Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/j7g3WHygNrXrZhldw4S-0XsfRBQ.roa
File:                     j7g3WHygNrXrZhldw4S-0XsfRBQ.roa (raw, json)
Hash identifier:          YTT0cAjYmZlMvrKgwA7tjxbOR1hBuduWcz4KHxAXUxc=
Subject key identifier:   8F:B8:37:58:7C:A0:36:B5:EB:66:19:5D:C3:84:BE:D1:7B:1F:44:14
Certificate issuer:       /CN=00f4cc412cc30fb2f9f7c37c3e390bec5e6256b0
Certificate serial:       018570F09DA9D7AD27250F7E6A9B28FF4158
Authority key identifier: 00:F4:CC:41:2C:C3:0F:B2:F9:F7:C3:7C:3E:39:0B:EC:5E:62:56:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/APTMQSzDD7L598N8PjkL7F5iVrA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/j7g3WHygNrXrZhldw4S-0XsfRBQ.roa
Signing time:             Mon 02 Jan 2023 05:24:55 +0000
ROA not before:           Mon 02 Jan 2023 05:24:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8609
IP address blocks:        158.162.124.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:f0:9d:a9:d7:ad:27:25:0f:7e:6a:9b:28:ff:41:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00f4cc412cc30fb2f9f7c37c3e390bec5e6256b0
        Validity
            Not Before: Jan  2 05:24:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8fb837587ca036b5eb66195dc384bed17b1f4414
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:32:03:69:48:a4:82:e9:10:db:c4:73:8c:aa:
                    ff:48:3a:f9:70:cb:5a:07:83:a4:40:10:cf:1d:39:
                    e0:83:3c:73:c8:8a:4b:6d:6f:64:d6:47:17:4b:d0:
                    d3:ac:fe:b9:34:b9:33:34:5b:6d:ae:80:09:de:0b:
                    65:4a:8c:65:99:af:61:e5:f6:5b:68:6b:e5:06:44:
                    a3:51:d7:1e:a2:2a:35:01:10:ff:9d:e9:e1:d6:ba:
                    3d:fe:0b:35:13:2c:73:ce:7e:e0:14:6c:a0:06:bc:
                    b2:93:c6:dc:f2:06:45:a5:26:07:52:d1:17:49:06:
                    21:69:b9:03:8d:05:ff:bf:d3:04:90:28:c5:55:64:
                    39:2f:81:03:5f:9e:11:39:53:e5:87:05:e5:2e:7d:
                    f8:89:44:7d:f6:48:8d:48:2f:c9:21:dc:d0:23:14:
                    70:cb:e1:cc:e4:32:dc:fb:71:8d:41:be:a3:02:2c:
                    20:b1:13:72:e7:aa:3c:34:6b:00:f0:b3:13:22:79:
                    cf:f7:64:b9:c9:66:5e:9b:15:24:23:84:87:ce:7f:
                    1f:c1:c0:91:2a:0e:be:99:ee:de:19:9f:13:5d:b6:
                    c9:f2:c3:e1:dc:c4:fc:57:e3:69:57:58:77:89:31:
                    57:ed:48:ae:7f:98:2b:15:6f:a8:c6:12:9b:c3:f5:
                    fb:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:B8:37:58:7C:A0:36:B5:EB:66:19:5D:C3:84:BE:D1:7B:1F:44:14
            X509v3 Authority Key Identifier:
                keyid:00:F4:CC:41:2C:C3:0F:B2:F9:F7:C3:7C:3E:39:0B:EC:5E:62:56:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/APTMQSzDD7L598N8PjkL7F5iVrA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/j7g3WHygNrXrZhldw4S-0XsfRBQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/APTMQSzDD7L598N8PjkL7F5iVrA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.162.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0b:92:20:ad:c0:af:c7:1e:33:f4:5a:10:6e:5a:e6:90:9e:3b:
         78:ce:be:a8:4b:14:5e:77:7e:71:b7:4d:e1:ec:3b:23:1e:56:
         80:39:0c:f2:a9:13:23:11:71:f9:6b:b2:94:36:a4:11:3b:c2:
         d7:05:27:9d:19:31:8e:ec:b9:ca:40:d8:a9:8e:5d:96:35:9b:
         bc:3d:35:41:7d:fa:3d:0b:12:a9:21:a3:03:c1:ba:96:e3:2a:
         6a:dd:c4:83:12:48:d1:c9:ac:3f:a0:c9:ea:86:be:46:d8:39:
         0d:ab:c8:57:00:f5:c6:3a:7e:ba:4a:54:6e:d5:49:f5:fe:7c:
         06:34:7d:2e:cc:0f:36:13:96:c7:b7:cb:b6:32:f9:d8:38:6d:
         4d:0c:47:5c:59:50:79:15:08:71:64:6f:d5:7b:62:9c:6f:5d:
         f8:5c:9c:cc:9e:3b:67:bc:53:ce:6c:72:c1:e4:98:18:c2:99:
         b0:07:95:21:7f:44:59:67:79:9c:2b:79:35:65:98:cb:06:0f:
         1d:62:09:92:bb:24:c7:f1:20:99:f6:eb:a8:a8:b3:b4:d4:99:
         43:1f:bf:62:29:c5:58:7c:d1:eb:ff:7b:c3:98:6a:c7:5a:aa:
         a3:2d:fa:76:15:0d:d3:5f:59:66:64:e8:8d:01:f2:51:d7:56:
         16:85:3d:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw8J2p160nJQ9+apso/0FYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZjRjYzQxMmNjMzBmYjJmOWY3YzM3YzNlMzkwYmVjNWU2
MjU2YjAwHhcNMjMwMTAyMDUyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmI4Mzc1ODdjYTAzNmI1ZWI2NjE5NWRjMzg0YmVkMTdiMWY0NDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DIDaUikgukQ28RzjKr/SDr5cMta
B4OkQBDPHTnggzxzyIpLbW9k1kcXS9DTrP65NLkzNFttroAJ3gtlSoxlma9h5fZb
aGvlBkSjUdceoio1ARD/nenh1ro9/gs1Eyxzzn7gFGygBryyk8bc8gZFpSYHUtEX
SQYhabkDjQX/v9MEkCjFVWQ5L4EDX54ROVPlhwXlLn34iUR99kiNSC/JIdzQIxRw
y+HM5DLc+3GNQb6jAiwgsRNy56o8NGsA8LMTInnP92S5yWZemxUkI4SHzn8fwcCR
Kg6+me7eGZ8TXbbJ8sPh3MT8V+NpV1h3iTFX7Uiuf5grFW+oxhKbw/X7GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI+4N1h8oDa162YZXcOEvtF7H0QUMB8GA1UdIwQY
MBaAFAD0zEEsww+y+ffDfD45C+xeYlawMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVBUTVFTekREN0w1OThOOFBqa0w3RjVpVnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy85Mzc1YTItM2U2Zi00NTc3LTg1ZDEt
NWYxNDVjZmQyMDcwLzEvajdnM1dIeWdOclhyWmhsZHc0Uy0wWHNmUkJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy85Mzc1YTItM2U2Zi00NTc3LTg1ZDEtNWYxNDVjZmQyMDcw
LzEvQVBUTVFTekREN0w1OThOOFBqa0w3RjVpVnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnqJ8MA0G
CSqGSIb3DQEBCwUAA4IBAQALkiCtwK/HHjP0WhBuWuaQnjt4zr6oSxRed35xt03h
7DsjHlaAOQzyqRMjEXH5a7KUNqQRO8LXBSedGTGO7LnKQNipjl2WNZu8PTVBffo9
CxKpIaMDwbqW4ypq3cSDEkjRyaw/oMnqhr5G2DkNq8hXAPXGOn66SlRu1Un1/nwG
NH0uzA82E5bHt8u2MvnYOG1NDEdcWVB5FQhxZG/Ve2Kcb134XJzMnjtnvFPObHLB
5JgYwpmwB5Uhf0RZZ3mcK3k1ZZjLBg8dYgmSuyTH8SCZ9uuoqLO01JlDH79iKcVY
fNHr/3vDmGrHWqqjLfp2FQ3TX1lmZOiNAfJR11YWhT1f
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:05 2024 by rpki-client on console-ams.rpki-client.org