Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/26b47b-f2ce-4f2b-9d33-45579e418ff7/1/EPnOiEaq9JmennDY_kpcn6boA_s.roa
File:                     EPnOiEaq9JmennDY_kpcn6boA_s.roa (raw, json)
Hash identifier:          bSVU+RxfR6HYot18/eOAn6Vix48zabKRfBVxIEHwDbY=
Subject key identifier:   10:F9:CE:88:46:AA:F4:99:9E:9E:70:D8:FE:4A:5C:9F:A6:E8:03:FB
Certificate issuer:       /CN=d25622457a1be33a01258866a067e0447dfd8964
Certificate serial:       018C6C99C74E4BA22C0E92A91B5D6E9F729F
Authority key identifier: D2:56:22:45:7A:1B:E3:3A:01:25:88:66:A0:67:E0:44:7D:FD:89:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0lYiRXob4zoBJYhmoGfgRH39iWQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/26b47b-f2ce-4f2b-9d33-45579e418ff7/1/EPnOiEaq9JmennDY_kpcn6boA_s.roa
Signing time:             Fri 15 Dec 2023 08:31:06 +0000
ROA not before:           Fri 15 Dec 2023 08:31:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44477
IP address blocks:        185.234.9.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:6c:99:c7:4e:4b:a2:2c:0e:92:a9:1b:5d:6e:9f:72:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d25622457a1be33a01258866a067e0447dfd8964
        Validity
            Not Before: Dec 15 08:31:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=10f9ce8846aaf4999e9e70d8fe4a5c9fa6e803fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:b4:54:f1:58:a0:91:4b:76:3a:69:01:af:ab:
                    cf:55:59:60:d9:56:24:c2:ea:41:1f:22:d7:c1:d2:
                    b8:39:c1:2d:a2:88:bc:63:74:d6:b4:7b:3e:25:ff:
                    59:d3:48:2c:a7:46:f0:e5:1d:d5:15:30:21:9b:84:
                    70:df:9e:df:05:2e:c2:8d:aa:b2:c4:e9:ed:66:6f:
                    ad:c1:6c:61:e3:b4:b4:85:09:95:fd:52:a5:08:14:
                    ec:f6:66:77:61:57:e5:4d:74:c5:37:bb:0f:63:4b:
                    ec:24:12:40:0a:e2:cb:bc:e5:21:44:0a:e5:55:76:
                    41:5c:ea:10:ad:ad:8e:b5:15:f8:1a:3b:f3:e1:39:
                    14:20:7e:bf:4b:57:77:b9:ec:cc:da:8b:58:f3:da:
                    db:90:48:d8:7d:c2:86:1e:d1:93:6a:ee:58:ee:1a:
                    a6:ab:15:84:d6:6d:68:58:71:b8:3d:ea:89:72:a8:
                    24:a4:9f:a7:97:9d:e5:2a:44:77:67:c4:cb:80:b8:
                    b3:75:b3:64:20:13:a2:67:92:d2:32:bd:13:0a:30:
                    14:dd:f0:06:2c:54:ee:2e:eb:77:68:36:db:05:cc:
                    f3:c5:4a:51:e4:c1:8e:ca:76:1a:1e:aa:0c:b0:3f:
                    98:77:9a:22:4d:20:7b:42:50:35:dd:6d:61:04:d6:
                    bc:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:F9:CE:88:46:AA:F4:99:9E:9E:70:D8:FE:4A:5C:9F:A6:E8:03:FB
            X509v3 Authority Key Identifier:
                keyid:D2:56:22:45:7A:1B:E3:3A:01:25:88:66:A0:67:E0:44:7D:FD:89:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0lYiRXob4zoBJYhmoGfgRH39iWQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/26b47b-f2ce-4f2b-9d33-45579e418ff7/1/EPnOiEaq9JmennDY_kpcn6boA_s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/26b47b-f2ce-4f2b-9d33-45579e418ff7/1/0lYiRXob4zoBJYhmoGfgRH39iWQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.234.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:f4:f7:2e:00:9c:e5:7e:5a:f5:ca:ae:10:0a:ae:ee:5b:eb:
         34:93:a0:0a:01:c0:15:f6:39:9f:10:ff:c4:12:d0:cb:29:f6:
         c8:6b:28:0f:96:65:6a:50:b8:90:11:93:52:a0:b6:28:94:10:
         6a:bc:b3:6c:d8:f1:97:20:3d:fe:02:2e:c1:e5:c6:72:2e:c8:
         5e:b3:bc:c5:71:13:6c:6c:3a:bd:1b:ed:51:50:38:37:30:d7:
         88:3f:26:fe:51:5b:19:a2:1e:f8:94:55:c3:ed:f5:93:6b:47:
         26:5f:b9:0d:0d:7e:0f:e5:20:6d:33:ef:d7:41:9c:fa:46:84:
         c6:91:ff:b0:08:19:f6:36:c0:e9:99:e3:12:70:c7:ae:c5:dd:
         96:6d:6d:1a:83:06:51:23:44:f0:57:e2:ea:d1:e6:bb:dd:4b:
         22:df:ac:0d:d8:23:f8:1a:21:88:67:56:db:de:6f:47:9f:29:
         ea:96:4e:d8:72:aa:f7:ab:7e:1b:9d:d2:04:c6:33:f9:dd:1e:
         63:bb:66:38:f8:21:8a:88:b3:30:d9:e4:6f:41:20:be:5c:96:
         01:9b:88:d1:14:db:cc:9d:93:61:de:40:23:0e:97:7f:ef:05:
         9c:cd:d2:bd:4c:b3:e2:f3:f0:4d:97:26:2e:e9:66:e9:8d:36:
         29:83:92:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxsmcdOS6IsDpKpG11un3KfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNTYyMjQ1N2ExYmUzM2EwMTI1ODg2NmEwNjdlMDQ0N2Rm
ZDg5NjQwHhcNMjMxMjE1MDgzMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGY5Y2U4ODQ2YWFmNDk5OWU5ZTcwZDhmZTRhNWM5ZmE2ZTgwM2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorRU8VigkUt2OmkBr6vPVVlg2VYk
wupBHyLXwdK4OcEtooi8Y3TWtHs+Jf9Z00gsp0bw5R3VFTAhm4Rw357fBS7Cjaqy
xOntZm+twWxh47S0hQmV/VKlCBTs9mZ3YVflTXTFN7sPY0vsJBJACuLLvOUhRArl
VXZBXOoQra2OtRX4Gjvz4TkUIH6/S1d3uezM2otY89rbkEjYfcKGHtGTau5Y7hqm
qxWE1m1oWHG4PeqJcqgkpJ+nl53lKkR3Z8TLgLizdbNkIBOiZ5LSMr0TCjAU3fAG
LFTuLut3aDbbBczzxUpR5MGOynYaHqoMsD+Yd5oiTSB7QlA13W1hBNa8zQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBD5zohGqvSZnp5w2P5KXJ+m6AP7MB8GA1UdIwQY
MBaAFNJWIkV6G+M6ASWIZqBn4ER9/YlkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGxZaVJYb2I0em9CSllobW9HZmdSSDM5aVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8yNmI0N2ItZjJjZS00ZjJiLTlkMzMt
NDU1NzllNDE4ZmY3LzEvRVBuT2lFYXE5Sm1lbm5EWV9rcGNuNmJvQV9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8yNmI0N2ItZjJjZS00ZjJiLTlkMzMtNDU1NzllNDE4ZmY3
LzEvMGxZaVJYb2I0em9CSllobW9HZmdSSDM5aVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueoJMA0G
CSqGSIb3DQEBCwUAA4IBAQBm9PcuAJzlflr1yq4QCq7uW+s0k6AKAcAV9jmfEP/E
EtDLKfbIaygPlmVqULiQEZNSoLYolBBqvLNs2PGXID3+Ai7B5cZyLshes7zFcRNs
bDq9G+1RUDg3MNeIPyb+UVsZoh74lFXD7fWTa0cmX7kNDX4P5SBtM+/XQZz6RoTG
kf+wCBn2NsDpmeMScMeuxd2WbW0agwZRI0TwV+Lq0ea73Usi36wN2CP4GiGIZ1bb
3m9Hnynqlk7Ycqr3q34bndIExjP53R5ju2Y4+CGKiLMw2eRvQSC+XJYBm4jRFNvM
nZNh3kAjDpd/7wWczdK9TLPi8/BNlyYu6WbpjTYpg5J3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:12 2024 by rpki-client on console-ams.rpki-client.org