Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/OKt9RG601GjEICgpQIaCs_SJ1VI.roa
File:                     OKt9RG601GjEICgpQIaCs_SJ1VI.roa (raw, json)
Hash identifier:          2zda1SBC+vPWsz/kUwczlRm3jOscUG2SPmk1VJx2AOs=
Subject key identifier:   38:AB:7D:44:6E:B4:D4:68:C4:20:28:29:40:86:82:B3:F4:89:D5:52
Certificate issuer:       /CN=e760126dce78bc16e66c2e6e7635848ac46846af
Certificate serial:       018572DF0C362E3AD60B9A8F879D4F3A1976
Authority key identifier: E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/OKt9RG601GjEICgpQIaCs_SJ1VI.roa
Signing time:             Mon 02 Jan 2023 14:24:58 +0000
ROA not before:           Mon 02 Jan 2023 14:24:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49999
IP address blocks:        146.247.108.0/24 maxlen: 24
                          146.247.114.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 30 Jan 2023 22:59:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:df:0c:36:2e:3a:d6:0b:9a:8f:87:9d:4f:3a:19:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e760126dce78bc16e66c2e6e7635848ac46846af
        Validity
            Not Before: Jan  2 14:24:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=38ab7d446eb4d468c4202829408682b3f489d552
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:cf:e7:73:4e:27:62:53:a7:48:c5:de:9c:43:
                    7e:8f:c5:e3:bf:c0:c7:38:1c:9f:b3:9f:a1:f4:69:
                    59:14:37:13:37:98:82:d6:71:e5:d1:b3:b5:18:d0:
                    21:a6:ce:bb:f5:de:f1:0c:d4:f8:ca:84:1a:5c:e6:
                    d3:34:d7:c4:b4:26:6a:56:3f:17:e3:e5:08:fd:28:
                    f6:9f:c7:94:6d:95:cd:75:44:01:f1:24:f6:5b:53:
                    9e:47:44:4a:01:11:86:1d:88:4b:47:a3:74:8b:d5:
                    9d:66:19:83:5b:37:b0:79:97:96:7e:53:72:db:ed:
                    7a:15:d7:d3:60:b0:2a:ce:09:0a:d3:90:d6:3f:cd:
                    34:e1:68:2a:3c:7a:ea:8a:5c:60:13:01:c0:00:d9:
                    99:19:d6:8f:45:af:d1:c0:f4:76:ba:20:6e:69:ec:
                    b0:a6:12:f9:a6:b3:79:c8:a4:33:99:00:be:b1:a9:
                    46:2f:b0:7b:ca:a9:b5:0f:48:dc:7a:e5:99:3b:13:
                    35:75:f1:d7:73:db:47:23:27:33:a2:d7:33:fb:61:
                    2a:65:a1:45:4d:d4:e2:a5:ae:60:06:5b:9f:0d:d5:
                    71:3d:d8:85:ea:90:eb:20:bf:14:bf:b2:07:4b:89:
                    d5:b6:ab:30:77:d3:f5:25:ab:b6:f9:c5:2b:1d:05:
                    43:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:AB:7D:44:6E:B4:D4:68:C4:20:28:29:40:86:82:B3:F4:89:D5:52
            X509v3 Authority Key Identifier:
                keyid:E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/OKt9RG601GjEICgpQIaCs_SJ1VI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.247.108.0/24
                  146.247.114.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:db:1c:2f:c9:e8:b8:14:45:8d:50:8d:0d:5f:9a:50:a8:52:
         20:32:3c:1d:3e:e5:5a:1c:65:26:9f:3d:de:9d:d3:4a:fb:a8:
         db:2f:c9:b4:63:64:2f:74:49:fe:bf:b7:eb:99:96:af:f1:cc:
         5b:eb:ea:d1:65:a9:fb:6c:93:34:b5:c5:f7:c3:6c:34:0f:77:
         da:ee:e2:90:1f:2c:7c:7e:f7:60:09:f5:aa:a4:4a:b5:48:8f:
         f3:0b:d0:98:ad:79:a9:11:be:9b:8f:48:a2:be:52:c4:19:88:
         d9:3a:f9:03:46:29:a2:fc:42:d8:b5:2e:12:af:65:23:4a:8a:
         29:56:13:7f:3c:b6:05:27:47:32:b6:83:0f:52:c5:02:3f:f7:
         47:0a:20:e1:4f:42:dc:df:94:a5:11:a3:2b:c9:f7:5e:e4:5e:
         3d:8b:08:87:36:a4:e2:c4:d6:97:06:f9:00:2d:e3:64:b9:35:
         b2:73:52:9f:b9:21:9d:d0:98:e5:41:30:58:a8:5d:d6:62:83:
         6c:da:d7:85:cf:e1:9f:1b:a3:c6:95:b3:9b:2c:a0:bf:7a:e1:
         0f:68:8b:af:7b:b8:50:d0:92:89:47:6a:75:92:67:5d:28:ab:
         01:ba:54:40:ce:07:be:d9:64:06:4b:10:6d:c3:63:f0:0c:ba:
         70:c5:e5:56
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVy3ww2LjrWC5qPh51POhl2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NjAxMjZkY2U3OGJjMTZlNjZjMmU2ZTc2MzU4NDhhYzQ2
ODQ2YWYwHhcNMjMwMTAyMTQyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGFiN2Q0NDZlYjRkNDY4YzQyMDI4Mjk0MDg2ODJiM2Y0ODlkNTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhc/nc04nYlOnSMXenEN+j8Xjv8DH
OByfs5+h9GlZFDcTN5iC1nHl0bO1GNAhps679d7xDNT4yoQaXObTNNfEtCZqVj8X
4+UI/Sj2n8eUbZXNdUQB8ST2W1OeR0RKARGGHYhLR6N0i9WdZhmDWzeweZeWflNy
2+16FdfTYLAqzgkK05DWP8004WgqPHrqilxgEwHAANmZGdaPRa/RwPR2uiBuaeyw
phL5prN5yKQzmQC+salGL7B7yqm1D0jceuWZOxM1dfHXc9tHIyczotcz+2EqZaFF
TdTipa5gBlufDdVxPdiF6pDrIL8Uv7IHS4nVtqswd9P1Jau2+cUrHQVDQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDirfURutNRoxCAoKUCGgrP0idVSMB8GA1UdIwQY
MBaAFOdgEm3OeLwW5mwubnY1hIrEaEavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3Yjgt
ZDI0ZjU2MmRlZGQyLzEvT0t0OVJHNjAxR2pFSUNncFFJYUNzX1NKMVZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3YjgtZDI0ZjU2MmRlZGQy
LzEvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkvdsAwQA
kvdyMA0GCSqGSIb3DQEBCwUAA4IBAQBl2xwvyei4FEWNUI0NX5pQqFIgMjwdPuVa
HGUmnz3endNK+6jbL8m0Y2QvdEn+v7frmZav8cxb6+rRZan7bJM0tcX3w2w0D3fa
7uKQHyx8fvdgCfWqpEq1SI/zC9CYrXmpEb6bj0iivlLEGYjZOvkDRimi/ELYtS4S
r2UjSoopVhN/PLYFJ0cytoMPUsUCP/dHCiDhT0Lc35SlEaMryfde5F49iwiHNqTi
xNaXBvkALeNkuTWyc1KfuSGd0JjlQTBYqF3WYoNs2teFz+GfG6PGlbObLKC/euEP
aIuve7hQ0JKJR2p1kmddKKsBulRAzge+2WQGSxBtw2PwDLpwxeVW
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:19 2024 by rpki-client on console-fra.rpki-client.org