Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/bcpKZ9dL14o6YI3m84iIpdo19Ys.roa
File:                     bcpKZ9dL14o6YI3m84iIpdo19Ys.roa (raw, json)
Hash identifier:          DyO1KqvXBMsoSpnL6gXgYgI1ksSZQccebrGK2KMljfc=
Subject key identifier:   6D:CA:4A:67:D7:4B:D7:8A:3A:60:8D:E6:F3:88:88:A5:DA:35:F5:8B
Certificate issuer:       /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial:       01856CB854B87EBA3D052963F3F9B66A814D
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/bcpKZ9dL14o6YI3m84iIpdo19Ys.roa
Signing time:             Sun 01 Jan 2023 09:44:57 +0000
ROA not before:           Sun 01 Jan 2023 09:44:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198855
IP address blocks:        90.83.124.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:b8:54:b8:7e:ba:3d:05:29:63:f3:f9:b6:6a:81:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
        Validity
            Not Before: Jan  1 09:44:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6dca4a67d74bd78a3a608de6f38888a5da35f58b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:2b:41:76:ef:25:7a:37:76:40:15:1f:40:92:
                    67:fe:b1:b0:38:09:e4:5c:04:3b:04:4c:bd:75:95:
                    04:cb:26:c9:1d:8c:2b:16:87:f2:d6:be:ec:dc:85:
                    c7:16:68:e1:29:fa:25:cd:94:5b:d1:65:36:da:94:
                    e2:7f:bc:a2:2f:58:08:71:5c:92:83:55:50:66:95:
                    0b:11:76:8a:c8:e8:c0:2e:2a:e0:27:59:64:84:cf:
                    38:ab:13:2d:9e:48:9b:cf:cb:cf:a2:4e:d7:8d:06:
                    21:18:99:d7:ea:ed:39:1e:c3:5e:20:43:f3:c5:96:
                    af:b6:ac:74:9e:23:fa:25:26:96:6d:9c:ac:79:cc:
                    7f:90:1e:9f:96:be:a9:c2:99:bb:2f:ee:6d:51:5b:
                    e4:7d:76:12:c9:86:06:c1:8e:5f:21:4d:d2:b3:53:
                    36:3b:bc:2e:30:11:77:dd:0b:c6:14:3c:37:19:4b:
                    21:3f:b6:3b:80:75:5c:67:6f:a0:ef:82:c5:a7:33:
                    76:b8:89:3f:cb:4c:8a:76:fb:08:22:63:19:87:42:
                    8c:2b:8a:65:73:8e:d9:e1:46:b8:41:6d:fe:6f:56:
                    26:69:1c:f9:62:b1:30:39:97:60:63:50:47:95:17:
                    49:9e:60:69:a7:4c:40:ac:d0:89:00:4d:37:a6:97:
                    2d:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:CA:4A:67:D7:4B:D7:8A:3A:60:8D:E6:F3:88:88:A5:DA:35:F5:8B
            X509v3 Authority Key Identifier:
                keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/bcpKZ9dL14o6YI3m84iIpdo19Ys.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  90.83.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:a8:81:e6:61:12:01:e3:6c:95:9f:92:80:c5:ef:19:49:7c:
         89:c5:2f:71:0d:cb:fe:4a:16:4f:b2:9b:34:a9:38:19:35:6a:
         95:a6:b0:36:b3:c3:03:9a:86:a0:49:9f:cc:08:f0:bf:da:6e:
         60:97:91:96:2c:12:eb:64:67:bf:6b:cc:11:2f:5a:87:24:77:
         51:19:4c:45:da:d7:2c:b4:1a:ae:37:1b:fc:79:aa:ea:2a:fc:
         2a:22:23:fe:27:70:cb:1b:46:39:73:bc:a5:f3:05:73:cb:c8:
         e0:58:39:82:8b:2a:d1:23:11:ab:5d:c3:e0:c1:67:53:81:ed:
         f6:c8:ed:d5:a4:60:a4:85:a6:11:e4:d1:96:01:e7:9a:b5:69:
         ea:7e:5f:1d:bf:77:47:5f:ff:3a:c5:bd:31:38:96:c1:1b:a7:
         62:28:a9:54:82:10:0f:95:9a:e2:13:e7:64:ef:bd:66:d9:0d:
         e5:c4:1c:c0:01:42:a9:32:d3:15:28:a8:bf:48:6e:4e:9e:86:
         ef:d8:01:28:ac:d1:b2:3e:4f:c9:2a:42:05:47:06:b6:4b:2f:
         f1:8b:70:2b:7f:d5:26:eb:02:c9:e4:ca:2f:7d:4c:92:65:0c:
         05:f9:ba:1c:5c:78:58:2b:d8:f4:cc:a8:65:69:d3:a9:88:b4:
         28:41:4b:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsuFS4fro9BSlj8/m2aoFNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGNhNGE2N2Q3NGJkNzhhM2E2MDhkZTZmMzg4ODhhNWRhMzVmNThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhytBdu8lejd2QBUfQJJn/rGwOAnk
XAQ7BEy9dZUEyybJHYwrFofy1r7s3IXHFmjhKfolzZRb0WU22pTif7yiL1gIcVyS
g1VQZpULEXaKyOjALirgJ1lkhM84qxMtnkibz8vPok7XjQYhGJnX6u05HsNeIEPz
xZavtqx0niP6JSaWbZysecx/kB6flr6pwpm7L+5tUVvkfXYSyYYGwY5fIU3Ss1M2
O7wuMBF33QvGFDw3GUshP7Y7gHVcZ2+g74LFpzN2uIk/y0yKdvsIImMZh0KMK4pl
c47Z4Ua4QW3+b1YmaRz5YrEwOZdgY1BHlRdJnmBpp0xArNCJAE03ppctNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG3KSmfXS9eKOmCN5vOIiKXaNfWLMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvYmNwS1o5ZEwxNG82WUkzbTg0aUlwZG8xOVlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWlN8MA0G
CSqGSIb3DQEBCwUAA4IBAQAKqIHmYRIB42yVn5KAxe8ZSXyJxS9xDcv+ShZPsps0
qTgZNWqVprA2s8MDmoagSZ/MCPC/2m5gl5GWLBLrZGe/a8wRL1qHJHdRGUxF2tcs
tBquNxv8earqKvwqIiP+J3DLG0Y5c7yl8wVzy8jgWDmCiyrRIxGrXcPgwWdTge32
yO3VpGCkhaYR5NGWAeeatWnqfl8dv3dHX/86xb0xOJbBG6diKKlUghAPlZriE+dk
771m2Q3lxBzAAUKpMtMVKKi/SG5Onobv2AEorNGyPk/JKkIFRwa2Sy/xi3Arf9Um
6wLJ5MovfUySZQwF+bocXHhYK9j0zKhladOpiLQoQUtJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:19 2024 by rpki-client on console-ams.rpki-client.org