Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/PcDDdQFtUo4kwgSYe35alm06yE0.roa
File:                     PcDDdQFtUo4kwgSYe35alm06yE0.roa (raw, json)
Hash identifier:          5i6+pk8cliPugMGBtvToUaIcFlbzb/1CWq/lSoPYP+I=
Subject key identifier:   3D:C0:C3:75:01:6D:52:8E:24:C2:04:98:7B:7E:5A:96:6D:3A:C8:4D
Certificate issuer:       /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial:       01856BEEC39CC413AB5E6C312ED8D5D5AC19
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/PcDDdQFtUo4kwgSYe35alm06yE0.roa
Signing time:             Sun 01 Jan 2023 06:04:47 +0000
ROA not before:           Sun 01 Jan 2023 06:04:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209679
IP address blocks:        92.255.55.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:ee:c3:9c:c4:13:ab:5e:6c:31:2e:d8:d5:d5:ac:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
        Validity
            Not Before: Jan  1 06:04:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3dc0c375016d528e24c204987b7e5a966d3ac84d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:3c:d7:03:87:7c:d4:af:36:95:28:49:b2:b5:
                    da:4d:2c:44:b0:3f:d0:aa:18:3b:82:37:05:f6:18:
                    6c:49:3f:63:31:8c:69:7e:40:bf:7d:fc:91:b8:a8:
                    e8:39:b0:db:8c:8d:08:6b:23:73:34:18:fa:9a:45:
                    63:52:b9:80:4d:09:da:92:96:c7:68:01:d6:39:11:
                    e8:28:e8:09:dc:a9:48:8c:ae:4b:8f:1a:10:16:c8:
                    9f:a7:29:57:c4:4c:b7:4f:f3:5d:ef:db:58:31:b4:
                    52:d6:32:07:dc:ab:dd:ba:52:ec:4d:9b:56:1d:41:
                    a9:b4:56:3b:64:db:3d:0f:a6:2c:cc:fc:42:fb:2a:
                    7f:13:9e:e7:8c:9a:d9:06:0a:4e:63:71:e6:59:27:
                    bc:4e:3e:68:6d:21:6a:84:d9:90:72:74:fc:60:86:
                    84:29:53:94:5b:56:47:82:5b:9f:65:8f:d4:ac:79:
                    41:b4:6e:72:ee:ec:f4:76:5d:f2:e8:db:f3:87:5d:
                    7a:77:c2:e5:bc:ce:7d:9b:2d:2e:3d:b5:35:fc:15:
                    72:5b:18:55:14:d3:9e:1c:2c:31:76:6f:56:f8:be:
                    ac:42:62:dd:37:9b:a9:0c:29:1c:7f:34:dd:0f:be:
                    0c:99:3a:d1:e4:17:89:e8:6e:19:8c:6e:39:a6:a7:
                    84:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:C0:C3:75:01:6D:52:8E:24:C2:04:98:7B:7E:5A:96:6D:3A:C8:4D
            X509v3 Authority Key Identifier:
                keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/PcDDdQFtUo4kwgSYe35alm06yE0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.255.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:3e:d5:3c:45:7c:c0:fa:92:e1:07:c6:c4:8b:04:ec:ef:ff:
         4d:45:30:23:d0:8a:7c:3a:1d:2d:2f:2f:ef:73:87:4a:97:49:
         43:98:11:29:1b:c8:55:02:b4:21:4b:f0:3c:d7:ba:1a:16:1a:
         71:be:48:3b:a9:c3:a2:20:fb:5b:28:01:bc:96:a3:e6:fb:fb:
         74:e7:17:e3:24:b4:5c:5d:56:50:ac:b4:52:48:58:bc:d2:58:
         07:6a:cc:56:93:0b:35:a6:b0:f4:0b:b1:e1:ed:5d:dd:c0:9b:
         73:45:58:d0:cf:02:4c:3a:09:45:ba:25:04:bb:fc:bb:20:6e:
         76:f7:7e:f9:28:56:da:da:7e:65:84:ed:6e:09:cc:b8:57:33:
         82:18:2a:42:72:0f:0a:47:7b:35:a5:18:10:02:42:4c:d5:b9:
         e6:51:3f:e6:3d:18:1b:45:81:28:cd:fa:69:b4:51:79:33:01:
         1a:49:7b:27:55:1a:32:07:15:3f:fe:7d:ce:33:06:17:78:ae:
         2e:12:b4:97:bd:da:9a:a2:d4:be:aa:55:0c:29:ae:f5:ac:9a:
         7c:b1:38:1c:b8:fd:40:7f:35:5d:c6:bc:64:13:60:80:a5:53:
         64:59:f7:25:bc:12:7d:ce:f1:7d:d1:ba:19:84:2f:94:be:59:
         dd:72:e2:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr7sOcxBOrXmwxLtjV1awZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjMwMTAxMDYwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGMwYzM3NTAxNmQ1MjhlMjRjMjA0OTg3YjdlNWE5NjZkM2FjODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozzXA4d81K82lShJsrXaTSxEsD/Q
qhg7gjcF9hhsST9jMYxpfkC/ffyRuKjoObDbjI0IayNzNBj6mkVjUrmATQnakpbH
aAHWORHoKOgJ3KlIjK5LjxoQFsifpylXxEy3T/Nd79tYMbRS1jIH3KvdulLsTZtW
HUGptFY7ZNs9D6YszPxC+yp/E57njJrZBgpOY3HmWSe8Tj5obSFqhNmQcnT8YIaE
KVOUW1ZHglufZY/UrHlBtG5y7uz0dl3y6Nvzh116d8LlvM59my0uPbU1/BVyWxhV
FNOeHCwxdm9W+L6sQmLdN5upDCkcfzTdD74MmTrR5BeJ6G4ZjG45pqeEvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD3Aw3UBbVKOJMIEmHt+WpZtOshNMB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvUGNERGRRRnRVbzRrd2dTWWUzNWFsbTA2eUUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXP83MA0G
CSqGSIb3DQEBCwUAA4IBAQBtPtU8RXzA+pLhB8bEiwTs7/9NRTAj0Ip8Oh0tLy/v
c4dKl0lDmBEpG8hVArQhS/A817oaFhpxvkg7qcOiIPtbKAG8lqPm+/t05xfjJLRc
XVZQrLRSSFi80lgHasxWkws1prD0C7Hh7V3dwJtzRVjQzwJMOglFuiUEu/y7IG52
9375KFba2n5lhO1uCcy4VzOCGCpCcg8KR3s1pRgQAkJM1bnmUT/mPRgbRYEozfpp
tFF5MwEaSXsnVRoyBxU//n3OMwYXeK4uErSXvdqaotS+qlUMKa71rJp8sTgcuP1A
fzVdxrxkE2CApVNkWfclvBJ9zvF90boZhC+UvlndcuJS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:33 2024 by rpki-client on console-ams.rpki-client.org