Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/M9JSf0nPVwCx87i8GWQeipOTy38.roa
File:                     M9JSf0nPVwCx87i8GWQeipOTy38.roa (raw, json)
Hash identifier:          zI88fFRkaiJ776ub2T6gFS5Jm6LIcv+/aPsdLz0BRgQ=
Subject key identifier:   33:D2:52:7F:49:CF:57:00:B1:F3:B8:BC:19:64:1E:8A:93:93:CB:7F
Certificate issuer:       /CN=51618df006d548d1d87ed6419550662db6fc0606
Certificate serial:       01856F66DBAA2D202FF8201C65D360AF5CA0
Authority key identifier: 51:61:8D:F0:06:D5:48:D1:D8:7E:D6:41:95:50:66:2D:B6:FC:06:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UWGN8AbVSNHYftZBlVBmLbb8BgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/M9JSf0nPVwCx87i8GWQeipOTy38.roa
Signing time:             Sun 01 Jan 2023 22:14:49 +0000
ROA not before:           Sun 01 Jan 2023 22:14:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211240
IP address blocks:        176.116.176.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:66:db:aa:2d:20:2f:f8:20:1c:65:d3:60:af:5c:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51618df006d548d1d87ed6419550662db6fc0606
        Validity
            Not Before: Jan  1 22:14:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=33d2527f49cf5700b1f3b8bc19641e8a9393cb7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:38:c9:28:7b:0a:09:a5:1a:20:0d:e5:10:2e:
                    12:3c:4b:34:6a:da:56:96:e6:f4:1b:6e:ee:b0:14:
                    8d:97:90:8c:80:93:0a:57:e1:90:2b:52:98:24:ad:
                    89:30:85:38:c3:ff:f9:31:b4:b3:b7:34:cb:6d:90:
                    d9:ee:72:c9:f9:47:ee:6d:c5:37:11:23:57:47:ba:
                    73:23:22:f1:e8:60:4d:86:2e:a8:da:68:d4:39:d3:
                    f0:c0:7d:5f:0f:f2:0e:fd:29:9b:7d:a7:ab:7b:f3:
                    94:f9:7c:b9:c4:49:0c:a9:1e:2e:7d:30:99:06:b2:
                    2c:d9:10:5a:6c:18:86:76:b2:64:56:48:aa:23:34:
                    30:7b:58:0c:4b:a2:a4:84:86:94:24:fe:0a:bb:67:
                    a4:4e:4f:91:eb:36:99:29:23:de:ba:a5:c9:e7:54:
                    1b:7e:89:02:0b:4e:b1:5e:f3:6f:af:04:fd:00:08:
                    69:63:d8:37:7e:39:ad:f7:dd:4f:88:b6:60:8b:7d:
                    df:d0:5c:5c:21:89:7f:9d:86:c8:82:ef:d5:ed:ad:
                    ad:a6:dc:98:37:23:c0:00:d5:7f:7e:b8:a9:a2:0e:
                    77:9e:c4:4f:28:e5:2f:3b:7a:14:61:32:d7:a5:5b:
                    ea:c3:af:31:b3:de:08:82:f0:16:6a:1f:24:50:dc:
                    00:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:D2:52:7F:49:CF:57:00:B1:F3:B8:BC:19:64:1E:8A:93:93:CB:7F
            X509v3 Authority Key Identifier:
                keyid:51:61:8D:F0:06:D5:48:D1:D8:7E:D6:41:95:50:66:2D:B6:FC:06:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UWGN8AbVSNHYftZBlVBmLbb8BgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/M9JSf0nPVwCx87i8GWQeipOTy38.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/UWGN8AbVSNHYftZBlVBmLbb8BgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.116.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:ac:41:67:b2:fa:6f:85:1c:66:68:f8:82:29:a5:09:65:41:
         54:fc:18:da:d8:57:93:62:00:12:81:ed:4d:a2:46:84:bd:0d:
         ee:56:e9:d4:ce:ff:33:8b:de:a8:f6:ad:3b:88:66:0c:d7:32:
         99:af:7f:d5:18:4d:df:3f:3c:d2:a1:38:03:c8:0a:0c:dd:5d:
         eb:a2:68:31:16:c0:a5:2d:fc:a3:f5:fa:c0:4e:ac:07:1d:43:
         3d:ad:f2:04:07:c2:7e:08:a6:b9:a3:90:a7:fe:35:b0:ce:1a:
         d1:57:95:15:0a:2d:47:21:28:be:ad:ab:7d:26:47:2e:94:71:
         a7:77:e8:b9:1b:b0:bc:ce:e2:34:42:82:08:4c:30:4d:e6:a1:
         b3:5b:4e:95:6b:71:76:97:89:eb:ab:94:f7:93:fc:19:f4:c4:
         2e:10:09:73:d8:ba:bf:2b:ba:02:b5:25:e3:5c:a2:54:2d:b2:
         b3:6a:f6:fe:c2:61:e3:f9:22:8e:25:60:9f:f3:15:16:79:bd:
         3c:f5:b9:77:a5:98:a3:f1:db:36:c6:94:57:b8:bc:33:72:ad:
         e7:87:7f:99:ca:a9:5f:f4:39:b6:47:4f:d8:07:b5:f3:b0:90:
         0d:ad:d5:23:e9:cf:6f:a2:14:e6:17:09:26:8f:a4:9c:cf:c2:
         96:2a:f8:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZtuqLSAv+CAcZdNgr1ygMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxNjE4ZGYwMDZkNTQ4ZDFkODdlZDY0MTk1NTA2NjJkYjZm
YzA2MDYwHhcNMjMwMTAxMjIxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2QyNTI3ZjQ5Y2Y1NzAwYjFmM2I4YmMxOTY0MWU4YTkzOTNjYjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTjJKHsKCaUaIA3lEC4SPEs0atpW
lub0G27usBSNl5CMgJMKV+GQK1KYJK2JMIU4w//5MbSztzTLbZDZ7nLJ+UfubcU3
ESNXR7pzIyLx6GBNhi6o2mjUOdPwwH1fD/IO/Smbfaere/OU+Xy5xEkMqR4ufTCZ
BrIs2RBabBiGdrJkVkiqIzQwe1gMS6KkhIaUJP4Ku2ekTk+R6zaZKSPeuqXJ51Qb
fokCC06xXvNvrwT9AAhpY9g3fjmt991PiLZgi33f0FxcIYl/nYbIgu/V7a2tptyY
NyPAANV/fripog53nsRPKOUvO3oUYTLXpVvqw68xs94IgvAWah8kUNwAwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDPSUn9Jz1cAsfO4vBlkHoqTk8t/MB8GA1UdIwQY
MBaAFFFhjfAG1UjR2H7WQZVQZi22/AYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVdHTjhBYlZTTkhZZnRaQmxWQm1MYmI4QmdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9kNWZmZTctM2I0OC00ZjgwLThkNmEt
MzE3YzJmYjBhMzViLzEvTTlKU2YwblBWd0N4ODdpOEdXUWVpcE9UeTM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9kNWZmZTctM2I0OC00ZjgwLThkNmEtMzE3YzJmYjBhMzVi
LzEvVVdHTjhBYlZTTkhZZnRaQmxWQm1MYmI4QmdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHSwMA0G
CSqGSIb3DQEBCwUAA4IBAQBvrEFnsvpvhRxmaPiCKaUJZUFU/Bja2FeTYgASge1N
okaEvQ3uVunUzv8zi96o9q07iGYM1zKZr3/VGE3fPzzSoTgDyAoM3V3romgxFsCl
Lfyj9frATqwHHUM9rfIEB8J+CKa5o5Cn/jWwzhrRV5UVCi1HISi+rat9JkculHGn
d+i5G7C8zuI0QoIITDBN5qGzW06Va3F2l4nrq5T3k/wZ9MQuEAlz2Lq/K7oCtSXj
XKJULbKzavb+wmHj+SKOJWCf8xUWeb089bl3pZij8ds2xpRXuLwzcq3nh3+Zyqlf
9Dm2R0/YB7XzsJANrdUj6c9vohTmFwkmj6Scz8KWKvjX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:58 2024 by rpki-client on console-fra.rpki-client.org