Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/9x6P23fMvMzmojIAKEPuZbKPkTM.roa
File:                     9x6P23fMvMzmojIAKEPuZbKPkTM.roa (raw, json)
Hash identifier:          zdeMh5qMIzJXMesutFGYlqJXshTbumBrpU4aV60c5I8=
Subject key identifier:   F7:1E:8F:DB:77:CC:BC:CC:E6:A2:32:00:28:43:EE:65:B2:8F:91:33
Certificate issuer:       /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial:       01887CBEB1CB3071795ABE6ADED53F4947CA
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/9x6P23fMvMzmojIAKEPuZbKPkTM.roa
Signing time:             Fri 02 Jun 2023 15:34:12 +0000
ROA not before:           Fri 02 Jun 2023 15:34:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60150
IP address blocks:        43.240.148.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Wed 01 Nov 2023 16:35:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:7c:be:b1:cb:30:71:79:5a:be:6a:de:d5:3f:49:47:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
        Validity
            Not Before: Jun  2 15:34:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f71e8fdb77ccbccce6a232002843ee65b28f9133
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:2e:da:40:4d:c6:53:8a:76:72:65:4c:3a:8d:
                    7e:0d:08:25:6d:87:2b:20:78:ce:2d:d7:9d:2f:e6:
                    39:91:f2:c4:be:83:59:82:e1:07:b1:66:3f:a6:84:
                    f9:02:83:4a:08:a2:a1:47:c0:2a:e9:8f:85:5b:25:
                    fb:55:82:07:ce:91:5d:86:96:76:08:60:af:58:c7:
                    49:5e:02:9c:a3:2c:57:73:74:db:6c:a9:d9:8d:6a:
                    b4:64:fb:4a:34:94:0d:44:cf:6e:02:5e:dd:3e:04:
                    b9:0f:3d:1c:cc:5d:fb:ce:2a:c8:c7:eb:2d:47:23:
                    90:fa:54:4b:eb:da:63:2b:1c:ab:5c:00:99:2e:ce:
                    e2:b0:4b:5f:62:ee:3a:15:e0:13:fc:8f:5d:f4:93:
                    65:91:46:a3:4d:66:1a:03:b9:71:16:33:24:bf:11:
                    90:36:28:15:26:88:00:67:0f:a3:6d:01:60:d5:c7:
                    8e:84:22:27:b7:ad:ce:a8:9d:1e:d6:91:1d:c1:26:
                    1a:13:e6:60:e2:68:de:41:bf:0e:60:8c:13:5e:1d:
                    e4:26:d1:57:30:e2:a3:39:06:c7:39:8c:cf:cc:0f:
                    8f:62:a2:66:e5:fa:28:c3:7a:b7:3e:34:1c:c3:7a:
                    d2:58:cd:97:f4:0a:01:57:3e:54:0a:e6:d3:49:a2:
                    c8:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:1E:8F:DB:77:CC:BC:CC:E6:A2:32:00:28:43:EE:65:B2:8F:91:33
            X509v3 Authority Key Identifier:
                keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/9x6P23fMvMzmojIAKEPuZbKPkTM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.240.148.0/22

    Signature Algorithm: sha256WithRSAEncryption
         11:81:3f:51:54:70:c2:77:e9:bc:be:b6:54:f5:b7:3f:f1:3e:
         07:1e:22:44:b3:4b:ea:55:57:fc:2c:46:74:54:11:e5:76:b6:
         b6:c5:94:ad:a4:83:4c:d6:00:cc:56:b1:8a:28:08:30:47:58:
         96:d7:bc:77:1e:cf:89:84:0b:83:3d:1d:7c:d4:e5:6c:38:c4:
         08:9e:95:46:de:0b:e3:e0:36:e4:26:90:75:85:15:70:74:d8:
         87:92:6f:00:77:30:e9:29:84:f5:ac:a1:1e:5f:dd:3b:37:82:
         d2:a1:82:a1:41:aa:d5:dd:bc:79:09:02:0b:26:25:6f:6e:6e:
         48:ab:26:5f:93:a5:f8:25:93:c7:1a:66:9f:3d:a5:c7:b2:67:
         99:6f:16:c8:d6:06:67:0c:85:aa:71:b2:ba:50:6b:f2:27:0f:
         d1:84:4f:bb:7c:57:17:36:bd:83:4d:6f:15:bf:96:22:47:5d:
         c4:9a:d5:84:05:c9:68:bb:f5:67:d8:0f:3a:6a:6e:55:c5:b6:
         22:aa:a8:e7:19:48:1f:6a:75:d9:d8:0f:53:b5:64:a6:e9:ec:
         2c:ed:78:c1:63:ad:da:40:2a:f1:a8:61:2c:3f:e3:e6:c3:66:
         80:60:c6:98:09:5a:71:05:a5:b0:05:fb:c1:fb:94:cd:47:5c:
         8d:7b:f6:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYh8vrHLMHF5Wr5q3tU/SUfKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjMwNjAyMTUzNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzFlOGZkYjc3Y2NiY2NjZTZhMjMyMDAyODQzZWU2NWIyOGY5MTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiS7aQE3GU4p2cmVMOo1+DQglbYcr
IHjOLdedL+Y5kfLEvoNZguEHsWY/poT5AoNKCKKhR8Aq6Y+FWyX7VYIHzpFdhpZ2
CGCvWMdJXgKcoyxXc3TbbKnZjWq0ZPtKNJQNRM9uAl7dPgS5Dz0czF37zirIx+st
RyOQ+lRL69pjKxyrXACZLs7isEtfYu46FeAT/I9d9JNlkUajTWYaA7lxFjMkvxGQ
NigVJogAZw+jbQFg1ceOhCInt63OqJ0e1pEdwSYaE+Zg4mjeQb8OYIwTXh3kJtFX
MOKjOQbHOYzPzA+PYqJm5foow3q3PjQcw3rSWM2X9AoBVz5UCubTSaLIawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPcej9t3zLzM5qIyAChD7mWyj5EzMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvOXg2UDIzZk12TXptb2pJQUtFUHVaYktQa1RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCK/CUMA0G
CSqGSIb3DQEBCwUAA4IBAQARgT9RVHDCd+m8vrZU9bc/8T4HHiJEs0vqVVf8LEZ0
VBHldra2xZStpINM1gDMVrGKKAgwR1iW17x3Hs+JhAuDPR181OVsOMQInpVG3gvj
4DbkJpB1hRVwdNiHkm8AdzDpKYT1rKEeX907N4LSoYKhQarV3bx5CQILJiVvbm5I
qyZfk6X4JZPHGmafPaXHsmeZbxbI1gZnDIWqcbK6UGvyJw/RhE+7fFcXNr2DTW8V
v5YiR13EmtWEBclou/Vn2A86am5VxbYiqqjnGUgfanXZ2A9TtWSm6ews7XjBY63a
QCrxqGEsP+Pmw2aAYMaYCVpxBaWwBfvB+5TNR1yNe/Y7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:07 2024 by rpki-client on console-fra.rpki-client.org