Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/p9Slr9S2diYBwYRFF2KpF5tXTzI.roa
File:                     p9Slr9S2diYBwYRFF2KpF5tXTzI.roa (raw, json)
Hash identifier:          zJT34jeKfk6yXGPyMh6lwHMa0A2KSY9Ig31apGknIGU=
Subject key identifier:   A7:D4:A5:AF:D4:B6:76:26:01:C1:84:45:17:62:A9:17:9B:57:4F:32
Certificate issuer:       /CN=217b7ab062bc828b348d05306e65354748b9d6d6
Certificate serial:       0186210B816CB2E7D3908FC4F4D76A434B39
Authority key identifier: 21:7B:7A:B0:62:BC:82:8B:34:8D:05:30:6E:65:35:47:48:B9:D6:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IXt6sGK8gos0jQUwbmU1R0i51tY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/p9Slr9S2diYBwYRFF2KpF5tXTzI.roa
Signing time:             Sun 05 Feb 2023 10:07:27 +0000
ROA not before:           Sun 05 Feb 2023 10:07:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208553
IP address blocks:        193.228.128.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 22 Mar 2023 12:16:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:21:0b:81:6c:b2:e7:d3:90:8f:c4:f4:d7:6a:43:4b:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=217b7ab062bc828b348d05306e65354748b9d6d6
        Validity
            Not Before: Feb  5 10:07:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a7d4a5afd4b6762601c184451762a9179b574f32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:b1:1f:b4:bc:54:85:d7:a9:af:54:b9:da:12:
                    b8:c4:d0:82:22:db:32:8f:c7:a3:71:66:db:ad:0c:
                    a0:80:f6:34:02:f3:a1:f4:6a:fc:c0:ab:b8:6b:1f:
                    45:da:c4:62:6c:6d:79:11:93:2e:9a:bb:0a:30:d6:
                    3b:51:e9:d6:39:da:c6:b0:c9:f0:ea:10:62:a4:99:
                    a4:d5:cc:3b:c1:d8:2c:8f:17:66:ef:1f:b5:1b:3f:
                    54:af:50:cd:1e:eb:38:f3:a4:98:ed:b2:d3:5a:63:
                    d2:73:c3:52:92:95:11:7a:69:0e:4b:4d:9d:1f:d8:
                    86:62:34:d4:d1:77:d2:7f:05:ee:1a:0f:28:e3:97:
                    89:70:fb:c1:c1:46:b5:db:ce:52:10:8b:8a:fa:5d:
                    6d:40:44:cd:17:09:7d:d1:31:b8:26:70:5e:2b:e2:
                    37:02:33:9d:74:61:fc:7d:2d:7e:19:62:8b:bc:ec:
                    7f:63:c9:1a:86:d0:d9:95:b6:63:75:79:7a:b0:e3:
                    fb:6a:e1:9d:9b:18:25:19:df:0a:60:13:f9:92:a2:
                    71:8e:f5:56:8f:94:31:b0:f5:82:b3:84:20:ae:5f:
                    f7:9d:70:29:96:02:c4:30:62:73:8c:f9:0c:f4:f1:
                    91:56:a2:cb:7d:71:8b:f3:ac:24:55:28:b7:3a:48:
                    e3:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:D4:A5:AF:D4:B6:76:26:01:C1:84:45:17:62:A9:17:9B:57:4F:32
            X509v3 Authority Key Identifier:
                keyid:21:7B:7A:B0:62:BC:82:8B:34:8D:05:30:6E:65:35:47:48:B9:D6:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IXt6sGK8gos0jQUwbmU1R0i51tY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/p9Slr9S2diYBwYRFF2KpF5tXTzI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/IXt6sGK8gos0jQUwbmU1R0i51tY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.228.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:f2:6b:20:db:0f:6b:56:06:4a:8c:35:78:6d:f0:ac:33:76:
         74:bc:f5:42:fc:55:b9:24:b7:ef:ff:67:c2:c8:7b:0e:84:85:
         fa:61:0c:1c:80:b2:5c:56:d3:1d:63:a1:6b:57:06:22:39:b5:
         9e:95:a1:86:a0:1f:d2:47:8b:d5:6c:1f:ce:ac:c3:b2:7b:2d:
         c4:27:ab:f2:a1:ab:71:29:36:f8:13:a8:2e:f6:af:f0:46:09:
         5c:2c:4c:e3:2a:1b:d7:ef:05:ac:d7:b3:bd:89:88:35:33:ee:
         24:01:9f:2a:c2:91:04:6d:c9:d8:96:b7:42:2e:1e:e2:61:dc:
         2d:58:4a:0c:33:0d:9f:b2:e1:0a:78:01:35:86:a3:30:49:2a:
         3e:b3:81:39:42:1e:75:9c:3a:a7:61:74:f9:a5:7b:56:87:d7:
         5c:e9:50:8a:4e:10:94:b5:1f:aa:c6:2f:84:37:d1:32:a5:c0:
         42:9e:63:a0:cd:0d:67:2c:75:5e:57:4c:d1:53:75:93:70:42:
         a9:32:68:ae:f5:36:5a:82:78:4a:f2:dd:3c:f7:25:af:61:7c:
         91:4e:25:ef:a2:6c:8b:17:83:b1:da:8b:79:76:27:7f:93:20:
         5c:56:21:df:f3:89:92:78:d9:3e:53:34:cc:16:27:39:01:62:
         4d:ca:9c:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYhC4FssufTkI/E9NdqQ0s5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxN2I3YWIwNjJiYzgyOGIzNDhkMDUzMDZlNjUzNTQ3NDhi
OWQ2ZDYwHhcNMjMwMjA1MTAwNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2Q0YTVhZmQ0YjY3NjI2MDFjMTg0NDUxNzYyYTkxNzliNTc0ZjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLEftLxUhdepr1S52hK4xNCCItsy
j8ejcWbbrQyggPY0AvOh9Gr8wKu4ax9F2sRibG15EZMumrsKMNY7UenWOdrGsMnw
6hBipJmk1cw7wdgsjxdm7x+1Gz9Ur1DNHus486SY7bLTWmPSc8NSkpURemkOS02d
H9iGYjTU0XfSfwXuGg8o45eJcPvBwUa1285SEIuK+l1tQETNFwl90TG4JnBeK+I3
AjOddGH8fS1+GWKLvOx/Y8kahtDZlbZjdXl6sOP7auGdmxglGd8KYBP5kqJxjvVW
j5QxsPWCs4Qgrl/3nXAplgLEMGJzjPkM9PGRVqLLfXGL86wkVSi3Okjj0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKfUpa/UtnYmAcGERRdiqRebV08yMB8GA1UdIwQY
MBaAFCF7erBivIKLNI0FMG5lNUdIudbWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVh0NnNHSzhnb3MwalFVd2JtVTFSMGk1MXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9hOGRhZGMtNjExYi00MDYzLWFkYjYt
NTViNjU5Y2Q4MmJiLzEvcDlTbHI5UzJkaVlCd1lSRkYyS3BGNXRYVHpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9hOGRhZGMtNjExYi00MDYzLWFkYjYtNTViNjU5Y2Q4MmJi
LzEvSVh0NnNHSzhnb3MwalFVd2JtVTFSMGk1MXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAweSAMA0G
CSqGSIb3DQEBCwUAA4IBAQB98msg2w9rVgZKjDV4bfCsM3Z0vPVC/FW5JLfv/2fC
yHsOhIX6YQwcgLJcVtMdY6FrVwYiObWelaGGoB/SR4vVbB/OrMOyey3EJ6vyoatx
KTb4E6gu9q/wRglcLEzjKhvX7wWs17O9iYg1M+4kAZ8qwpEEbcnYlrdCLh7iYdwt
WEoMMw2fsuEKeAE1hqMwSSo+s4E5Qh51nDqnYXT5pXtWh9dc6VCKThCUtR+qxi+E
N9EypcBCnmOgzQ1nLHVeV0zRU3WTcEKpMmiu9TZagnhK8t089yWvYXyRTiXvomyL
F4Ox2ot5did/kyBcViHf84mSeNk+UzTMFic5AWJNypwA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:34 2024 by rpki-client on console-fra.rpki-client.org