Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/44bbTq1G6anBRlfp87ZQBRaex5E.roa
File:                     44bbTq1G6anBRlfp87ZQBRaex5E.roa (raw, json)
Hash identifier:          BSuu4ZJw83rjdky0+kyACH5EyFRNc85Q0KjvWkHg0OQ=
Subject key identifier:   E3:86:DB:4E:AD:46:E9:A9:C1:46:57:E9:F3:B6:50:05:16:9E:C7:91
Certificate issuer:       /CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Certificate serial:       018A9A56BC6558EBF373FF4A9BD944C81F17
Authority key identifier: DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/44bbTq1G6anBRlfp87ZQBRaex5E.roa
Signing time:             Fri 15 Sep 2023 19:34:50 +0000
ROA not before:           Fri 15 Sep 2023 19:34:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47377
IP address blocks:        212.124.94.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:9a:56:bc:65:58:eb:f3:73:ff:4a:9b:d9:44:c8:1f:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
        Validity
            Not Before: Sep 15 19:34:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e386db4ead46e9a9c14657e9f3b65005169ec791
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:1a:3c:98:be:ca:af:34:31:67:aa:cb:2f:b2:
                    1c:72:5e:ea:73:c8:6b:bf:4b:1c:ca:dd:79:b3:17:
                    2d:31:50:aa:07:e7:ee:97:e6:09:42:de:7c:4d:4a:
                    28:1c:ef:88:63:7d:46:7a:b0:3a:c3:a7:5d:6e:79:
                    2a:f1:29:b3:60:1b:9f:31:2a:2d:2f:71:c5:42:bc:
                    04:8c:4d:07:8f:2f:24:f8:59:92:34:b1:b0:09:a6:
                    0d:4b:e0:79:9a:19:29:a9:7d:a7:29:56:f4:4b:ee:
                    c9:6e:b2:e3:4e:1a:33:8e:e8:22:5b:18:a2:b3:e3:
                    2e:7e:25:15:af:e8:15:6f:55:a7:90:0c:a2:05:b1:
                    5a:fe:27:d1:da:00:90:52:d3:e0:3e:d9:cf:4b:27:
                    57:60:37:b5:35:39:68:d7:27:98:97:34:e7:bd:80:
                    3a:da:84:27:a8:35:70:a8:a0:7e:0c:c8:5a:7b:83:
                    24:c3:51:6b:4e:6f:39:23:b6:ed:c6:55:9a:0b:36:
                    1e:54:3a:2d:e9:ad:e3:62:63:b7:11:5e:65:5c:d9:
                    0c:85:fe:94:f2:54:f6:be:89:e8:17:0f:c1:4a:f2:
                    1e:ca:e7:08:4b:f9:8a:40:e5:50:9d:a1:27:87:c1:
                    86:d2:79:96:d3:d3:f2:0c:3c:ce:72:ff:b8:21:23:
                    d0:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:86:DB:4E:AD:46:E9:A9:C1:46:57:E9:F3:B6:50:05:16:9E:C7:91
            X509v3 Authority Key Identifier:
                keyid:DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/44bbTq1G6anBRlfp87ZQBRaex5E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.124.94.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4f:77:42:60:3f:67:2e:8c:85:33:0a:1d:08:bb:1f:35:c1:43:
         f8:f1:1d:60:f4:56:da:aa:c4:5c:11:8a:12:db:2c:72:57:b2:
         fc:1b:57:e5:f2:04:91:1d:f8:51:5c:ea:5a:9a:ff:ae:aa:98:
         73:30:ae:01:c3:fe:90:d8:f1:b0:aa:04:19:73:8d:bd:55:5c:
         0f:35:5d:1b:57:bd:06:6d:4e:91:8f:83:30:1a:80:64:32:55:
         1e:d4:b0:f2:da:20:12:6b:27:54:4e:6e:21:72:28:db:ae:c5:
         f4:0e:ba:37:ba:d0:b8:8c:5d:37:fe:60:4d:05:d7:1a:8c:36:
         66:3d:e4:34:6a:c1:b6:1a:ee:90:0e:57:46:30:82:a5:cc:a9:
         44:31:17:81:bc:10:9b:a8:fa:58:97:94:ab:99:17:f6:09:33:
         70:a7:70:80:6c:e6:30:38:7d:a6:02:aa:39:46:e6:c5:a1:c4:
         0d:e8:1a:0f:0f:6d:39:fa:95:54:e2:12:48:bd:f6:d3:d7:0f:
         85:5a:67:e0:8e:5c:de:1f:e5:d1:bd:68:a3:28:c6:e6:9d:c6:
         54:06:fa:2e:1e:bf:3e:c7:55:93:22:b6:dd:2d:f2:34:84:5b:
         43:ed:b3:49:4b:47:2e:06:af:97:09:de:3d:89:a6:96:41:67:
         5e:13:fe:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqaVrxlWOvzc/9Km9lEyB8XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZWUyYmY0M2YyMWE4MWM0OTJjNmU2YTlmYzZmMDc0ZDJm
MGEyMTcwHhcNMjMwOTE1MTkzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzg2ZGI0ZWFkNDZlOWE5YzE0NjU3ZTlmM2I2NTAwNTE2OWVjNzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBo8mL7KrzQxZ6rLL7Iccl7qc8hr
v0scyt15sxctMVCqB+ful+YJQt58TUooHO+IY31GerA6w6ddbnkq8SmzYBufMSot
L3HFQrwEjE0Hjy8k+FmSNLGwCaYNS+B5mhkpqX2nKVb0S+7JbrLjThozjugiWxii
s+MufiUVr+gVb1WnkAyiBbFa/ifR2gCQUtPgPtnPSydXYDe1NTlo1yeYlzTnvYA6
2oQnqDVwqKB+DMhae4Mkw1FrTm85I7btxlWaCzYeVDot6a3jYmO3EV5lXNkMhf6U
8lT2vonoFw/BSvIeyucIS/mKQOVQnaEnh8GG0nmW09PyDDzOcv+4ISPQ5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOOG206tRumpwUZX6fO2UAUWnseRMB8GA1UdIwQY
MBaAFN/uK/Q/IagcSSxuap/G8HTS8KIXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTIt
MjhkNzhlYjlmMmRjLzEvNDRiYlRxMUc2YW5CUmxmcDg3WlFCUmFleDVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTItMjhkNzhlYjlmMmRj
LzEvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1HxeMA0G
CSqGSIb3DQEBCwUAA4IBAQBPd0JgP2cujIUzCh0Iux81wUP48R1g9FbaqsRcEYoS
2yxyV7L8G1fl8gSRHfhRXOpamv+uqphzMK4Bw/6Q2PGwqgQZc429VVwPNV0bV70G
bU6Rj4MwGoBkMlUe1LDy2iASaydUTm4hcijbrsX0Dro3utC4jF03/mBNBdcajDZm
PeQ0asG2Gu6QDldGMIKlzKlEMReBvBCbqPpYl5SrmRf2CTNwp3CAbOYwOH2mAqo5
RubFocQN6BoPD205+pVU4hJIvfbT1w+FWmfgjlzeH+XRvWijKMbmncZUBvouHr8+
x1WTIrbdLfI0hFtD7bNJS0cuBq+XCd49iaaWQWdeE/4g
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:53 2024 by rpki-client on console-ams.rpki-client.org