Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/s-9-fNlNOb34iU3GLNNr8wwSeME.roa
File:                     s-9-fNlNOb34iU3GLNNr8wwSeME.roa (raw, json)
Hash identifier:          R6zj8siQAHUYWCzyAHqXC5TE8X8CIQ9Ub6yaol5rR8Q=
Subject key identifier:   B3:EF:7E:7C:D9:4D:39:BD:F8:89:4D:C6:2C:D3:6B:F3:0C:12:78:C1
Certificate issuer:       /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial:       018A86109C48218A4B340F2FDE4ED5C35198
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/s-9-fNlNOb34iU3GLNNr8wwSeME.roa
Signing time:             Mon 11 Sep 2023 21:05:50 +0000
ROA not before:           Mon 11 Sep 2023 21:05:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        94.154.36.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 02 Oct 2023 16:44:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:86:10:9c:48:21:8a:4b:34:0f:2f:de:4e:d5:c3:51:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
        Validity
            Not Before: Sep 11 21:05:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b3ef7e7cd94d39bdf8894dc62cd36bf30c1278c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:e0:22:a1:60:b6:c8:cb:84:a7:d2:92:33:69:
                    74:1b:fc:b1:e7:bf:97:8e:96:35:ed:bf:de:c0:d4:
                    c5:45:9a:19:25:09:8f:93:3a:c1:d9:a8:cc:aa:40:
                    04:96:d0:68:34:56:d7:c1:0c:78:ee:9d:f7:4c:46:
                    fd:c5:04:51:3b:c5:8f:90:46:4c:3c:79:07:e7:8c:
                    0f:57:38:ef:63:04:d4:ce:7d:cb:b2:30:d5:a1:e5:
                    56:c5:86:f0:61:78:69:f9:e8:1c:70:a9:a3:ae:4c:
                    9a:e4:02:a3:3a:37:9d:3f:24:03:a8:45:13:1a:a8:
                    b0:f6:8f:e4:c8:ff:6e:3f:d8:9d:72:3a:57:4c:72:
                    b9:80:81:dc:6f:53:50:26:6f:46:8e:cb:5c:08:8b:
                    d0:25:40:fc:18:75:59:d9:80:f3:8f:1b:4b:ec:9b:
                    ca:ab:22:37:b2:98:a3:cd:0d:0c:34:ac:f5:f0:88:
                    77:b0:0c:aa:12:e9:75:d2:86:b5:02:fa:97:00:8e:
                    54:fd:b1:70:67:c2:86:17:c7:70:d0:36:98:53:49:
                    b4:5f:fb:02:da:fd:18:c2:02:36:80:5a:67:13:2b:
                    d3:69:8a:cb:fe:bc:83:eb:7d:0f:5c:f9:c1:ae:9f:
                    8a:dc:77:63:40:a6:d8:54:cb:42:04:0b:3c:12:09:
                    b1:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:EF:7E:7C:D9:4D:39:BD:F8:89:4D:C6:2C:D3:6B:F3:0C:12:78:C1
            X509v3 Authority Key Identifier:
                keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/s-9-fNlNOb34iU3GLNNr8wwSeME.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.154.36.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:fc:ee:0c:9b:fa:ba:97:9f:6c:7b:5d:87:3e:0f:3e:5c:54:
         49:fb:96:0c:8e:6f:76:b5:cb:51:b1:c8:13:53:89:dc:52:b2:
         92:ae:cd:01:36:d2:87:63:d2:7a:97:fd:55:11:be:81:24:c9:
         25:d5:e2:81:bf:dd:0b:c3:e0:e0:4d:1a:ce:ba:22:d2:85:98:
         62:35:c3:1a:0d:fb:33:35:8e:17:7a:db:78:c4:82:33:f2:cb:
         57:29:3f:c6:73:3e:da:14:f4:17:f4:88:a2:32:a7:f5:3a:37:
         c0:94:b3:b0:f6:a6:37:2d:2a:2f:b5:6e:f4:61:3a:11:df:f3:
         b1:43:e4:ce:e8:17:93:81:00:6b:d7:0b:a9:6b:41:70:7c:f2:
         a4:04:0f:10:4e:25:bb:59:90:9f:b6:41:44:95:aa:d0:39:c6:
         8f:29:8f:a5:c2:83:2d:37:68:42:17:72:ed:c9:37:89:cb:83:
         b9:e7:3c:40:24:65:3c:8b:ba:cd:e5:68:c5:ea:10:ab:bb:01:
         a7:4f:4b:d7:24:23:cb:9c:2e:e0:f2:2f:47:24:e2:c8:16:95:
         8c:d9:db:01:dd:b8:62:db:1a:c3:2f:59:2e:1f:42:a6:58:25:
         a2:06:d1:13:ca:b0:f2:0a:4e:e5:2a:88:90:ae:83:fb:ac:94:
         02:87:c5:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqGEJxIIYpLNA8v3k7Vw1GYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMwOTExMjEwNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2VmN2U3Y2Q5NGQzOWJkZjg4OTRkYzYyY2QzNmJmMzBjMTI3OGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOAioWC2yMuEp9KSM2l0G/yx57+X
jpY17b/ewNTFRZoZJQmPkzrB2ajMqkAEltBoNFbXwQx47p33TEb9xQRRO8WPkEZM
PHkH54wPVzjvYwTUzn3LsjDVoeVWxYbwYXhp+egccKmjrkya5AKjOjedPyQDqEUT
Gqiw9o/kyP9uP9idcjpXTHK5gIHcb1NQJm9GjstcCIvQJUD8GHVZ2YDzjxtL7JvK
qyI3spijzQ0MNKz18Ih3sAyqEul10oa1AvqXAI5U/bFwZ8KGF8dw0DaYU0m0X/sC
2v0YwgI2gFpnEyvTaYrL/ryD630PXPnBrp+K3HdjQKbYVMtCBAs8Egmx/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLPvfnzZTTm9+IlNxizTa/MMEnjBMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvcy05LWZObE5PYjM0aVUzR0xOTnI4d3dTZU1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXpokMA0G
CSqGSIb3DQEBCwUAA4IBAQAS/O4Mm/q6l59se12HPg8+XFRJ+5YMjm92tctRscgT
U4ncUrKSrs0BNtKHY9J6l/1VEb6BJMkl1eKBv90Lw+DgTRrOuiLShZhiNcMaDfsz
NY4Xett4xIIz8stXKT/Gcz7aFPQX9IiiMqf1OjfAlLOw9qY3LSovtW70YToR3/Ox
Q+TO6BeTgQBr1wupa0FwfPKkBA8QTiW7WZCftkFElarQOcaPKY+lwoMtN2hCF3Lt
yTeJy4O55zxAJGU8i7rN5WjF6hCruwGnT0vXJCPLnC7g8i9HJOLIFpWM2dsB3bhi
2xrDL1kuH0KmWCWiBtETyrDyCk7lKoiQroP7rJQCh8XH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:25 2024 by rpki-client on console-fra.rpki-client.org