Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/PdnDoP85vhNK7J26rZ_dBDYMLps.roa
File:                     PdnDoP85vhNK7J26rZ_dBDYMLps.roa (raw, json)
Hash identifier:          RsFw7NiqVfev1zjP60VRkWSQJdc1EyheWlOIE5Kydlo=
Subject key identifier:   3D:D9:C3:A0:FF:39:BE:13:4A:EC:9D:BA:AD:9F:DD:04:36:0C:2E:9B
Certificate issuer:       /CN=e909ee3d618974da0cbd805a2da80410a4989881
Certificate serial:       01856B8112C419958C1C32DDE1BBF5E9EC43
Authority key identifier: E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/PdnDoP85vhNK7J26rZ_dBDYMLps.roa
Signing time:             Sun 01 Jan 2023 04:04:59 +0000
ROA not before:           Sun 01 Jan 2023 04:04:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25009
IP address blocks:        82.96.128.0/18 maxlen: 24

Validation:               Failed, certificate revoked on Tue 04 Jul 2023 14:41:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:81:12:c4:19:95:8c:1c:32:dd:e1:bb:f5:e9:ec:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e909ee3d618974da0cbd805a2da80410a4989881
        Validity
            Not Before: Jan  1 04:04:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3dd9c3a0ff39be134aec9dbaad9fdd04360c2e9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:51:27:12:e4:56:a5:72:36:bf:4e:7e:9f:7b:
                    08:c2:bf:13:7a:01:c9:f1:63:67:2d:86:28:67:d6:
                    64:9e:50:62:75:19:5d:a0:a7:7e:99:58:f7:36:d9:
                    8d:44:5c:81:d6:dc:d5:f1:8b:e5:94:30:1d:5c:72:
                    54:16:3f:37:7d:f2:4f:83:d6:d8:e9:d3:1d:ab:59:
                    fb:91:a9:dc:86:a0:41:1b:6a:2e:9a:85:5b:b1:ff:
                    54:e7:91:14:b2:60:93:73:0f:e4:a2:90:dd:de:df:
                    ca:81:f8:fe:23:ca:11:d7:80:58:7a:28:47:9b:b1:
                    4f:48:96:23:83:98:06:13:0d:01:8f:fa:34:10:9c:
                    be:9d:8e:83:37:49:be:55:89:38:0e:ef:3c:bb:67:
                    d7:a2:b8:f9:3f:ef:ee:f7:7f:93:b2:a6:5c:51:97:
                    30:b1:82:36:65:b1:d8:90:91:92:4f:87:0d:c6:7f:
                    7e:90:e8:fc:9b:78:21:78:9d:43:f6:1e:82:f5:fc:
                    4c:df:8e:00:e8:68:90:53:26:fc:56:03:bf:fd:d3:
                    26:47:c5:a1:2b:39:d5:b2:2d:97:dc:34:8f:ad:7e:
                    77:49:a3:ff:4b:7a:72:f6:ba:22:66:3a:83:8a:e9:
                    d5:83:2f:1b:ba:98:b7:07:55:81:79:e0:7f:e6:b0:
                    95:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:D9:C3:A0:FF:39:BE:13:4A:EC:9D:BA:AD:9F:DD:04:36:0C:2E:9B
            X509v3 Authority Key Identifier:
                keyid:E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/PdnDoP85vhNK7J26rZ_dBDYMLps.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.96.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         24:47:fa:24:5f:c8:46:44:47:81:be:ce:72:6f:41:b8:c1:ae:
         96:ad:9b:ee:91:60:39:70:60:5a:c2:05:71:a7:7d:7e:b6:14:
         00:3a:b4:f1:40:17:f6:77:e7:62:0c:03:8d:3a:55:39:45:5a:
         83:37:18:bb:9f:65:37:f8:ce:bb:c4:0e:05:69:1b:a5:b9:76:
         f9:68:00:de:9e:c1:4e:b7:de:ce:dd:07:ff:21:0b:9a:ca:fd:
         0e:9e:77:2c:ba:19:bc:d0:f2:2d:0f:fe:c8:fa:5b:bc:37:4c:
         ae:f2:c4:d8:8a:31:81:3a:5b:35:82:24:73:89:40:17:4d:59:
         06:8e:de:35:a0:18:dd:31:17:7c:05:92:7c:41:96:98:0b:e7:
         05:ef:42:a4:b3:81:25:c1:7d:05:a9:69:fe:92:c9:29:56:55:
         a0:82:10:fa:1a:8f:7e:f7:a3:f5:33:3d:91:c1:78:db:f9:cb:
         5d:eb:20:22:6a:80:0a:06:3e:dd:0f:d2:c0:dc:2a:cd:d2:0b:
         c9:82:df:bb:c8:1c:9d:7f:c6:e3:7a:2f:8f:f6:6a:48:f9:1c:
         19:69:c0:ff:c2:26:d3:3f:00:f9:38:2d:8b:65:64:cc:63:5d:
         d5:57:4b:1b:14:8c:ce:cc:0c:67:ea:5f:00:a2:e7:2e:90:9b:
         5f:eb:a0:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrgRLEGZWMHDLd4bv16exDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MDllZTNkNjE4OTc0ZGEwY2JkODA1YTJkYTgwNDEwYTQ5
ODk4ODEwHhcNMjMwMTAxMDQwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGQ5YzNhMGZmMzliZTEzNGFlYzlkYmFhZDlmZGQwNDM2MGMyZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFEnEuRWpXI2v05+n3sIwr8TegHJ
8WNnLYYoZ9ZknlBidRldoKd+mVj3NtmNRFyB1tzV8YvllDAdXHJUFj83ffJPg9bY
6dMdq1n7kanchqBBG2oumoVbsf9U55EUsmCTcw/kopDd3t/Kgfj+I8oR14BYeihH
m7FPSJYjg5gGEw0Bj/o0EJy+nY6DN0m+VYk4Du88u2fXorj5P+/u93+TsqZcUZcw
sYI2ZbHYkJGST4cNxn9+kOj8m3gheJ1D9h6C9fxM344A6GiQUyb8VgO//dMmR8Wh
KznVsi2X3DSPrX53SaP/S3py9roiZjqDiunVgy8bupi3B1WBeeB/5rCV3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD3Zw6D/Ob4TSuyduq2f3QQ2DC6bMB8GA1UdIwQY
MBaAFOkJ7j1hiXTaDL2AWi2oBBCkmJiBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEt
ZGQxMTVmOWUzMzAxLzEvUGRuRG9QODV2aE5LN0oyNnJaX2RCRFlNTHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEtZGQxMTVmOWUzMzAx
LzEvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGUmCAMA0G
CSqGSIb3DQEBCwUAA4IBAQAkR/okX8hGREeBvs5yb0G4wa6WrZvukWA5cGBawgVx
p31+thQAOrTxQBf2d+diDAONOlU5RVqDNxi7n2U3+M67xA4FaRuluXb5aADensFO
t97O3Qf/IQuayv0Onncsuhm80PItD/7I+lu8N0yu8sTYijGBOls1giRziUAXTVkG
jt41oBjdMRd8BZJ8QZaYC+cF70Kks4ElwX0FqWn+kskpVlWgghD6Go9+96P1Mz2R
wXjb+ctd6yAiaoAKBj7dD9LA3CrN0gvJgt+7yBydf8bjei+P9mpI+RwZacD/wibT
PwD5OC2LZWTMY13VV0sbFIzOzAxn6l8AoucukJtf66Dw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:44 2024 by rpki-client on console-fra.rpki-client.org