Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/7hX9vIOHCRTRuiT2yTIV1nq8xZM.roa
File:                     7hX9vIOHCRTRuiT2yTIV1nq8xZM.roa (raw, json)
Hash identifier:          L6YOw3jSfwU6hZ5H33u2nT+S46TRLAo8qR18FVZYRKY=
Subject key identifier:   EE:15:FD:BC:83:87:09:14:D1:BA:24:F6:C9:32:15:D6:7A:BC:C5:93
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       01889A788E9413EEE200573A2294272B392A
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/7hX9vIOHCRTRuiT2yTIV1nq8xZM.roa
Signing time:             Thu 08 Jun 2023 10:06:11 +0000
ROA not before:           Thu 08 Jun 2023 10:06:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3507
IP address blocks:        213.209.150.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 19 Aug 2023 08:38:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:9a:78:8e:94:13:ee:e2:00:57:3a:22:94:27:2b:39:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Jun  8 10:06:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ee15fdbc83870914d1ba24f6c93215d67abcc593
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:eb:67:39:69:c8:cf:b3:70:47:6a:4a:04:a0:
                    6c:59:c9:7a:dc:af:86:74:f1:f3:73:ab:85:70:d7:
                    09:81:dc:7a:d3:83:e2:c9:17:8c:46:11:ef:2f:99:
                    50:a3:d5:08:9a:ae:d3:0f:c9:12:e4:7c:54:79:93:
                    fd:24:f4:03:a0:34:46:81:2b:1d:e9:66:42:bb:66:
                    ad:9e:4d:5f:92:01:d4:8c:a0:7f:a3:16:eb:ca:97:
                    e8:37:d1:71:b8:5b:0c:bd:ae:34:c0:d9:0e:6b:a0:
                    a7:a6:6b:0f:36:16:62:1b:d7:4b:60:32:b4:7c:d7:
                    f8:68:69:99:ed:f9:43:8b:20:b4:7a:f2:b7:42:53:
                    05:92:9a:42:db:f3:de:39:e1:37:99:91:8f:ea:36:
                    18:62:d2:08:ac:d2:e3:b8:1b:17:20:60:10:b3:55:
                    11:e9:d5:6c:8d:44:51:97:8a:4d:4f:d2:75:e5:91:
                    3f:44:4e:57:ef:2f:ae:91:8a:a6:64:90:b7:8f:2b:
                    c3:cf:1a:19:d3:a6:97:69:52:62:20:74:38:f8:d2:
                    40:e3:92:03:c1:cc:8d:28:c1:2d:90:f8:97:19:e7:
                    bf:cd:b0:28:b9:ec:01:4c:14:3a:64:2f:c2:65:cc:
                    0e:47:1f:79:5f:58:da:80:b2:36:6f:f9:85:e8:aa:
                    43:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:15:FD:BC:83:87:09:14:D1:BA:24:F6:C9:32:15:D6:7A:BC:C5:93
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/7hX9vIOHCRTRuiT2yTIV1nq8xZM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.209.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:c6:12:c9:12:a2:75:e2:a4:c5:88:f7:47:05:8a:23:ec:50:
         d2:ae:76:98:e1:8a:cd:79:1f:7c:68:1f:34:e8:68:dc:90:0b:
         b8:e9:b0:2a:6a:d6:ee:53:d1:e7:e2:6e:7f:ab:99:0a:84:5e:
         ff:0a:84:29:c4:31:f1:ff:a1:b2:a6:00:ab:d2:04:b0:fc:6a:
         49:f9:6c:b6:bb:8a:c6:46:ae:a3:30:03:46:a0:26:44:0d:19:
         9a:30:d2:af:ec:aa:a8:27:2c:d1:5d:44:82:37:8c:33:74:ed:
         32:c7:e2:f8:7a:a2:c2:87:46:85:09:e1:c6:8b:75:76:ee:00:
         b5:a9:1a:5b:86:55:af:c9:b5:9f:96:c1:56:c0:f0:96:cb:ea:
         8d:17:e9:c1:80:7e:92:3f:68:71:46:21:54:e1:c4:a9:63:37:
         47:59:66:e4:e8:6e:32:dd:be:67:e8:50:c7:b4:af:cc:09:70:
         f3:5c:b0:dc:a6:da:ad:18:bd:f2:2a:da:4e:a9:ba:98:b4:29:
         ba:1e:b8:d1:52:25:8b:42:49:c6:ed:26:c7:41:90:fd:72:36:
         49:2d:55:3c:17:24:16:26:2b:2d:94:81:e8:c3:0b:d5:d4:df:
         e5:1a:e3:19:1b:b4:75:e9:c1:18:28:6b:57:27:a1:8b:c9:8f:
         3e:a2:f7:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiaeI6UE+7iAFc6IpQnKzkqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwNjA4MTAwNjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTE1ZmRiYzgzODcwOTE0ZDFiYTI0ZjZjOTMyMTVkNjdhYmNjNTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOtnOWnIz7NwR2pKBKBsWcl63K+G
dPHzc6uFcNcJgdx604PiyReMRhHvL5lQo9UImq7TD8kS5HxUeZP9JPQDoDRGgSsd
6WZCu2atnk1fkgHUjKB/oxbrypfoN9FxuFsMva40wNkOa6CnpmsPNhZiG9dLYDK0
fNf4aGmZ7flDiyC0evK3QlMFkppC2/PeOeE3mZGP6jYYYtIIrNLjuBsXIGAQs1UR
6dVsjURRl4pNT9J15ZE/RE5X7y+ukYqmZJC3jyvDzxoZ06aXaVJiIHQ4+NJA45ID
wcyNKMEtkPiXGee/zbAouewBTBQ6ZC/CZcwORx95X1jagLI2b/mF6KpDQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO4V/byDhwkU0bok9skyFdZ6vMWTMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvN2hYOXZJT0hDUlRSdWlUMnlUSVYxbnE4eFpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dGWMA0G
CSqGSIb3DQEBCwUAA4IBAQBDxhLJEqJ14qTFiPdHBYoj7FDSrnaY4YrNeR98aB80
6GjckAu46bAqatbuU9Hn4m5/q5kKhF7/CoQpxDHx/6GypgCr0gSw/GpJ+Wy2u4rG
Rq6jMANGoCZEDRmaMNKv7KqoJyzRXUSCN4wzdO0yx+L4eqLCh0aFCeHGi3V27gC1
qRpbhlWvybWflsFWwPCWy+qNF+nBgH6SP2hxRiFU4cSpYzdHWWbk6G4y3b5n6FDH
tK/MCXDzXLDcptqtGL3yKtpOqbqYtCm6HrjRUiWLQknG7SbHQZD9cjZJLVU8FyQW
JistlIHowwvV1N/lGuMZG7R16cEYKGtXJ6GLyY8+ovcv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:24 2024 by rpki-client on console-ams.rpki-client.org