Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/sAlG6OANs4I_wCo2San3VcroB9M.roa
File:                     sAlG6OANs4I_wCo2San3VcroB9M.roa (raw, json)
Hash identifier:          pWD+uOJ3YbFswi489CMBqeESv2+3toqJkB7EjIz+JpI=
Subject key identifier:   B0:09:46:E8:E0:0D:B3:82:3F:C0:2A:36:49:A9:F7:55:CA:E8:07:D3
Certificate issuer:       /CN=6665dd97665a23b1b183e223822b66b5ae536a2f
Certificate serial:       01856D53DD6AC0EB91302A0E9033EDA9D803
Authority key identifier: 66:65:DD:97:66:5A:23:B1:B1:83:E2:23:82:2B:66:B5:AE:53:6A:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/sAlG6OANs4I_wCo2San3VcroB9M.roa
Signing time:             Sun 01 Jan 2023 12:34:50 +0000
ROA not before:           Sun 01 Jan 2023 12:34:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34079
IP address blocks:        188.92.138.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:53:dd:6a:c0:eb:91:30:2a:0e:90:33:ed:a9:d8:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6665dd97665a23b1b183e223822b66b5ae536a2f
        Validity
            Not Before: Jan  1 12:34:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b00946e8e00db3823fc02a3649a9f755cae807d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:f9:33:d8:8c:3b:64:f0:02:b2:e8:66:b4:fd:
                    fe:37:bb:a5:17:85:f4:9b:3a:22:80:46:70:33:6e:
                    22:26:1e:96:df:8e:fb:0e:9a:bf:14:f0:e6:cc:16:
                    76:fa:91:18:4d:4b:a5:26:84:5e:07:74:a8:fc:6d:
                    d9:b0:e3:73:9d:6d:40:0d:41:1e:b3:fb:79:2f:b1:
                    c6:3c:cc:73:c1:0c:12:07:5d:d7:7e:3b:e9:97:51:
                    bf:37:33:fa:ec:ef:80:ad:de:99:55:c4:39:ff:7a:
                    2f:8d:df:cd:90:2c:f4:7a:58:b4:8d:a4:1c:bc:e8:
                    38:e4:8a:7d:ab:5f:5a:2b:ef:d9:3f:f7:43:b1:90:
                    30:e1:bd:2f:90:62:b5:6f:f7:0a:ee:64:a2:12:14:
                    ed:c3:4c:84:e0:3f:49:90:43:f8:a7:3a:ef:72:47:
                    8e:17:c2:e2:e4:4a:a3:6f:41:02:ca:b3:4d:c9:c0:
                    b8:99:c3:4b:85:15:62:3f:54:34:c9:3f:4a:e8:e0:
                    d8:de:c9:4b:75:2b:6c:2c:c4:9c:04:1a:61:50:10:
                    0c:fe:c1:a7:44:86:be:61:a4:55:9b:b5:94:be:21:
                    c7:29:d1:c5:c5:84:aa:d0:16:2c:92:f5:c3:71:9d:
                    cd:db:2f:6f:f4:6b:bf:65:15:dd:8e:40:44:ef:5f:
                    09:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:09:46:E8:E0:0D:B3:82:3F:C0:2A:36:49:A9:F7:55:CA:E8:07:D3
            X509v3 Authority Key Identifier:
                keyid:66:65:DD:97:66:5A:23:B1:B1:83:E2:23:82:2B:66:B5:AE:53:6A:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/sAlG6OANs4I_wCo2San3VcroB9M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.92.138.0/23

    Signature Algorithm: sha256WithRSAEncryption
         15:61:34:1e:e5:12:07:b5:d2:3c:53:09:80:ea:b1:41:6b:d3:
         9d:37:ed:fd:a5:99:c2:e7:73:5c:95:2d:9b:8c:db:74:90:6f:
         34:a9:b3:0e:15:e2:60:42:c4:09:93:6e:5d:13:74:d3:16:51:
         70:7b:13:2c:b1:66:9f:21:32:00:f1:a7:5f:66:4a:2e:f1:2b:
         e1:78:1f:f3:d1:2f:c8:c7:06:79:9f:64:e5:b3:8b:a5:1a:b2:
         ff:3d:de:ca:01:56:87:63:18:0a:80:5e:af:37:37:93:48:cc:
         ae:b7:f4:4b:94:5d:ab:a5:e2:86:95:19:4c:b8:1f:3b:9a:24:
         70:d1:c8:91:ee:76:b0:f9:85:fb:3f:98:dc:ef:81:be:70:24:
         62:a5:1c:74:c8:86:b3:c1:b0:91:0b:91:f4:0f:f6:df:35:a7:
         01:05:bf:8e:26:ca:b0:ac:57:5a:63:33:63:61:d8:2c:ee:6e:
         08:9e:0b:37:3c:03:27:4e:9d:01:ee:7c:ee:cf:ac:61:9b:b4:
         db:fa:33:aa:57:71:d9:12:f7:5c:30:84:e4:63:87:0c:1c:b6:
         09:dc:79:33:7d:0d:b9:43:02:23:64:ee:c6:a2:80:29:79:69:
         fd:87:d9:ab:2b:a6:1b:43:8d:4d:52:cf:ec:98:5f:76:52:ae:
         99:c8:b3:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtU91qwOuRMCoOkDPtqdgDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NjVkZDk3NjY1YTIzYjFiMTgzZTIyMzgyMmI2NmI1YWU1
MzZhMmYwHhcNMjMwMTAxMTIzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDA5NDZlOGUwMGRiMzgyM2ZjMDJhMzY0OWE5Zjc1NWNhZTgwN2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8vkz2Iw7ZPACsuhmtP3+N7ulF4X0
mzoigEZwM24iJh6W3477Dpq/FPDmzBZ2+pEYTUulJoReB3So/G3ZsONznW1ADUEe
s/t5L7HGPMxzwQwSB13Xfjvpl1G/NzP67O+Ard6ZVcQ5/3ovjd/NkCz0eli0jaQc
vOg45Ip9q19aK+/ZP/dDsZAw4b0vkGK1b/cK7mSiEhTtw0yE4D9JkEP4pzrvckeO
F8Li5Eqjb0ECyrNNycC4mcNLhRViP1Q0yT9K6ODY3slLdStsLMScBBphUBAM/sGn
RIa+YaRVm7WUviHHKdHFxYSq0BYskvXDcZ3N2y9v9Gu/ZRXdjkBE718JjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLAJRujgDbOCP8AqNkmp91XK6AfTMB8GA1UdIwQY
MBaAFGZl3ZdmWiOxsYPiI4IrZrWuU2ovMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm1YZGwyWmFJN0d4Zy1JamdpdG10YTVUYWk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8zMTI1MjktNzNmNi00ODA5LWFmOWIt
ZThkNzA3MTdmZjhhLzEvc0FsRzZPQU5zNElfd0NvMlNhbjNWY3JvQjlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8zMTI1MjktNzNmNi00ODA5LWFmOWItZThkNzA3MTdmZjhh
LzEvWm1YZGwyWmFJN0d4Zy1JamdpdG10YTVUYWk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBvFyKMA0G
CSqGSIb3DQEBCwUAA4IBAQAVYTQe5RIHtdI8UwmA6rFBa9OdN+39pZnC53NclS2b
jNt0kG80qbMOFeJgQsQJk25dE3TTFlFwexMssWafITIA8adfZkou8SvheB/z0S/I
xwZ5n2Tls4ulGrL/Pd7KAVaHYxgKgF6vNzeTSMyut/RLlF2rpeKGlRlMuB87miRw
0ciR7naw+YX7P5jc74G+cCRipRx0yIazwbCRC5H0D/bfNacBBb+OJsqwrFdaYzNj
Ydgs7m4Ings3PAMnTp0B7nzuz6xhm7Tb+jOqV3HZEvdcMITkY4cMHLYJ3HkzfQ25
QwIjZO7GooApeWn9h9mrK6YbQ41NUs/smF92Uq6ZyLO7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:59 2024 by rpki-client on console-ams.rpki-client.org