Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/7qti_hfwJ0Q8cxoZdebVchd9-3Q.roa
File:                     7qti_hfwJ0Q8cxoZdebVchd9-3Q.roa (raw, json)
Hash identifier:          4Xw/fNE71JXoNh0/gzCVAfMXmMrGdqMNVjokUqCJ+RE=
Subject key identifier:   EE:AB:62:FE:17:F0:27:44:3C:73:1A:19:75:E6:D5:72:17:7D:FB:74
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       0189F94D200CF87D8BA65A42F8BF696A1B85
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/7qti_hfwJ0Q8cxoZdebVchd9-3Q.roa
Signing time:             Tue 15 Aug 2023 13:05:28 +0000
ROA not before:           Tue 15 Aug 2023 13:05:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57494
IP address blocks:        85.209.9.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:f9:4d:20:0c:f8:7d:8b:a6:5a:42:f8:bf:69:6a:1b:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Aug 15 13:05:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eeab62fe17f027443c731a1975e6d572177dfb74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:91:c5:fd:e1:3c:b7:7e:53:81:2d:43:3c:39:
                    b6:a9:58:5e:5c:e3:85:ce:bb:d2:f1:36:d5:ab:e7:
                    47:55:f0:87:ca:80:e7:37:49:8a:08:f7:3d:d6:a0:
                    04:d9:34:ac:4e:98:2c:18:2b:10:35:70:bc:18:c4:
                    5a:50:3c:ff:6f:75:da:e6:09:2a:a9:06:66:5a:a1:
                    7d:74:ec:96:01:6b:ce:1b:eb:40:59:a8:c1:b8:ad:
                    89:37:3a:12:71:3f:b6:94:28:27:e8:7f:33:52:c4:
                    f4:bd:d3:22:3a:33:57:92:97:83:2e:d1:21:3a:e2:
                    74:56:e8:c5:6b:a5:05:23:0f:fa:83:3d:11:da:ad:
                    54:f4:77:34:72:d6:5a:9e:31:04:44:08:fe:a3:8e:
                    ac:dd:1e:1a:a4:8d:c0:52:46:61:72:3a:04:da:fe:
                    32:43:b6:ac:eb:bb:04:7a:1c:2a:4f:00:0a:f2:b8:
                    4e:7d:2f:9e:63:51:a6:7c:8f:8c:33:d6:db:2c:05:
                    12:00:4d:01:b7:08:b7:5d:d8:93:dd:b3:da:da:32:
                    cf:11:bd:32:c3:f0:fe:20:8e:a0:06:46:b6:87:a7:
                    ba:57:11:fd:06:82:fb:84:f8:3a:45:e7:10:9a:c9:
                    a4:2a:a6:c6:3b:e1:60:59:63:20:5a:a3:b6:f1:7e:
                    02:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:AB:62:FE:17:F0:27:44:3C:73:1A:19:75:E6:D5:72:17:7D:FB:74
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/7qti_hfwJ0Q8cxoZdebVchd9-3Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.209.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:46:0b:5c:a5:00:34:c0:1b:ba:02:eb:1a:00:08:fd:22:b0:
         0c:b8:0c:ff:a3:bf:a1:48:ad:30:e4:59:3f:bb:3b:99:2e:91:
         35:a7:73:01:02:2e:3b:1a:d2:b7:5b:a9:d7:ea:60:70:36:5a:
         76:eb:7d:72:da:56:88:a3:42:5d:78:cf:c4:87:a8:43:36:20:
         9c:2a:da:f3:f8:e0:64:54:56:3f:cc:71:34:85:85:b6:a8:23:
         cd:e6:40:da:5d:1f:96:47:ef:b0:77:2f:59:31:94:dc:bc:e5:
         8c:f3:a6:a2:20:26:3d:ea:74:79:c6:ed:58:8c:fc:10:30:c7:
         93:47:0a:56:cf:4b:ec:7c:5e:26:e4:e1:8b:e4:4a:ed:9e:6e:
         8c:44:c4:3c:05:f9:5c:cc:46:2a:29:b0:e1:e0:ef:1e:c5:86:
         25:84:1b:f9:9e:50:3a:72:07:0a:5b:59:a3:b9:50:b5:d5:a5:
         4f:1c:32:bf:8d:2c:d8:da:25:c5:dd:0e:33:04:53:14:96:17:
         e7:b1:27:ae:61:a4:5a:6f:b3:2e:af:94:78:12:d9:5c:a8:50:
         29:c2:93:a4:80:6d:16:28:0b:e5:a2:60:09:a9:44:cf:0b:ea:
         d5:68:b8:07:51:0f:80:6a:bf:1b:f2:79:7e:16:93:8b:e2:18:
         cc:d2:d5:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn5TSAM+H2LplpC+L9pahuFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwODE1MTMwNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWFiNjJmZTE3ZjAyNzQ0M2M3MzFhMTk3NWU2ZDU3MjE3N2RmYjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpHF/eE8t35TgS1DPDm2qVheXOOF
zrvS8TbVq+dHVfCHyoDnN0mKCPc91qAE2TSsTpgsGCsQNXC8GMRaUDz/b3Xa5gkq
qQZmWqF9dOyWAWvOG+tAWajBuK2JNzoScT+2lCgn6H8zUsT0vdMiOjNXkpeDLtEh
OuJ0VujFa6UFIw/6gz0R2q1U9Hc0ctZanjEERAj+o46s3R4apI3AUkZhcjoE2v4y
Q7as67sEehwqTwAK8rhOfS+eY1GmfI+MM9bbLAUSAE0Btwi3XdiT3bPa2jLPEb0y
w/D+II6gBka2h6e6VxH9BoL7hPg6RecQmsmkKqbGO+FgWWMgWqO28X4C1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO6rYv4X8CdEPHMaGXXm1XIXfft0MB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvN3F0aV9oZndKMFE4Y3hvWmRlYlZjaGQ5LTNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdEJMA0G
CSqGSIb3DQEBCwUAA4IBAQCNRgtcpQA0wBu6AusaAAj9IrAMuAz/o7+hSK0w5Fk/
uzuZLpE1p3MBAi47GtK3W6nX6mBwNlp2631y2laIo0JdeM/Eh6hDNiCcKtrz+OBk
VFY/zHE0hYW2qCPN5kDaXR+WR++wdy9ZMZTcvOWM86aiICY96nR5xu1YjPwQMMeT
RwpWz0vsfF4m5OGL5Ertnm6MRMQ8BflczEYqKbDh4O8exYYlhBv5nlA6cgcKW1mj
uVC11aVPHDK/jSzY2iXF3Q4zBFMUlhfnsSeuYaRab7Mur5R4EtlcqFApwpOkgG0W
KAvlomAJqUTPC+rVaLgHUQ+Aar8b8nl+FpOL4hjM0tXA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org