Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/nHwEUv0nBGfXKP1n9wk8tc7emZQ.roa
File:                     nHwEUv0nBGfXKP1n9wk8tc7emZQ.roa (raw, json)
Hash identifier:          qx8z1zqiQlZeollG+ei3S1ufvXxtvdLzQOMqwIFSwlM=
Subject key identifier:   9C:7C:04:52:FD:27:04:67:D7:28:FD:67:F7:09:3C:B5:CE:DE:99:94
Certificate issuer:       /CN=b143fa703fbee04bbd91ce63a32148b36b8e55aa
Certificate serial:       01857139E272DE86CB2DFE26D3EC6C38FA04
Authority key identifier: B1:43:FA:70:3F:BE:E0:4B:BD:91:CE:63:A3:21:48:B3:6B:8E:55:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sUP6cD--4Eu9kc5joyFIs2uOVao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/nHwEUv0nBGfXKP1n9wk8tc7emZQ.roa
Signing time:             Mon 02 Jan 2023 06:44:56 +0000
ROA not before:           Mon 02 Jan 2023 06:44:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211631
IP address blocks:        85.112.98.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:39:e2:72:de:86:cb:2d:fe:26:d3:ec:6c:38:fa:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b143fa703fbee04bbd91ce63a32148b36b8e55aa
        Validity
            Not Before: Jan  2 06:44:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9c7c0452fd270467d728fd67f7093cb5cede9994
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:2a:96:38:9c:de:12:f3:81:40:bb:c2:e3:8c:
                    d6:c2:23:3b:d6:6f:77:37:30:c6:a5:b0:1c:a5:f3:
                    a9:2a:d5:e9:bb:36:95:1b:d4:cb:bd:2c:4f:17:ee:
                    5e:29:e4:df:e8:ba:6a:92:2e:d3:c9:65:34:18:d1:
                    bb:a8:64:bc:ee:4b:53:43:a4:3d:a3:7b:64:77:3a:
                    26:6f:0b:06:32:69:7b:34:6b:05:41:aa:3e:5f:04:
                    21:ad:e3:92:97:91:23:2e:92:2c:8d:a9:4a:af:81:
                    cb:9e:2f:f9:74:1f:06:1e:68:d1:eb:53:be:81:da:
                    7d:87:fd:8f:0a:37:aa:d1:e9:cf:97:75:a8:61:5b:
                    ab:82:ae:e2:95:9a:5d:fa:78:d2:3d:03:2a:23:10:
                    60:64:20:15:66:37:8a:a8:14:25:86:b3:0a:46:7f:
                    78:aa:21:77:d8:58:fd:1a:fd:5e:9f:49:93:dd:ad:
                    69:3c:db:2e:3a:b3:93:9d:bc:91:cb:37:6d:57:11:
                    8f:66:e0:1f:48:3a:2c:1c:3d:6d:a3:f0:c2:58:38:
                    7b:0d:49:b1:f0:20:21:1d:57:b0:e9:29:d7:14:6e:
                    7d:a2:f1:cb:18:93:98:0f:1f:30:c3:08:82:68:6f:
                    bd:c5:13:df:d8:84:d5:fe:aa:d6:02:17:07:b6:83:
                    8e:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:7C:04:52:FD:27:04:67:D7:28:FD:67:F7:09:3C:B5:CE:DE:99:94
            X509v3 Authority Key Identifier:
                keyid:B1:43:FA:70:3F:BE:E0:4B:BD:91:CE:63:A3:21:48:B3:6B:8E:55:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUP6cD--4Eu9kc5joyFIs2uOVao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/nHwEUv0nBGfXKP1n9wk8tc7emZQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/sUP6cD--4Eu9kc5joyFIs2uOVao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.112.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:13:04:17:b7:9b:a3:05:4b:cb:e7:bc:7d:9c:fe:79:0d:6b:
         b9:d4:3e:d4:d4:08:bb:42:aa:95:88:b0:0c:f2:a8:a7:fa:d6:
         d3:df:d5:8a:96:1a:1a:76:28:cd:9a:7c:a4:d7:62:d1:8d:da:
         94:55:f7:ec:af:54:00:03:68:06:40:09:f8:c3:e3:cc:a9:54:
         e4:05:c5:52:9a:e2:ca:ec:bb:04:56:14:f2:60:8b:eb:b9:39:
         bc:23:da:6a:53:3a:7b:26:e1:17:59:31:f7:aa:c1:25:9f:44:
         01:a0:d6:bc:81:e2:98:cd:a5:0f:cd:1e:58:f0:68:8e:28:75:
         a3:08:29:4d:5c:4f:64:75:d8:fb:2c:5d:90:fc:a0:9c:03:9e:
         e2:1d:18:df:52:aa:eb:af:0d:42:c2:95:ee:dd:67:1a:8f:f5:
         a9:d3:7c:fd:9b:13:c4:c3:85:47:60:33:09:bf:8e:56:25:1e:
         52:50:d2:a5:38:ef:75:cc:cc:0e:f6:6c:7b:87:4f:84:ad:c7:
         23:87:12:a6:5f:a0:b5:b5:a3:fc:81:a4:13:ec:cb:9f:f3:51:
         83:c4:51:5c:08:a1:e5:41:b9:b1:e3:b5:38:b3:f1:42:44:88:
         55:ae:d7:41:39:8e:b3:68:91:a7:26:a7:78:b2:46:54:57:20:
         d9:60:8d:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxOeJy3obLLf4m0+xsOPoEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNDNmYTcwM2ZiZWUwNGJiZDkxY2U2M2EzMjE0OGIzNmI4
ZTU1YWEwHhcNMjMwMTAyMDY0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzdjMDQ1MmZkMjcwNDY3ZDcyOGZkNjdmNzA5M2NiNWNlZGU5OTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiqWOJzeEvOBQLvC44zWwiM71m93
NzDGpbAcpfOpKtXpuzaVG9TLvSxPF+5eKeTf6Lpqki7TyWU0GNG7qGS87ktTQ6Q9
o3tkdzombwsGMml7NGsFQao+XwQhreOSl5EjLpIsjalKr4HLni/5dB8GHmjR61O+
gdp9h/2PCjeq0enPl3WoYVurgq7ilZpd+njSPQMqIxBgZCAVZjeKqBQlhrMKRn94
qiF32Fj9Gv1en0mT3a1pPNsuOrOTnbyRyzdtVxGPZuAfSDosHD1to/DCWDh7DUmx
8CAhHVew6SnXFG59ovHLGJOYDx8wwwiCaG+9xRPf2ITV/qrWAhcHtoOOZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJx8BFL9JwRn1yj9Z/cJPLXO3pmUMB8GA1UdIwQY
MBaAFLFD+nA/vuBLvZHOY6MhSLNrjlWqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VQNmNELS00RXU5a2M1am95RklzMnVPVmFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iOTM0MmYtNTkxNi00NjQ0LWIxYWEt
MDBkMWU3YTE3MGEyLzEvbkh3RVV2MG5CR2ZYS1Axbjl3azh0YzdlbVpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iOTM0MmYtNTkxNi00NjQ0LWIxYWEtMDBkMWU3YTE3MGEy
LzEvc1VQNmNELS00RXU5a2M1am95RklzMnVPVmFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXBiMA0G
CSqGSIb3DQEBCwUAA4IBAQB9EwQXt5ujBUvL57x9nP55DWu51D7U1Ai7QqqViLAM
8qin+tbT39WKlhoadijNmnyk12LRjdqUVffsr1QAA2gGQAn4w+PMqVTkBcVSmuLK
7LsEVhTyYIvruTm8I9pqUzp7JuEXWTH3qsEln0QBoNa8geKYzaUPzR5Y8GiOKHWj
CClNXE9kddj7LF2Q/KCcA57iHRjfUqrrrw1CwpXu3Wcaj/Wp03z9mxPEw4VHYDMJ
v45WJR5SUNKlOO91zMwO9mx7h0+ErccjhxKmX6C1taP8gaQT7Muf81GDxFFcCKHl
Qbmx47U4s/FCRIhVrtdBOY6zaJGnJqd4skZUVyDZYI1f
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:53 2024 by rpki-client on console-ams.rpki-client.org