Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/I6YFnuSwFPtcottEaAaiLDWiYEI.roa
File:                     I6YFnuSwFPtcottEaAaiLDWiYEI.roa (raw, json)
Hash identifier:          tta+TYxrV+Cd8EmrasmgXQ/bJ9ASVbllYm1ZGdqSQUE=
Subject key identifier:   23:A6:05:9E:E4:B0:14:FB:5C:A2:DB:44:68:06:A2:2C:35:A2:60:42
Certificate issuer:       /CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Certificate serial:       018573CCED217B00C68E5E329B9F101F268B
Authority key identifier: F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/I6YFnuSwFPtcottEaAaiLDWiYEI.roa
Signing time:             Mon 02 Jan 2023 18:44:47 +0000
ROA not before:           Mon 02 Jan 2023 18:44:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210016
IP address blocks:        131.117.232.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:cc:ed:21:7b:00:c6:8e:5e:32:9b:9f:10:1f:26:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
        Validity
            Not Before: Jan  2 18:44:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=23a6059ee4b014fb5ca2db446806a22c35a26042
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:b4:2c:73:02:e3:3b:75:07:da:95:8a:a9:a3:
                    39:b3:1a:fd:20:d8:2f:ce:e8:6c:dd:15:d7:b9:f6:
                    ad:23:31:58:08:68:02:15:60:c9:61:ab:b8:75:28:
                    9b:e5:78:a1:4d:12:61:4d:f0:fd:a0:d8:d5:c8:c9:
                    3b:8e:97:2c:91:d0:84:29:97:96:94:09:93:d4:47:
                    68:6f:c8:90:ec:88:19:8a:3a:02:9f:fd:25:d3:68:
                    5c:9d:7b:1a:53:7f:af:b4:7d:be:0f:3a:34:b8:b1:
                    59:cd:27:95:c3:06:fc:33:db:39:5a:6a:cf:24:8c:
                    ff:93:3e:cd:17:ef:f4:b3:ef:51:07:c5:f6:de:bf:
                    73:f6:fc:e9:34:ce:86:2c:48:dc:a8:75:f9:a0:a3:
                    d2:11:bd:a9:7e:17:bb:d6:d8:88:27:d3:0d:a1:d7:
                    e7:59:0c:2f:60:43:e0:0e:07:55:d9:c6:62:76:85:
                    54:cd:f2:59:14:a2:58:ed:85:b4:b6:2b:2a:d2:bd:
                    8d:5d:40:26:98:aa:62:ad:43:32:44:91:6b:84:6e:
                    ee:33:b5:ed:a5:c2:2b:14:87:fb:2e:08:33:e8:f8:
                    6d:ea:3d:a6:92:af:a2:79:73:7e:91:dc:80:9c:31:
                    0f:43:0b:29:48:53:0b:bc:ea:54:19:93:ee:22:3b:
                    3c:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:A6:05:9E:E4:B0:14:FB:5C:A2:DB:44:68:06:A2:2C:35:A2:60:42
            X509v3 Authority Key Identifier:
                keyid:F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/I6YFnuSwFPtcottEaAaiLDWiYEI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.117.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d8:65:ef:0d:f2:e9:90:a3:2b:34:38:6d:1e:d0:52:33:fa:e1:
         2a:87:8a:4f:2b:63:39:69:a8:41:8b:9b:4d:2d:23:ad:ee:fd:
         39:8f:50:82:fa:8d:e5:e1:06:19:17:d1:80:d9:76:24:d4:a4:
         79:9a:a4:23:24:43:63:6b:2e:92:04:ad:53:d1:f7:36:22:a8:
         fa:ad:ac:0e:c1:dc:72:4b:70:57:bf:d7:f8:fd:c0:87:a6:10:
         af:70:0a:0d:96:d5:f1:0d:04:20:ab:74:93:59:be:9f:18:bf:
         85:1f:ef:c2:d3:95:0a:34:fa:19:33:47:1c:5f:fb:0c:7b:17:
         1d:18:4f:ce:42:d0:0e:74:05:7e:ff:6c:4d:a6:e4:bd:6b:dc:
         3c:c4:ee:fc:64:85:12:1f:f3:b8:66:fd:ed:d2:e1:4d:68:2b:
         50:5c:8d:53:17:cc:0e:cb:c9:a9:38:e0:10:99:db:2c:75:b3:
         e0:36:bb:fb:d0:8e:32:e0:d3:8e:d2:7c:26:81:9f:fe:0f:c0:
         ee:79:f4:45:78:29:6a:87:eb:d4:8e:9f:0c:64:26:48:d8:57:
         26:b4:4f:96:62:ad:c3:e8:08:2f:4d:8a:ec:ec:1f:05:e0:98:
         99:1c:c2:e3:44:65:77:88:ed:57:16:fa:d6:b9:a9:4a:b9:3a:
         c0:a4:d7:51
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVzzO0hewDGjl4ym58QHyaLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5OGEwMmQyMGM2YjdkZTM1NzEyNWYzOGIxNzM1Y2ExYjkx
Zjg3YjMwHhcNMjMwMTAyMTg0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2E2MDU5ZWU0YjAxNGZiNWNhMmRiNDQ2ODA2YTIyYzM1YTI2MDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbQscwLjO3UH2pWKqaM5sxr9INgv
zuhs3RXXufatIzFYCGgCFWDJYau4dSib5XihTRJhTfD9oNjVyMk7jpcskdCEKZeW
lAmT1Edob8iQ7IgZijoCn/0l02hcnXsaU3+vtH2+Dzo0uLFZzSeVwwb8M9s5WmrP
JIz/kz7NF+/0s+9RB8X23r9z9vzpNM6GLEjcqHX5oKPSEb2pfhe71tiIJ9MNodfn
WQwvYEPgDgdV2cZidoVUzfJZFKJY7YW0tisq0r2NXUAmmKpirUMyRJFrhG7uM7Xt
pcIrFIf7Lggz6Pht6j2mkq+ieXN+kdyAnDEPQwspSFMLvOpUGZPuIjs8vwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCOmBZ7ksBT7XKLbRGgGoiw1omBCMB8GA1UdIwQY
MBaAFPmKAtIMa33jVxJfOLFzXKG5H4ezMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Zb0MwZ3hyZmVOWEVsODRzWE5jb2JrZmg3TS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMz
LWFjZTNkNjc1ZDNjZC8xL0k2WUZudVN3RlB0Y290dEVhQWFpTERXaVlFSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMzLWFjZTNkNjc1ZDNj
ZC8xLzEtWW9DMGd4cmZlTlhFbDg0c1hOY29ia2ZoN00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACDdegw
DQYJKoZIhvcNAQELBQADggEBANhl7w3y6ZCjKzQ4bR7QUjP64SqHik8rYzlpqEGL
m00tI63u/TmPUIL6jeXhBhkX0YDZdiTUpHmapCMkQ2NrLpIErVPR9zYiqPqtrA7B
3HJLcFe/1/j9wIemEK9wCg2W1fENBCCrdJNZvp8Yv4Uf78LTlQo0+hkzRxxf+wx7
Fx0YT85C0A50BX7/bE2m5L1r3DzE7vxkhRIf87hm/e3S4U1oK1BcjVMXzA7Lyak4
4BCZ2yx1s+A2u/vQjjLg047SfCaBn/4PwO559EV4KWqH69SOnwxkJkjYVya0T5Zi
rcPoCC9NiuzsHwXgmJkcwuNEZXeI7VcW+ta5qUq5OsCk11E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:09 2024 by rpki-client on console-fra.rpki-client.org