Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/9miExCOGkm67e9vVm8t0TrL7z8U.roa
File:                     9miExCOGkm67e9vVm8t0TrL7z8U.roa (raw, json)
Hash identifier:          HuGdP6LrhNOZtRMNC1WnAbpgXc1U08O81x7N3seME9g=
Subject key identifier:   F6:68:84:C4:23:86:92:6E:BB:7B:DB:D5:9B:CB:74:4E:B2:FB:CF:C5
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018571E88EAEED0611F8DE6D31D38A1D3B43
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/9miExCOGkm67e9vVm8t0TrL7z8U.roa
Signing time:             Mon 02 Jan 2023 09:55:44 +0000
ROA not before:           Mon 02 Jan 2023 09:55:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206092
IP address blocks:        45.151.1.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:e8:8e:ae:ed:06:11:f8:de:6d:31:d3:8a:1d:3b:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Jan  2 09:55:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f66884c42386926ebb7bdbd59bcb744eb2fbcfc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:2a:2b:d9:88:d8:e1:df:25:96:f6:02:53:37:
                    a1:80:12:55:27:8d:c0:22:fb:4a:67:86:0f:69:29:
                    93:b8:e6:c0:ca:49:fb:6f:60:d2:13:44:6a:d9:44:
                    a5:db:04:d6:66:7f:c1:93:62:88:40:e5:9a:23:60:
                    cb:23:d6:1c:fb:59:68:dd:61:f1:48:17:31:eb:ec:
                    7c:df:5d:14:6a:62:11:af:ae:6f:a7:a7:20:60:a8:
                    81:fd:25:6a:63:7c:82:db:5a:3c:c6:79:0d:88:01:
                    da:35:80:98:68:3a:a4:9f:57:63:7a:91:1c:b1:42:
                    8d:1d:60:b2:97:9d:6a:1e:a1:49:9b:1c:2d:b5:e9:
                    e8:0e:82:34:d5:eb:78:39:60:2e:8d:38:a5:37:46:
                    bb:b9:78:88:ff:10:17:0b:53:30:ba:64:65:f1:4e:
                    92:01:8a:ae:4e:3f:b4:a8:22:c5:cd:a0:c0:6f:65:
                    07:4d:01:eb:32:0a:92:2c:52:52:5f:33:7c:83:21:
                    d6:b1:5c:34:0e:e1:2b:f1:08:36:64:2c:f8:14:fd:
                    a4:66:d5:08:f7:51:19:4e:bd:f9:bf:cb:5b:2e:a8:
                    57:ed:15:8d:5c:3d:ac:17:0e:5d:df:6d:3a:90:47:
                    a1:92:a2:c5:6c:59:af:34:91:37:6b:06:83:92:fc:
                    a0:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:68:84:C4:23:86:92:6E:BB:7B:DB:D5:9B:CB:74:4E:B2:FB:CF:C5
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/9miExCOGkm67e9vVm8t0TrL7z8U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.151.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:80:6f:97:e5:9f:18:a6:13:cf:c6:02:63:76:f8:c4:c4:b5:
         5b:24:0a:25:9b:48:35:af:76:ea:d4:45:dd:b7:7f:bb:83:6b:
         4f:3c:2f:24:01:33:7d:d0:71:70:b7:07:2c:a7:ab:8c:e9:76:
         b2:6c:45:25:39:fd:8d:c7:8c:10:84:9b:aa:c9:df:6f:c6:7e:
         2d:c5:a4:61:4c:95:a3:69:c2:3d:d9:a3:6b:45:41:54:c0:dd:
         e9:d3:b2:26:66:93:bb:7c:b9:e6:2e:eb:30:57:02:b2:1d:45:
         4d:08:19:a6:83:fe:14:74:69:6e:51:08:2d:78:0d:fb:22:6e:
         76:b1:48:39:39:56:9e:8c:e2:85:7f:21:e1:44:2b:27:78:f8:
         ea:93:19:4f:b9:2a:eb:41:a4:8d:d0:78:0d:7b:df:2a:ad:36:
         38:cf:b1:8c:7f:e9:dc:38:a4:ed:ce:35:d3:0b:fa:48:97:f6:
         bd:33:06:2b:4c:03:54:4d:d0:93:35:fc:e0:f1:b5:b6:12:48:
         4a:27:ae:67:e8:fd:67:90:67:28:a1:04:8b:1f:a2:95:06:a2:
         c0:69:e0:00:3c:f0:bf:c6:8b:0a:6c:8c:2b:9a:58:c5:97:f2:
         98:f4:70:aa:d2:a3:4e:e0:88:9d:79:e3:93:43:bf:05:44:cb:
         60:27:27:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx6I6u7QYR+N5tMdOKHTtDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMTAyMDk1NTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjY4ODRjNDIzODY5MjZlYmI3YmRiZDU5YmNiNzQ0ZWIyZmJjZmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyor2YjY4d8llvYCUzehgBJVJ43A
IvtKZ4YPaSmTuObAykn7b2DSE0Rq2USl2wTWZn/Bk2KIQOWaI2DLI9Yc+1lo3WHx
SBcx6+x8310UamIRr65vp6cgYKiB/SVqY3yC21o8xnkNiAHaNYCYaDqkn1djepEc
sUKNHWCyl51qHqFJmxwttenoDoI01et4OWAujTilN0a7uXiI/xAXC1MwumRl8U6S
AYquTj+0qCLFzaDAb2UHTQHrMgqSLFJSXzN8gyHWsVw0DuEr8Qg2ZCz4FP2kZtUI
91EZTr35v8tbLqhX7RWNXD2sFw5d3206kEehkqLFbFmvNJE3awaDkvyg6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPZohMQjhpJuu3vb1ZvLdE6y+8/FMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvOW1pRXhDT0drbTY3ZTl2Vm04dDBUckw3ejhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZcBMA0G
CSqGSIb3DQEBCwUAA4IBAQBEgG+X5Z8YphPPxgJjdvjExLVbJAolm0g1r3bq1EXd
t3+7g2tPPC8kATN90HFwtwcsp6uM6XaybEUlOf2Nx4wQhJuqyd9vxn4txaRhTJWj
acI92aNrRUFUwN3p07ImZpO7fLnmLuswVwKyHUVNCBmmg/4UdGluUQgteA37Im52
sUg5OVaejOKFfyHhRCsnePjqkxlPuSrrQaSN0HgNe98qrTY4z7GMf+ncOKTtzjXT
C/pIl/a9MwYrTANUTdCTNfzg8bW2EkhKJ65n6P1nkGcooQSLH6KVBqLAaeAAPPC/
xosKbIwrmljFl/KY9HCq0qNO4IideeOTQ78FRMtgJycs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org