Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/r3QWDNfMfJ1ymFV-QaRN4fIxcFo.roa
File:                     r3QWDNfMfJ1ymFV-QaRN4fIxcFo.roa (raw, json)
Hash identifier:          GbkVZbxDclwBx7ybvBoM7t6Up6dnSDZcMwaB0cxTOZc=
Subject key identifier:   AF:74:16:0C:D7:CC:7C:9D:72:98:55:7E:41:A4:4D:E1:F2:31:70:5A
Certificate issuer:       /CN=4dd1b2587490ad061cb207176bdeec81a531588c
Certificate serial:       01856E0B1080AE522F850DFACECC75D12A23
Authority key identifier: 4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/r3QWDNfMfJ1ymFV-QaRN4fIxcFo.roa
Signing time:             Sun 01 Jan 2023 15:54:56 +0000
ROA not before:           Sun 01 Jan 2023 15:54:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12670
IP address blocks:        80.231.9.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:0b:10:80:ae:52:2f:85:0d:fa:ce:cc:75:d1:2a:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4dd1b2587490ad061cb207176bdeec81a531588c
        Validity
            Not Before: Jan  1 15:54:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=af74160cd7cc7c9d7298557e41a44de1f231705a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:3c:b5:f8:63:d3:fe:01:3a:b3:55:a4:76:ae:
                    32:27:a5:36:4a:9c:cc:18:7b:73:cc:6d:a9:f7:61:
                    1e:10:98:1a:69:87:20:20:0a:b8:57:98:28:52:80:
                    d2:6b:aa:ea:c4:e6:ed:23:db:58:a4:5a:81:d7:6e:
                    e2:ce:cc:16:f7:dd:b0:58:81:af:f0:3c:08:5e:28:
                    41:6e:56:c4:28:a9:c2:3b:cf:16:d9:e9:a9:a6:84:
                    5c:40:c2:70:67:d3:ed:04:14:d6:2a:3f:88:df:97:
                    70:19:11:14:7b:ec:fa:7c:55:b6:73:e9:54:0e:60:
                    a3:ad:32:24:5f:51:35:fd:39:af:5a:ca:8a:48:62:
                    54:01:c3:9a:38:5a:02:8c:74:f7:69:b4:c0:c8:dc:
                    25:db:32:d1:eb:d4:67:71:90:5d:57:f5:2a:48:84:
                    a3:30:e5:29:bf:40:77:00:0c:7e:4a:5a:ea:d3:9f:
                    f3:b4:53:42:ad:2e:73:c8:5f:23:da:9c:18:8c:4d:
                    c3:f8:c4:d1:f5:35:93:56:5c:cb:26:cd:c6:3c:e3:
                    ab:44:8d:92:03:00:eb:22:90:23:a8:19:18:31:04:
                    6f:6e:3f:00:ea:af:da:70:66:ce:79:12:0d:ce:55:
                    93:c9:96:53:9a:66:68:5a:e3:7f:cb:88:8e:53:ad:
                    fd:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:74:16:0C:D7:CC:7C:9D:72:98:55:7E:41:A4:4D:E1:F2:31:70:5A
            X509v3 Authority Key Identifier:
                keyid:4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/r3QWDNfMfJ1ymFV-QaRN4fIxcFo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.231.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:4a:c6:a1:97:f0:ed:bb:0f:6e:ae:a9:22:8f:f8:72:6c:70:
         e2:91:10:4c:0f:49:40:1d:8e:26:58:02:40:e2:6a:f1:7d:c4:
         b0:08:b1:68:f0:4b:7a:4a:f1:d4:5e:93:a2:01:ad:c3:ed:91:
         8a:0e:27:96:7a:ac:c1:74:98:9f:2b:d6:c9:0c:0e:22:ea:dc:
         7c:d8:00:a6:31:8c:0a:55:12:3a:ef:81:4b:7d:d0:59:45:b1:
         9c:d1:d3:d3:c1:f8:d9:ea:57:fe:80:02:ef:bb:af:06:57:5c:
         ae:fd:d9:bd:59:92:2a:19:65:25:b8:64:13:14:16:41:d5:b2:
         7b:12:05:ed:e5:6c:96:70:a2:7c:11:6b:e8:62:00:05:b6:94:
         55:6e:a3:37:29:ba:ac:39:13:bc:38:61:ac:46:1b:4d:fb:14:
         df:8a:55:50:f2:08:c7:91:2c:d8:81:36:84:ac:8f:aa:6d:8e:
         6f:ad:b3:f0:fc:eb:09:f5:94:a4:23:52:08:77:e9:09:76:b9:
         93:f6:c7:ed:2e:0e:1a:49:04:03:90:a5:e6:8e:e8:82:ad:40:
         35:2a:29:ef:d2:6b:76:d6:19:37:bd:d6:bc:3c:41:f9:e1:8b:
         c9:78:bc:c3:c9:30:2a:bd:0b:29:60:f9:35:f9:73:1a:9c:29:
         d0:5d:94:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuCxCArlIvhQ36zsx10SojMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDFiMjU4NzQ5MGFkMDYxY2IyMDcxNzZiZGVlYzgxYTUz
MTU4OGMwHhcNMjMwMTAxMTU1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjc0MTYwY2Q3Y2M3YzlkNzI5ODU1N2U0MWE0NGRlMWYyMzE3MDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTy1+GPT/gE6s1Wkdq4yJ6U2SpzM
GHtzzG2p92EeEJgaaYcgIAq4V5goUoDSa6rqxObtI9tYpFqB127izswW992wWIGv
8DwIXihBblbEKKnCO88W2emppoRcQMJwZ9PtBBTWKj+I35dwGREUe+z6fFW2c+lU
DmCjrTIkX1E1/TmvWsqKSGJUAcOaOFoCjHT3abTAyNwl2zLR69RncZBdV/UqSISj
MOUpv0B3AAx+Slrq05/ztFNCrS5zyF8j2pwYjE3D+MTR9TWTVlzLJs3GPOOrRI2S
AwDrIpAjqBkYMQRvbj8A6q/acGbOeRINzlWTyZZTmmZoWuN/y4iOU639VQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK90FgzXzHydcphVfkGkTeHyMXBaMB8GA1UdIwQY
MBaAFE3Rslh0kK0GHLIHF2ve7IGlMViMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUt
ZGI0NjNjNWZiMGI0LzEvcjNRV0ROZk1mSjF5bUZWLVFhUk40Zkl4Y0ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUtZGI0NjNjNWZiMGI0
LzEvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUOcJMA0G
CSqGSIb3DQEBCwUAA4IBAQBcSsahl/Dtuw9urqkij/hybHDikRBMD0lAHY4mWAJA
4mrxfcSwCLFo8Et6SvHUXpOiAa3D7ZGKDieWeqzBdJifK9bJDA4i6tx82ACmMYwK
VRI674FLfdBZRbGc0dPTwfjZ6lf+gALvu68GV1yu/dm9WZIqGWUluGQTFBZB1bJ7
EgXt5WyWcKJ8EWvoYgAFtpRVbqM3KbqsORO8OGGsRhtN+xTfilVQ8gjHkSzYgTaE
rI+qbY5vrbPw/OsJ9ZSkI1IId+kJdrmT9sftLg4aSQQDkKXmjuiCrUA1Kinv0mt2
1hk3vda8PEH54YvJeLzDyTAqvQspYPk1+XManCnQXZQo
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:19 2024 by rpki-client on console-ams.rpki-client.org