Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/9dO8EItT-kbdFKBszDA5rNeMGZI.roa
File:                     9dO8EItT-kbdFKBszDA5rNeMGZI.roa (raw, json)
Hash identifier:          wSXsm+/RVgd+kPOf3GfiM2t0ik7tdAv0sR2oGS6ySxs=
Subject key identifier:   F5:D3:BC:10:8B:53:FA:46:DD:14:A0:6C:CC:30:39:AC:D7:8C:19:92
Certificate issuer:       /CN=7dc8911682bc5ca71cece1efe3ac135bfdb59dd6
Certificate serial:       01856E666CE90CB9DBF585BFC91B01B1EB52
Authority key identifier: 7D:C8:91:16:82:BC:5C:A7:1C:EC:E1:EF:E3:AC:13:5B:FD:B5:9D:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fciRFoK8XKcc7OHv46wTW_21ndY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/9dO8EItT-kbdFKBszDA5rNeMGZI.roa
Signing time:             Sun 01 Jan 2023 17:34:44 +0000
ROA not before:           Sun 01 Jan 2023 17:34:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9255
IP address blocks:        146.255.124.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:66:6c:e9:0c:b9:db:f5:85:bf:c9:1b:01:b1:eb:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7dc8911682bc5ca71cece1efe3ac135bfdb59dd6
        Validity
            Not Before: Jan  1 17:34:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f5d3bc108b53fa46dd14a06ccc3039acd78c1992
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:d8:28:ad:36:94:bf:42:45:a0:db:e3:29:cb:
                    c9:0a:d9:b1:8e:3d:ab:3e:54:24:c8:a9:3b:40:47:
                    b7:be:55:6f:92:09:a6:79:8b:1b:43:30:95:5c:c1:
                    20:1e:d1:62:63:c0:c7:c6:9d:23:be:65:17:f6:5a:
                    80:d5:9e:93:90:d2:00:d5:78:8e:d8:6f:22:8f:e2:
                    d0:64:98:b0:e6:c2:6f:f7:43:00:07:d7:2d:ba:be:
                    6e:d6:a1:50:a0:d3:46:cf:be:60:6f:ea:b4:94:64:
                    78:24:6b:75:ab:69:85:cd:b5:cf:bc:88:8e:ca:2f:
                    8a:48:26:53:7c:61:1c:15:d7:31:66:f1:fe:f4:b3:
                    ae:09:c2:92:13:2d:98:9d:e1:9b:40:e5:79:17:04:
                    84:2f:46:a8:8c:b5:46:11:32:9f:c1:7e:6e:2e:22:
                    8d:ea:84:18:7d:f5:90:51:72:bf:a3:7b:20:24:87:
                    8a:29:84:09:d8:3d:bd:1e:c5:1e:82:de:8d:8d:a1:
                    c8:48:93:09:22:ec:41:10:2c:7d:0c:b5:61:9a:f2:
                    7b:7b:a5:ee:01:83:28:78:6c:d1:f2:8b:de:e9:83:
                    8b:85:49:e6:50:6b:5b:ae:9a:55:80:e4:a1:ab:64:
                    19:0a:f7:49:bf:f5:15:37:69:56:29:fa:31:9b:45:
                    91:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:D3:BC:10:8B:53:FA:46:DD:14:A0:6C:CC:30:39:AC:D7:8C:19:92
            X509v3 Authority Key Identifier:
                keyid:7D:C8:91:16:82:BC:5C:A7:1C:EC:E1:EF:E3:AC:13:5B:FD:B5:9D:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fciRFoK8XKcc7OHv46wTW_21ndY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/9dO8EItT-kbdFKBszDA5rNeMGZI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/fciRFoK8XKcc7OHv46wTW_21ndY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.255.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         99:a2:d9:56:f5:2d:74:4c:b5:cf:2e:93:c9:68:54:38:d0:3a:
         42:84:cc:d7:ae:68:91:16:ea:53:66:be:2c:b3:48:71:5f:c1:
         38:f1:40:99:85:39:fa:bf:6c:d1:ad:5f:84:8f:3d:1d:f4:12:
         6b:bd:d4:ad:3e:ac:d0:2b:b1:12:7a:f5:f7:ff:b0:00:f9:90:
         48:94:aa:97:66:9a:04:8c:e7:0a:d2:25:2d:6a:7d:28:fe:90:
         f6:7b:79:e6:4c:a0:bb:30:1e:c6:76:da:2d:74:71:da:9c:3b:
         95:89:36:46:8a:11:5f:92:1c:9b:4e:c8:85:13:ee:da:d5:de:
         67:ed:15:8e:62:da:6d:3f:8b:01:a2:7e:12:6b:0a:2a:5a:14:
         a9:40:33:77:ed:61:5c:e9:14:47:c4:b3:4b:a6:39:a8:ca:7a:
         94:98:a6:c6:3c:c7:a3:3f:49:0a:3e:a8:6a:32:11:ef:47:75:
         b6:b5:95:5f:74:83:a5:e3:61:1f:2a:19:de:f5:e9:64:2a:8e:
         93:ae:f1:91:b3:45:be:0e:bb:70:85:c1:16:e1:d8:68:1f:d8:
         b0:17:ae:79:ec:6c:d4:f6:42:13:25:72:84:5f:b7:01:25:ed:
         1e:60:7d:e1:38:c5:65:b1:58:5f:af:2d:12:9a:5d:dc:67:72:
         1c:0d:fc:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuZmzpDLnb9YW/yRsBsetSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYzg5MTE2ODJiYzVjYTcxY2VjZTFlZmUzYWMxMzViZmRi
NTlkZDYwHhcNMjMwMTAxMTczNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWQzYmMxMDhiNTNmYTQ2ZGQxNGEwNmNjYzMwMzlhY2Q3OGMxOTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktgorTaUv0JFoNvjKcvJCtmxjj2r
PlQkyKk7QEe3vlVvkgmmeYsbQzCVXMEgHtFiY8DHxp0jvmUX9lqA1Z6TkNIA1XiO
2G8ij+LQZJiw5sJv90MAB9ctur5u1qFQoNNGz75gb+q0lGR4JGt1q2mFzbXPvIiO
yi+KSCZTfGEcFdcxZvH+9LOuCcKSEy2YneGbQOV5FwSEL0aojLVGETKfwX5uLiKN
6oQYffWQUXK/o3sgJIeKKYQJ2D29HsUegt6NjaHISJMJIuxBECx9DLVhmvJ7e6Xu
AYMoeGzR8ove6YOLhUnmUGtbrppVgOShq2QZCvdJv/UVN2lWKfoxm0WRYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPXTvBCLU/pG3RSgbMwwOazXjBmSMB8GA1UdIwQY
MBaAFH3IkRaCvFynHOzh7+OsE1v9tZ3WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmNpUkZvSzhYS2NjN09IdjQ2d1RXXzIxbmRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wODMxYmYtMTE4Yy00ZWNlLTkzNGQt
NzUyOTUyNTFiMWU4LzEvOWRPOEVJdFQta2JkRktCc3pEQTVyTmVNR1pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wODMxYmYtMTE4Yy00ZWNlLTkzNGQtNzUyOTUyNTFiMWU4
LzEvZmNpUkZvSzhYS2NjN09IdjQ2d1RXXzIxbmRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCkv98MA0G
CSqGSIb3DQEBCwUAA4IBAQCZotlW9S10TLXPLpPJaFQ40DpChMzXrmiRFupTZr4s
s0hxX8E48UCZhTn6v2zRrV+Ejz0d9BJrvdStPqzQK7ESevX3/7AA+ZBIlKqXZpoE
jOcK0iUtan0o/pD2e3nmTKC7MB7GdtotdHHanDuViTZGihFfkhybTsiFE+7a1d5n
7RWOYtptP4sBon4SawoqWhSpQDN37WFc6RRHxLNLpjmoynqUmKbGPMejP0kKPqhq
MhHvR3W2tZVfdIOl42EfKhne9elkKo6TrvGRs0W+DrtwhcEW4dhoH9iwF6557GzU
9kITJXKEX7cBJe0eYH3hOMVlsVhfry0Sml3cZ3IcDfzi
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:10 2024 by rpki-client on console-ams.rpki-client.org