Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/gi4N_Z0X45bhL0usaST4JJiBs6E.roa
File:                     gi4N_Z0X45bhL0usaST4JJiBs6E.roa (raw, json)
Hash identifier:          FsocAbRahGTTHm9wzICntQkXfn92E89sxoqiXS3JjT0=
Subject key identifier:   82:2E:0D:FD:9D:17:E3:96:E1:2F:4B:AC:69:24:F8:24:98:81:B3:A1
Certificate issuer:       /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial:       01856F022E02BA969955251AC578BC945B48
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/gi4N_Z0X45bhL0usaST4JJiBs6E.roa
Signing time:             Sun 01 Jan 2023 20:24:51 +0000
ROA not before:           Sun 01 Jan 2023 20:24:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400039
IP address blocks:        86.104.209.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:02:2e:02:ba:96:99:55:25:1a:c5:78:bc:94:5b:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
        Validity
            Not Before: Jan  1 20:24:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=822e0dfd9d17e396e12f4bac6924f8249881b3a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:35:75:5f:ee:ca:2a:98:53:bf:3f:f3:65:88:
                    f0:80:90:fb:34:21:82:5c:a8:70:59:29:f4:07:8b:
                    0e:e8:0a:57:fe:af:36:e3:30:bd:4a:15:e4:8b:31:
                    72:a2:e7:8c:d4:f1:91:1a:94:dc:8a:c0:b2:8e:1b:
                    12:21:e9:a8:1a:6e:4d:90:50:27:63:1f:f5:03:c8:
                    68:04:e6:83:dd:75:de:7c:6a:20:16:85:69:c4:05:
                    18:75:e3:67:bc:cd:a4:15:6f:45:5b:10:45:3d:de:
                    1c:2e:e8:02:b2:d7:f7:1a:cd:25:e5:02:d1:42:75:
                    8a:be:cc:18:5e:3c:d0:66:1c:79:c8:9f:6a:40:e4:
                    97:fc:1d:d7:cf:07:12:c8:af:52:53:a1:b2:41:55:
                    0b:56:db:f0:ad:54:9a:0a:13:2e:bf:60:c4:e5:94:
                    a5:0f:f1:17:32:ca:a9:dd:9a:fc:35:43:b8:13:12:
                    55:15:49:5c:72:bb:b4:79:15:fc:f5:c0:d6:35:a4:
                    98:6f:49:1f:5d:06:5a:06:24:24:63:39:ac:fd:55:
                    e4:09:87:05:4b:5b:98:4c:c3:1d:f4:2a:83:fe:04:
                    4f:54:d4:b9:c7:64:b3:ca:cd:4e:5b:ea:d4:fb:50:
                    5b:4f:63:9b:4e:15:69:91:bc:de:5f:0d:07:cd:65:
                    a8:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:2E:0D:FD:9D:17:E3:96:E1:2F:4B:AC:69:24:F8:24:98:81:B3:A1
            X509v3 Authority Key Identifier:
                keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/gi4N_Z0X45bhL0usaST4JJiBs6E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.104.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:eb:89:df:73:e9:9d:cf:c9:3d:14:25:2e:da:88:ea:9f:23:
         99:26:3c:9e:7f:26:14:1e:a6:16:62:9d:85:c7:44:03:fb:6f:
         bf:5f:3d:71:12:d3:94:bc:6b:d2:0e:60:1a:e0:39:05:cf:69:
         ad:64:9b:7c:e4:b5:16:ac:ed:54:54:9f:7a:7e:9a:c0:3f:52:
         0d:49:6b:8d:7d:5a:6b:aa:12:23:f4:06:4a:08:2d:5c:fc:11:
         80:29:92:e3:13:c1:12:0c:a2:8d:8f:e4:42:6a:60:7a:0b:7e:
         5b:70:10:40:60:b3:df:37:15:11:52:fc:95:94:cb:85:ee:f9:
         f1:06:45:ba:95:8e:3c:80:d3:e5:5a:69:4e:1d:90:11:17:b8:
         7a:da:5c:b0:26:42:f7:98:03:ff:66:72:05:1c:71:89:53:44:
         65:7c:12:50:58:50:81:5c:59:a9:20:d5:a8:5a:7b:fa:dd:1a:
         34:5a:e0:eb:27:fc:39:70:2a:4d:f4:ce:58:f2:db:1f:37:25:
         31:1d:c4:7b:d8:63:a5:96:ca:9a:d3:50:86:99:90:63:a1:e5:
         8b:78:8b:03:87:29:ac:b6:27:eb:3f:62:fb:e7:08:98:c7:0e:
         a5:45:57:e5:f6:0d:47:73:50:d4:26:09:db:fd:a0:1f:41:32:
         7f:0f:0e:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAi4CupaZVSUaxXi8lFtIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwMTAxMjAyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjJlMGRmZDlkMTdlMzk2ZTEyZjRiYWM2OTI0ZjgyNDk4ODFiM2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzV1X+7KKphTvz/zZYjwgJD7NCGC
XKhwWSn0B4sO6ApX/q824zC9ShXkizFyoueM1PGRGpTcisCyjhsSIemoGm5NkFAn
Yx/1A8hoBOaD3XXefGogFoVpxAUYdeNnvM2kFW9FWxBFPd4cLugCstf3Gs0l5QLR
QnWKvswYXjzQZhx5yJ9qQOSX/B3XzwcSyK9SU6GyQVULVtvwrVSaChMuv2DE5ZSl
D/EXMsqp3Zr8NUO4ExJVFUlccru0eRX89cDWNaSYb0kfXQZaBiQkYzms/VXkCYcF
S1uYTMMd9CqD/gRPVNS5x2Szys1OW+rU+1BbT2ObThVpkbzeXw0HzWWoawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIIuDf2dF+OW4S9LrGkk+CSYgbOhMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvZ2k0Tl9aMFg0NWJoTDB1c2FTVDRKSmlCczZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVmjRMA0G
CSqGSIb3DQEBCwUAA4IBAQBJ64nfc+mdz8k9FCUu2ojqnyOZJjyefyYUHqYWYp2F
x0QD+2+/Xz1xEtOUvGvSDmAa4DkFz2mtZJt85LUWrO1UVJ96fprAP1INSWuNfVpr
qhIj9AZKCC1c/BGAKZLjE8ESDKKNj+RCamB6C35bcBBAYLPfNxURUvyVlMuF7vnx
BkW6lY48gNPlWmlOHZARF7h62lywJkL3mAP/ZnIFHHGJU0RlfBJQWFCBXFmpINWo
Wnv63Ro0WuDrJ/w5cCpN9M5Y8tsfNyUxHcR72GOllsqa01CGmZBjoeWLeIsDhyms
tifrP2L75wiYxw6lRVfl9g1Hc1DUJgnb/aAfQTJ/Dw6O
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:15 2024 by rpki-client on console-fra.rpki-client.org