Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/9NVEcf7EuzrHA6fO9QxdmjuyvgA.roa
File:                     9NVEcf7EuzrHA6fO9QxdmjuyvgA.roa (raw, json)
Hash identifier:          kGsD4kEUnaDMv6BfB+q+v3siu1BVpn+YubAi2h0vTTA=
Subject key identifier:   F4:D5:44:71:FE:C4:BB:3A:C7:03:A7:CE:F5:0C:5D:9A:3B:B2:BE:00
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       0187703892D4B1C2B3479D1B9D2BC3E53909
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/9NVEcf7EuzrHA6fO9QxdmjuyvgA.roa
Signing time:             Tue 11 Apr 2023 12:09:28 +0000
ROA not before:           Tue 11 Apr 2023 12:09:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58236
IP address blocks:        45.8.231.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:70:38:92:d4:b1:c2:b3:47:9d:1b:9d:2b:c3:e5:39:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Apr 11 12:09:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f4d54471fec4bb3ac703a7cef50c5d9a3bb2be00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:41:1e:39:36:db:9e:02:c5:94:8b:e0:da:be:
                    76:b9:22:2d:dc:27:be:c3:13:07:43:bd:71:74:64:
                    a2:fa:f0:15:22:87:00:41:11:0d:de:80:4b:65:5e:
                    74:99:3e:b2:71:1a:60:97:48:9a:fe:1f:1b:94:c4:
                    ea:91:7a:03:3a:bc:52:d2:d2:36:33:33:aa:db:60:
                    f4:23:73:b5:a2:a8:1d:4f:0c:4f:19:c3:e8:da:3c:
                    72:46:30:cc:e7:9e:63:d6:70:b8:51:56:d2:43:80:
                    d5:1c:a0:2e:49:00:97:d3:84:d5:03:f6:25:d1:4e:
                    a6:39:ec:b7:a7:ea:1c:32:ce:43:1e:0f:13:d2:52:
                    0c:74:d3:da:b7:fd:00:0b:88:09:04:53:ee:38:25:
                    2b:e5:26:8b:f8:1b:93:f3:23:c4:af:a7:83:29:bc:
                    35:11:2a:8b:4f:7f:a9:23:b6:e0:51:f2:7f:3a:4d:
                    19:aa:d2:04:4b:c9:c9:f9:98:de:5a:3c:02:8b:fa:
                    ea:8d:e6:98:5c:2d:df:7e:12:23:a3:65:b8:22:ae:
                    82:9c:88:65:d4:f9:02:d7:e2:cb:34:59:2a:9c:c7:
                    a6:aa:62:41:c2:01:e3:db:16:79:fa:a4:c0:7a:5c:
                    f0:4a:dc:c2:f1:3c:03:6a:76:09:e2:a1:53:6d:8f:
                    35:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:D5:44:71:FE:C4:BB:3A:C7:03:A7:CE:F5:0C:5D:9A:3B:B2:BE:00
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/9NVEcf7EuzrHA6fO9QxdmjuyvgA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:d3:da:bd:54:b5:d2:76:71:52:8b:71:8f:3f:d8:9c:3f:f8:
         e2:0f:8e:ba:4e:9b:cb:b0:d7:96:35:9a:9f:1e:e5:06:98:3f:
         4b:b6:b3:c8:fb:3d:5e:89:78:3f:2c:22:94:42:3d:ce:a7:09:
         f2:c9:2e:22:c8:27:ca:bb:7b:00:b7:62:37:de:5c:3a:0d:f3:
         b2:9d:f9:c8:9e:bf:4d:6c:1b:9a:fb:4b:29:01:4b:e0:76:99:
         29:9e:74:15:be:0f:4e:ab:af:03:47:19:ec:16:ad:77:dc:8f:
         85:53:d1:1f:bb:fe:f6:92:58:c9:19:cf:cc:36:c7:c0:c9:2c:
         e4:00:0f:58:29:19:ac:ce:f0:83:d9:4c:8d:60:f4:da:36:c0:
         a6:e4:9f:63:a1:b3:36:f1:37:56:c5:89:d1:ac:3c:bc:bd:fd:
         fe:8c:7f:d5:1f:75:61:40:da:61:da:50:38:7f:1a:94:1b:0d:
         07:d5:71:8b:b8:58:e3:f8:ec:a7:8b:22:21:d4:ba:e7:2b:32:
         ea:29:bd:47:73:f8:3d:bc:4c:b1:68:cd:02:15:a1:a7:42:98:
         5d:c0:ec:8f:62:d5:38:93:22:80:c5:c2:69:f7:a3:8a:ef:2e:
         93:40:b0:d0:5f:61:5d:42:d4:0b:23:61:b1:94:f2:42:a6:b6:
         02:31:64:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdwOJLUscKzR50bnSvD5TkJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwNDExMTIwOTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGQ1NDQ3MWZlYzRiYjNhYzcwM2E3Y2VmNTBjNWQ5YTNiYjJiZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUEeOTbbngLFlIvg2r52uSIt3Ce+
wxMHQ71xdGSi+vAVIocAQREN3oBLZV50mT6ycRpgl0ia/h8blMTqkXoDOrxS0tI2
MzOq22D0I3O1oqgdTwxPGcPo2jxyRjDM555j1nC4UVbSQ4DVHKAuSQCX04TVA/Yl
0U6mOey3p+ocMs5DHg8T0lIMdNPat/0AC4gJBFPuOCUr5SaL+BuT8yPEr6eDKbw1
ESqLT3+pI7bgUfJ/Ok0ZqtIES8nJ+ZjeWjwCi/rqjeaYXC3ffhIjo2W4Iq6CnIhl
1PkC1+LLNFkqnMemqmJBwgHj2xZ5+qTAelzwStzC8TwDanYJ4qFTbY81uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPTVRHH+xLs6xwOnzvUMXZo7sr4AMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvOU5WRWNmN0V1enJIQTZmTzlReGRtanV5dmdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQjnMA0G
CSqGSIb3DQEBCwUAA4IBAQBd09q9VLXSdnFSi3GPP9icP/jiD466TpvLsNeWNZqf
HuUGmD9LtrPI+z1eiXg/LCKUQj3OpwnyyS4iyCfKu3sAt2I33lw6DfOynfnInr9N
bBua+0spAUvgdpkpnnQVvg9Oq68DRxnsFq133I+FU9Efu/72kljJGc/MNsfAySzk
AA9YKRmszvCD2UyNYPTaNsCm5J9jobM28TdWxYnRrDy8vf3+jH/VH3VhQNph2lA4
fxqUGw0H1XGLuFjj+OyniyIh1LrnKzLqKb1Hc/g9vEyxaM0CFaGnQphdwOyPYtU4
kyKAxcJp96OK7y6TQLDQX2FdQtQLI2GxlPJCprYCMWSN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org