Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/r9NEEPS3xQY0yrt4HISajYpkt9M.roa
File:                     r9NEEPS3xQY0yrt4HISajYpkt9M.roa (raw, json)
Hash identifier:          xmLrDCxjOgRhsSuAdwk20782rABUHyvNiubqHFFa+3c=
Subject key identifier:   AF:D3:44:10:F4:B7:C5:06:34:CA:BB:78:1C:84:9A:8D:8A:64:B7:D3
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       018A0482545E9E3E2AEB41D33D85B78683BA
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/r9NEEPS3xQY0yrt4HISajYpkt9M.roa
Signing time:             Thu 17 Aug 2023 17:19:24 +0000
ROA not before:           Thu 17 Aug 2023 17:19:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399073
IP address blocks:        188.209.140.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sun 17 Sep 2023 04:41:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:04:82:54:5e:9e:3e:2a:eb:41:d3:3d:85:b7:86:83:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Aug 17 17:19:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=afd34410f4b7c50634cabb781c849a8d8a64b7d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:f9:ae:15:c9:0c:29:a1:9b:27:7a:15:3a:a4:
                    90:f7:65:d0:96:b1:de:f4:9b:25:e7:b1:b3:90:25:
                    54:3c:9e:a4:e1:6b:07:b5:52:c1:65:20:94:33:95:
                    6e:a3:5c:18:5f:62:8a:ab:38:47:82:eb:67:f8:3a:
                    27:ce:cf:a4:b4:fa:dd:d3:21:45:05:3c:5d:13:d4:
                    03:1a:ff:05:b0:f8:86:a5:21:44:fb:4f:86:2e:80:
                    3e:10:3d:db:92:cd:ca:37:db:ff:19:0c:4e:12:28:
                    75:7a:c6:0d:2a:8f:2e:3e:d9:fe:91:eb:b4:ce:0b:
                    08:c0:6c:1b:d1:70:77:8e:65:9a:e8:71:42:66:5c:
                    2f:a1:21:95:0d:1c:2c:f0:ae:8b:cf:ae:69:3d:16:
                    89:0a:33:82:87:b5:49:7f:3e:49:40:70:ea:c9:d5:
                    e3:e5:90:8a:62:67:cf:54:0d:3b:72:8f:88:d3:4e:
                    7f:1b:f4:81:dd:46:18:59:60:1e:a7:2d:b2:fa:8c:
                    be:90:f5:e7:a1:da:e9:33:c7:ee:77:23:8b:50:ea:
                    4b:30:19:a6:26:28:56:ba:26:e8:98:0f:2a:64:68:
                    48:81:50:b5:c7:27:e5:26:a1:d6:ec:60:dc:57:57:
                    33:4a:7e:13:4f:d6:e3:c9:bd:cd:91:76:7d:0d:c0:
                    8b:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:D3:44:10:F4:B7:C5:06:34:CA:BB:78:1C:84:9A:8D:8A:64:B7:D3
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/r9NEEPS3xQY0yrt4HISajYpkt9M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.209.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         60:0c:28:aa:8e:81:11:4c:57:63:de:86:74:4b:d4:38:d3:91:
         52:32:31:f0:a5:24:21:96:fe:e4:94:4f:48:a6:b5:c0:93:3d:
         bb:2e:1d:3e:bf:e9:27:1e:fd:5b:ab:8c:36:ef:f7:4c:e8:33:
         52:aa:e5:43:ae:b9:2c:a2:a6:a2:88:1e:e4:bf:80:93:6b:0e:
         72:85:dd:42:e8:50:43:f8:47:b0:df:df:41:45:ef:98:06:e8:
         78:50:46:1d:ad:2f:12:04:95:e4:e3:d0:83:c4:48:29:e5:24:
         c1:5b:40:8a:90:66:c0:30:f1:1a:e3:af:6e:ab:c8:09:7e:2a:
         75:c9:f7:25:17:1e:8c:97:f8:13:24:2e:e8:6b:76:ff:ce:69:
         9a:c9:6c:9f:94:8d:c2:08:69:74:30:01:70:5c:e4:44:bb:21:
         77:f7:29:f8:1c:b5:ca:ad:d9:de:d5:f3:e9:61:1d:82:28:14:
         cd:59:a0:90:b7:88:27:5a:b1:2d:c8:55:fb:b7:fb:bc:5f:97:
         9a:6f:b8:b1:2c:5b:27:15:97:42:1a:93:f7:be:20:e6:1f:c0:
         4a:ee:df:fb:cb:fc:72:4c:46:62:a0:44:f5:c5:e5:5f:f8:a4:
         60:a5:ce:58:e0:21:ea:6b:c6:65:de:d0:21:18:6f:40:aa:73:
         6c:01:44:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoEglRenj4q60HTPYW3hoO6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwODE3MTcxOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmQzNDQxMGY0YjdjNTA2MzRjYWJiNzgxYzg0OWE4ZDhhNjRiN2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/muFckMKaGbJ3oVOqSQ92XQlrHe
9Jsl57GzkCVUPJ6k4WsHtVLBZSCUM5Vuo1wYX2KKqzhHgutn+Donzs+ktPrd0yFF
BTxdE9QDGv8FsPiGpSFE+0+GLoA+ED3bks3KN9v/GQxOEih1esYNKo8uPtn+keu0
zgsIwGwb0XB3jmWa6HFCZlwvoSGVDRws8K6Lz65pPRaJCjOCh7VJfz5JQHDqydXj
5ZCKYmfPVA07co+I005/G/SB3UYYWWAepy2y+oy+kPXnodrpM8fudyOLUOpLMBmm
JihWuibomA8qZGhIgVC1xyflJqHW7GDcV1czSn4TT9bjyb3NkXZ9DcCLGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK/TRBD0t8UGNMq7eByEmo2KZLfTMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvcjlORUVQUzN4UVkweXJ0NEhJU2FqWXBrdDlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNGMMA0G
CSqGSIb3DQEBCwUAA4IBAQBgDCiqjoERTFdj3oZ0S9Q405FSMjHwpSQhlv7klE9I
prXAkz27Lh0+v+knHv1bq4w27/dM6DNSquVDrrksoqaiiB7kv4CTaw5yhd1C6FBD
+Eew399BRe+YBuh4UEYdrS8SBJXk49CDxEgp5STBW0CKkGbAMPEa469uq8gJfip1
yfclFx6Ml/gTJC7oa3b/zmmayWyflI3CCGl0MAFwXOREuyF39yn4HLXKrdne1fPp
YR2CKBTNWaCQt4gnWrEtyFX7t/u8X5eab7ixLFsnFZdCGpP3viDmH8BK7t/7y/xy
TEZioET1xeVf+KRgpc5Y4CHqa8Zl3tAhGG9AqnNsAURt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org