Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/1MKKMMeI7wyckCunVH1Wzulk6pg.roa
File:                     1MKKMMeI7wyckCunVH1Wzulk6pg.roa (raw, json)
Hash identifier:          LwgPetCqcq+gJXsEVmYsyvz+ULtensRqSONIfYLiv94=
Subject key identifier:   D4:C2:8A:30:C7:88:EF:0C:9C:90:2B:A7:54:7D:56:CE:E9:64:EA:98
Certificate issuer:       /CN=dee623e2aff7b03afeb94260348c1633b54d9056
Certificate serial:       01856EC23AFCDE80BEC5E979B1D0EE68F5E0
Authority key identifier: DE:E6:23:E2:AF:F7:B0:3A:FE:B9:42:60:34:8C:16:33:B5:4D:90:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3uYj4q_3sDr-uUJgNIwWM7VNkFY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/1MKKMMeI7wyckCunVH1Wzulk6pg.roa
Signing time:             Sun 01 Jan 2023 19:15:00 +0000
ROA not before:           Sun 01 Jan 2023 19:15:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206471
IP address blocks:        194.127.109.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:c2:3a:fc:de:80:be:c5:e9:79:b1:d0:ee:68:f5:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dee623e2aff7b03afeb94260348c1633b54d9056
        Validity
            Not Before: Jan  1 19:15:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d4c28a30c788ef0c9c902ba7547d56cee964ea98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:00:ab:61:69:48:59:b9:ba:a3:e5:46:93:01:
                    4b:58:0d:30:2a:c6:99:29:1d:07:48:9e:60:db:0b:
                    a8:96:f2:1d:21:49:71:e2:40:03:e6:54:9b:b8:db:
                    05:c6:ae:0f:6d:d4:65:f9:00:d1:48:ce:7d:7d:4a:
                    f9:7e:f8:92:b0:ec:43:15:e0:7c:57:71:53:ac:c8:
                    ab:f2:34:65:58:65:c1:9d:ab:6c:42:fd:e6:f6:96:
                    d1:e3:07:f8:dd:a9:96:41:dd:87:6b:74:54:01:59:
                    af:55:32:0e:2b:b9:e9:cf:d5:bc:6f:e2:9d:9c:e3:
                    6f:30:08:74:c0:6f:37:70:86:51:cf:0d:7d:48:52:
                    56:1b:04:35:55:f9:ee:44:2f:3a:6a:2b:de:2f:c1:
                    11:f0:eb:4a:f2:49:2f:07:e8:da:23:59:f9:82:d2:
                    94:61:85:c5:1f:66:c9:84:58:e2:13:e6:79:b7:dd:
                    7a:67:66:20:4c:44:9c:1c:00:3f:43:f6:38:e3:3b:
                    6f:7b:c7:4c:0e:72:ae:bb:a6:bc:13:40:71:37:b0:
                    d7:c2:8d:49:b7:dd:91:91:5c:c9:a3:7f:51:56:b8:
                    4a:eb:fa:5a:4b:79:1a:da:ce:4a:68:63:39:26:e6:
                    d6:c1:92:0a:f5:a3:bc:22:73:96:56:bd:a2:e5:83:
                    9a:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:C2:8A:30:C7:88:EF:0C:9C:90:2B:A7:54:7D:56:CE:E9:64:EA:98
            X509v3 Authority Key Identifier:
                keyid:DE:E6:23:E2:AF:F7:B0:3A:FE:B9:42:60:34:8C:16:33:B5:4D:90:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3uYj4q_3sDr-uUJgNIwWM7VNkFY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/1MKKMMeI7wyckCunVH1Wzulk6pg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/3uYj4q_3sDr-uUJgNIwWM7VNkFY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.127.109.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:41:76:63:6c:b5:d1:46:f8:9f:dd:6b:78:58:c3:5f:1f:31:
         1e:6f:00:63:55:44:34:bf:0f:c7:a2:73:77:4f:5d:b6:3f:8c:
         ca:32:df:10:50:e1:cc:d6:95:c0:66:50:c1:33:4f:9c:63:1d:
         1a:00:ad:29:e7:a9:89:84:3f:51:4f:bc:38:cd:d3:6f:18:62:
         b6:04:40:20:23:5e:9b:9b:71:b2:51:83:b1:f6:bf:f3:51:ae:
         d0:0f:5c:f8:32:90:bc:00:c9:1c:fb:e9:ad:ab:bb:f3:77:53:
         0d:10:41:3f:b0:42:3c:71:59:94:ac:4e:30:1d:5b:f2:23:28:
         39:f4:f8:73:1b:c7:a1:8d:d1:92:c0:0c:d6:23:eb:86:fd:35:
         c4:ef:1c:21:35:4a:8b:7f:8b:34:85:7b:88:bb:cd:e3:e7:84:
         fc:89:5f:b7:d1:b2:54:eb:d5:0b:0c:01:19:e5:d2:f1:9e:2c:
         14:90:78:f0:81:5b:b5:4c:7f:f2:c3:2e:90:93:54:e8:e8:68:
         6d:5d:8d:80:08:b7:32:c2:f3:8c:5a:3e:54:83:f4:db:a9:61:
         cc:40:e4:31:6d:e8:cb:01:0f:8b:f1:3d:e1:0a:29:41:05:a4:
         cb:0a:32:6b:88:6e:21:bd:ae:70:48:b5:af:d5:f4:df:d1:fa:
         fe:70:74:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwjr83oC+xel5sdDuaPXgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZTYyM2UyYWZmN2IwM2FmZWI5NDI2MDM0OGMxNjMzYjU0
ZDkwNTYwHhcNMjMwMTAxMTkxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGMyOGEzMGM3ODhlZjBjOWM5MDJiYTc1NDdkNTZjZWU5NjRlYTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwCrYWlIWbm6o+VGkwFLWA0wKsaZ
KR0HSJ5g2wuolvIdIUlx4kAD5lSbuNsFxq4PbdRl+QDRSM59fUr5fviSsOxDFeB8
V3FTrMir8jRlWGXBnatsQv3m9pbR4wf43amWQd2Ha3RUAVmvVTIOK7npz9W8b+Kd
nONvMAh0wG83cIZRzw19SFJWGwQ1VfnuRC86aiveL8ER8OtK8kkvB+jaI1n5gtKU
YYXFH2bJhFjiE+Z5t916Z2YgTEScHAA/Q/Y44ztve8dMDnKuu6a8E0BxN7DXwo1J
t92RkVzJo39RVrhK6/paS3ka2s5KaGM5JubWwZIK9aO8InOWVr2i5YOatwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNTCijDHiO8MnJArp1R9Vs7pZOqYMB8GA1UdIwQY
MBaAFN7mI+Kv97A6/rlCYDSMFjO1TZBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3VZajRxXzNzRHItdVVKZ05Jd1dNN1ZOa0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85ODcxZmYtM2YyNi00Yjk0LWE0NjQt
NmNjMWQzZWE4MzJlLzEvMU1LS01NZUk3d3lja0N1blZIMVd6dWxrNnBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85ODcxZmYtM2YyNi00Yjk0LWE0NjQtNmNjMWQzZWE4MzJl
LzEvM3VZajRxXzNzRHItdVVKZ05Jd1dNN1ZOa0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwn9tMA0G
CSqGSIb3DQEBCwUAA4IBAQBFQXZjbLXRRvif3Wt4WMNfHzEebwBjVUQ0vw/HonN3
T122P4zKMt8QUOHM1pXAZlDBM0+cYx0aAK0p56mJhD9RT7w4zdNvGGK2BEAgI16b
m3GyUYOx9r/zUa7QD1z4MpC8AMkc++mtq7vzd1MNEEE/sEI8cVmUrE4wHVvyIyg5
9PhzG8ehjdGSwAzWI+uG/TXE7xwhNUqLf4s0hXuIu83j54T8iV+30bJU69ULDAEZ
5dLxniwUkHjwgVu1TH/ywy6Qk1To6GhtXY2ACLcywvOMWj5Ug/TbqWHMQOQxbejL
AQ+L8T3hCilBBaTLCjJriG4hva5wSLWv1fTf0fr+cHSM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:59 2024 by rpki-client on console-ams.rpki-client.org