Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/9-Enz5KioZDOPycJtQBVd5h1--E.roa
File:                     9-Enz5KioZDOPycJtQBVd5h1--E.roa (raw, json)
Hash identifier:          eOaL8hXGNfJ090o+tdAc5lW4DrqzuVi/MPrS9BF03gY=
Subject key identifier:   F7:E1:27:CF:92:A2:A1:90:CE:3F:27:09:B5:00:55:77:98:75:FB:E1
Certificate issuer:       /CN=d794e81d72f59c65a0d18144a1b2607983536b4a
Certificate serial:       01877A0725F49AB65D5114849A2DE9DCB964
Authority key identifier: D7:94:E8:1D:72:F5:9C:65:A0:D1:81:44:A1:B2:60:79:83:53:6B:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/15ToHXL1nGWg0YFEobJgeYNTa0o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/9-Enz5KioZDOPycJtQBVd5h1--E.roa
Signing time:             Thu 13 Apr 2023 09:51:41 +0000
ROA not before:           Thu 13 Apr 2023 09:51:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42313
IP address blocks:        185.171.144.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Thu 13 Apr 2023 10:05:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:7a:07:25:f4:9a:b6:5d:51:14:84:9a:2d:e9:dc:b9:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d794e81d72f59c65a0d18144a1b2607983536b4a
        Validity
            Not Before: Apr 13 09:51:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f7e127cf92a2a190ce3f2709b50055779875fbe1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:d3:f5:2d:52:4c:cc:bc:03:73:78:3e:05:ff:
                    00:b9:d9:25:04:4b:b1:74:29:53:a8:80:09:20:81:
                    12:cb:60:6b:05:4c:48:61:3d:d6:c8:9f:e3:b8:91:
                    e8:f5:49:da:d8:44:15:d7:af:eb:f2:04:fc:4e:0e:
                    70:13:08:e4:11:76:1c:75:e0:ea:55:f6:6e:2d:e3:
                    b1:05:af:18:ad:4a:59:b9:2c:4c:cb:3d:a3:77:95:
                    54:b4:f6:00:1f:68:18:11:e5:63:4a:4b:88:b0:37:
                    74:0d:22:da:e8:e7:2c:59:dd:d9:3f:83:2b:9b:26:
                    f4:b1:db:e9:df:96:6e:d7:b0:1e:35:14:ae:93:11:
                    14:6e:31:24:22:c4:5a:26:b2:44:39:de:2c:42:f8:
                    56:23:4c:06:09:77:95:e7:be:e7:37:46:35:df:85:
                    c7:fa:65:8c:7d:e3:c5:36:02:e5:fa:39:5f:9b:2f:
                    be:fb:09:4a:9f:4e:0e:9d:8b:5d:2e:da:38:54:1f:
                    3c:47:7f:50:3f:cd:89:99:27:88:79:d5:8f:12:73:
                    7a:cc:6f:a3:40:5a:9b:78:e4:2c:f8:77:70:0b:03:
                    43:bd:f8:ab:c7:0b:0c:61:60:44:e0:73:85:70:97:
                    cb:63:73:8e:ea:68:03:40:80:59:64:56:1d:83:d2:
                    a1:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:E1:27:CF:92:A2:A1:90:CE:3F:27:09:B5:00:55:77:98:75:FB:E1
            X509v3 Authority Key Identifier:
                keyid:D7:94:E8:1D:72:F5:9C:65:A0:D1:81:44:A1:B2:60:79:83:53:6B:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/15ToHXL1nGWg0YFEobJgeYNTa0o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/9-Enz5KioZDOPycJtQBVd5h1--E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/15ToHXL1nGWg0YFEobJgeYNTa0o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.171.144.0/23

    Signature Algorithm: sha256WithRSAEncryption
         94:0c:eb:2c:0a:d9:69:2c:70:19:c1:bd:71:71:a4:db:c5:4e:
         2c:73:b5:f9:c9:64:93:da:48:da:ba:b0:4a:b0:83:72:32:ee:
         10:23:57:92:58:2b:a4:af:77:4f:08:20:57:6e:ce:c5:18:ac:
         a1:3e:9b:38:33:47:42:b6:d0:91:a4:95:90:6f:a9:8f:51:00:
         40:9d:94:3a:4e:8c:12:69:4e:e5:c5:bc:9f:bb:d6:32:b1:d5:
         5d:d9:79:60:5e:37:e5:95:e8:79:25:47:18:0b:76:15:7c:f1:
         c9:cb:b2:b8:63:fc:57:56:d2:a2:04:01:f0:65:87:e6:c3:8b:
         fd:cf:0e:ad:e1:5a:9f:f1:f6:3c:30:fd:2a:c6:88:a1:ee:56:
         e1:25:f9:73:a2:7a:c0:ea:77:ee:19:ac:bd:5e:66:ed:42:09:
         28:1c:f6:1b:6f:3d:28:06:0f:ec:94:66:dd:df:3a:a6:30:da:
         33:28:9b:ae:f3:57:2c:af:a9:e9:4a:f1:af:05:7f:3d:79:1e:
         4f:1e:22:6e:3d:6c:42:9d:25:54:ab:64:89:79:c1:0c:24:1e:
         13:2f:dc:b5:67:1f:38:04:3f:6b:69:0b:74:97:9f:33:e4:ae:
         e2:7c:b6:cc:96:41:1a:fc:ac:5c:05:60:07:1a:88:5b:a7:8a:
         a6:ca:90:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd6ByX0mrZdURSEmi3p3LlkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OTRlODFkNzJmNTljNjVhMGQxODE0NGExYjI2MDc5ODM1
MzZiNGEwHhcNMjMwNDEzMDk1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2UxMjdjZjkyYTJhMTkwY2UzZjI3MDliNTAwNTU3Nzk4NzVmYmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNP1LVJMzLwDc3g+Bf8AudklBEux
dClTqIAJIIESy2BrBUxIYT3WyJ/juJHo9Una2EQV16/r8gT8Tg5wEwjkEXYcdeDq
VfZuLeOxBa8YrUpZuSxMyz2jd5VUtPYAH2gYEeVjSkuIsDd0DSLa6OcsWd3ZP4Mr
myb0sdvp35Zu17AeNRSukxEUbjEkIsRaJrJEOd4sQvhWI0wGCXeV577nN0Y134XH
+mWMfePFNgLl+jlfmy+++wlKn04OnYtdLto4VB88R39QP82JmSeIedWPEnN6zG+j
QFqbeOQs+HdwCwNDvfirxwsMYWBE4HOFcJfLY3OO6mgDQIBZZFYdg9KhuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPfhJ8+SoqGQzj8nCbUAVXeYdfvhMB8GA1UdIwQY
MBaAFNeU6B1y9ZxloNGBRKGyYHmDU2tKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTVUb0hYTDFuR1dnMFlGRW9iSmdlWU5UYTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mNmExMjQtN2YwMS00ZTQwLWI3OTYt
Y2NhNTJiNjI2ZmNhLzEvOS1Fbno1S2lvWkRPUHljSnRRQlZkNWgxLS1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mNmExMjQtN2YwMS00ZTQwLWI3OTYtY2NhNTJiNjI2ZmNh
LzEvMTVUb0hYTDFuR1dnMFlGRW9iSmdlWU5UYTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuauQMA0G
CSqGSIb3DQEBCwUAA4IBAQCUDOssCtlpLHAZwb1xcaTbxU4sc7X5yWST2kjaurBK
sINyMu4QI1eSWCukr3dPCCBXbs7FGKyhPps4M0dCttCRpJWQb6mPUQBAnZQ6TowS
aU7lxbyfu9YysdVd2XlgXjflleh5JUcYC3YVfPHJy7K4Y/xXVtKiBAHwZYfmw4v9
zw6t4Vqf8fY8MP0qxoih7lbhJflzonrA6nfuGay9XmbtQgkoHPYbbz0oBg/slGbd
3zqmMNozKJuu81csr6npSvGvBX89eR5PHiJuPWxCnSVUq2SJecEMJB4TL9y1Zx84
BD9raQt0l58z5K7ifLbMlkEa/KxcBWAHGohbp4qmypAf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:59 2024 by rpki-client on console-ams.rpki-client.org