Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/GsrgKSbgM0uSD2q0s7JMLWRrCz8.roa
File:                     GsrgKSbgM0uSD2q0s7JMLWRrCz8.roa (raw, json)
Hash identifier:          h33F7jqz/gdGTmsNjDoV9GSVh47wgW2g+8evPwMZyLA=
Subject key identifier:   1A:CA:E0:29:26:E0:33:4B:92:0F:6A:B4:B3:B2:4C:2D:64:6B:0B:3F
Certificate issuer:       /CN=4ecf53007c79cc5e2f2d7356ba9121a78c0c7714
Certificate serial:       01856FC2604EFD4682092F155741CD919AC6
Authority key identifier: 4E:CF:53:00:7C:79:CC:5E:2F:2D:73:56:BA:91:21:A7:8C:0C:77:14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/GsrgKSbgM0uSD2q0s7JMLWRrCz8.roa
Signing time:             Sun 01 Jan 2023 23:54:47 +0000
ROA not before:           Sun 01 Jan 2023 23:54:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12743
IP address blocks:        194.9.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:c2:60:4e:fd:46:82:09:2f:15:57:41:cd:91:9a:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ecf53007c79cc5e2f2d7356ba9121a78c0c7714
        Validity
            Not Before: Jan  1 23:54:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1acae02926e0334b920f6ab4b3b24c2d646b0b3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:b1:e5:b6:c8:b7:ac:5c:bf:aa:ae:5b:b7:fa:
                    50:4e:bf:f2:b0:bf:fe:6c:41:0a:73:61:42:9a:e4:
                    2d:90:0d:48:d9:5b:43:cc:86:fa:de:3a:a5:b6:82:
                    23:44:75:d4:d4:32:ae:4e:56:66:08:83:a0:76:a8:
                    06:eb:53:5b:e6:54:3e:26:79:93:9d:68:6e:23:d1:
                    1a:33:b7:df:9f:be:91:d2:98:63:c9:43:da:79:13:
                    5d:ca:9c:68:db:88:cd:ad:09:f3:e8:56:b9:1e:fa:
                    f9:24:1f:ba:73:89:ea:54:3e:3e:1e:ae:11:36:58:
                    55:9d:fd:0e:a6:aa:57:28:1a:7a:12:c5:b6:e6:50:
                    9a:99:14:6d:b7:b7:b8:8a:06:7d:ea:5e:b4:7a:dd:
                    7c:66:a0:51:0d:81:dc:f4:0d:84:19:35:bf:bf:92:
                    1f:54:17:8b:bc:2a:55:03:21:73:06:d1:05:9a:6c:
                    30:34:14:08:3a:3c:40:2b:7e:c7:b6:e5:ec:a1:c7:
                    d8:0b:55:00:74:f6:85:17:9b:85:e0:29:ab:96:5a:
                    ea:4d:e5:b5:38:36:65:62:d5:aa:57:ee:6b:7b:82:
                    96:01:18:1b:80:15:4c:4d:1b:4f:22:80:17:96:37:
                    b4:81:bb:98:97:1d:94:ee:d2:7c:8d:69:12:b4:15:
                    9c:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:CA:E0:29:26:E0:33:4B:92:0F:6A:B4:B3:B2:4C:2D:64:6B:0B:3F
            X509v3 Authority Key Identifier:
                keyid:4E:CF:53:00:7C:79:CC:5E:2F:2D:73:56:BA:91:21:A7:8C:0C:77:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/GsrgKSbgM0uSD2q0s7JMLWRrCz8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.9.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:c2:f1:8e:29:fb:28:44:dd:ab:97:0a:e1:88:a8:34:c8:bc:
         11:69:c3:62:d6:9c:1e:e9:c2:9a:12:2e:f8:3d:2f:a4:21:b2:
         74:f9:0a:fc:ff:af:f3:00:73:02:88:49:18:36:e7:4a:87:e9:
         a3:4f:6a:c6:c0:73:56:c4:a3:63:fb:34:77:6d:a6:96:c3:56:
         36:34:16:14:7c:f0:21:02:d2:91:b6:58:1b:03:d7:c3:61:f5:
         da:ea:fc:b4:b1:8f:71:c8:cd:74:ce:95:7b:87:8f:89:10:ca:
         5e:cd:31:d3:b1:ef:8a:f2:c6:d9:6d:09:59:c0:9c:9c:54:35:
         e2:bd:e0:6d:9c:98:72:6a:17:f8:55:ca:2f:46:7e:a5:32:fb:
         3b:02:33:67:ac:70:1a:04:e8:9b:55:d3:20:71:3c:72:d8:73:
         3f:31:ab:54:ff:7b:dd:91:4c:61:d9:91:94:c8:5c:2a:dd:65:
         8f:b6:2f:46:0d:cc:da:36:f8:15:f7:26:59:2d:32:02:24:f8:
         47:8d:83:df:af:d9:62:7b:ad:91:13:f3:0a:c4:0d:b9:d0:1f:
         59:ad:a8:33:61:e4:d9:eb:a8:8a:b2:21:5f:b3:0d:7d:7c:1b:
         30:a4:d3:23:b7:7c:50:95:b4:6b:1e:c4:f6:ce:17:38:6e:38:
         68:08:d3:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvwmBO/UaCCS8VV0HNkZrGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlY2Y1MzAwN2M3OWNjNWUyZjJkNzM1NmJhOTEyMWE3OGMw
Yzc3MTQwHhcNMjMwMTAxMjM1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWNhZTAyOTI2ZTAzMzRiOTIwZjZhYjRiM2IyNGMyZDY0NmIwYjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirHltsi3rFy/qq5bt/pQTr/ysL/+
bEEKc2FCmuQtkA1I2VtDzIb63jqltoIjRHXU1DKuTlZmCIOgdqgG61Nb5lQ+JnmT
nWhuI9EaM7ffn76R0phjyUPaeRNdypxo24jNrQnz6Fa5Hvr5JB+6c4nqVD4+Hq4R
NlhVnf0OpqpXKBp6EsW25lCamRRtt7e4igZ96l60et18ZqBRDYHc9A2EGTW/v5If
VBeLvCpVAyFzBtEFmmwwNBQIOjxAK37HtuXsocfYC1UAdPaFF5uF4CmrllrqTeW1
ODZlYtWqV+5re4KWARgbgBVMTRtPIoAXlje0gbuYlx2U7tJ8jWkStBWcBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBrK4Ckm4DNLkg9qtLOyTC1kaws/MB8GA1UdIwQY
MBaAFE7PUwB8ecxeLy1zVrqRIaeMDHcUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHM5VEFIeDV6RjR2TFhOV3VwRWhwNHdNZHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82NDhjNzUtMmJlOC00YmZkLWExYjEt
Y2I4YjNhMDk0MjA5LzEvR3NyZ0tTYmdNMHVTRDJxMHM3Sk1MV1JyQ3o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82NDhjNzUtMmJlOC00YmZkLWExYjEtY2I4YjNhMDk0MjA5
LzEvVHM5VEFIeDV6RjR2TFhOV3VwRWhwNHdNZHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgnfMA0G
CSqGSIb3DQEBCwUAA4IBAQBuwvGOKfsoRN2rlwrhiKg0yLwRacNi1pwe6cKaEi74
PS+kIbJ0+Qr8/6/zAHMCiEkYNudKh+mjT2rGwHNWxKNj+zR3baaWw1Y2NBYUfPAh
AtKRtlgbA9fDYfXa6vy0sY9xyM10zpV7h4+JEMpezTHTse+K8sbZbQlZwJycVDXi
veBtnJhyahf4VcovRn6lMvs7AjNnrHAaBOibVdMgcTxy2HM/MatU/3vdkUxh2ZGU
yFwq3WWPti9GDczaNvgV9yZZLTICJPhHjYPfr9lie62RE/MKxA250B9ZragzYeTZ
66iKsiFfsw19fBswpNMjt3xQlbRrHsT2zhc4bjhoCNN0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:16 2024 by rpki-client on console-ams.rpki-client.org