Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/V9v3teKbaD_1QnLt7sFmB3MONSc.roa
File:                     V9v3teKbaD_1QnLt7sFmB3MONSc.roa (raw, json)
Hash identifier:          3i4kpQJkuiUyHYqvlcIHWSB3Rfq003mZU7T357e1GwE=
Subject key identifier:   57:DB:F7:B5:E2:9B:68:3F:F5:42:72:ED:EE:C1:66:07:73:0E:35:27
Certificate issuer:       /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial:       0187B1DF1D64AF1AF50B3D132E3752C040EE
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/V9v3teKbaD_1QnLt7sFmB3MONSc.roa
Signing time:             Mon 24 Apr 2023 06:06:41 +0000
ROA not before:           Mon 24 Apr 2023 06:06:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58061
IP address blocks:        88.209.199.0/24 maxlen: 24
                          88.209.198.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:b1:df:1d:64:af:1a:f5:0b:3d:13:2e:37:52:c0:40:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
        Validity
            Not Before: Apr 24 06:06:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=57dbf7b5e29b683ff54272edeec16607730e3527
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:95:5a:ee:79:ad:54:15:ef:1a:20:f3:a4:96:
                    b0:cf:94:2b:36:59:9d:9f:d7:2d:60:84:58:d4:43:
                    08:83:bf:cd:dd:20:78:b4:2a:7e:74:6d:2a:91:63:
                    b9:ac:9e:12:86:44:b9:bd:54:f6:c0:64:09:25:7a:
                    50:5f:b0:b7:49:a0:f4:ad:f9:cd:79:60:10:7c:04:
                    4c:fd:7e:ff:0a:50:15:d7:1f:c9:15:69:6f:fc:cb:
                    84:79:a5:7c:14:7c:a5:5e:35:7f:35:6f:5d:0d:0e:
                    fd:9c:b9:f5:b0:23:f4:46:db:5f:1f:18:64:80:73:
                    8e:83:d7:ad:0a:7e:81:f6:4d:f8:f4:a1:2f:d7:bf:
                    81:b8:d7:af:47:21:cc:b3:e5:e3:74:10:6a:27:a0:
                    06:e4:ca:45:5f:17:2c:77:22:f0:59:89:5b:6e:fd:
                    89:ec:a4:f0:f4:55:60:7a:1c:9b:61:79:bb:c5:c0:
                    b6:8b:aa:2a:9d:01:9c:97:03:c7:5b:bf:20:85:79:
                    67:10:6e:f7:d9:01:fb:db:62:4e:31:81:9f:73:d5:
                    23:b0:23:c9:b2:0c:0d:f8:e1:f6:c6:ab:77:0a:5e:
                    af:61:f9:af:15:e1:fd:60:8a:12:bd:2a:71:57:c6:
                    46:e0:45:2d:5e:2a:f6:5a:e9:57:1e:7c:a3:ae:f4:
                    90:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:DB:F7:B5:E2:9B:68:3F:F5:42:72:ED:EE:C1:66:07:73:0E:35:27
            X509v3 Authority Key Identifier:
                keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/V9v3teKbaD_1QnLt7sFmB3MONSc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.209.198.0/23

    Signature Algorithm: sha256WithRSAEncryption
         16:eb:64:68:85:ce:87:7a:18:12:44:4a:6f:e4:40:bc:12:ac:
         f4:9f:df:7a:b3:9c:60:f0:37:ca:84:9b:ad:f9:4f:d6:93:51:
         4a:c4:3a:46:6b:f0:d9:a7:fe:2d:c2:32:33:9e:bd:d7:19:3e:
         4d:70:65:b4:ce:ae:5f:4e:bd:d0:1f:97:02:36:03:a9:77:47:
         0b:69:43:5e:da:cc:e4:54:9e:60:91:07:0f:04:b7:b4:fe:ec:
         32:de:19:f1:fa:a8:17:23:f0:8b:e6:cf:42:23:66:cd:f8:03:
         5d:24:ff:8e:ab:d6:7d:14:79:48:53:e7:70:7e:a4:14:b3:7a:
         b5:5e:b9:e9:f8:69:0b:9c:48:16:a1:87:66:75:56:a5:fc:e9:
         5b:cc:b2:1b:0b:fa:30:b1:be:98:5e:2c:b9:c8:62:7e:24:46:
         cb:da:f2:8e:a7:32:90:99:24:56:81:ce:8a:60:01:11:13:79:
         24:33:69:fb:2b:8d:e2:ac:4b:ae:43:c2:f7:5b:97:d0:34:e9:
         d3:b3:72:25:ef:ca:3c:07:19:98:6b:77:5c:19:1d:f6:bb:f5:
         3a:2b:2c:31:cd:35:50:87:e1:33:ba:8e:74:5b:52:05:cb:e4:
         2f:e7:60:5b:a9:55:b7:77:cd:1c:6c:75:10:4a:69:d0:17:01:
         98:70:32:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYex3x1krxr1Cz0TLjdSwEDuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNDI0MDYwNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2RiZjdiNWUyOWI2ODNmZjU0MjcyZWRlZWMxNjYwNzczMGUzNTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJVa7nmtVBXvGiDzpJawz5QrNlmd
n9ctYIRY1EMIg7/N3SB4tCp+dG0qkWO5rJ4ShkS5vVT2wGQJJXpQX7C3SaD0rfnN
eWAQfARM/X7/ClAV1x/JFWlv/MuEeaV8FHylXjV/NW9dDQ79nLn1sCP0RttfHxhk
gHOOg9etCn6B9k349KEv17+BuNevRyHMs+XjdBBqJ6AG5MpFXxcsdyLwWYlbbv2J
7KTw9FVgehybYXm7xcC2i6oqnQGclwPHW78ghXlnEG732QH722JOMYGfc9UjsCPJ
sgwN+OH2xqt3Cl6vYfmvFeH9YIoSvSpxV8ZG4EUtXir2WulXHnyjrvSQcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFfb97Xim2g/9UJy7e7BZgdzDjUnMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvVjl2M3RlS2JhRF8xUW5MdDdzRm1CM01PTlNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWNHGMA0G
CSqGSIb3DQEBCwUAA4IBAQAW62Rohc6HehgSREpv5EC8Eqz0n996s5xg8DfKhJut
+U/Wk1FKxDpGa/DZp/4twjIznr3XGT5NcGW0zq5fTr3QH5cCNgOpd0cLaUNe2szk
VJ5gkQcPBLe0/uwy3hnx+qgXI/CL5s9CI2bN+ANdJP+Oq9Z9FHlIU+dwfqQUs3q1
Xrnp+GkLnEgWoYdmdVal/OlbzLIbC/owsb6YXiy5yGJ+JEbL2vKOpzKQmSRWgc6K
YAERE3kkM2n7K43irEuuQ8L3W5fQNOnTs3Il78o8BxmYa3dcGR32u/U6KywxzTVQ
h+Ezuo50W1IFy+Qv52BbqVW3d80cbHUQSmnQFwGYcDKz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org