Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/4f46c1-20b4-4249-881e-ffbc0a979b20/1/99O8kQMP2-3x-yDs3ktFoXvIuuQ.roa
File:                     99O8kQMP2-3x-yDs3ktFoXvIuuQ.roa (raw, json)
Hash identifier:          BPilpM1KUct68mf1JQ5OYBFgOsjeRErYVf8Ko5nO5E8=
Subject key identifier:   F7:D3:BC:91:03:0F:DB:ED:F1:FB:20:EC:DE:4B:45:A1:7B:C8:BA:E4
Certificate issuer:       /CN=35a1b48587c430cf3d8bfd7598c595bda1c66874
Certificate serial:       018572031C8C57C29FB12B1D608DB283E3D6
Authority key identifier: 35:A1:B4:85:87:C4:30:CF:3D:8B:FD:75:98:C5:95:BD:A1:C6:68:74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NaG0hYfEMM89i_11mMWVvaHGaHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/4f46c1-20b4-4249-881e-ffbc0a979b20/1/99O8kQMP2-3x-yDs3ktFoXvIuuQ.roa
Signing time:             Mon 02 Jan 2023 10:24:44 +0000
ROA not before:           Mon 02 Jan 2023 10:24:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210911
IP address blocks:        80.73.245.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:31:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:03:1c:8c:57:c2:9f:b1:2b:1d:60:8d:b2:83:e3:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35a1b48587c430cf3d8bfd7598c595bda1c66874
        Validity
            Not Before: Jan  2 10:24:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f7d3bc91030fdbedf1fb20ecde4b45a17bc8bae4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:83:df:58:44:e3:04:da:16:bf:9b:7f:0e:c2:
                    e1:d8:a7:6e:b5:94:36:0e:92:b1:66:f1:3e:68:0f:
                    8b:47:6a:16:4d:00:6e:67:72:a7:0b:03:ef:b4:33:
                    7c:16:5b:96:51:04:90:f1:54:ac:33:3c:fc:1e:15:
                    4f:47:5b:6f:72:e6:03:d3:dd:3d:8c:41:35:8f:92:
                    22:10:55:8a:bf:30:bf:e5:f4:2e:43:4b:d8:66:8e:
                    51:32:45:c9:5a:31:75:18:96:55:c4:ba:91:b3:f1:
                    6c:a2:92:38:bf:57:66:57:ff:a2:d6:51:89:db:83:
                    43:8d:dc:6b:b2:3e:31:b2:6a:8f:b4:28:15:6a:91:
                    56:58:c3:66:7c:b6:d9:64:dc:ad:95:c7:07:73:9e:
                    f6:65:0b:e5:3b:35:a7:cb:12:c5:b8:4e:61:37:39:
                    42:7e:4d:84:28:2c:7c:8a:7e:40:22:a3:2e:15:c5:
                    21:19:10:2b:67:aa:07:1b:e8:a5:24:dc:f3:33:ad:
                    bb:dc:a8:68:ea:a9:ee:a0:05:de:85:8c:fc:2a:da:
                    a2:c3:01:45:e2:66:ca:9e:1e:1f:7e:f0:90:06:6c:
                    aa:84:48:4e:72:e8:9f:87:16:80:73:67:a6:51:24:
                    bc:19:c7:34:5b:06:40:2a:5c:f4:6a:41:69:8c:df:
                    45:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:D3:BC:91:03:0F:DB:ED:F1:FB:20:EC:DE:4B:45:A1:7B:C8:BA:E4
            X509v3 Authority Key Identifier:
                keyid:35:A1:B4:85:87:C4:30:CF:3D:8B:FD:75:98:C5:95:BD:A1:C6:68:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NaG0hYfEMM89i_11mMWVvaHGaHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/4f46c1-20b4-4249-881e-ffbc0a979b20/1/99O8kQMP2-3x-yDs3ktFoXvIuuQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/4f46c1-20b4-4249-881e-ffbc0a979b20/1/NaG0hYfEMM89i_11mMWVvaHGaHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.73.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:3a:75:0e:59:17:97:79:1c:76:5b:66:23:ab:ec:e0:2d:4e:
         fa:21:46:a9:8d:d2:4d:c8:9f:6c:ef:e5:69:03:dc:94:07:06:
         ce:23:f5:95:14:a0:f0:b9:be:c2:1a:11:4b:09:f0:ae:c3:3f:
         2d:96:23:29:a9:d8:72:74:f3:31:ca:4c:0a:0e:f3:e9:5c:82:
         91:85:c3:a8:73:4c:c6:ff:20:7e:59:ad:3b:d8:00:3f:2d:09:
         bd:2a:64:cf:1d:ed:fc:7c:76:6c:ac:d5:a9:a1:c9:63:b8:57:
         4b:a0:92:0d:17:85:ab:62:9f:7f:f7:28:01:6a:4c:4e:da:19:
         55:49:e8:37:33:42:c4:eb:ef:af:57:49:06:78:2d:3a:9f:e4:
         a0:b5:97:72:26:e9:11:76:a7:8a:49:d4:c0:ee:65:45:bb:e3:
         05:49:dc:4d:de:eb:17:31:fd:d5:a6:3a:29:92:9e:22:63:cc:
         e8:e9:18:19:2f:74:3f:55:c5:63:c7:2d:0d:d4:e9:f8:03:0b:
         1e:3e:27:62:89:1c:db:36:a7:1b:b2:1f:b2:34:d1:01:aa:13:
         6f:1a:43:63:39:75:77:39:09:ad:d3:4a:d3:95:f1:48:79:47:
         04:8a:a4:6d:b0:7f:94:a2:40:71:08:6d:c1:b9:1d:a2:7b:1f:
         b3:48:66:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyAxyMV8KfsSsdYI2yg+PWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1YTFiNDg1ODdjNDMwY2YzZDhiZmQ3NTk4YzU5NWJkYTFj
NjY4NzQwHhcNMjMwMTAyMTAyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2QzYmM5MTAzMGZkYmVkZjFmYjIwZWNkZTRiNDVhMTdiYzhiYWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIPfWETjBNoWv5t/DsLh2KdutZQ2
DpKxZvE+aA+LR2oWTQBuZ3KnCwPvtDN8FluWUQSQ8VSsMzz8HhVPR1tvcuYD0909
jEE1j5IiEFWKvzC/5fQuQ0vYZo5RMkXJWjF1GJZVxLqRs/FsopI4v1dmV/+i1lGJ
24NDjdxrsj4xsmqPtCgVapFWWMNmfLbZZNytlccHc572ZQvlOzWnyxLFuE5hNzlC
fk2EKCx8in5AIqMuFcUhGRArZ6oHG+ilJNzzM6273Kho6qnuoAXehYz8KtqiwwFF
4mbKnh4ffvCQBmyqhEhOcuifhxaAc2emUSS8Gcc0WwZAKlz0akFpjN9F2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPfTvJEDD9vt8fsg7N5LRaF7yLrkMB8GA1UdIwQY
MBaAFDWhtIWHxDDPPYv9dZjFlb2hxmh0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmFHMGhZZkVNTTg5aV8xMW1NV1Z2YUhHYUhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC80ZjQ2YzEtMjBiNC00MjQ5LTg4MWUt
ZmZiYzBhOTc5YjIwLzEvOTlPOGtRTVAyLTN4LXlEczNrdEZvWHZJdXVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC80ZjQ2YzEtMjBiNC00MjQ5LTg4MWUtZmZiYzBhOTc5YjIw
LzEvTmFHMGhZZkVNTTg5aV8xMW1NV1Z2YUhHYUhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEn1MA0G
CSqGSIb3DQEBCwUAA4IBAQBSOnUOWReXeRx2W2Yjq+zgLU76IUapjdJNyJ9s7+Vp
A9yUBwbOI/WVFKDwub7CGhFLCfCuwz8tliMpqdhydPMxykwKDvPpXIKRhcOoc0zG
/yB+Wa072AA/LQm9KmTPHe38fHZsrNWpocljuFdLoJINF4WrYp9/9ygBakxO2hlV
Seg3M0LE6++vV0kGeC06n+SgtZdyJukRdqeKSdTA7mVFu+MFSdxN3usXMf3Vpjop
kp4iY8zo6RgZL3Q/VcVjxy0N1On4AwsePidiiRzbNqcbsh+yNNEBqhNvGkNjOXV3
OQmt00rTlfFIeUcEiqRtsH+UokBxCG3BuR2iex+zSGb+
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:12 2024 by rpki-client on console-ams.rpki-client.org