Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/1-L9tMLSK525Up-YakxiQQaHCs5U.roa
File:                     1-L9tMLSK525Up-YakxiQQaHCs5U.roa (raw, json)
Hash identifier:          lGaGNC70WLY1qlUGauTl7nHBZNGMYt69kRDRfmrjwIw=
Subject key identifier:   F8:BF:6D:30:B4:8A:E7:6E:54:A7:E6:1A:93:18:90:41:A1:C2:B3:95
Certificate issuer:       /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial:       0185710C307D3345F5D763B82FF010B49E86
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/1-L9tMLSK525Up-YakxiQQaHCs5U.roa
Signing time:             Mon 02 Jan 2023 05:55:01 +0000
ROA not before:           Mon 02 Jan 2023 05:55:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21859
IP address blocks:        192.145.69.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0c:30:7d:33:45:f5:d7:63:b8:2f:f0:10:b4:9e:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
        Validity
            Not Before: Jan  2 05:55:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f8bf6d30b48ae76e54a7e61a93189041a1c2b395
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:15:b0:61:88:eb:1c:87:75:4d:46:88:cb:36:
                    8f:28:3f:60:b1:5b:09:93:b3:59:8c:58:fe:29:86:
                    71:14:c2:4a:52:a7:fb:e5:10:56:99:9f:75:b9:d3:
                    83:21:f7:de:02:4f:23:be:16:20:e8:90:18:32:cc:
                    be:ef:35:38:af:22:26:4a:64:45:47:a6:97:33:4c:
                    e9:2c:72:04:27:66:e8:78:66:e1:90:95:38:59:53:
                    0e:9f:64:cd:95:69:a4:19:01:df:0a:47:74:2a:5c:
                    db:9c:b9:23:3a:8f:0a:66:23:6e:59:b6:57:d1:77:
                    b6:e1:dd:ab:91:5c:fa:09:c8:df:89:74:fd:40:cc:
                    f8:48:52:cb:e3:38:fa:e6:5d:3a:6c:91:c0:c1:ed:
                    3d:4f:70:a6:17:7b:e9:64:3e:6e:0b:aa:85:ad:83:
                    ab:2b:34:66:ab:d9:fe:be:33:55:3e:2b:16:76:8f:
                    fb:bd:a5:ff:bd:1d:c6:a9:69:31:45:0d:a6:1e:80:
                    a3:90:73:db:7b:96:96:22:f5:4f:dd:c1:be:cb:ac:
                    ae:7a:3e:20:37:1c:0f:fe:1a:88:f1:4c:16:3e:70:
                    37:08:3e:80:4b:df:0e:b6:39:dd:fc:90:ae:64:5e:
                    4f:7f:f8:1a:9e:ef:9c:56:2b:9a:5f:06:ae:48:09:
                    54:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:BF:6D:30:B4:8A:E7:6E:54:A7:E6:1A:93:18:90:41:A1:C2:B3:95
            X509v3 Authority Key Identifier:
                keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/1-L9tMLSK525Up-YakxiQQaHCs5U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.145.69.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:15:89:9f:3a:cf:35:8d:73:f0:3f:b5:7d:8c:e3:97:7b:54:
         f7:56:79:a4:b4:ae:d6:3f:c7:78:ba:44:51:68:0b:e0:39:7b:
         ab:d0:51:85:7b:c3:74:29:85:33:b4:d7:d9:55:74:39:17:f8:
         e7:30:a5:f4:be:ad:8b:54:86:21:b8:43:12:11:1d:b7:e0:f9:
         b1:d2:6c:e1:1b:4c:90:ba:b8:c3:cf:ef:92:08:5c:11:31:04:
         0e:d7:8f:bd:80:a0:33:75:46:3b:b6:11:5d:ad:02:0a:17:4b:
         16:c1:21:e2:8c:7a:4b:cf:ac:8d:0c:ec:1f:24:7d:e4:bc:44:
         b6:36:dd:de:af:17:e5:65:da:3e:09:a5:c7:9d:7d:2b:b1:86:
         ef:87:a4:d3:23:77:ab:dc:4e:ca:5f:24:71:ac:ce:2d:a4:bf:
         d5:b7:15:6f:4f:f9:fb:c9:fb:9f:32:05:e5:af:0e:3e:66:e5:
         2e:2d:36:a2:97:ab:a7:62:42:9b:fe:8f:d9:0a:47:21:18:dc:
         b1:03:ff:49:e0:52:79:65:bf:cf:94:86:41:02:da:33:52:82:
         d8:c9:25:c6:aa:c3:51:f3:e1:26:cd:35:51:92:de:cd:26:ef:
         0e:0a:ae:1e:43:24:e6:21:b7:ee:53:b0:0a:9f:69:f7:25:97:
         2d:16:fd:92
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxDDB9M0X112O4L/AQtJ6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwMTAyMDU1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGJmNmQzMGI0OGFlNzZlNTRhN2U2MWE5MzE4OTA0MWExYzJiMzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhWwYYjrHId1TUaIyzaPKD9gsVsJ
k7NZjFj+KYZxFMJKUqf75RBWmZ91udODIffeAk8jvhYg6JAYMsy+7zU4ryImSmRF
R6aXM0zpLHIEJ2boeGbhkJU4WVMOn2TNlWmkGQHfCkd0KlzbnLkjOo8KZiNuWbZX
0Xe24d2rkVz6CcjfiXT9QMz4SFLL4zj65l06bJHAwe09T3CmF3vpZD5uC6qFrYOr
KzRmq9n+vjNVPisWdo/7vaX/vR3GqWkxRQ2mHoCjkHPbe5aWIvVP3cG+y6yuej4g
NxwP/hqI8UwWPnA3CD6AS98Otjnd/JCuZF5Pf/ganu+cViuaXwauSAlUXQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPi/bTC0iuduVKfmGpMYkEGhwrOVMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvMS1MOXRNTFNLNTI1VXAtWWFreGlRUWFIQ3M1VS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2EvM2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEw
MS8xL2NyZVBab0w4T2NWYlFkU1BnTGlEalYwdHZ3Yy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMCRRTAN
BgkqhkiG9w0BAQsFAAOCAQEATxWJnzrPNY1z8D+1fYzjl3tU91Z5pLSu1j/HeLpE
UWgL4Dl7q9BRhXvDdCmFM7TX2VV0ORf45zCl9L6ti1SGIbhDEhEdt+D5sdJs4RtM
kLq4w8/vkghcETEEDtePvYCgM3VGO7YRXa0CChdLFsEh4ox6S8+sjQzsHyR95LxE
tjbd3q8X5WXaPgmlx519K7GG74ek0yN3q9xOyl8kcazOLaS/1bcVb0/5+8n7nzIF
5a8OPmblLi02operp2JCm/6P2QpHIRjcsQP/SeBSeWW/z5SGQQLaM1KC2MklxqrD
UfPhJs01UZLezSbvDgquHkMk5iG37lOwCp9p9yWXLRb9kg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:16 2024 by rpki-client on console-ams.rpki-client.org