Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/88e482-8277-4280-9f5b-8144b140edf9/1/9CEaS8RBDUpcC-YjP2NsrwVjD8k.roa
File:                     9CEaS8RBDUpcC-YjP2NsrwVjD8k.roa (raw, json)
Hash identifier:          2NTz3d38+c2rLhnw6omtPi1yjkb1HRfQZz6ecDfmUpk=
Subject key identifier:   F4:21:1A:4B:C4:41:0D:4A:5C:0B:E6:23:3F:63:6C:AF:05:63:0F:C9
Certificate issuer:       /CN=30d66b66a3982d20a81ef201dc755ed3353b16a4
Certificate serial:       018571BA0295E12BB0964E9D451A9ECA9FAE
Authority key identifier: 30:D6:6B:66:A3:98:2D:20:A8:1E:F2:01:DC:75:5E:D3:35:3B:16:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MNZrZqOYLSCoHvIB3HVe0zU7FqQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/88e482-8277-4280-9f5b-8144b140edf9/1/9CEaS8RBDUpcC-YjP2NsrwVjD8k.roa
Signing time:             Mon 02 Jan 2023 09:04:53 +0000
ROA not before:           Mon 02 Jan 2023 09:04:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197770
IP address blocks:        194.9.58.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:ba:02:95:e1:2b:b0:96:4e:9d:45:1a:9e:ca:9f:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30d66b66a3982d20a81ef201dc755ed3353b16a4
        Validity
            Not Before: Jan  2 09:04:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f4211a4bc4410d4a5c0be6233f636caf05630fc9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:bc:4f:a4:88:88:ea:bc:da:c0:a3:4b:2f:20:
                    82:3d:d4:02:83:5c:d2:2e:53:40:74:2b:98:d1:77:
                    35:7e:61:bb:cf:36:ca:a4:9e:b8:f1:6f:ac:8a:07:
                    72:0c:e3:c5:31:c3:e8:ec:1f:49:c3:26:e5:0a:9d:
                    7d:25:20:7d:7f:a5:9b:e2:54:14:15:b9:0d:ed:df:
                    28:18:4c:c9:17:69:2a:4b:77:bb:87:17:28:73:13:
                    0b:66:fd:a6:37:28:6e:e1:41:d7:cc:a9:8d:8c:6a:
                    32:c7:c2:56:ce:d0:5b:cc:10:87:5e:65:c5:79:3b:
                    0e:19:aa:b0:f7:ac:8b:78:6a:36:c1:75:62:0f:21:
                    a1:a3:6d:e4:e7:a1:c7:36:eb:2b:0d:2c:e0:f4:56:
                    c9:77:d0:cb:39:da:0c:8c:97:d7:ff:a8:1c:e7:1f:
                    b4:25:91:7b:48:58:01:2d:cf:a9:73:b1:cf:34:82:
                    08:b8:29:36:b9:00:43:9e:bc:ea:5b:12:6d:12:2b:
                    c2:a5:2c:74:f7:9c:5a:06:51:ea:0b:d7:52:be:24:
                    2c:f4:18:69:f7:ed:fd:04:38:b8:84:ef:02:0a:5d:
                    ab:a1:62:9c:61:42:2f:07:41:44:b7:9f:ff:c2:d9:
                    d0:df:19:c4:02:9f:98:54:2a:dd:e5:ef:1f:07:4f:
                    05:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:21:1A:4B:C4:41:0D:4A:5C:0B:E6:23:3F:63:6C:AF:05:63:0F:C9
            X509v3 Authority Key Identifier:
                keyid:30:D6:6B:66:A3:98:2D:20:A8:1E:F2:01:DC:75:5E:D3:35:3B:16:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MNZrZqOYLSCoHvIB3HVe0zU7FqQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/88e482-8277-4280-9f5b-8144b140edf9/1/9CEaS8RBDUpcC-YjP2NsrwVjD8k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/88e482-8277-4280-9f5b-8144b140edf9/1/MNZrZqOYLSCoHvIB3HVe0zU7FqQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.9.58.0/23

    Signature Algorithm: sha256WithRSAEncryption
         95:a7:00:1a:25:09:6c:1a:00:8a:70:80:88:5e:88:a4:76:01:
         74:7f:52:f7:1c:66:67:7b:33:bc:a6:1f:d4:fc:7b:18:f1:16:
         b1:ab:bc:5f:4f:a3:9d:50:64:34:8d:bd:24:60:97:44:ca:ca:
         cc:01:71:de:ab:bb:e0:07:11:de:72:30:0d:e4:40:a6:6e:ac:
         4f:6a:e5:0c:3e:dd:e8:5f:64:a2:a3:51:77:d1:21:d1:45:33:
         4a:25:1a:aa:8a:9e:8a:fc:b8:0a:38:ff:7b:2a:09:f4:c7:e2:
         20:fc:a1:8f:25:4d:ac:56:23:f9:3b:f7:71:28:94:18:98:e4:
         c1:7b:29:10:21:c8:18:ff:92:f0:26:92:dd:5e:f3:66:25:32:
         0a:90:03:9a:aa:7a:15:60:9b:5d:00:ce:b3:b0:6d:cb:9d:78:
         1f:a6:1b:58:7c:6a:8d:0b:18:d0:c7:41:e2:c9:96:b9:6f:13:
         b5:11:02:87:1e:3b:fb:fd:65:4b:58:43:b9:b9:8b:2e:74:c4:
         1e:bc:a9:a1:ac:a6:e9:50:96:e6:fd:95:e9:29:0f:2b:92:92:
         8f:84:fd:58:8d:b8:69:5b:6d:bb:9b:30:63:f3:a9:23:b1:40:
         f6:db:cb:f5:aa:9d:cb:2b:b0:08:25:eb:f3:e1:35:d1:ee:30:
         6c:1e:a0:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxugKV4Suwlk6dRRqeyp+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZDY2YjY2YTM5ODJkMjBhODFlZjIwMWRjNzU1ZWQzMzUz
YjE2YTQwHhcNMjMwMTAyMDkwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDIxMWE0YmM0NDEwZDRhNWMwYmU2MjMzZjYzNmNhZjA1NjMwZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLxPpIiI6rzawKNLLyCCPdQCg1zS
LlNAdCuY0Xc1fmG7zzbKpJ648W+sigdyDOPFMcPo7B9JwyblCp19JSB9f6Wb4lQU
FbkN7d8oGEzJF2kqS3e7hxcocxMLZv2mNyhu4UHXzKmNjGoyx8JWztBbzBCHXmXF
eTsOGaqw96yLeGo2wXViDyGho23k56HHNusrDSzg9FbJd9DLOdoMjJfX/6gc5x+0
JZF7SFgBLc+pc7HPNIIIuCk2uQBDnrzqWxJtEivCpSx095xaBlHqC9dSviQs9Bhp
9+39BDi4hO8CCl2roWKcYUIvB0FEt5//wtnQ3xnEAp+YVCrd5e8fB08F6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPQhGkvEQQ1KXAvmIz9jbK8FYw/JMB8GA1UdIwQY
MBaAFDDWa2ajmC0gqB7yAdx1XtM1OxakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU5aclpxT1lMU0NvSHZJQjNIVmUwelU3RnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC84OGU0ODItODI3Ny00MjgwLTlmNWIt
ODE0NGIxNDBlZGY5LzEvOUNFYVM4UkJEVXBjQy1ZalAyTnNyd1ZqRDhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC84OGU0ODItODI3Ny00MjgwLTlmNWItODE0NGIxNDBlZGY5
LzEvTU5aclpxT1lMU0NvSHZJQjNIVmUwelU3RnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwgk6MA0G
CSqGSIb3DQEBCwUAA4IBAQCVpwAaJQlsGgCKcICIXoikdgF0f1L3HGZnezO8ph/U
/HsY8Raxq7xfT6OdUGQ0jb0kYJdEysrMAXHeq7vgBxHecjAN5ECmbqxPauUMPt3o
X2Sio1F30SHRRTNKJRqqip6K/LgKOP97Kgn0x+Ig/KGPJU2sViP5O/dxKJQYmOTB
eykQIcgY/5LwJpLdXvNmJTIKkAOaqnoVYJtdAM6zsG3LnXgfphtYfGqNCxjQx0Hi
yZa5bxO1EQKHHjv7/WVLWEO5uYsudMQevKmhrKbpUJbm/ZXpKQ8rkpKPhP1Yjbhp
W227mzBj86kjsUD228v1qp3LK7AIJevz4TXR7jBsHqDV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:20 2024 by rpki-client on console-fra.rpki-client.org