Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/9Gr7WMVcK4R88ZisRiHyG8EOZ9Q.roa
File:                     9Gr7WMVcK4R88ZisRiHyG8EOZ9Q.roa (raw, json)
Hash identifier:          YHgHooIJImGYMXGdY+5dr7CG2CT+bkErJ/kmPAsZ+ds=
Subject key identifier:   F4:6A:FB:58:C5:5C:2B:84:7C:F1:98:AC:46:21:F2:1B:C1:0E:67:D4
Certificate issuer:       /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial:       01856C6EF541E3A87EE7C28E450A2B86D070
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/9Gr7WMVcK4R88ZisRiHyG8EOZ9Q.roa
Signing time:             Sun 01 Jan 2023 08:24:49 +0000
ROA not before:           Sun 01 Jan 2023 08:24:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35711
IP address blocks:        45.14.236.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:6e:f5:41:e3:a8:7e:e7:c2:8e:45:0a:2b:86:d0:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
        Validity
            Not Before: Jan  1 08:24:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f46afb58c55c2b847cf198ac4621f21bc10e67d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:43:bb:a4:7e:d7:c3:1e:05:cf:b9:76:c2:4f:
                    e8:f9:86:9c:79:24:9f:45:39:bd:74:e3:c1:1c:e2:
                    83:9d:c3:f5:e4:b6:c5:59:30:b0:b5:8d:24:37:cd:
                    25:73:95:d3:40:a2:a4:89:eb:1a:aa:c4:0b:f8:ef:
                    0e:8b:8c:15:ea:40:d2:02:fe:08:b7:8d:9f:ac:0f:
                    f9:46:6a:b1:5e:5d:6d:a6:ab:7e:9b:d7:78:e8:52:
                    31:b9:70:54:bc:b0:2f:2c:4b:5c:36:3e:1d:ca:4f:
                    ae:9d:38:ec:b2:f7:60:38:46:11:ce:94:63:d4:ba:
                    b9:03:72:65:46:95:f8:71:47:94:10:8f:87:1e:e7:
                    75:d0:bd:af:ba:8a:22:a5:b5:26:fa:5a:fe:17:b1:
                    c4:93:b4:f1:66:44:b0:59:a7:e5:3b:a7:6d:2f:d2:
                    da:18:00:3e:2f:78:ed:62:36:9f:5a:e2:27:61:27:
                    dd:5a:71:9a:1d:aa:23:76:44:85:55:43:63:50:a1:
                    a2:be:60:71:b1:3a:a7:f1:0f:08:64:04:f3:63:a3:
                    ac:93:44:88:9c:56:82:b3:94:39:32:1c:77:0b:62:
                    d0:6b:45:da:36:3e:7e:9e:4e:f4:b0:a3:9b:bd:dd:
                    fe:8f:0f:82:f3:ac:25:93:17:0c:a7:8b:be:0e:9f:
                    e5:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:6A:FB:58:C5:5C:2B:84:7C:F1:98:AC:46:21:F2:1B:C1:0E:67:D4
            X509v3 Authority Key Identifier:
                keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/9Gr7WMVcK4R88ZisRiHyG8EOZ9Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.14.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:4d:ff:a7:aa:49:21:fb:2b:28:f4:68:11:16:2e:4f:38:68:
         9c:7f:40:b6:57:10:64:8b:3b:72:34:18:66:12:e5:60:cf:1a:
         b2:fb:02:38:1c:99:a2:6d:f9:90:e8:dc:ea:25:8e:ae:57:e7:
         ff:26:5e:61:f2:f2:0c:8b:bc:97:7d:bc:1d:98:2b:5d:31:8d:
         5f:56:1f:95:97:46:97:78:dd:93:3c:ab:c9:c1:b4:37:7e:80:
         86:b1:c2:75:06:0a:f5:e0:0a:89:10:e5:48:9e:7a:e2:03:75:
         a9:1d:f2:cc:4e:cf:fd:22:52:57:9d:da:5c:89:9c:4d:5a:44:
         c4:70:91:ca:73:89:ab:40:29:e3:98:d3:94:b8:3c:42:ee:3a:
         2e:89:f2:72:d6:3d:7e:a9:67:14:45:e0:31:5a:43:28:ff:cf:
         f8:9d:1c:77:c2:f0:7b:05:9a:55:5a:5a:8a:39:6c:07:21:a2:
         2e:29:da:84:45:97:27:8c:77:e5:47:a9:bf:5e:73:17:b2:4c:
         44:93:2f:80:af:52:2f:c5:83:ca:ca:b3:df:bc:30:8d:69:ac:
         62:ed:78:93:f0:60:9b:54:5d:70:52:55:92:08:db:8c:cf:40:
         ec:fd:c4:50:5f:b3:fe:84:d1:34:4d:42:75:a4:b8:2b:36:7d:
         ba:90:e9:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbvVB46h+58KORQorhtBwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjMwMTAxMDgyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDZhZmI1OGM1NWMyYjg0N2NmMTk4YWM0NjIxZjIxYmMxMGU2N2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEO7pH7Xwx4Fz7l2wk/o+YaceSSf
RTm9dOPBHOKDncP15LbFWTCwtY0kN80lc5XTQKKkiesaqsQL+O8Oi4wV6kDSAv4I
t42frA/5RmqxXl1tpqt+m9d46FIxuXBUvLAvLEtcNj4dyk+unTjssvdgOEYRzpRj
1Lq5A3JlRpX4cUeUEI+HHud10L2vuooipbUm+lr+F7HEk7TxZkSwWaflO6dtL9La
GAA+L3jtYjafWuInYSfdWnGaHaojdkSFVUNjUKGivmBxsTqn8Q8IZATzY6Osk0SI
nFaCs5Q5Mhx3C2LQa0XaNj5+nk70sKObvd3+jw+C86wlkxcMp4u+Dp/lZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPRq+1jFXCuEfPGYrEYh8hvBDmfUMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvOUdyN1dNVmNLNFI4OFppc1JpSHlHOEVPWjlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQ7sMA0G
CSqGSIb3DQEBCwUAA4IBAQBITf+nqkkh+yso9GgRFi5POGicf0C2VxBkiztyNBhm
EuVgzxqy+wI4HJmibfmQ6NzqJY6uV+f/Jl5h8vIMi7yXfbwdmCtdMY1fVh+Vl0aX
eN2TPKvJwbQ3foCGscJ1Bgr14AqJEOVInnriA3WpHfLMTs/9IlJXndpciZxNWkTE
cJHKc4mrQCnjmNOUuDxC7jouifJy1j1+qWcUReAxWkMo/8/4nRx3wvB7BZpVWlqK
OWwHIaIuKdqERZcnjHflR6m/XnMXskxEky+Ar1IvxYPKyrPfvDCNaaxi7XiT8GCb
VF1wUlWSCNuMz0Ds/cRQX7P+hNE0TUJ1pLgrNn26kOk3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:14 2024 by rpki-client on console-fra.rpki-client.org