Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c6d984-6bfc-4602-9d58-ab2d5e7d4a7b/1/D1Sa1fikThxrzg36zKPXEDhkKjQ.roa
File:                     D1Sa1fikThxrzg36zKPXEDhkKjQ.roa (raw, json)
Hash identifier:          pFU+InszdzE8zfBiY1eypbZPob923ILRa8Rh4HBURbA=
Subject key identifier:   0F:54:9A:D5:F8:A4:4E:1C:6B:CE:0D:FA:CC:A3:D7:10:38:64:2A:34
Certificate issuer:       /CN=9a393ef16027fc03bc5c045ff9289d4bbb7ff364
Certificate serial:       01856F14B8FF25763AD5898E8E7BC56BE65A
Authority key identifier: 9A:39:3E:F1:60:27:FC:03:BC:5C:04:5F:F9:28:9D:4B:BB:7F:F3:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mjk-8WAn_AO8XARf-SidS7t_82Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/c6d984-6bfc-4602-9d58-ab2d5e7d4a7b/1/D1Sa1fikThxrzg36zKPXEDhkKjQ.roa
Signing time:             Sun 01 Jan 2023 20:45:07 +0000
ROA not before:           Sun 01 Jan 2023 20:45:07 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212424
IP address blocks:        138.195.128.0/19 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:14:b8:ff:25:76:3a:d5:89:8e:8e:7b:c5:6b:e6:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a393ef16027fc03bc5c045ff9289d4bbb7ff364
        Validity
            Not Before: Jan  1 20:45:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0f549ad5f8a44e1c6bce0dfacca3d71038642a34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:c9:3a:04:6b:45:fa:ca:f9:b9:12:ec:5d:56:
                    c8:d9:e1:b9:dc:86:87:13:d1:e3:12:79:df:3e:04:
                    58:84:c4:d6:82:28:dc:3c:60:91:16:c7:c7:6f:1b:
                    23:50:f5:9e:80:1c:b0:b2:c3:9a:1f:70:b1:77:ab:
                    de:c5:77:31:cf:7a:a4:35:28:f9:38:10:3d:85:af:
                    cb:8a:0e:1d:14:4e:00:38:91:73:72:87:67:3d:a6:
                    0e:be:dd:ee:30:31:ff:55:31:63:ff:ab:1d:8c:77:
                    4a:a8:e3:36:e0:c8:8d:ec:0f:c4:47:10:4f:f1:15:
                    a3:5e:e3:41:90:94:45:cb:2c:21:07:1a:c5:dd:d5:
                    a2:23:52:7b:41:4c:47:38:4b:12:5e:98:22:86:77:
                    ff:26:e9:f2:25:1e:fd:cd:a1:2e:93:8f:a7:3d:87:
                    db:32:93:20:f6:b1:63:20:12:c0:e5:c8:e4:22:d0:
                    99:fd:a5:c2:45:0a:fd:3a:00:ef:b7:d5:02:18:3e:
                    1b:ae:9d:ec:87:71:78:d0:19:c5:e1:c6:ed:14:b0:
                    c7:36:d1:1e:52:68:24:ab:4f:91:e6:de:41:61:df:
                    22:81:c3:69:8e:ab:e9:38:a9:6c:ab:aa:23:28:dc:
                    60:9d:59:6c:e3:73:ae:f6:78:be:9e:98:ee:ba:39:
                    68:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:54:9A:D5:F8:A4:4E:1C:6B:CE:0D:FA:CC:A3:D7:10:38:64:2A:34
            X509v3 Authority Key Identifier:
                keyid:9A:39:3E:F1:60:27:FC:03:BC:5C:04:5F:F9:28:9D:4B:BB:7F:F3:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mjk-8WAn_AO8XARf-SidS7t_82Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c6d984-6bfc-4602-9d58-ab2d5e7d4a7b/1/D1Sa1fikThxrzg36zKPXEDhkKjQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c6d984-6bfc-4602-9d58-ab2d5e7d4a7b/1/mjk-8WAn_AO8XARf-SidS7t_82Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.195.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         a0:1b:15:21:cc:90:40:0c:0b:c3:3b:a7:ea:0a:cb:63:de:23:
         c0:a4:38:91:0b:90:3c:d7:21:a6:4e:8b:3b:82:40:73:86:6b:
         b6:e0:76:4f:ae:d3:ff:85:4b:11:c4:73:f8:44:8a:f4:38:00:
         bd:f7:dc:50:2d:6d:84:10:e7:8c:f9:8a:0c:3b:86:02:46:19:
         cc:1f:fe:02:d8:4e:73:85:ce:cb:99:b7:68:3c:8e:84:f3:f8:
         17:06:04:b0:92:57:3e:41:2e:a3:26:29:32:87:7f:c4:96:2f:
         81:c9:20:56:c5:e6:9f:0f:14:10:0c:e0:77:1f:68:08:d4:5a:
         32:24:85:5d:bc:75:24:38:94:2a:e2:d3:01:65:01:46:f8:9d:
         aa:c9:fa:da:40:89:35:bc:5a:47:fa:57:5c:4f:7c:ae:da:55:
         13:40:ea:8c:14:7d:a7:f1:09:36:56:ba:32:62:97:2d:c0:cd:
         f4:30:9f:d8:65:98:f1:73:61:b7:5c:d6:f6:76:3c:52:65:01:
         c5:26:34:1d:8c:76:fb:aa:2d:4b:f5:58:05:18:93:58:7a:21:
         1b:a9:b2:ee:ba:80:88:42:cf:6d:e1:17:9a:84:cb:9e:34:90:
         61:f2:fb:27:bc:a6:92:85:ae:bb:90:8b:ea:23:0b:d6:60:c4:
         84:e1:18:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFLj/JXY61YmOjnvFa+ZaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMzkzZWYxNjAyN2ZjMDNiYzVjMDQ1ZmY5Mjg5ZDRiYmI3
ZmYzNjQwHhcNMjMwMTAxMjA0NTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjU0OWFkNWY4YTQ0ZTFjNmJjZTBkZmFjY2EzZDcxMDM4NjQyYTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgck6BGtF+sr5uRLsXVbI2eG53IaH
E9HjEnnfPgRYhMTWgijcPGCRFsfHbxsjUPWegBywssOaH3Cxd6vexXcxz3qkNSj5
OBA9ha/Lig4dFE4AOJFzcodnPaYOvt3uMDH/VTFj/6sdjHdKqOM24MiN7A/ERxBP
8RWjXuNBkJRFyywhBxrF3dWiI1J7QUxHOEsSXpgihnf/JunyJR79zaEuk4+nPYfb
MpMg9rFjIBLA5cjkItCZ/aXCRQr9OgDvt9UCGD4brp3sh3F40BnF4cbtFLDHNtEe
Umgkq0+R5t5BYd8igcNpjqvpOKlsq6ojKNxgnVls43Ou9ni+npjuujlo1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA9UmtX4pE4ca84N+syj1xA4ZCo0MB8GA1UdIwQY
MBaAFJo5PvFgJ/wDvFwEX/konUu7f/NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWprLThXQW5fQU84WEFSZi1TaWRTN3RfODJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jNmQ5ODQtNmJmYy00NjAyLTlkNTgt
YWIyZDVlN2Q0YTdiLzEvRDFTYTFmaWtUaHhyemczNnpLUFhFRGhrS2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jNmQ5ODQtNmJmYy00NjAyLTlkNTgtYWIyZDVlN2Q0YTdi
LzEvbWprLThXQW5fQU84WEFSZi1TaWRTN3RfODJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFisOAMA0G
CSqGSIb3DQEBCwUAA4IBAQCgGxUhzJBADAvDO6fqCstj3iPApDiRC5A81yGmTos7
gkBzhmu24HZPrtP/hUsRxHP4RIr0OAC999xQLW2EEOeM+YoMO4YCRhnMH/4C2E5z
hc7LmbdoPI6E8/gXBgSwklc+QS6jJikyh3/Eli+BySBWxeafDxQQDOB3H2gI1Foy
JIVdvHUkOJQq4tMBZQFG+J2qyfraQIk1vFpH+ldcT3yu2lUTQOqMFH2n8Qk2Vroy
YpctwM30MJ/YZZjxc2G3XNb2djxSZQHFJjQdjHb7qi1L9VgFGJNYeiEbqbLuuoCI
Qs9t4ReahMueNJBh8vsnvKaSha67kIvqIwvWYMSE4RjQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:21 2024 by rpki-client on console-fra.rpki-client.org