Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/S00aZiKDmY8BMTkVm0UeAZK0v0Q.roa
File:                     S00aZiKDmY8BMTkVm0UeAZK0v0Q.roa (raw, json)
Hash identifier:          Bp4vbj4epUObTnlN2mKBG9yZWtQON3G6OOfGVl6q/KQ=
Subject key identifier:   4B:4D:1A:66:22:83:99:8F:01:31:39:15:9B:45:1E:01:92:B4:BF:44
Certificate issuer:       /CN=8777b5b36f66e13c4388c9934da507856515d073
Certificate serial:       01856DE644D57A741B0B83CA79FDD5F264B4
Authority key identifier: 87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/S00aZiKDmY8BMTkVm0UeAZK0v0Q.roa
Signing time:             Sun 01 Jan 2023 15:14:45 +0000
ROA not before:           Sun 01 Jan 2023 15:14:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34144
IP address blocks:        85.88.39.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:e6:44:d5:7a:74:1b:0b:83:ca:79:fd:d5:f2:64:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8777b5b36f66e13c4388c9934da507856515d073
        Validity
            Not Before: Jan  1 15:14:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4b4d1a662283998f013139159b451e0192b4bf44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:5d:6c:57:a6:13:ae:f7:aa:c2:d1:5d:86:68:
                    7c:e2:09:87:5f:0c:3d:28:bc:d9:24:84:1b:ea:a1:
                    11:e3:c7:b7:c0:eb:0d:1b:ed:c5:2b:d7:34:8c:a0:
                    d4:b0:ff:8b:62:f5:04:89:de:ef:6b:3b:17:16:5a:
                    07:9f:ac:59:38:2a:cc:c3:fc:4f:02:fe:7c:21:98:
                    a4:0e:d8:c8:3f:db:d6:23:58:3b:ea:f1:99:b4:87:
                    7c:cf:96:c2:c5:d4:37:9b:a3:f9:a8:12:91:90:26:
                    88:ab:40:97:82:11:59:cc:8d:db:ab:04:5d:83:f9:
                    cb:72:02:6c:ff:f2:64:f8:cc:fd:e5:67:8d:0d:8a:
                    16:84:9b:15:81:3c:d1:71:5d:9e:be:34:4a:a7:14:
                    c2:cb:58:8f:05:06:2e:39:ed:a3:ed:7d:f9:8f:80:
                    46:de:10:3a:fb:11:37:78:5b:50:d5:2e:3a:e7:b2:
                    5d:05:a3:79:5c:27:1f:72:73:97:92:ba:68:f9:b5:
                    52:82:7a:bb:5e:9a:10:63:96:50:61:39:ee:5d:2c:
                    97:d2:15:31:4d:2c:c8:8c:6b:61:20:c5:3f:64:0d:
                    92:21:43:09:6e:3f:3d:8c:a8:3f:8b:6e:87:d6:2d:
                    28:a8:04:ef:19:e7:9e:29:a6:34:d0:6f:f4:64:b1:
                    bb:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:4D:1A:66:22:83:99:8F:01:31:39:15:9B:45:1E:01:92:B4:BF:44
            X509v3 Authority Key Identifier:
                keyid:87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/S00aZiKDmY8BMTkVm0UeAZK0v0Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.88.39.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:65:5e:e6:24:76:ac:ca:d3:98:1b:04:22:99:95:05:cc:b6:
         27:8a:6b:a6:e2:81:df:6c:f8:a0:32:dd:81:03:87:37:75:f9:
         f5:75:e3:19:10:1e:a1:10:80:4e:8e:fc:db:97:2b:91:a3:11:
         07:3f:c4:a9:22:c7:7e:41:39:b9:c5:24:7e:4a:aa:1e:16:ab:
         b9:79:2a:db:1f:30:a6:cc:dd:bb:86:e4:dc:0d:bf:22:d6:02:
         b5:f8:c5:a5:1b:9d:03:24:62:39:62:12:a0:82:18:d0:63:43:
         e5:1f:a0:2e:5c:45:a2:4f:ec:6f:8a:7c:15:a2:77:08:9d:68:
         37:86:d5:bc:36:82:75:48:cc:1c:ef:3e:bc:a7:67:52:95:66:
         d6:6e:f6:34:80:a9:6d:72:a8:b0:dd:77:d2:8a:51:d5:47:1b:
         76:4a:a3:e5:2f:60:da:97:04:8a:60:b8:7d:ad:44:4f:e5:70:
         22:b9:09:2e:d1:a2:dc:a2:5f:10:5d:a5:dd:76:d1:de:20:b9:
         1b:a3:8d:c8:4d:a1:af:ac:c7:3a:fa:03:57:67:37:0d:75:02:
         5b:f9:0f:d6:0b:4f:7d:3a:c1:3e:01:29:ff:c2:29:ec:09:b7:
         aa:d5:1a:35:41:f4:e1:f3:2f:74:8c:19:8c:c3:5b:8f:c4:95:
         a5:3a:8d:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt5kTVenQbC4PKef3V8mS0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzdiNWIzNmY2NmUxM2M0Mzg4Yzk5MzRkYTUwNzg1NjUx
NWQwNzMwHhcNMjMwMTAxMTUxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjRkMWE2NjIyODM5OThmMDEzMTM5MTU5YjQ1MWUwMTkyYjRiZjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuF1sV6YTrveqwtFdhmh84gmHXww9
KLzZJIQb6qER48e3wOsNG+3FK9c0jKDUsP+LYvUEid7vazsXFloHn6xZOCrMw/xP
Av58IZikDtjIP9vWI1g76vGZtId8z5bCxdQ3m6P5qBKRkCaIq0CXghFZzI3bqwRd
g/nLcgJs//Jk+Mz95WeNDYoWhJsVgTzRcV2evjRKpxTCy1iPBQYuOe2j7X35j4BG
3hA6+xE3eFtQ1S4657JdBaN5XCcfcnOXkrpo+bVSgnq7XpoQY5ZQYTnuXSyX0hUx
TSzIjGthIMU/ZA2SIUMJbj89jKg/i26H1i0oqATvGeeeKaY00G/0ZLG7NQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEtNGmYig5mPATE5FZtFHgGStL9EMB8GA1UdIwQY
MBaAFId3tbNvZuE8Q4jJk02lB4VlFdBzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2Mt
ZWQxZjMwY2MxYzU3LzEvUzAwYVppS0RtWThCTVRrVm0wVWVBWkswdjBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2MtZWQxZjMwY2MxYzU3
LzEvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVVgnMA0G
CSqGSIb3DQEBCwUAA4IBAQB8ZV7mJHasytOYGwQimZUFzLYnimum4oHfbPigMt2B
A4c3dfn1deMZEB6hEIBOjvzblyuRoxEHP8SpIsd+QTm5xSR+SqoeFqu5eSrbHzCm
zN27huTcDb8i1gK1+MWlG50DJGI5YhKgghjQY0PlH6AuXEWiT+xvinwVoncInWg3
htW8NoJ1SMwc7z68p2dSlWbWbvY0gKltcqiw3XfSilHVRxt2SqPlL2DalwSKYLh9
rURP5XAiuQku0aLcol8QXaXddtHeILkbo43ITaGvrMc6+gNXZzcNdQJb+Q/WC099
OsE+ASn/winsCbeq1Ro1QfTh8y90jBmMw1uPxJWlOo0s
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:22 2024 by rpki-client on console-ams.rpki-client.org