Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/eREhe4rpbGHbcYu3NyFxPurUaBo.roa
File:                     eREhe4rpbGHbcYu3NyFxPurUaBo.roa (raw, json)
Hash identifier:          GFO/RElMcBeVO4uLx0iMzHxpluQGzGsivQnbMSCVl6w=
Subject key identifier:   79:11:21:7B:8A:E9:6C:61:DB:71:8B:B7:37:21:71:3E:EA:D4:68:1A
Certificate issuer:       /CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3
Certificate serial:       01856C53B0DDCB781F1A27BCFCFB4522A505
Authority key identifier: 96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/eREhe4rpbGHbcYu3NyFxPurUaBo.roa
Signing time:             Sun 01 Jan 2023 07:55:02 +0000
ROA not before:           Sun 01 Jan 2023 07:55:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203761
IP address blocks:        134.97.128.0/17 maxlen: 17

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:53:b0:dd:cb:78:1f:1a:27:bc:fc:fb:45:22:a5:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3
        Validity
            Not Before: Jan  1 07:55:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7911217b8ae96c61db718bb73721713eead4681a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:6c:5b:db:b1:89:0a:bb:f4:0f:4f:0f:a8:ac:
                    06:f2:b7:dc:cc:9e:b9:36:83:30:71:ac:30:ef:e0:
                    8a:73:ab:8f:e9:f0:ff:45:ac:74:eb:47:c4:3c:d1:
                    84:31:a9:9d:d2:b5:52:99:14:e6:fc:c4:0c:6e:09:
                    85:9d:a2:99:20:24:d7:05:90:71:c6:b5:c4:7f:b9:
                    ca:20:a8:e5:c5:e2:2a:7c:c1:70:16:39:4d:85:ee:
                    3c:c9:2d:5e:6f:e8:aa:4a:22:43:2d:94:80:35:0d:
                    7f:1d:db:6c:82:e2:4e:45:59:7e:54:72:cf:9e:59:
                    24:b3:60:91:b4:e2:93:27:b4:11:d9:4d:e1:9d:57:
                    10:2d:e9:5b:d4:bd:ec:70:b9:ed:18:e1:9b:c2:36:
                    11:4b:6e:a1:66:de:eb:98:d4:25:41:80:8b:23:f1:
                    4f:e5:62:69:6c:a3:68:82:0c:3c:db:4c:1d:71:75:
                    b4:66:6b:1e:ad:8b:4e:63:bb:76:52:5f:f2:9d:9f:
                    a7:23:d4:d7:36:c8:8d:64:6c:cb:d5:71:41:78:27:
                    59:a2:c5:55:4a:fa:da:a5:d9:e4:2f:f1:40:7e:48:
                    c2:c5:b5:4c:17:ff:d3:52:fc:83:31:2c:c8:b5:cc:
                    b9:e2:a6:41:78:09:e5:5d:3a:a7:c2:47:58:30:9e:
                    6c:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:11:21:7B:8A:E9:6C:61:DB:71:8B:B7:37:21:71:3E:EA:D4:68:1A
            X509v3 Authority Key Identifier:
                keyid:96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/eREhe4rpbGHbcYu3NyFxPurUaBo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/lplI0P5Nf5nVS6i__NmaGmCK4NM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  134.97.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         a8:87:9e:de:76:e2:c6:ad:c5:f2:fb:11:da:89:bf:a8:56:1b:
         8d:87:11:a2:13:98:c7:ca:0f:c6:df:70:f3:ed:77:00:0b:16:
         17:47:36:4e:ec:9a:17:48:97:c8:7e:c4:c2:a1:69:31:30:ec:
         f6:99:18:64:54:31:a2:60:ba:27:65:3a:b2:2f:30:77:7e:dd:
         2d:85:a3:6f:0d:09:49:d0:d7:57:44:0e:be:6e:40:f1:95:fe:
         47:0d:f8:95:77:3a:58:4f:c1:75:48:de:cf:61:d6:d7:9f:d5:
         9c:f1:e2:6d:b4:e2:26:41:90:fb:f2:b1:ef:bf:0a:0a:e7:7f:
         7f:d1:a5:f0:98:52:45:12:eb:69:bb:64:ea:b8:c0:2c:c1:23:
         c6:11:9f:e8:61:c2:56:68:35:c2:67:a9:16:22:15:ff:cd:d2:
         82:7f:82:d4:b9:89:8d:1d:04:9a:a7:0e:ea:ac:4b:eb:6f:ae:
         ac:dc:cf:28:1f:b7:c2:75:df:78:71:b5:ba:9a:5a:7a:63:5a:
         8b:e5:83:b2:59:67:9f:68:cb:eb:b5:11:0b:80:ab:cd:3b:0b:
         22:b3:77:80:1b:db:77:69:7a:38:98:88:82:fe:9e:29:ca:cc:
         ba:eb:58:e4:3a:36:bd:67:73:10:26:71:3b:0a:df:10:ce:ab:
         21:49:63:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsU7Ddy3gfGie8/PtFIqUFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2OTk0OGQwZmU0ZDdmOTlkNTRiYThiZmZjZDk5YTFhNjA4
YWUwZDMwHhcNMjMwMTAxMDc1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTExMjE3YjhhZTk2YzYxZGI3MThiYjczNzIxNzEzZWVhZDQ2ODFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGxb27GJCrv0D08PqKwG8rfczJ65
NoMwcaww7+CKc6uP6fD/Rax060fEPNGEMamd0rVSmRTm/MQMbgmFnaKZICTXBZBx
xrXEf7nKIKjlxeIqfMFwFjlNhe48yS1eb+iqSiJDLZSANQ1/HdtsguJORVl+VHLP
nlkks2CRtOKTJ7QR2U3hnVcQLelb1L3scLntGOGbwjYRS26hZt7rmNQlQYCLI/FP
5WJpbKNoggw820wdcXW0ZmserYtOY7t2Ul/ynZ+nI9TXNsiNZGzL1XFBeCdZosVV
SvrapdnkL/FAfkjCxbVMF//TUvyDMSzItcy54qZBeAnlXTqnwkdYMJ5soQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHkRIXuK6Wxh23GLtzchcT7q1GgaMB8GA1UdIwQY
MBaAFJaZSND+TX+Z1Uuov/zZmhpgiuDTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAt
NTNjYzVkYWY1MmNmLzEvZVJFaGU0cnBiR0hiY1l1M055RnhQdXJVYUJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAtNTNjYzVkYWY1MmNm
LzEvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHhmGAMA0G
CSqGSIb3DQEBCwUAA4IBAQCoh57eduLGrcXy+xHaib+oVhuNhxGiE5jHyg/G33Dz
7XcACxYXRzZO7JoXSJfIfsTCoWkxMOz2mRhkVDGiYLonZTqyLzB3ft0thaNvDQlJ
0NdXRA6+bkDxlf5HDfiVdzpYT8F1SN7PYdbXn9Wc8eJttOImQZD78rHvvwoK539/
0aXwmFJFEutpu2TquMAswSPGEZ/oYcJWaDXCZ6kWIhX/zdKCf4LUuYmNHQSapw7q
rEvrb66s3M8oH7fCdd94cbW6mlp6Y1qL5YOyWWefaMvrtRELgKvNOwsis3eAG9t3
aXo4mIiC/p4pysy661jkOja9Z3MQJnE7Ct8QzqshSWMF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:09 2024 by rpki-client on console-fra.rpki-client.org