Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/cD9sWn2T73QLk8nfD-XLYPm-DSI.roa
File:                     cD9sWn2T73QLk8nfD-XLYPm-DSI.roa (raw, json)
Hash identifier:          rP8vsyHpKWUKa4hDdAeeHUFSKX/f0HmG05FGvOEiX8M=
Subject key identifier:   70:3F:6C:5A:7D:93:EF:74:0B:93:C9:DF:0F:E5:CB:60:F9:BE:0D:22
Certificate issuer:       /CN=16ea37a8e73e7679a933d70f7b9c872081024455
Certificate serial:       01856D53D6A40C8CEEECAF0FD98BD310FD91
Authority key identifier: 16:EA:37:A8:E7:3E:76:79:A9:33:D7:0F:7B:9C:87:20:81:02:44:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Fuo3qOc-dnmpM9cPe5yHIIECRFU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/cD9sWn2T73QLk8nfD-XLYPm-DSI.roa
Signing time:             Sun 01 Jan 2023 12:34:48 +0000
ROA not before:           Sun 01 Jan 2023 12:34:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     64458
IP address blocks:        194.59.170.0/24 maxlen: 24
                          185.81.97.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 01 Oct 2023 10:11:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:53:d6:a4:0c:8c:ee:ec:af:0f:d9:8b:d3:10:fd:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16ea37a8e73e7679a933d70f7b9c872081024455
        Validity
            Not Before: Jan  1 12:34:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=703f6c5a7d93ef740b93c9df0fe5cb60f9be0d22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:da:ad:80:4b:ba:30:51:ec:66:70:b3:e9:1b:
                    96:a0:b6:ce:fb:f2:96:f5:ec:80:81:f6:89:5d:ee:
                    7f:70:74:11:03:f0:dc:a8:a4:37:3e:3b:b4:64:75:
                    d5:ad:0a:fb:cf:be:fc:5e:55:e2:ac:f3:4b:f1:7e:
                    ca:f2:56:4f:16:35:41:c8:2b:47:68:0a:52:4e:a8:
                    51:bb:fa:cc:61:13:54:39:89:ff:99:6c:66:84:6a:
                    af:31:6e:96:b0:8e:bf:9d:7b:b0:71:92:50:7f:3f:
                    09:ab:56:97:3c:5f:38:12:22:4e:a7:3d:62:28:9b:
                    11:ae:d6:96:04:10:8a:c8:d6:76:27:db:3a:ff:50:
                    c1:75:39:77:1a:a1:64:8e:26:50:16:a6:70:52:3c:
                    0b:c9:82:3d:5b:e4:42:b6:e0:12:f9:3a:df:56:60:
                    5b:46:9c:7f:19:fd:01:bf:1d:02:21:83:f2:3f:62:
                    20:ed:92:f6:f9:b0:35:33:2f:a1:83:08:0f:29:b2:
                    e9:1a:80:c6:01:f6:2e:33:c0:e7:24:4f:ba:09:43:
                    49:84:f9:cc:6f:c9:75:43:aa:45:b1:d8:b1:7d:43:
                    38:1e:3c:f7:21:0c:99:86:cb:8f:26:ab:28:ac:08:
                    5e:c1:ab:28:03:a0:ba:4a:80:b0:c0:0f:5b:72:01:
                    8c:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:3F:6C:5A:7D:93:EF:74:0B:93:C9:DF:0F:E5:CB:60:F9:BE:0D:22
            X509v3 Authority Key Identifier:
                keyid:16:EA:37:A8:E7:3E:76:79:A9:33:D7:0F:7B:9C:87:20:81:02:44:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fuo3qOc-dnmpM9cPe5yHIIECRFU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/cD9sWn2T73QLk8nfD-XLYPm-DSI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/Fuo3qOc-dnmpM9cPe5yHIIECRFU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.81.97.0/24
                  194.59.170.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:a8:04:ea:6f:30:a0:90:68:64:33:94:e1:72:1f:45:f5:17:
         0d:c2:7a:1a:73:35:fc:22:f3:64:0e:07:c2:33:34:57:bb:35:
         b9:e9:b7:19:ab:fc:17:de:4f:24:ff:4f:d3:9c:ed:bb:08:da:
         bb:cc:3a:8c:3e:fa:d2:40:8e:55:dd:e0:df:4f:a3:0d:fb:48:
         02:84:80:45:ce:1d:22:0b:f6:22:f5:4c:36:6f:9d:c1:df:5f:
         7d:4f:b4:d8:4d:99:87:8f:3b:8f:1f:46:0e:01:87:06:cd:94:
         7b:e0:fd:1f:ad:46:ae:c5:4e:3e:db:d6:ca:53:f3:a4:5a:a1:
         58:92:9d:0d:44:30:ae:3d:64:fb:01:95:8b:bd:4e:82:6e:17:
         58:94:c1:38:43:b7:49:4d:63:86:6f:d6:e0:3c:a2:3a:56:c4:
         bc:e0:03:f0:16:7f:68:73:91:33:c5:64:1e:11:d0:07:ee:28:
         0d:1d:50:45:00:80:21:97:70:77:0c:1b:9c:dd:d4:a8:60:6a:
         a4:6e:60:0a:52:fe:85:1d:ac:db:4f:8c:67:0c:dc:f9:0b:77:
         01:1b:c8:8a:00:bd:76:f8:3d:9b:5c:5b:43:84:46:eb:16:7f:
         e7:7d:b1:4f:f7:ce:4d:11:cc:85:7f:76:f0:65:44:23:58:51:
         79:94:c6:4f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtU9akDIzu7K8P2YvTEP2RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ZWEzN2E4ZTczZTc2NzlhOTMzZDcwZjdiOWM4NzIwODEw
MjQ0NTUwHhcNMjMwMTAxMTIzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDNmNmM1YTdkOTNlZjc0MGI5M2M5ZGYwZmU1Y2I2MGY5YmUwZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdqtgEu6MFHsZnCz6RuWoLbO+/KW
9eyAgfaJXe5/cHQRA/DcqKQ3Pju0ZHXVrQr7z778XlXirPNL8X7K8lZPFjVByCtH
aApSTqhRu/rMYRNUOYn/mWxmhGqvMW6WsI6/nXuwcZJQfz8Jq1aXPF84EiJOpz1i
KJsRrtaWBBCKyNZ2J9s6/1DBdTl3GqFkjiZQFqZwUjwLyYI9W+RCtuAS+TrfVmBb
Rpx/Gf0Bvx0CIYPyP2Ig7ZL2+bA1My+hgwgPKbLpGoDGAfYuM8DnJE+6CUNJhPnM
b8l1Q6pFsdixfUM4Hjz3IQyZhsuPJqsorAhewasoA6C6SoCwwA9bcgGMXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHA/bFp9k+90C5PJ3w/ly2D5vg0iMB8GA1UdIwQY
MBaAFBbqN6jnPnZ5qTPXD3uchyCBAkRVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnVvM3FPYy1kbm1wTTljUGU1eUhJSUVDUkZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My81MWNkOTQtYTA1NS00M2VlLWEwOWIt
NDcyYjBkMDcyZTgzLzEvY0Q5c1duMlQ3M1FMazhuZkQtWExZUG0tRFNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My81MWNkOTQtYTA1NS00M2VlLWEwOWItNDcyYjBkMDcyZTgz
LzEvRnVvM3FPYy1kbm1wTTljUGU1eUhJSUVDUkZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuVFhAwQA
wjuqMA0GCSqGSIb3DQEBCwUAA4IBAQBlqATqbzCgkGhkM5Thch9F9RcNwnoaczX8
IvNkDgfCMzRXuzW56bcZq/wX3k8k/0/TnO27CNq7zDqMPvrSQI5V3eDfT6MN+0gC
hIBFzh0iC/Yi9Uw2b53B3199T7TYTZmHjzuPH0YOAYcGzZR74P0frUauxU4+29bK
U/OkWqFYkp0NRDCuPWT7AZWLvU6CbhdYlME4Q7dJTWOGb9bgPKI6VsS84APwFn9o
c5EzxWQeEdAH7igNHVBFAIAhl3B3DBuc3dSoYGqkbmAKUv6FHazbT4xnDNz5C3cB
G8iKAL12+D2bXFtDhEbrFn/nfbFP985NEcyFf3bwZUQjWFF5lMZP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:54 2024 by rpki-client on console-ams.rpki-client.org