Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/SsaxNMy0x49wh5N4SdZ7qbTzY3E.roa
File:                     SsaxNMy0x49wh5N4SdZ7qbTzY3E.roa (raw, json)
Hash identifier:          CPh2geEGQdPfM7OigvfDVrQX8F4sb6d9p2+9HTLRiHg=
Subject key identifier:   4A:C6:B1:34:CC:B4:C7:8F:70:87:93:78:49:D6:7B:A9:B4:F3:63:71
Certificate issuer:       /CN=8f3818554a51808eefb829ec7465a3222f270123
Certificate serial:       01856C53CBFEC8F6CC058BC5EB3FA17F318E
Authority key identifier: 8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/SsaxNMy0x49wh5N4SdZ7qbTzY3E.roa
Signing time:             Sun 01 Jan 2023 07:55:09 +0000
ROA not before:           Sun 01 Jan 2023 07:55:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     196914
IP address blocks:        84.47.148.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:53:cb:fe:c8:f6:cc:05:8b:c5:eb:3f:a1:7f:31:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f3818554a51808eefb829ec7465a3222f270123
        Validity
            Not Before: Jan  1 07:55:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4ac6b134ccb4c78f7087937849d67ba9b4f36371
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:a5:84:89:4b:a0:3a:ac:e8:a7:79:18:89:eb:
                    bc:b0:fe:88:df:30:0b:ff:4a:14:3e:4e:b1:df:87:
                    ba:0c:56:06:dd:5b:b1:b4:e5:e9:42:92:78:3b:28:
                    83:92:cc:c7:d7:33:aa:91:f7:4e:ef:86:6b:17:ba:
                    65:56:74:d4:2f:c3:e6:2d:67:11:0d:aa:e2:5d:c0:
                    d8:96:fe:7b:0c:22:81:2e:46:45:c0:36:09:13:41:
                    b6:3b:b6:75:1f:90:86:1d:0e:1b:8a:f8:d1:22:fc:
                    39:20:64:0b:d3:29:e4:5e:60:50:45:38:2b:35:e0:
                    30:04:15:a7:6d:5b:87:a9:25:1e:0e:5f:c4:47:1f:
                    b0:01:8b:e8:f1:53:0a:d3:fe:28:dc:7d:e9:c4:d5:
                    32:de:5f:df:8b:2a:0f:16:71:18:69:97:ec:c1:8a:
                    2c:c3:17:b1:24:15:02:5c:cc:a3:27:12:41:ef:58:
                    04:9f:d2:ba:96:c6:20:e7:16:4c:e9:54:2e:f8:4a:
                    86:4e:6c:d3:f6:12:8b:ec:01:94:8e:66:5a:0d:06:
                    2b:bd:bb:c5:a8:cb:79:96:bb:ec:f6:3f:b8:74:f0:
                    5e:69:66:61:60:ad:fd:86:4b:18:32:e3:b2:3f:85:
                    4f:1f:44:a6:3c:54:45:11:1e:f3:fb:98:90:5a:80:
                    94:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:C6:B1:34:CC:B4:C7:8F:70:87:93:78:49:D6:7B:A9:B4:F3:63:71
            X509v3 Authority Key Identifier:
                keyid:8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/SsaxNMy0x49wh5N4SdZ7qbTzY3E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.47.148.0/23

    Signature Algorithm: sha256WithRSAEncryption
         50:de:e6:5d:9a:7d:82:19:ea:f2:a3:af:9e:c6:d0:22:d2:a1:
         64:d3:d8:f3:03:86:54:2f:f0:9c:ed:99:c0:e6:29:7a:6e:bf:
         4f:a1:4f:61:5f:ba:b2:37:2d:d1:f8:7f:64:8d:cf:39:90:0b:
         cc:cf:05:c6:04:ef:69:6d:0a:a8:01:4b:7c:49:2d:bc:d6:0e:
         9e:9d:42:dd:b4:53:62:12:59:9a:5d:47:27:e7:07:48:3e:36:
         ed:06:39:f3:8a:c1:1c:99:2f:30:8e:da:56:c8:b6:a4:e5:b6:
         23:2d:ce:25:02:a3:1f:c9:f3:46:33:58:3b:ea:1f:95:be:ee:
         fb:a9:0d:c3:e8:11:27:d8:c0:22:e9:61:3c:bb:00:0e:d1:cd:
         7a:d0:16:65:c0:85:7e:9e:b7:99:02:27:47:8c:47:31:b7:d8:
         3a:42:26:17:7b:a5:1c:c8:f4:1c:62:54:a6:7c:e7:82:ab:a0:
         ce:d1:e6:ae:f6:b1:9f:26:e1:42:56:ae:ee:14:de:f0:81:d3:
         b1:e7:0e:93:47:ed:88:be:ae:68:74:d9:d0:79:e5:d6:48:c9:
         16:4e:d6:4c:3b:73:63:e5:9d:a2:68:92:ab:fb:32:81:59:da:
         fe:fd:23:c3:36:ca:1c:c3:7e:af:01:ba:e3:cf:75:3d:5a:df:
         88:3f:76:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsU8v+yPbMBYvF6z+hfzGOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzgxODU1NGE1MTgwOGVlZmI4MjllYzc0NjVhMzIyMmYy
NzAxMjMwHhcNMjMwMTAxMDc1NTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWM2YjEzNGNjYjRjNzhmNzA4NzkzNzg0OWQ2N2JhOWI0ZjM2MzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaWEiUugOqzop3kYieu8sP6I3zAL
/0oUPk6x34e6DFYG3VuxtOXpQpJ4OyiDkszH1zOqkfdO74ZrF7plVnTUL8PmLWcR
DariXcDYlv57DCKBLkZFwDYJE0G2O7Z1H5CGHQ4bivjRIvw5IGQL0ynkXmBQRTgr
NeAwBBWnbVuHqSUeDl/ERx+wAYvo8VMK0/4o3H3pxNUy3l/fiyoPFnEYaZfswYos
wxexJBUCXMyjJxJB71gEn9K6lsYg5xZM6VQu+EqGTmzT9hKL7AGUjmZaDQYrvbvF
qMt5lrvs9j+4dPBeaWZhYK39hksYMuOyP4VPH0SmPFRFER7z+5iQWoCUXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFErGsTTMtMePcIeTeEnWe6m082NxMB8GA1UdIwQY
MBaAFI84GFVKUYCO77gp7HRloyIvJwEjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgt
YmZiNGJhMzBlNDVhLzEvU3NheE5NeTB4NDl3aDVONFNkWjdxYlR6WTNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgtYmZiNGJhMzBlNDVh
LzEvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVC+UMA0G
CSqGSIb3DQEBCwUAA4IBAQBQ3uZdmn2CGeryo6+extAi0qFk09jzA4ZUL/Cc7ZnA
5il6br9PoU9hX7qyNy3R+H9kjc85kAvMzwXGBO9pbQqoAUt8SS281g6enULdtFNi
ElmaXUcn5wdIPjbtBjnzisEcmS8wjtpWyLak5bYjLc4lAqMfyfNGM1g76h+Vvu77
qQ3D6BEn2MAi6WE8uwAO0c160BZlwIV+nreZAidHjEcxt9g6QiYXe6UcyPQcYlSm
fOeCq6DO0eau9rGfJuFCVq7uFN7wgdOx5w6TR+2Ivq5odNnQeeXWSMkWTtZMO3Nj
5Z2iaJKr+zKBWdr+/SPDNsocw36vAbrjz3U9Wt+IP3bz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:05 2024 by rpki-client on console-ams.rpki-client.org