Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/9246ad-9638-47e6-8214-e98702f1bbb5/1/w9ggVjIGy1oy5K4FVM3UE1nCA8k.roa
File:                     w9ggVjIGy1oy5K4FVM3UE1nCA8k.roa (raw, json)
Hash identifier:          HmF7d16wHVKwvqVLU/nK3xWFWJ5xPp+0x7Y+XR9e8NA=
Subject key identifier:   C3:D8:20:56:32:06:CB:5A:32:E4:AE:05:54:CD:D4:13:59:C2:03:C9
Certificate issuer:       /CN=a74ea4cb82a47c5c73c82de495c38af3a8844fc9
Certificate serial:       018CB4FA410024B720A0897F1BEC4A003D35
Authority key identifier: A7:4E:A4:CB:82:A4:7C:5C:73:C8:2D:E4:95:C3:8A:F3:A8:84:4F:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p06ky4KkfFxzyC3klcOK86iET8k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/9246ad-9638-47e6-8214-e98702f1bbb5/1/w9ggVjIGy1oy5K4FVM3UE1nCA8k.roa
Signing time:             Fri 29 Dec 2023 09:49:08 +0000
ROA not before:           Fri 29 Dec 2023 09:49:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        185.157.123.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:b4:fa:41:00:24:b7:20:a0:89:7f:1b:ec:4a:00:3d:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a74ea4cb82a47c5c73c82de495c38af3a8844fc9
        Validity
            Not Before: Dec 29 09:49:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c3d820563206cb5a32e4ae0554cdd41359c203c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:79:a8:71:2c:25:ab:d2:c3:27:11:35:79:0d:
                    74:52:c7:f8:b2:c8:31:6f:fa:c2:45:b6:dd:c8:15:
                    85:42:9e:b3:c1:99:92:5b:a4:49:4a:09:a6:ed:8d:
                    86:86:fc:d9:8e:27:d8:25:cc:5c:6b:31:18:85:8b:
                    97:ea:62:dc:fc:4c:23:3f:59:dc:1a:22:40:eb:3d:
                    a6:94:2a:ba:c9:29:a3:87:ad:3b:e7:11:c6:39:d8:
                    ca:c0:76:39:5c:13:07:29:dc:ab:35:d3:25:8b:82:
                    1e:1a:0a:ff:56:47:e7:73:5e:0f:c1:a1:8f:f3:fe:
                    ba:f1:63:21:b2:26:8e:2f:92:b5:53:90:a1:14:e0:
                    0a:77:9c:16:fc:17:e4:99:1d:a4:55:8f:3a:eb:c6:
                    0f:07:63:70:bd:87:82:f2:0e:d7:2f:db:03:80:ba:
                    0d:cc:29:c2:54:69:c1:81:77:d2:a9:b4:0c:de:97:
                    be:6e:c3:0c:00:ba:84:20:f9:ed:c3:a5:9a:20:a5:
                    16:9b:4a:64:6a:42:3c:65:40:bc:eb:bf:b3:d4:43:
                    71:12:24:23:8d:e1:57:72:a1:7a:fb:12:3a:b2:e6:
                    96:80:3d:95:57:dd:85:9d:d5:ad:4b:01:85:c0:2e:
                    b4:4f:82:7f:4e:9b:92:3c:13:2e:6a:06:36:ea:e7:
                    4b:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:D8:20:56:32:06:CB:5A:32:E4:AE:05:54:CD:D4:13:59:C2:03:C9
            X509v3 Authority Key Identifier:
                keyid:A7:4E:A4:CB:82:A4:7C:5C:73:C8:2D:E4:95:C3:8A:F3:A8:84:4F:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p06ky4KkfFxzyC3klcOK86iET8k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/9246ad-9638-47e6-8214-e98702f1bbb5/1/w9ggVjIGy1oy5K4FVM3UE1nCA8k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/9246ad-9638-47e6-8214-e98702f1bbb5/1/p06ky4KkfFxzyC3klcOK86iET8k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.157.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:68:08:c4:a7:c1:01:61:19:48:81:27:d1:d3:21:1a:39:ac:
         a6:67:31:8c:99:e3:40:83:b3:35:92:36:62:f7:f3:6d:04:40:
         74:39:49:ac:ce:22:e1:6b:97:e8:dc:5d:51:7a:e4:cb:ae:3b:
         dc:d7:69:0a:12:0e:8b:25:44:ce:b1:78:d8:a3:84:6b:09:80:
         5c:a7:2d:18:70:69:a9:c4:23:14:7e:e1:cf:fa:89:59:9c:2f:
         1f:da:9b:41:63:22:ea:2a:3d:5e:bb:58:51:c9:52:6c:8d:ec:
         31:63:60:e4:59:2b:6a:0d:e6:04:2b:e9:5f:66:62:f2:07:ee:
         db:5e:de:8c:90:b9:f6:cf:d8:4c:ad:42:c0:a2:3e:dd:5c:d6:
         97:5a:70:8c:35:74:96:60:8f:a9:e3:7c:df:d6:d8:1d:f2:a7:
         1b:e0:21:2b:ef:89:d2:c2:4c:a6:bd:dd:8b:6b:c9:92:6f:57:
         32:7b:d7:23:e4:73:bb:41:77:b6:f2:53:ea:4a:75:85:ad:5c:
         11:ba:b3:3c:27:e3:82:83:63:a3:e1:e5:a9:3e:13:43:04:9e:
         38:54:e4:ca:1f:95:a0:c5:df:c0:17:66:be:bc:69:a4:fd:e3:
         04:b4:2c:c8:ea:ae:89:73:16:1f:02:5b:61:5b:68:94:97:5b:
         aa:1d:45:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYy0+kEAJLcgoIl/G+xKAD01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NGVhNGNiODJhNDdjNWM3M2M4MmRlNDk1YzM4YWYzYTg4
NDRmYzkwHhcNMjMxMjI5MDk0OTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2Q4MjA1NjMyMDZjYjVhMzJlNGFlMDU1NGNkZDQxMzU5YzIwM2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HmocSwlq9LDJxE1eQ10Usf4ssgx
b/rCRbbdyBWFQp6zwZmSW6RJSgmm7Y2GhvzZjifYJcxcazEYhYuX6mLc/EwjP1nc
GiJA6z2mlCq6ySmjh6075xHGOdjKwHY5XBMHKdyrNdMli4IeGgr/Vkfnc14PwaGP
8/668WMhsiaOL5K1U5ChFOAKd5wW/BfkmR2kVY8668YPB2NwvYeC8g7XL9sDgLoN
zCnCVGnBgXfSqbQM3pe+bsMMALqEIPntw6WaIKUWm0pkakI8ZUC867+z1ENxEiQj
jeFXcqF6+xI6suaWgD2VV92FndWtSwGFwC60T4J/TpuSPBMuagY26udLdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMPYIFYyBstaMuSuBVTN1BNZwgPJMB8GA1UdIwQY
MBaAFKdOpMuCpHxcc8gt5JXDivOohE/JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDA2a3k0S2tmRnh6eUMza2xjT0s4NmlFVDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy85MjQ2YWQtOTYzOC00N2U2LTgyMTQt
ZTk4NzAyZjFiYmI1LzEvdzlnZ1ZqSUd5MW95NUs0RlZNM1VFMW5DQThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy85MjQ2YWQtOTYzOC00N2U2LTgyMTQtZTk4NzAyZjFiYmI1
LzEvcDA2a3k0S2tmRnh6eUMza2xjT0s4NmlFVDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ17MA0G
CSqGSIb3DQEBCwUAA4IBAQA1aAjEp8EBYRlIgSfR0yEaOaymZzGMmeNAg7M1kjZi
9/NtBEB0OUmsziLha5fo3F1ReuTLrjvc12kKEg6LJUTOsXjYo4RrCYBcpy0YcGmp
xCMUfuHP+olZnC8f2ptBYyLqKj1eu1hRyVJsjewxY2DkWStqDeYEK+lfZmLyB+7b
Xt6MkLn2z9hMrULAoj7dXNaXWnCMNXSWYI+p43zf1tgd8qcb4CEr74nSwkymvd2L
a8mSb1cye9cj5HO7QXe28lPqSnWFrVwRurM8J+OCg2Oj4eWpPhNDBJ44VOTKH5Wg
xd/AF2a+vGmk/eMEtCzI6q6JcxYfAlthW2iUl1uqHUWV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:59 2024 by rpki-client on console-fra.rpki-client.org