Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/9mmy6GC5y6oQ11LF6QrmEChXGFc.roa
File:                     9mmy6GC5y6oQ11LF6QrmEChXGFc.roa (raw, json)
Hash identifier:          yp3m/fMJve1xsIXmcizxyPmdBYMbUpe/TeLq5HMUQqs=
Subject key identifier:   F6:69:B2:E8:60:B9:CB:AA:10:D7:52:C5:E9:0A:E6:10:28:57:18:57
Certificate issuer:       /CN=ba0d738dd28ff2549456ce66e744898372fc503d
Certificate serial:       018A929F06B49571F98EBE5ABB253B46E4E1
Authority key identifier: BA:0D:73:8D:D2:8F:F2:54:94:56:CE:66:E7:44:89:83:72:FC:50:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ug1zjdKP8lSUVs5m50SJg3L8UD0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/9mmy6GC5y6oQ11LF6QrmEChXGFc.roa
Signing time:             Thu 14 Sep 2023 07:36:50 +0000
ROA not before:           Thu 14 Sep 2023 07:36:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     64407
IP address blocks:        185.66.123.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:92:9f:06:b4:95:71:f9:8e:be:5a:bb:25:3b:46:e4:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba0d738dd28ff2549456ce66e744898372fc503d
        Validity
            Not Before: Sep 14 07:36:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f669b2e860b9cbaa10d752c5e90ae61028571857
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:bd:6d:a2:d0:5a:15:b1:e0:a8:5d:41:10:aa:
                    fe:8d:47:4e:1e:f2:ff:39:7f:84:a9:13:26:4d:65:
                    95:bd:ac:0b:8e:44:67:7b:f9:bd:70:20:be:22:91:
                    34:3c:de:5a:47:df:19:97:69:d1:ed:5a:8c:06:67:
                    5d:f4:b1:ea:87:47:68:6f:0d:4b:6b:89:92:bd:35:
                    03:b7:92:c6:b8:59:79:7f:fa:32:d4:3b:d6:ca:ba:
                    a6:53:ed:7a:0d:46:98:b8:0b:f5:9d:35:b5:ea:69:
                    9c:a8:1e:53:e0:5d:c9:d7:90:a0:20:40:31:95:b5:
                    28:6b:75:3f:43:30:2f:25:86:8c:4d:b1:2f:92:f4:
                    68:89:91:c2:6e:db:75:2c:e0:92:8f:65:20:56:54:
                    d4:c8:d6:56:7a:14:6b:ca:dc:eb:d0:b8:da:d4:36:
                    fa:cd:60:f7:af:c1:59:df:ec:4e:7c:af:7e:75:2b:
                    51:94:8c:ca:5f:7c:bd:ec:77:b7:14:d6:d8:76:ec:
                    78:83:a6:7f:79:ed:33:2f:e6:d8:b2:34:d4:5b:9b:
                    bc:54:ed:63:33:61:24:b7:b3:ec:fc:98:07:f1:7a:
                    5f:ce:03:f3:2e:51:5b:12:de:f3:cd:10:be:29:02:
                    61:b3:e8:bc:ad:d0:6c:82:d8:ad:dc:63:eb:2f:dc:
                    33:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:69:B2:E8:60:B9:CB:AA:10:D7:52:C5:E9:0A:E6:10:28:57:18:57
            X509v3 Authority Key Identifier:
                keyid:BA:0D:73:8D:D2:8F:F2:54:94:56:CE:66:E7:44:89:83:72:FC:50:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ug1zjdKP8lSUVs5m50SJg3L8UD0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/9mmy6GC5y6oQ11LF6QrmEChXGFc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/ug1zjdKP8lSUVs5m50SJg3L8UD0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.66.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:45:dc:c1:e0:bb:47:18:2d:ef:5a:b9:a9:a5:a7:a0:a7:62:
         fc:89:67:ab:09:87:ed:3e:a1:b6:bd:53:fe:3e:38:dd:cb:9b:
         a6:36:9c:14:8e:b1:8e:01:e3:c2:c1:03:ec:0c:25:b5:c8:43:
         0e:72:1c:62:a2:08:b0:d8:29:a4:a6:0d:70:84:b3:74:b5:f6:
         63:6c:98:3d:b7:91:9d:e9:a1:d6:c1:08:5c:41:01:ef:d8:cd:
         c0:15:fc:7b:e9:39:1a:e2:af:4e:84:ce:49:6a:0e:87:63:89:
         8f:00:68:87:45:ec:ea:09:90:27:47:91:83:75:d9:c0:6f:1c:
         73:c6:94:36:96:9e:c9:d4:45:86:07:d1:ce:0c:53:6c:13:06:
         4c:e0:0f:df:cc:9f:45:82:07:3c:8e:75:1e:27:bd:d6:5e:6f:
         d4:ce:15:94:44:91:47:85:89:77:bd:2c:c1:61:b3:d4:3f:e2:
         39:16:c1:25:9a:03:60:58:68:c5:02:9d:55:cb:94:f7:a0:c9:
         65:56:af:56:5e:d3:7f:04:0e:48:d5:5c:e0:95:4e:79:d7:34:
         1f:88:e7:90:ba:ce:7a:61:0a:c8:f0:8b:8b:e0:17:b5:1e:92:
         46:a4:59:41:a5:bd:35:3c:88:db:a3:36:da:30:f7:59:2a:38:
         98:ae:66:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqSnwa0lXH5jr5auyU7RuThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMGQ3MzhkZDI4ZmYyNTQ5NDU2Y2U2NmU3NDQ4OTgzNzJm
YzUwM2QwHhcNMjMwOTE0MDczNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjY5YjJlODYwYjljYmFhMTBkNzUyYzVlOTBhZTYxMDI4NTcxODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr71totBaFbHgqF1BEKr+jUdOHvL/
OX+EqRMmTWWVvawLjkRne/m9cCC+IpE0PN5aR98Zl2nR7VqMBmdd9LHqh0dobw1L
a4mSvTUDt5LGuFl5f/oy1DvWyrqmU+16DUaYuAv1nTW16mmcqB5T4F3J15CgIEAx
lbUoa3U/QzAvJYaMTbEvkvRoiZHCbtt1LOCSj2UgVlTUyNZWehRrytzr0Lja1Db6
zWD3r8FZ3+xOfK9+dStRlIzKX3y97He3FNbYdux4g6Z/ee0zL+bYsjTUW5u8VO1j
M2Ekt7Ps/JgH8XpfzgPzLlFbEt7zzRC+KQJhs+i8rdBsgtit3GPrL9wznQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPZpsuhgucuqENdSxekK5hAoVxhXMB8GA1UdIwQY
MBaAFLoNc43Sj/JUlFbOZudEiYNy/FA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWcxempkS1A4bFNVVnM1bTUwU0pnM0w4VUQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8xY2Q3NmMtMDIwMS00NzAzLThlZDYt
YmViNmRhMDM3NTVlLzEvOW1teTZHQzV5Nm9RMTFMRjZRcm1FQ2hYR0ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8xY2Q3NmMtMDIwMS00NzAzLThlZDYtYmViNmRhMDM3NTVl
LzEvdWcxempkS1A4bFNVVnM1bTUwU0pnM0w4VUQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUJ7MA0G
CSqGSIb3DQEBCwUAA4IBAQBPRdzB4LtHGC3vWrmppaegp2L8iWerCYftPqG2vVP+
Pjjdy5umNpwUjrGOAePCwQPsDCW1yEMOchxiogiw2Cmkpg1whLN0tfZjbJg9t5Gd
6aHWwQhcQQHv2M3AFfx76Tka4q9OhM5Jag6HY4mPAGiHRezqCZAnR5GDddnAbxxz
xpQ2lp7J1EWGB9HODFNsEwZM4A/fzJ9Fggc8jnUeJ73WXm/UzhWURJFHhYl3vSzB
YbPUP+I5FsElmgNgWGjFAp1Vy5T3oMllVq9WXtN/BA5I1VzglU551zQfiOeQus56
YQrI8IuL4Be1HpJGpFlBpb01PIjbozbaMPdZKjiYrmae
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:38 2024 by rpki-client on console-ams.rpki-client.org