Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/6c3741-cf8c-4d5d-bb8e-4598689d551e/1/yWyaOPmzWorJg3kleEX2WOz9TCI.roa
File:                     yWyaOPmzWorJg3kleEX2WOz9TCI.roa (raw, json)
Hash identifier:          axL1l1OYgMiKRcIIFIO3KuRGUM530YeLQGC3Qr0zq2s=
Subject key identifier:   C9:6C:9A:38:F9:B3:5A:8A:C9:83:79:25:78:45:F6:58:EC:FD:4C:22
Certificate issuer:       /CN=da6099e7ff3a171bce3b6fe99ebb4d24cb85e461
Certificate serial:       01857070846E1580BC6275BE8D621EF7C1AC
Authority key identifier: DA:60:99:E7:FF:3A:17:1B:CE:3B:6F:E9:9E:BB:4D:24:CB:85:E4:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2mCZ5_86FxvOO2_pnrtNJMuF5GE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/6c3741-cf8c-4d5d-bb8e-4598689d551e/1/yWyaOPmzWorJg3kleEX2WOz9TCI.roa
Signing time:             Mon 02 Jan 2023 03:05:00 +0000
ROA not before:           Mon 02 Jan 2023 03:05:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8787
IP address blocks:        212.9.128.0/19 maxlen: 19
                          2a03:1f60::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:70:84:6e:15:80:bc:62:75:be:8d:62:1e:f7:c1:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da6099e7ff3a171bce3b6fe99ebb4d24cb85e461
        Validity
            Not Before: Jan  2 03:05:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c96c9a38f9b35a8ac98379257845f658ecfd4c22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:3f:db:7c:61:c8:92:3e:0f:03:36:a3:46:78:
                    24:65:d4:6f:de:69:6a:c6:95:86:0d:5e:9d:6c:dd:
                    b5:95:4b:f3:92:0e:67:c0:b4:98:93:1e:51:bf:cd:
                    df:d4:ad:0a:50:8c:c4:59:c2:cc:70:74:47:fb:21:
                    36:bd:02:d4:85:6c:69:e2:2d:37:c6:32:a3:e5:97:
                    d6:f0:8b:23:a8:f6:51:7b:4c:34:30:c3:96:b9:61:
                    b3:22:0c:01:ad:fd:b3:57:b5:fe:ef:0c:ff:0b:46:
                    99:4f:81:8b:10:8a:13:57:34:3c:31:45:79:4e:e5:
                    44:3b:d5:ee:5a:f2:03:33:57:33:eb:cd:0d:24:90:
                    9e:dd:33:50:9d:a1:e1:a3:4b:5d:25:63:3e:ee:73:
                    44:97:89:48:e0:7c:17:36:89:2d:10:f5:50:3f:bd:
                    b8:e7:44:79:9c:9e:92:c3:be:0b:14:4c:b3:74:c6:
                    5b:f3:00:7b:26:ee:af:77:86:c3:4c:9a:a2:ab:3a:
                    2e:30:93:69:14:4f:59:bb:45:d8:b1:ce:cb:ee:c4:
                    03:c7:94:49:b8:54:eb:ff:6e:85:56:49:b8:af:10:
                    c0:7c:13:71:3c:df:fe:3c:80:9a:19:d6:27:c3:e5:
                    f9:03:9e:9a:27:d1:ec:5d:58:fa:51:38:2c:a3:f1:
                    f6:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:6C:9A:38:F9:B3:5A:8A:C9:83:79:25:78:45:F6:58:EC:FD:4C:22
            X509v3 Authority Key Identifier:
                keyid:DA:60:99:E7:FF:3A:17:1B:CE:3B:6F:E9:9E:BB:4D:24:CB:85:E4:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2mCZ5_86FxvOO2_pnrtNJMuF5GE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/6c3741-cf8c-4d5d-bb8e-4598689d551e/1/yWyaOPmzWorJg3kleEX2WOz9TCI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/6c3741-cf8c-4d5d-bb8e-4598689d551e/1/2mCZ5_86FxvOO2_pnrtNJMuF5GE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.9.128.0/19
                IPv6:
                  2a03:1f60::/32

    Signature Algorithm: sha256WithRSAEncryption
         87:9e:d6:6d:05:05:ad:6d:5c:36:b6:ee:ed:36:b9:d8:09:42:
         48:58:18:32:ad:e5:1a:1b:a9:c8:93:e7:66:4e:14:3e:0b:f1:
         02:eb:10:9d:9a:41:82:cf:6e:9d:ed:58:55:e0:ea:81:61:48:
         6b:cb:fb:75:54:a4:ff:5a:01:a2:aa:df:b3:87:2d:61:04:17:
         07:6b:09:57:27:02:4c:77:ab:04:fe:4f:b2:dd:bb:28:6d:3a:
         bf:0d:85:41:11:ba:08:2d:0b:fb:f3:8b:14:83:41:ef:56:9d:
         7c:51:c4:6b:db:87:3c:e6:10:59:c0:02:b7:02:34:eb:89:d1:
         0d:49:15:e0:1d:b8:8c:9d:82:37:b2:86:b5:a3:0f:86:da:6d:
         60:a6:96:55:34:d2:6d:21:d3:d3:88:d0:3e:72:28:5f:b6:71:
         c1:8e:21:82:20:7a:2b:8b:f8:89:ef:35:f9:65:8f:96:b1:51:
         75:86:e8:19:6c:07:84:cc:39:7f:ec:1a:50:42:e8:4c:f7:b2:
         89:3d:f4:fb:80:41:99:d8:f0:49:77:9f:2a:51:ca:18:16:60:
         c9:fb:2f:53:16:07:30:79:39:53:25:35:1f:82:d6:0a:e1:d7:
         82:07:12:02:27:fe:af:7c:9a:da:c0:7f:81:f0:41:bc:b6:bf:
         e9:e0:19:f0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwcIRuFYC8YnW+jWIe98GsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNjA5OWU3ZmYzYTE3MWJjZTNiNmZlOTllYmI0ZDI0Y2I4
NWU0NjEwHhcNMjMwMTAyMDMwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTZjOWEzOGY5YjM1YThhYzk4Mzc5MjU3ODQ1ZjY1OGVjZmQ0YzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkj/bfGHIkj4PAzajRngkZdRv3mlq
xpWGDV6dbN21lUvzkg5nwLSYkx5Rv83f1K0KUIzEWcLMcHRH+yE2vQLUhWxp4i03
xjKj5ZfW8IsjqPZRe0w0MMOWuWGzIgwBrf2zV7X+7wz/C0aZT4GLEIoTVzQ8MUV5
TuVEO9XuWvIDM1cz680NJJCe3TNQnaHho0tdJWM+7nNEl4lI4HwXNoktEPVQP724
50R5nJ6Sw74LFEyzdMZb8wB7Ju6vd4bDTJqiqzouMJNpFE9Zu0XYsc7L7sQDx5RJ
uFTr/26FVkm4rxDAfBNxPN/+PICaGdYnw+X5A56aJ9HsXVj6UTgso/H2BQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMlsmjj5s1qKyYN5JXhF9ljs/UwiMB8GA1UdIwQY
MBaAFNpgmef/Ohcbzjtv6Z67TSTLheRhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm1DWjVfODZGeHZPTzJfcG5ydE5KTXVGNUdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy82YzM3NDEtY2Y4Yy00ZDVkLWJiOGUt
NDU5ODY4OWQ1NTFlLzEveVd5YU9QbXpXb3JKZzNrbGVFWDJXT3o5VENJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy82YzM3NDEtY2Y4Yy00ZDVkLWJiOGUtNDU5ODY4OWQ1NTFl
LzEvMm1DWjVfODZGeHZPTzJfcG5ydE5KTXVGNUdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1AmAMA0E
AgACMAcDBQAqAx9gMA0GCSqGSIb3DQEBCwUAA4IBAQCHntZtBQWtbVw2tu7tNrnY
CUJIWBgyreUaG6nIk+dmThQ+C/EC6xCdmkGCz26d7VhV4OqBYUhry/t1VKT/WgGi
qt+zhy1hBBcHawlXJwJMd6sE/k+y3bsobTq/DYVBEboILQv784sUg0HvVp18UcRr
24c85hBZwAK3AjTridENSRXgHbiMnYI3soa1ow+G2m1gppZVNNJtIdPTiNA+cihf
tnHBjiGCIHori/iJ7zX5ZY+WsVF1hugZbAeEzDl/7BpQQuhM97KJPfT7gEGZ2PBJ
d58qUcoYFmDJ+y9TFgcweTlTJTUfgtYK4deCBxICJ/6vfJrawH+B8EG8tr/p4Bnw
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:12 2024 by rpki-client on console-ams.rpki-client.org