Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/U6eRmMmR-CV5dwPu3FNLI8E_HzY.roa
File:                     U6eRmMmR-CV5dwPu3FNLI8E_HzY.roa (raw, json)
Hash identifier:          /2ck1v1uVlESwblRR7IOQNuak1OV8k+HxxoCP1w3xIo=
Subject key identifier:   53:A7:91:98:C9:91:F8:25:79:77:03:EE:DC:53:4B:23:C1:3F:1F:36
Certificate issuer:       /CN=aff6f85aad101c456c1ac9a01a7192fc5788e92c
Certificate serial:       01856C25B93C0F35E10F90514E0E21B02F74
Authority key identifier: AF:F6:F8:5A:AD:10:1C:45:6C:1A:C9:A0:1A:71:92:FC:57:88:E9:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/U6eRmMmR-CV5dwPu3FNLI8E_HzY.roa
Signing time:             Sun 01 Jan 2023 07:04:49 +0000
ROA not before:           Sun 01 Jan 2023 07:04:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9009
IP address blocks:        45.13.30.0/23 maxlen: 23
                          77.83.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 May 2023 16:43:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:25:b9:3c:0f:35:e1:0f:90:51:4e:0e:21:b0:2f:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aff6f85aad101c456c1ac9a01a7192fc5788e92c
        Validity
            Not Before: Jan  1 07:04:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=53a79198c991f825797703eedc534b23c13f1f36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:39:50:17:b8:77:a8:16:ab:19:4c:2f:3f:5e:
                    ec:34:08:50:f6:5e:80:49:26:10:bf:9a:18:4c:82:
                    f2:11:a9:20:cc:ce:a2:6f:de:8a:26:e2:ea:93:af:
                    6c:0d:ab:f8:92:90:e9:06:8d:a0:41:76:6e:36:7a:
                    3b:a8:f3:a5:a7:e5:19:59:b7:81:e1:b0:b3:3a:57:
                    3b:e3:b1:3f:50:cb:13:7b:ec:4f:c0:e9:aa:ca:b3:
                    3e:c0:61:0e:39:cd:cd:29:a6:ff:71:22:82:db:d3:
                    2b:66:d0:0f:62:c2:43:49:2e:6c:94:7c:47:ad:51:
                    0d:b9:f3:92:4e:e3:85:71:0f:bf:4c:78:cd:0f:1b:
                    ba:9f:60:ca:29:0f:f7:f6:9c:8c:c3:51:da:17:63:
                    c0:b8:89:36:0a:d6:b3:50:e4:0a:5c:6e:23:89:1a:
                    9a:e3:d1:61:d0:f4:b4:88:7d:2e:22:30:aa:5e:db:
                    36:5c:8c:97:41:89:93:9d:2d:ac:8d:d1:aa:88:cb:
                    be:0e:b7:0f:7d:26:05:86:46:8b:24:65:38:90:48:
                    16:a6:22:7d:a2:dc:d6:06:51:92:d5:10:c8:b3:a5:
                    bb:00:5c:9b:31:3a:ae:61:64:84:00:3d:a3:f2:fb:
                    6b:20:2c:77:f1:dd:b0:4c:11:2b:f9:ab:16:b3:ba:
                    4e:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:A7:91:98:C9:91:F8:25:79:77:03:EE:DC:53:4B:23:C1:3F:1F:36
            X509v3 Authority Key Identifier:
                keyid:AF:F6:F8:5A:AD:10:1C:45:6C:1A:C9:A0:1A:71:92:FC:57:88:E9:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/U6eRmMmR-CV5dwPu3FNLI8E_HzY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.13.30.0/23
                  77.83.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:4d:2f:da:ee:0c:29:c8:6c:30:c5:55:4e:3d:85:cb:38:22:
         ee:47:db:9a:35:a6:0f:4a:62:e8:99:aa:64:89:86:43:8f:2a:
         ee:50:1c:97:2c:ac:fc:79:d9:ea:8b:b2:a4:03:33:40:10:25:
         08:50:34:2b:03:1c:a0:c3:f0:33:a0:36:9b:09:8d:04:3e:10:
         0f:b1:5b:3e:6c:ce:55:06:01:4e:81:4c:f8:02:c9:ea:1b:09:
         67:43:cd:97:55:6b:f9:df:af:5b:6d:d4:ee:23:80:2c:2c:b0:
         96:14:3a:4f:73:fd:bd:2a:a7:59:c2:be:55:8c:3c:71:b0:42:
         75:aa:0d:76:28:e6:c7:23:71:dd:06:a9:d4:ee:ff:72:8f:60:
         0d:94:a1:4a:a5:af:6d:89:d8:c7:f9:7f:ce:77:64:ba:d0:8b:
         ae:ee:a7:a2:cc:9e:b7:09:32:17:b8:2f:ed:d0:a5:ee:2a:ab:
         6f:e6:e8:5a:3e:8c:fb:e1:4d:71:8e:89:0f:08:f7:9b:72:1c:
         e5:ff:84:78:a0:9f:d8:2f:e2:fb:7c:c0:5c:d1:90:97:49:b3:
         ef:9b:82:24:13:ca:cf:60:36:c8:a4:7b:41:81:1a:4b:82:4f:
         b9:7c:54:f2:8b:ba:fb:1d:28:47:31:fd:b9:f3:b6:92:fc:4f:
         70:54:90:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsJbk8DzXhD5BRTg4hsC90MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZjZmODVhYWQxMDFjNDU2YzFhYzlhMDFhNzE5MmZjNTc4
OGU5MmMwHhcNMjMwMTAxMDcwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2E3OTE5OGM5OTFmODI1Nzk3NzAzZWVkYzUzNGIyM2MxM2YxZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzlQF7h3qBarGUwvP17sNAhQ9l6A
SSYQv5oYTILyEakgzM6ib96KJuLqk69sDav4kpDpBo2gQXZuNno7qPOlp+UZWbeB
4bCzOlc747E/UMsTe+xPwOmqyrM+wGEOOc3NKab/cSKC29MrZtAPYsJDSS5slHxH
rVENufOSTuOFcQ+/THjNDxu6n2DKKQ/39pyMw1HaF2PAuIk2CtazUOQKXG4jiRqa
49Fh0PS0iH0uIjCqXts2XIyXQYmTnS2sjdGqiMu+DrcPfSYFhkaLJGU4kEgWpiJ9
otzWBlGS1RDIs6W7AFybMTquYWSEAD2j8vtrICx38d2wTBEr+asWs7pO6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFOnkZjJkfgleXcD7txTSyPBPx82MB8GA1UdIwQY
MBaAFK/2+FqtEBxFbBrJoBpxkvxXiOksMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9iNFdxMFFIRVZzR3NtZ0duR1NfRmVJNlN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9kZjcxOWEtNDkyZi00N2NiLTkyMTIt
NjQ0YmQwZmM3ZjgwLzEvVTZlUm1NbVItQ1Y1ZHdQdTNGTkxJOEVfSHpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9kZjcxOWEtNDkyZi00N2NiLTkyMTItNjQ0YmQwZmM3Zjgw
LzEvcl9iNFdxMFFIRVZzR3NtZ0duR1NfRmVJNlN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLQ0eAwQA
TVPfMA0GCSqGSIb3DQEBCwUAA4IBAQAPTS/a7gwpyGwwxVVOPYXLOCLuR9uaNaYP
SmLomapkiYZDjyruUByXLKz8ednqi7KkAzNAECUIUDQrAxygw/AzoDabCY0EPhAP
sVs+bM5VBgFOgUz4AsnqGwlnQ82XVWv5369bbdTuI4AsLLCWFDpPc/29KqdZwr5V
jDxxsEJ1qg12KObHI3HdBqnU7v9yj2ANlKFKpa9tidjH+X/Od2S60Iuu7qeizJ63
CTIXuC/t0KXuKqtv5uhaPoz74U1xjokPCPebchzl/4R4oJ/YL+L7fMBc0ZCXSbPv
m4IkE8rPYDbIpHtBgRpLgk+5fFTyi7r7HShHMf2587aS/E9wVJCh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:14 2024 by rpki-client on console-fra.rpki-client.org