Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/bPj7KjEBfktDtoHw94OcNrwcldE.roa
File:                     bPj7KjEBfktDtoHw94OcNrwcldE.roa (raw, json)
Hash identifier:          SGuLsxHPCbgWpplsAySvr3UJioqZdHwwwR1TIb5ny5k=
Subject key identifier:   6C:F8:FB:2A:31:01:7E:4B:43:B6:81:F0:F7:83:9C:36:BC:1C:95:D1
Certificate issuer:       /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial:       01856BEEC4D21B7828C5882F48448AC59B11
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/bPj7KjEBfktDtoHw94OcNrwcldE.roa
Signing time:             Sun 01 Jan 2023 06:04:48 +0000
ROA not before:           Sun 01 Jan 2023 06:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212333
IP address blocks:        92.255.43.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:ee:c4:d2:1b:78:28:c5:88:2f:48:44:8a:c5:9b:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
        Validity
            Not Before: Jan  1 06:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6cf8fb2a31017e4b43b681f0f7839c36bc1c95d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:09:c4:17:24:6c:41:dc:a8:0c:4e:82:70:63:
                    43:72:7d:eb:67:48:cc:84:33:c6:53:91:ae:96:ee:
                    8c:4e:24:f5:fe:ca:09:4c:e9:51:23:83:86:0e:61:
                    bb:1b:dd:13:26:1b:9c:bb:b5:e6:63:fb:e9:d8:dd:
                    79:42:5c:a7:9e:81:eb:87:5e:1c:16:30:2d:97:e2:
                    e3:ff:ed:f5:4c:7b:41:07:17:12:ca:c4:3c:ee:20:
                    95:fe:8c:f0:7a:dd:06:02:86:36:de:88:96:0e:3c:
                    22:90:ea:07:a2:36:11:3c:70:f0:74:f0:d9:a4:3a:
                    94:26:2b:cc:d5:da:ce:56:ad:2a:5a:dd:02:a1:b0:
                    0e:dc:30:ef:24:5e:ee:0c:fa:db:89:1b:da:33:82:
                    e4:96:a1:e5:be:a7:06:b0:58:e2:5c:cc:03:88:1a:
                    4f:db:d5:ab:4d:42:5b:6c:91:11:97:ba:7c:09:29:
                    e4:94:5b:e4:36:bd:c8:ed:2e:e4:97:3d:61:53:76:
                    cb:ae:04:4e:d4:36:a5:5b:8f:f7:a9:a8:29:f6:a9:
                    9b:82:6c:27:da:60:ef:ea:f0:7f:27:7a:03:42:09:
                    59:2e:ef:74:03:d6:79:c1:be:3e:58:e8:c6:51:bb:
                    7d:2b:90:07:48:84:35:1d:2a:1b:1a:19:e8:fa:e5:
                    42:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:F8:FB:2A:31:01:7E:4B:43:B6:81:F0:F7:83:9C:36:BC:1C:95:D1
            X509v3 Authority Key Identifier:
                keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/bPj7KjEBfktDtoHw94OcNrwcldE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.255.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:6a:bf:3f:e4:c3:c6:de:54:65:df:f2:22:63:d8:95:a5:cd:
         8b:a7:b7:a1:04:4e:ba:fc:71:81:f2:10:8f:c6:f0:ba:74:7b:
         28:c2:33:f5:5f:6f:de:0c:f1:b1:ab:5b:4a:9d:98:3b:df:4e:
         56:57:ab:37:8f:f7:c6:1f:14:cd:d1:57:7b:88:40:54:66:8c:
         43:97:38:f7:7d:b4:00:59:f1:ed:82:ee:3c:bc:c6:ca:cb:07:
         6c:a0:78:ac:80:28:aa:f2:54:f3:7f:24:b7:2a:5a:ab:85:d2:
         b9:3a:b7:82:37:95:b0:b9:a0:49:02:61:9b:72:0c:16:04:43:
         3e:d8:69:88:14:2a:17:a0:70:7c:00:34:ef:f4:e0:54:85:a0:
         9e:f0:3a:22:35:90:ab:03:47:cd:21:74:b4:4b:01:fa:b0:43:
         8c:26:0b:e4:d6:00:49:1e:78:ce:54:51:f1:44:07:54:32:b3:
         34:4f:f6:3c:57:5d:d6:8a:37:a1:3d:4e:57:15:6c:b2:a6:c3:
         b2:f8:61:e5:70:4c:53:81:09:5e:d1:a6:28:3c:dd:15:06:4e:
         d7:4e:a9:89:f4:74:1c:f6:4a:ab:93:d8:d9:f0:7e:06:b0:2c:
         8e:cc:a0:6e:80:c2:a9:ce:84:17:a7:d7:ed:f9:38:e5:db:cf:
         db:ab:e4:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr7sTSG3goxYgvSESKxZsRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjMwMTAxMDYwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2Y4ZmIyYTMxMDE3ZTRiNDNiNjgxZjBmNzgzOWMzNmJjMWM5NWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAognEFyRsQdyoDE6CcGNDcn3rZ0jM
hDPGU5Gulu6MTiT1/soJTOlRI4OGDmG7G90TJhucu7XmY/vp2N15QlynnoHrh14c
FjAtl+Lj/+31THtBBxcSysQ87iCV/ozwet0GAoY23oiWDjwikOoHojYRPHDwdPDZ
pDqUJivM1drOVq0qWt0CobAO3DDvJF7uDPrbiRvaM4LklqHlvqcGsFjiXMwDiBpP
29WrTUJbbJERl7p8CSnklFvkNr3I7S7klz1hU3bLrgRO1DalW4/3qagp9qmbgmwn
2mDv6vB/J3oDQglZLu90A9Z5wb4+WOjGUbt9K5AHSIQ1HSobGhno+uVCDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGz4+yoxAX5LQ7aB8PeDnDa8HJXRMB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvYlBqN0tqRUJma3REdG9Idzk0T2NOcndjbGRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXP8rMA0G
CSqGSIb3DQEBCwUAA4IBAQA+ar8/5MPG3lRl3/IiY9iVpc2Lp7ehBE66/HGB8hCP
xvC6dHsowjP1X2/eDPGxq1tKnZg7305WV6s3j/fGHxTN0Vd7iEBUZoxDlzj3fbQA
WfHtgu48vMbKywdsoHisgCiq8lTzfyS3KlqrhdK5OreCN5WwuaBJAmGbcgwWBEM+
2GmIFCoXoHB8ADTv9OBUhaCe8DoiNZCrA0fNIXS0SwH6sEOMJgvk1gBJHnjOVFHx
RAdUMrM0T/Y8V13WijehPU5XFWyypsOy+GHlcExTgQle0aYoPN0VBk7XTqmJ9HQc
9kqrk9jZ8H4GsCyOzKBugMKpzoQXp9ft+Tjl28/bq+R7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:02 2024 by rpki-client on console-fra.rpki-client.org