Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/9LJN5kRX4TFqYVNV3batdJWLyrs.roa
File:                     9LJN5kRX4TFqYVNV3batdJWLyrs.roa (raw, json)
Hash identifier:          iFPR4sA0+LtKAcrEpoCnTqXn3FwNwrI1SGVsKe13oI8=
Subject key identifier:   F4:B2:4D:E6:44:57:E1:31:6A:61:53:55:DD:B6:AD:74:95:8B:CA:BB
Certificate issuer:       /CN=ff44dbaca56dac319401f68a50d917f5424611ad
Certificate serial:       01856D4AE0B3E4CBA5264AD03C4ACD873A8D
Authority key identifier: FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/9LJN5kRX4TFqYVNV3batdJWLyrs.roa
Signing time:             Sun 01 Jan 2023 12:25:01 +0000
ROA not before:           Sun 01 Jan 2023 12:25:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3356
IP address blocks:        45.143.11.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 01 Sep 2023 07:27:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:4a:e0:b3:e4:cb:a5:26:4a:d0:3c:4a:cd:87:3a:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff44dbaca56dac319401f68a50d917f5424611ad
        Validity
            Not Before: Jan  1 12:25:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f4b24de64457e1316a615355ddb6ad74958bcabb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:3a:28:df:e4:17:b1:74:56:3c:13:c1:ec:08:
                    3a:f6:23:78:f1:fb:84:ff:93:83:87:4c:6a:31:4a:
                    83:66:e0:3b:a4:c3:7e:c8:97:03:45:8d:3a:ff:a4:
                    95:52:04:24:b2:ca:23:86:9d:9c:8c:a2:c2:53:e5:
                    e9:1c:88:81:28:6f:12:42:88:7e:53:9f:fe:f9:45:
                    86:e0:b0:cd:7b:08:9e:76:bd:22:95:95:50:a2:48:
                    4f:8a:85:dd:1b:cf:d4:69:36:62:8e:e7:6c:f4:4e:
                    d9:5f:72:87:85:be:d5:45:b5:ce:5b:b2:fc:4a:57:
                    3b:36:4c:d7:b3:c9:35:c4:c6:28:ee:63:e5:a3:88:
                    76:c2:7d:a0:c9:b6:9e:80:7a:21:40:50:42:3c:d7:
                    99:9b:41:f9:9c:13:27:fb:7d:29:5a:25:2f:57:10:
                    4d:a4:ae:ed:75:a4:d9:77:6b:81:7a:c0:23:e6:61:
                    71:c5:93:e8:1f:ec:f0:87:4f:39:98:1b:5d:35:27:
                    34:80:54:e9:c5:33:92:9f:cf:e0:e1:69:8a:63:96:
                    0b:2d:b6:9a:4d:31:61:37:6f:0f:47:03:74:43:42:
                    8b:3b:a3:cc:f6:f9:9b:c6:04:d6:23:e8:ff:04:17:
                    9b:e8:25:5a:05:ec:c7:3e:eb:03:4b:16:12:03:54:
                    9d:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:B2:4D:E6:44:57:E1:31:6A:61:53:55:DD:B6:AD:74:95:8B:CA:BB
            X509v3 Authority Key Identifier:
                keyid:FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/9LJN5kRX4TFqYVNV3batdJWLyrs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/_0TbrKVtrDGUAfaKUNkX9UJGEa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.143.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:22:95:d3:fc:48:44:b4:74:fd:12:96:9e:04:f2:af:b8:b6:
         a5:b5:28:57:07:e6:82:9d:dd:5a:b2:c7:0d:d2:1c:e8:0b:4e:
         d3:be:9a:cd:3e:27:7d:9a:83:32:fe:ab:f3:f2:90:ff:df:91:
         47:68:43:dc:83:56:48:63:56:98:7b:00:62:21:4b:f1:1c:fa:
         00:e3:d0:15:46:b9:20:39:ec:64:55:c3:c2:06:a8:67:d1:58:
         8d:f9:5a:47:95:e9:b0:43:a6:06:07:2e:88:ad:fc:64:e3:fa:
         8b:78:ae:19:36:e2:fc:18:20:18:3d:d8:b7:cd:ac:9b:0b:c4:
         ee:95:29:67:7e:be:e2:1a:4f:89:3d:d5:64:57:42:72:fa:2c:
         e4:1e:e1:e8:a3:81:a6:f3:fd:9f:6b:ab:88:56:8a:5c:c4:d5:
         4b:da:08:91:38:20:03:36:ac:aa:8f:dc:a3:6e:28:c5:24:f4:
         8d:f3:51:09:11:90:ee:cb:c0:f5:ae:44:ca:47:a5:1c:a3:b7:
         bb:7e:52:f8:3c:65:ef:c8:3e:39:93:76:54:e9:3d:c2:ae:12:
         a1:31:8c:d7:9e:22:8c:9a:d6:10:a2:49:00:26:d3:2b:4f:42:
         df:0f:7e:b7:01:91:f0:ee:e4:f9:1f:a4:5c:59:e9:fe:4f:63:
         e9:ed:7c:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtSuCz5MulJkrQPErNhzqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDRkYmFjYTU2ZGFjMzE5NDAxZjY4YTUwZDkxN2Y1NDI0
NjExYWQwHhcNMjMwMTAxMTIyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGIyNGRlNjQ0NTdlMTMxNmE2MTUzNTVkZGI2YWQ3NDk1OGJjYWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDoo3+QXsXRWPBPB7Ag69iN48fuE
/5ODh0xqMUqDZuA7pMN+yJcDRY06/6SVUgQkssojhp2cjKLCU+XpHIiBKG8SQoh+
U5/++UWG4LDNewiedr0ilZVQokhPioXdG8/UaTZijuds9E7ZX3KHhb7VRbXOW7L8
Slc7NkzXs8k1xMYo7mPlo4h2wn2gybaegHohQFBCPNeZm0H5nBMn+30pWiUvVxBN
pK7tdaTZd2uBesAj5mFxxZPoH+zwh085mBtdNSc0gFTpxTOSn8/g4WmKY5YLLbaa
TTFhN28PRwN0Q0KLO6PM9vmbxgTWI+j/BBeb6CVaBezHPusDSxYSA1SdsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPSyTeZEV+ExamFTVd22rXSVi8q7MB8GA1UdIwQY
MBaAFP9E26ylbawxlAH2ilDZF/VCRhGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4Mjct
YzVkODk1MDgxOGVjLzEvOUxKTjVrUlg0VEZxWVZOVjNiYXRkSldMeXJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4MjctYzVkODk1MDgxOGVj
LzEvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY8LMA0G
CSqGSIb3DQEBCwUAA4IBAQBYIpXT/EhEtHT9EpaeBPKvuLaltShXB+aCnd1asscN
0hzoC07TvprNPid9moMy/qvz8pD/35FHaEPcg1ZIY1aYewBiIUvxHPoA49AVRrkg
OexkVcPCBqhn0ViN+VpHlemwQ6YGBy6Irfxk4/qLeK4ZNuL8GCAYPdi3zaybC8Tu
lSlnfr7iGk+JPdVkV0Jy+izkHuHoo4Gm8/2fa6uIVopcxNVL2giROCADNqyqj9yj
bijFJPSN81EJEZDuy8D1rkTKR6Uco7e7flL4PGXvyD45k3ZU6T3CrhKhMYzXniKM
mtYQokkAJtMrT0LfD363AZHw7uT5H6RcWen+T2Pp7Xyw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:01 2024 by rpki-client on console-fra.rpki-client.org