Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/9Ih1IySa_UFp8MK0tuOohF8pt4I.roa
File:                     9Ih1IySa_UFp8MK0tuOohF8pt4I.roa (raw, json)
Hash identifier:          wPWn40U7IPMVLs7bpV9GMJVLxmMGN+asa+NwI3FSFT8=
Subject key identifier:   F4:88:75:23:24:9A:FD:41:69:F0:C2:B4:B6:E3:A8:84:5F:29:B7:82
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       018C351F067A0F99D9B806A68995832FC56F
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/9Ih1IySa_UFp8MK0tuOohF8pt4I.roa
Signing time:             Mon 04 Dec 2023 13:57:54 +0000
ROA not before:           Mon 04 Dec 2023 13:57:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     397373
IP address blocks:        85.133.137.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:35:1f:06:7a:0f:99:d9:b8:06:a6:89:95:83:2f:c5:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Dec  4 13:57:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f4887523249afd4169f0c2b4b6e3a8845f29b782
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:8b:4b:9b:ad:85:31:8e:9d:fe:61:42:eb:70:
                    b8:0f:76:ef:ed:3d:67:69:93:28:56:2c:44:34:28:
                    f4:aa:18:7f:9e:5e:b3:e5:a2:68:0d:67:65:64:64:
                    89:8a:82:e2:f8:dd:9f:cb:f1:92:08:aa:d5:3e:e8:
                    0d:6f:c7:6c:91:f3:50:74:51:16:39:83:a1:ca:7f:
                    98:d6:0e:83:07:0b:78:30:9c:05:49:38:0e:d5:2e:
                    fa:9a:6b:43:cc:28:b6:6b:d3:43:69:c1:1e:8b:e2:
                    8c:5a:5e:9b:78:55:b6:7d:e6:0f:86:e2:b0:58:00:
                    00:b7:8d:d2:a4:cf:28:2a:e3:cb:65:82:58:05:b4:
                    51:ce:13:a5:3b:92:5e:04:cc:f7:85:39:0e:c8:cd:
                    9a:15:4a:f3:23:cf:3a:2e:9a:a8:c9:7a:77:5e:75:
                    28:93:9c:b4:53:d9:c4:9a:37:f1:98:48:38:f8:ad:
                    85:42:fa:33:b5:bf:15:58:03:4b:5d:fd:00:2e:4e:
                    ff:66:f5:c0:fb:13:d7:81:cc:7f:d1:8f:af:a8:cf:
                    6f:b1:31:ad:f6:eb:9b:da:0e:2c:6b:43:2b:d7:1c:
                    8c:93:25:bf:9d:c0:1d:9e:85:64:23:4e:98:96:27:
                    6e:f1:9a:71:51:17:c2:fd:f8:48:a3:b7:37:c9:cb:
                    34:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:88:75:23:24:9A:FD:41:69:F0:C2:B4:B6:E3:A8:84:5F:29:B7:82
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/9Ih1IySa_UFp8MK0tuOohF8pt4I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.137.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:ca:d6:a4:10:7e:f6:e1:35:58:1f:fb:8e:08:f2:9d:50:60:
         1c:cc:b7:0e:d4:b7:7c:aa:7e:c7:79:6d:8b:ad:d9:aa:9c:04:
         c3:11:42:26:75:1b:23:a9:b0:76:b6:00:22:89:bd:5f:ee:74:
         ba:c7:c8:ca:bd:7e:bb:af:f2:39:4b:7d:a0:5c:ac:a2:ed:30:
         b5:40:65:c3:16:38:c6:d7:65:dd:a4:93:b9:6a:df:a4:b8:1c:
         a6:f9:e0:5d:e1:f5:d2:78:ad:34:e5:30:e8:a6:93:f9:01:7b:
         6a:0c:31:08:91:12:6b:d1:ed:4f:1b:bf:92:d3:90:50:ea:00:
         18:d1:8f:19:f5:0e:c3:1a:07:81:25:d9:43:8a:d1:09:cb:c7:
         e4:62:29:bc:20:38:30:be:cf:d3:08:89:39:76:00:a8:04:75:
         73:b7:28:43:89:d5:2f:92:b0:4e:00:82:7e:06:b9:3a:89:67:
         cc:7d:b2:23:04:c9:40:d9:4e:fb:cf:5f:bb:d1:01:ce:77:6f:
         6c:53:69:bf:34:fa:d9:28:fd:6a:a0:bc:37:cf:ef:e9:d7:c5:
         a9:a3:2c:d7:8b:da:ba:c0:c9:77:83:68:61:38:4d:00:91:09:
         2f:44:75:16:c1:a6:80:34:0b:31:92:13:8c:1c:f4:26:92:ef:
         05:02:54:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw1HwZ6D5nZuAamiZWDL8VvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMxMjA0MTM1NzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDg4NzUyMzI0OWFmZDQxNjlmMGMyYjRiNmUzYTg4NDVmMjliNzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYtLm62FMY6d/mFC63C4D3bv7T1n
aZMoVixENCj0qhh/nl6z5aJoDWdlZGSJioLi+N2fy/GSCKrVPugNb8dskfNQdFEW
OYOhyn+Y1g6DBwt4MJwFSTgO1S76mmtDzCi2a9NDacEei+KMWl6beFW2feYPhuKw
WAAAt43SpM8oKuPLZYJYBbRRzhOlO5JeBMz3hTkOyM2aFUrzI886LpqoyXp3XnUo
k5y0U9nEmjfxmEg4+K2FQvoztb8VWANLXf0ALk7/ZvXA+xPXgcx/0Y+vqM9vsTGt
9uub2g4sa0Mr1xyMkyW/ncAdnoVkI06Ylidu8ZpxURfC/fhIo7c3ycs0EQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPSIdSMkmv1BafDCtLbjqIRfKbeCMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvOUloMUl5U2FfVUZwOE1LMHR1T29oRjhwdDRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVYWJMA0G
CSqGSIb3DQEBCwUAA4IBAQAhytakEH724TVYH/uOCPKdUGAczLcO1Ld8qn7HeW2L
rdmqnATDEUImdRsjqbB2tgAiib1f7nS6x8jKvX67r/I5S32gXKyi7TC1QGXDFjjG
12XdpJO5at+kuBym+eBd4fXSeK005TDoppP5AXtqDDEIkRJr0e1PG7+S05BQ6gAY
0Y8Z9Q7DGgeBJdlDitEJy8fkYim8IDgwvs/TCIk5dgCoBHVztyhDidUvkrBOAIJ+
Brk6iWfMfbIjBMlA2U77z1+70QHOd29sU2m/NPrZKP1qoLw3z+/p18WpoyzXi9q6
wMl3g2hhOE0AkQkvRHUWwaaANAsxkhOMHPQmku8FAlS2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org