Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/J36kwW_1y9maSke2qD5JFoKMkW0.roa
File:                     J36kwW_1y9maSke2qD5JFoKMkW0.roa (raw, json)
Hash identifier:          eZGnM7SsSjLYrS8/vpeLFIOa16nuk3q2w36ZIlHZlIM=
Subject key identifier:   27:7E:A4:C1:6F:F5:CB:D9:9A:4A:47:B6:A8:3E:49:16:82:8C:91:6D
Certificate issuer:       /CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Certificate serial:       01856F5DCAAFFCA1EFBC2C1EC4447AB62036
Authority key identifier: DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/J36kwW_1y9maSke2qD5JFoKMkW0.roa
Signing time:             Sun 01 Jan 2023 22:04:55 +0000
ROA not before:           Sun 01 Jan 2023 22:04:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        212.124.94.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Fri 20 Jan 2023 04:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:ca:af:fc:a1:ef:bc:2c:1e:c4:44:7a:b6:20:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
        Validity
            Not Before: Jan  1 22:04:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=277ea4c16ff5cbd99a4a47b6a83e4916828c916d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:b1:13:a4:8c:7d:cd:80:2a:14:27:36:59:ac:
                    47:40:93:de:3f:a0:67:44:4b:cc:e3:a6:88:99:19:
                    ab:d0:4c:39:c5:02:b5:3e:b0:cc:3f:a7:c6:3b:78:
                    c7:40:15:0a:b6:a5:88:43:dc:62:cc:6f:79:ab:5e:
                    4f:05:e2:18:11:78:35:7a:9a:1d:25:f0:3a:0f:30:
                    bb:d9:7c:f0:10:7a:c5:f4:81:91:24:f6:0f:e0:e7:
                    96:1b:0b:39:83:4d:f9:0d:f0:55:4e:bf:6b:16:e7:
                    09:38:46:aa:83:5f:c2:ca:f2:db:b5:b9:59:55:fb:
                    16:68:47:b2:96:32:a3:e3:12:4b:54:64:bd:b7:e4:
                    b1:0c:0c:b3:67:29:5c:8a:60:80:91:31:61:a1:c5:
                    99:05:99:e0:de:fc:8e:a0:d6:04:53:f0:6a:70:7a:
                    75:3d:04:aa:e9:fb:50:62:06:a4:df:2f:88:c6:05:
                    7c:fd:d3:92:9c:a5:61:04:bb:cd:0f:9f:e5:5b:35:
                    f1:7b:11:6c:05:1e:16:fa:cb:6e:f1:43:de:8d:13:
                    39:8f:8a:b6:74:6c:51:9c:71:23:0f:c5:f3:31:9e:
                    12:75:14:e4:75:58:fe:96:3a:84:b1:15:72:59:f4:
                    c2:1a:75:0c:e3:f2:1a:ca:32:e2:5c:4b:5f:d4:8f:
                    e0:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:7E:A4:C1:6F:F5:CB:D9:9A:4A:47:B6:A8:3E:49:16:82:8C:91:6D
            X509v3 Authority Key Identifier:
                keyid:DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/J36kwW_1y9maSke2qD5JFoKMkW0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.124.94.0/23

    Signature Algorithm: sha256WithRSAEncryption
         17:d7:fb:3f:cf:90:d5:48:6e:0f:b0:3b:ce:43:ab:a0:85:6a:
         f5:e4:79:c8:25:70:84:a7:26:37:8c:86:c9:22:cc:bf:a9:80:
         b4:1c:ad:de:e6:ad:a4:e2:f9:d9:0d:53:fc:93:77:e2:9c:05:
         cd:40:82:5e:73:48:07:66:17:8f:1f:f3:5a:42:d7:2c:5d:d2:
         df:64:16:3a:7e:a7:47:a8:39:9c:8f:15:00:f9:95:07:b3:d6:
         da:4b:db:91:6e:1b:57:4a:bf:00:16:cc:14:d9:71:cf:e2:9a:
         7b:29:e0:20:11:c7:5c:49:ac:ed:74:d7:c9:79:2d:ee:89:63:
         a0:ba:37:9f:d1:64:2c:b6:64:62:58:79:c8:3a:68:e1:e0:58:
         a0:85:46:ee:71:f0:c7:64:b9:7e:90:61:05:a4:c9:7b:52:4a:
         6f:eb:d8:9a:81:2a:2d:3b:ba:71:35:fb:bb:58:87:ed:2f:7d:
         3c:b2:eb:b1:68:dc:01:8c:c7:aa:ab:42:cb:b4:ea:3a:e2:74:
         91:0e:b5:5d:35:12:48:ec:dd:c7:4b:0b:47:d2:aa:a8:06:07:
         70:21:63:c6:f2:79:c1:84:8b:e0:b3:7d:d2:46:72:92:e8:98:
         55:a1:e5:84:e1:e2:c5:ea:e5:98:45:fa:00:c5:2d:b8:18:b8:
         9e:8d:a3:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXcqv/KHvvCwexER6tiA2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZWUyYmY0M2YyMWE4MWM0OTJjNmU2YTlmYzZmMDc0ZDJm
MGEyMTcwHhcNMjMwMTAxMjIwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzdlYTRjMTZmZjVjYmQ5OWE0YTQ3YjZhODNlNDkxNjgyOGM5MTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrETpIx9zYAqFCc2WaxHQJPeP6Bn
REvM46aImRmr0Ew5xQK1PrDMP6fGO3jHQBUKtqWIQ9xizG95q15PBeIYEXg1epod
JfA6DzC72XzwEHrF9IGRJPYP4OeWGws5g035DfBVTr9rFucJOEaqg1/CyvLbtblZ
VfsWaEeyljKj4xJLVGS9t+SxDAyzZylcimCAkTFhocWZBZng3vyOoNYEU/BqcHp1
PQSq6ftQYgak3y+IxgV8/dOSnKVhBLvND5/lWzXxexFsBR4W+stu8UPejRM5j4q2
dGxRnHEjD8XzMZ4SdRTkdVj+ljqEsRVyWfTCGnUM4/IayjLiXEtf1I/gNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCd+pMFv9cvZmkpHtqg+SRaCjJFtMB8GA1UdIwQY
MBaAFN/uK/Q/IagcSSxuap/G8HTS8KIXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTIt
MjhkNzhlYjlmMmRjLzEvSjM2a3dXXzF5OW1hU2tlMnFENUpGb0tNa1cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTItMjhkNzhlYjlmMmRj
LzEvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1HxeMA0G
CSqGSIb3DQEBCwUAA4IBAQAX1/s/z5DVSG4PsDvOQ6ughWr15HnIJXCEpyY3jIbJ
Isy/qYC0HK3e5q2k4vnZDVP8k3finAXNQIJec0gHZhePH/NaQtcsXdLfZBY6fqdH
qDmcjxUA+ZUHs9baS9uRbhtXSr8AFswU2XHP4pp7KeAgEcdcSaztdNfJeS3uiWOg
ujef0WQstmRiWHnIOmjh4FighUbucfDHZLl+kGEFpMl7Ukpv69iagSotO7pxNfu7
WIftL308suuxaNwBjMeqq0LLtOo64nSRDrVdNRJI7N3HSwtH0qqoBgdwIWPG8nnB
hIvgs33SRnKS6JhVoeWE4eLF6uWYRfoAxS24GLiejaPH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:48 2024 by rpki-client on console-fra.rpki-client.org