Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/6f598d-a5c5-4c99-a1f0-548263eb6fb4/1/j9hUo9K_ETgC0L_g9rwWbY2MSRo.roa
File:                     j9hUo9K_ETgC0L_g9rwWbY2MSRo.roa (raw, json)
Hash identifier:          d6err9GbsHU4RoLNJOJELxrbX+2PeHnHuHh/qiZ+6j0=
Subject key identifier:   8F:D8:54:A3:D2:BF:11:38:02:D0:BF:E0:F6:BC:16:6D:8D:8C:49:1A
Certificate issuer:       /CN=7a0a06564d3c717d2d6daa1e833c495976b0bada
Certificate serial:       018571A7C012461E59105D52DBB4D49AE040
Authority key identifier: 7A:0A:06:56:4D:3C:71:7D:2D:6D:AA:1E:83:3C:49:59:76:B0:BA:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/egoGVk08cX0tbaoegzxJWXawuto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/6f598d-a5c5-4c99-a1f0-548263eb6fb4/1/j9hUo9K_ETgC0L_g9rwWbY2MSRo.roa
Signing time:             Mon 02 Jan 2023 08:44:57 +0000
ROA not before:           Mon 02 Jan 2023 08:44:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15404
IP address blocks:        149.249.0.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:a7:c0:12:46:1e:59:10:5d:52:db:b4:d4:9a:e0:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a0a06564d3c717d2d6daa1e833c495976b0bada
        Validity
            Not Before: Jan  2 08:44:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8fd854a3d2bf113802d0bfe0f6bc166d8d8c491a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:91:27:a1:24:84:2d:18:62:38:f6:12:7e:78:
                    5f:9c:88:fe:35:b2:d4:9b:12:14:f5:30:ed:c7:6a:
                    f9:b1:41:56:e3:6c:97:69:1b:1e:0c:58:28:31:3b:
                    e9:99:72:f6:de:59:9a:f5:2e:9d:41:e8:af:2c:bb:
                    df:24:55:af:25:cf:df:07:37:0c:37:53:8b:8d:dc:
                    6d:97:f8:87:8a:7a:8a:9e:79:f1:f7:ec:41:31:d8:
                    26:3a:dc:0b:a8:09:e8:e6:ee:28:91:f0:d2:89:7a:
                    06:9d:dc:19:4e:a7:74:9c:f9:9c:d4:f8:db:8d:e5:
                    2a:b2:34:4c:81:0a:e7:9b:35:8c:29:be:69:4e:df:
                    7f:e3:17:e7:b6:08:b1:22:bd:9c:99:07:77:9b:93:
                    ad:98:0e:01:61:1c:f9:bb:77:d1:2b:a5:ef:39:30:
                    93:f5:6f:60:be:8e:3e:ba:df:8b:cc:7b:b2:73:69:
                    95:12:0d:b1:7f:62:2a:52:b7:00:ae:98:9b:8c:0f:
                    61:d7:ee:56:3a:ce:ee:1e:e4:0f:8d:a2:f6:d0:f0:
                    b0:59:a3:f7:8d:9b:11:52:ff:8a:1c:7b:b0:e3:36:
                    42:b8:fa:fe:73:3a:dd:32:d7:57:e2:86:03:bc:c5:
                    a9:6c:a6:06:43:08:3e:c4:8e:6a:67:a4:cc:8c:7b:
                    85:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:D8:54:A3:D2:BF:11:38:02:D0:BF:E0:F6:BC:16:6D:8D:8C:49:1A
            X509v3 Authority Key Identifier:
                keyid:7A:0A:06:56:4D:3C:71:7D:2D:6D:AA:1E:83:3C:49:59:76:B0:BA:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/egoGVk08cX0tbaoegzxJWXawuto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6f598d-a5c5-4c99-a1f0-548263eb6fb4/1/j9hUo9K_ETgC0L_g9rwWbY2MSRo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6f598d-a5c5-4c99-a1f0-548263eb6fb4/1/egoGVk08cX0tbaoegzxJWXawuto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  149.249.0.0/21

    Signature Algorithm: sha256WithRSAEncryption
         1d:8e:cd:59:c5:4a:d6:b7:ca:9c:42:48:50:ee:53:28:c5:fa:
         4a:75:8c:cf:30:29:a4:49:94:ff:dd:02:20:71:64:5c:90:84:
         1f:9c:06:45:4c:7b:f5:a1:9e:8d:d1:92:15:5b:5f:d6:fb:ef:
         e7:38:4c:bf:a8:77:5c:db:57:6c:93:eb:a1:87:16:ab:1e:77:
         f7:d8:f3:3e:ec:a1:a3:98:b6:de:73:2e:ac:05:37:d6:82:57:
         95:e0:1f:d6:7a:88:fa:ad:92:07:b0:19:1b:7f:de:2c:9f:36:
         d9:4e:9c:b9:c3:3d:c4:a3:83:73:24:1e:41:40:be:b3:0e:8d:
         cd:38:8e:a6:bc:9c:3b:38:87:88:ec:c9:20:ac:ea:60:1b:7d:
         48:0e:ce:15:fe:35:7c:50:d0:26:6f:29:2e:18:36:53:4a:9b:
         af:10:62:97:f2:54:98:35:5a:4e:1e:6d:ea:fc:bc:2b:5a:9b:
         f7:74:cc:d8:b5:71:2a:2d:3a:48:a6:2f:e7:08:26:a9:73:43:
         e9:d2:bb:11:82:b6:e6:fd:0d:44:7b:d4:8c:4a:55:aa:67:ff:
         f1:eb:e2:1f:3e:4b:ec:e2:22:7a:f5:d2:0c:85:f5:7c:14:a7:
         2f:88:fc:08:ee:23:f1:c7:a2:ba:09:95:e9:66:65:8a:34:a2:
         2d:5e:34:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp8ASRh5ZEF1S27TUmuBAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMGEwNjU2NGQzYzcxN2QyZDZkYWExZTgzM2M0OTU5NzZi
MGJhZGEwHhcNMjMwMTAyMDg0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmQ4NTRhM2QyYmYxMTM4MDJkMGJmZTBmNmJjMTY2ZDhkOGM0OTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA35EnoSSELRhiOPYSfnhfnIj+NbLU
mxIU9TDtx2r5sUFW42yXaRseDFgoMTvpmXL23lma9S6dQeivLLvfJFWvJc/fBzcM
N1OLjdxtl/iHinqKnnnx9+xBMdgmOtwLqAno5u4okfDSiXoGndwZTqd0nPmc1Pjb
jeUqsjRMgQrnmzWMKb5pTt9/4xfntgixIr2cmQd3m5OtmA4BYRz5u3fRK6XvOTCT
9W9gvo4+ut+LzHuyc2mVEg2xf2IqUrcArpibjA9h1+5WOs7uHuQPjaL20PCwWaP3
jZsRUv+KHHuw4zZCuPr+czrdMtdX4oYDvMWpbKYGQwg+xI5qZ6TMjHuFcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI/YVKPSvxE4AtC/4Pa8Fm2NjEkaMB8GA1UdIwQY
MBaAFHoKBlZNPHF9LW2qHoM8SVl2sLraMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWdvR1ZrMDhjWDB0YmFvZWd6eEpXWGF3dXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi82ZjU5OGQtYTVjNS00Yzk5LWExZjAt
NTQ4MjYzZWI2ZmI0LzEvajloVW85S19FVGdDMExfZzlyd1diWTJNU1JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi82ZjU5OGQtYTVjNS00Yzk5LWExZjAtNTQ4MjYzZWI2ZmI0
LzEvZWdvR1ZrMDhjWDB0YmFvZWd6eEpXWGF3dXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDlfkAMA0G
CSqGSIb3DQEBCwUAA4IBAQAdjs1ZxUrWt8qcQkhQ7lMoxfpKdYzPMCmkSZT/3QIg
cWRckIQfnAZFTHv1oZ6N0ZIVW1/W++/nOEy/qHdc21dsk+uhhxarHnf32PM+7KGj
mLbecy6sBTfWgleV4B/Weoj6rZIHsBkbf94snzbZTpy5wz3Eo4NzJB5BQL6zDo3N
OI6mvJw7OIeI7MkgrOpgG31IDs4V/jV8UNAmbykuGDZTSpuvEGKX8lSYNVpOHm3q
/LwrWpv3dMzYtXEqLTpIpi/nCCapc0Pp0rsRgrbm/Q1Ee9SMSlWqZ//x6+IfPkvs
4iJ69dIMhfV8FKcviPwI7iPxx6K6CZXpZmWKNKItXjSA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:27 2024 by rpki-client on console-fra.rpki-client.org