Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/cd2983-218c-457d-811b-5d42e1fa45b9/1/RzUeNDpjKxUqGaDo6HXwWgEFqUg.roa
File:                     RzUeNDpjKxUqGaDo6HXwWgEFqUg.roa (raw, json)
Hash identifier:          RTWV9R1V3kqzgp5FlkxsoDM4Onw4z68tcD9dB2brUJo=
Subject key identifier:   47:35:1E:34:3A:63:2B:15:2A:19:A0:E8:E8:75:F0:5A:01:05:A9:48
Certificate issuer:       /CN=bb8321c05d501edb499190c0c4a3089d246c5b76
Certificate serial:       0186559C9DBBD24FC92B4890F3A030BFE3AD
Authority key identifier: BB:83:21:C0:5D:50:1E:DB:49:91:90:C0:C4:A3:08:9D:24:6C:5B:76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u4MhwF1QHttJkZDAxKMInSRsW3Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/cd2983-218c-457d-811b-5d42e1fa45b9/1/RzUeNDpjKxUqGaDo6HXwWgEFqUg.roa
Signing time:             Wed 15 Feb 2023 15:06:12 +0000
ROA not before:           Wed 15 Feb 2023 15:06:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        85.208.9.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 13 Jun 2023 14:54:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:55:9c:9d:bb:d2:4f:c9:2b:48:90:f3:a0:30:bf:e3:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb8321c05d501edb499190c0c4a3089d246c5b76
        Validity
            Not Before: Feb 15 15:06:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=47351e343a632b152a19a0e8e875f05a0105a948
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:70:a3:13:01:ab:96:82:40:3b:d7:09:db:58:
                    f4:ec:63:d1:39:d1:46:0d:5a:80:9b:1d:c5:d6:6e:
                    10:a9:e2:07:25:20:48:88:6b:b9:7e:3f:e2:46:c1:
                    91:33:bf:50:21:d6:86:54:ea:80:91:4d:3a:02:71:
                    ee:b1:75:bb:5b:55:5a:cb:cb:b6:85:5e:ca:75:07:
                    6c:9b:a0:08:8b:72:c2:62:b6:7f:f9:6e:04:be:bd:
                    ee:40:30:0a:ca:74:03:9b:43:97:bb:7b:83:9a:c6:
                    8b:d6:84:c5:f0:ec:af:da:43:a3:54:ca:9a:a4:85:
                    55:da:04:1e:c7:ee:fe:31:e3:fd:e5:e0:45:70:c6:
                    17:41:c8:f5:bb:34:18:1f:d0:90:32:bd:2d:8e:8a:
                    9f:f7:e0:72:ac:4f:45:4d:a6:dd:6a:ae:24:e6:73:
                    38:0a:d3:25:f1:ef:c5:fa:f3:fb:3d:49:63:08:92:
                    5e:05:8f:a2:f2:5a:8a:a4:4c:3a:33:52:21:31:77:
                    24:02:84:1b:d9:2b:0a:8d:f2:13:b5:61:ba:9f:79:
                    51:a9:de:d1:02:62:d3:95:93:a6:fd:12:aa:31:5d:
                    65:7b:b6:fc:19:d4:41:63:4c:44:4d:d8:94:9f:39:
                    cc:00:ae:2f:7a:81:06:09:b2:88:b9:df:b2:96:42:
                    93:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:35:1E:34:3A:63:2B:15:2A:19:A0:E8:E8:75:F0:5A:01:05:A9:48
            X509v3 Authority Key Identifier:
                keyid:BB:83:21:C0:5D:50:1E:DB:49:91:90:C0:C4:A3:08:9D:24:6C:5B:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MhwF1QHttJkZDAxKMInSRsW3Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd2983-218c-457d-811b-5d42e1fa45b9/1/RzUeNDpjKxUqGaDo6HXwWgEFqUg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd2983-218c-457d-811b-5d42e1fa45b9/1/u4MhwF1QHttJkZDAxKMInSRsW3Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.208.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:93:3a:4a:77:71:3f:b1:19:69:63:9a:25:66:e4:37:7e:2b:
         ba:22:27:1d:09:93:8d:2d:a2:f2:05:c2:8c:bb:3d:ec:dc:e9:
         84:a4:a7:4e:7c:85:6a:fd:ab:2e:af:55:b9:68:13:f1:a1:5a:
         3d:cc:5f:37:50:32:3d:5e:65:57:50:20:83:e4:e3:0d:e1:93:
         fd:7e:83:51:6c:bc:5c:cd:6a:a8:2e:38:1b:5b:b8:5f:c8:55:
         bd:a9:e3:7f:b2:9a:ee:45:73:d2:39:20:7f:29:92:89:2b:fa:
         4a:cb:6b:6e:c7:e0:58:15:30:d0:5d:7e:32:e3:8d:0d:6e:a8:
         a9:99:62:07:71:5b:82:a7:e6:df:eb:95:a1:ab:52:4a:1d:a7:
         d7:5d:5d:34:a0:dc:76:61:cf:e7:3b:f1:83:e5:80:39:d6:9a:
         71:6f:cf:c7:c3:d7:48:49:1d:9a:e3:29:f3:fa:44:69:47:ee:
         16:42:bd:de:48:7e:bf:cf:00:fe:d1:29:1a:47:48:be:f5:8f:
         42:f6:fa:b4:66:e3:b0:2d:89:33:34:95:4b:8c:ca:97:b8:03:
         6e:af:77:21:86:6d:71:60:57:db:c0:cb:a2:7c:d0:ab:c4:75:
         a3:58:e2:21:43:54:38:ab:bc:bd:11:59:0f:d3:7a:c8:8c:e9:
         83:47:48:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZVnJ270k/JK0iQ86Awv+OtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMyMWMwNWQ1MDFlZGI0OTkxOTBjMGM0YTMwODlkMjQ2
YzViNzYwHhcNMjMwMjE1MTUwNjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzM1MWUzNDNhNjMyYjE1MmExOWEwZThlODc1ZjA1YTAxMDVhOTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHCjEwGrloJAO9cJ21j07GPROdFG
DVqAmx3F1m4QqeIHJSBIiGu5fj/iRsGRM79QIdaGVOqAkU06AnHusXW7W1Vay8u2
hV7KdQdsm6AIi3LCYrZ/+W4Evr3uQDAKynQDm0OXu3uDmsaL1oTF8Oyv2kOjVMqa
pIVV2gQex+7+MeP95eBFcMYXQcj1uzQYH9CQMr0tjoqf9+ByrE9FTabdaq4k5nM4
CtMl8e/F+vP7PUljCJJeBY+i8lqKpEw6M1IhMXckAoQb2SsKjfITtWG6n3lRqd7R
AmLTlZOm/RKqMV1le7b8GdRBY0xETdiUnznMAK4veoEGCbKIud+ylkKTeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEc1HjQ6YysVKhmg6Oh18FoBBalIMB8GA1UdIwQY
MBaAFLuDIcBdUB7bSZGQwMSjCJ0kbFt2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNaHdGMVFIdHRKa1pEQXhLTUluU1JzVzNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jZDI5ODMtMjE4Yy00NTdkLTgxMWIt
NWQ0MmUxZmE0NWI5LzEvUnpVZU5EcGpLeFVxR2FEbzZIWHdXZ0VGcVVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jZDI5ODMtMjE4Yy00NTdkLTgxMWItNWQ0MmUxZmE0NWI5
LzEvdTRNaHdGMVFIdHRKa1pEQXhLTUluU1JzVzNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdAJMA0G
CSqGSIb3DQEBCwUAA4IBAQBOkzpKd3E/sRlpY5olZuQ3fiu6IicdCZONLaLyBcKM
uz3s3OmEpKdOfIVq/asur1W5aBPxoVo9zF83UDI9XmVXUCCD5OMN4ZP9foNRbLxc
zWqoLjgbW7hfyFW9qeN/spruRXPSOSB/KZKJK/pKy2tux+BYFTDQXX4y440Nbqip
mWIHcVuCp+bf65Whq1JKHafXXV00oNx2Yc/nO/GD5YA51ppxb8/Hw9dISR2a4ynz
+kRpR+4WQr3eSH6/zwD+0SkaR0i+9Y9C9vq0ZuOwLYkzNJVLjMqXuANur3chhm1x
YFfbwMuifNCrxHWjWOIhQ1Q4q7y9EVkP03rIjOmDR0jm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:02 2024 by rpki-client on console-fra.rpki-client.org