Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/e9b76a-10b3-47c0-a517-b5e91fc65051/1/1-ae7d1NdCZY9A2NT4KTcd61j2Gs.roa
File:                     1-ae7d1NdCZY9A2NT4KTcd61j2Gs.roa (raw, json)
Hash identifier:          9KAIU7eZn9ejOAfTfXyr/iY6XztPAO0ttezcQ8EoSQQ=
Subject key identifier:   F9:A7:BB:77:53:5D:09:96:3D:03:63:53:E0:A4:DC:77:AD:63:D8:6B
Certificate issuer:       /CN=a5abc43afced72fb92778728bee571c678f53853
Certificate serial:       01856C1C9B97E5C6FDA3A9E646B35CD8E46E
Authority key identifier: A5:AB:C4:3A:FC:ED:72:FB:92:77:87:28:BE:E5:71:C6:78:F5:38:53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pavEOvztcvuSd4covuVxxnj1OFM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/e9b76a-10b3-47c0-a517-b5e91fc65051/1/1-ae7d1NdCZY9A2NT4KTcd61j2Gs.roa
Signing time:             Sun 01 Jan 2023 06:54:52 +0000
ROA not before:           Sun 01 Jan 2023 06:54:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34000
IP address blocks:        83.97.56.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:1c:9b:97:e5:c6:fd:a3:a9:e6:46:b3:5c:d8:e4:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5abc43afced72fb92778728bee571c678f53853
        Validity
            Not Before: Jan  1 06:54:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f9a7bb77535d09963d036353e0a4dc77ad63d86b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:9e:a7:3f:54:04:dc:9f:e5:3f:4d:18:48:0c:
                    75:00:c0:d0:42:52:8a:9d:3d:87:e6:6c:61:a3:9c:
                    4b:55:61:7f:af:5f:07:18:b5:12:84:45:fa:e0:77:
                    7d:1e:69:38:37:bf:ad:3e:a9:e2:bb:27:9e:1a:02:
                    2b:05:b8:bc:a8:fd:af:83:36:5b:1a:71:ab:19:27:
                    44:a4:c3:30:fc:08:23:05:24:2d:ee:96:ce:d2:50:
                    d8:d3:4a:13:ae:a7:c9:d8:9c:4b:96:ba:ac:94:37:
                    c4:9a:e4:07:d9:94:41:c1:fe:a6:e6:6b:69:18:fb:
                    2d:ab:d9:1b:93:73:18:7b:a1:8f:5d:45:54:c0:79:
                    b9:55:95:9a:03:2f:52:d6:e7:9c:4f:c4:c3:8f:a0:
                    03:34:dd:30:9d:3d:3e:4f:64:79:44:46:a8:5c:b4:
                    8f:45:40:0f:78:ee:59:7c:32:36:eb:68:b1:5f:25:
                    09:69:58:ca:33:fb:c7:a0:fa:1a:71:09:b4:66:78:
                    65:e4:b0:01:5c:9f:6b:2e:c7:ab:9f:f3:b7:8c:f8:
                    52:5a:33:72:d3:73:77:c0:08:92:e3:b7:73:d7:6d:
                    3e:86:c9:46:a5:26:13:60:5d:d1:91:0c:f4:73:ea:
                    80:92:c2:e2:53:6b:46:8a:d9:f2:fd:23:a7:6e:75:
                    de:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:A7:BB:77:53:5D:09:96:3D:03:63:53:E0:A4:DC:77:AD:63:D8:6B
            X509v3 Authority Key Identifier:
                keyid:A5:AB:C4:3A:FC:ED:72:FB:92:77:87:28:BE:E5:71:C6:78:F5:38:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pavEOvztcvuSd4covuVxxnj1OFM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/e9b76a-10b3-47c0-a517-b5e91fc65051/1/1-ae7d1NdCZY9A2NT4KTcd61j2Gs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/e9b76a-10b3-47c0-a517-b5e91fc65051/1/pavEOvztcvuSd4covuVxxnj1OFM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.97.56.0/21

    Signature Algorithm: sha256WithRSAEncryption
         38:ac:67:0b:64:99:e1:39:b4:56:a2:d6:e3:0b:85:46:98:e1:
         a2:25:62:3d:55:69:87:f6:85:bd:5e:f1:75:cf:df:81:11:9f:
         49:9f:60:35:10:37:4c:3b:07:7a:81:ac:dd:b2:8d:a8:8f:33:
         5e:8e:44:a1:34:2d:29:53:31:da:40:b2:c2:de:82:eb:86:4a:
         6a:d7:24:11:ee:84:88:42:97:90:94:6c:1d:00:85:2a:5d:fd:
         84:03:00:1f:d9:37:67:02:51:4e:04:da:81:76:d5:70:ea:d9:
         4d:7c:aa:96:b5:6d:da:99:3a:f4:3f:53:ad:c8:fe:6a:32:a7:
         e6:8b:74:73:47:53:b9:b0:41:85:80:20:1a:49:ce:41:3f:5a:
         1a:8a:de:4a:e6:12:a9:15:60:03:d4:d1:f8:9e:84:e9:a1:ee:
         11:d6:4a:50:2c:06:c8:14:cb:0a:49:e7:16:17:51:32:97:b3:
         8e:fa:b8:ea:de:da:77:b6:f1:37:ec:65:bd:c3:c6:46:a8:80:
         9a:ff:9e:24:ce:8b:f6:e1:a6:5a:00:b0:aa:18:57:03:37:c2:
         bf:71:5e:26:0a:bc:3d:ea:ca:30:62:3b:ea:41:41:b3:0e:73:
         90:64:2b:3f:fe:14:51:d9:5b:f5:4e:39:78:4b:be:77:c7:a2:
         79:8f:9a:df
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVsHJuX5cb9o6nmRrNc2ORuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWJjNDNhZmNlZDcyZmI5Mjc3ODcyOGJlZTU3MWM2Nzhm
NTM4NTMwHhcNMjMwMTAxMDY1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWE3YmI3NzUzNWQwOTk2M2QwMzYzNTNlMGE0ZGM3N2FkNjNkODZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzp6nP1QE3J/lP00YSAx1AMDQQlKK
nT2H5mxho5xLVWF/r18HGLUShEX64Hd9Hmk4N7+tPqniuyeeGgIrBbi8qP2vgzZb
GnGrGSdEpMMw/AgjBSQt7pbO0lDY00oTrqfJ2JxLlrqslDfEmuQH2ZRBwf6m5mtp
GPstq9kbk3MYe6GPXUVUwHm5VZWaAy9S1uecT8TDj6ADNN0wnT0+T2R5REaoXLSP
RUAPeO5ZfDI262ixXyUJaVjKM/vHoPoacQm0Znhl5LABXJ9rLsern/O3jPhSWjNy
03N3wAiS47dz120+hslGpSYTYF3RkQz0c+qAksLiU2tGitny/SOnbnXevwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPmnu3dTXQmWPQNjU+Ck3HetY9hrMB8GA1UdIwQY
MBaAFKWrxDr87XL7kneHKL7lccZ49ThTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGF2RU92enRjdnVTZDRjb3Z1Vnh4bmoxT0ZNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9lOWI3NmEtMTBiMy00N2MwLWE1MTct
YjVlOTFmYzY1MDUxLzEvMS1hZTdkMU5kQ1pZOUEyTlQ0S1RjZDYxajJHcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjMvZTliNzZhLTEwYjMtNDdjMC1hNTE3LWI1ZTkxZmM2NTA1
MS8xL3BhdkVPdnp0Y3Z1U2Q0Y292dVZ4eG5qMU9GTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1NhODAN
BgkqhkiG9w0BAQsFAAOCAQEAOKxnC2SZ4Tm0VqLW4wuFRpjhoiViPVVph/aFvV7x
dc/fgRGfSZ9gNRA3TDsHeoGs3bKNqI8zXo5EoTQtKVMx2kCywt6C64ZKatckEe6E
iEKXkJRsHQCFKl39hAMAH9k3ZwJRTgTagXbVcOrZTXyqlrVt2pk69D9Trcj+ajKn
5ot0c0dTubBBhYAgGknOQT9aGoreSuYSqRVgA9TR+J6E6aHuEdZKUCwGyBTLCknn
FhdRMpezjvq46t7ad7bxN+xlvcPGRqiAmv+eJM6L9uGmWgCwqhhXAzfCv3FeJgq8
PerKMGI76kFBsw5zkGQrP/4UUdlb9U45eEu+d8eieY+a3w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:35 2024 by rpki-client on console-ams.rpki-client.org