwHhcNMjMwMTAyMDAxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWEwNjk5YTg5ODQ3ODkxMGZiYzM5NGZlOTQwNjFhMDg4MTFkZmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKrusMD2U1a4vEthGmE5LXc6WneK
PeUJAUFy1dpIChdInBxKb37UnIzh/Y6BDmLlNjGFQ0Ece4M1uBjdKe8XopxFwbV1
uslrKwN7hOqm7/RVrXvSmUS3hmQ/YBB5t/gc0A7HCLaYscsW/moO+7qnuER7XqVD
o40Fu76IJJSwcyD37MpjvGHgWr+g9WsbyquyVFcBrvj8IAfl9uAqsmEXBVuT7+3u
XmuX7LK/8ND1CJSWjnCMkRrv/bM0H8wDV58JYZIBlrRJk8ueWZE5A7A8I8sfR7OD
ekJ9l4Pm3DpEDNgrY8kBvXS5uNV+lhQcct+EdS4/OJrS8J9Q4Zl0iQyX/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDmgaZqJhHiRD7w5T+lAYaCIEd/wMB8GA1UdIwQY
MBaAFCV3bHf46+cJTKAHrOGpwL/cKzrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlhkc2RfanI1d2xNb0FlczRhbkF2OXdyT3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS81N2UwOGMtY2EzYS00MDk5LWFlNzQt
ZTdkYWVjMTk0YTY5LzEvT2FCcG1vbUVlSkVQdkRsUDZVQmhvSWdSM19BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS81N2UwOGMtY2EzYS00MDk5LWFlNzQtZTdkYWVjMTk0YTY5
LzEvSlhkc2RfanI1d2xNb0FlczRhbkF2OXdyT3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAx7bvMA0G
CSqGSIb3DQEBCwUAA4IBAQCEWE4W8DHm9GAuw/q+QWf4QbklpuDdHf3zkOQrb3pE
CgDYZhTHj9Kym8d8SrwPxnD720z6kwDe7WeaL3xKQAuA5LSQ4x4nwZ+T9K+NmTTe
iSXhoME69NzcDRSvym2/A/GcLHEi6RhSB5tox6/Ut9DREEGhWkdE+H7hHqvpiRmO
LF0ud52/+gTaSOXQc8jxz23UR2xPLNXQ+ylnpuxkhKl4QMR7KOzlINO8ysHwNCqP
qH2cx2H4TSqjA6ZmlLaAcdZ5iWZVrsmYXK1ciR3Pm+NPj+4Kl7oRFm8EZEcRtJfo
jw8vb0uih89cj3QFS6adqOztNsutc6uf9BobE9jkwHxQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:30 2024 by rpki-client on console-fra.rpki-client.org