Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/908143-f916-4718-8f97-4bd3392d55d1/1/IJdRNYZn5cBCrd1hv8JYkyy_b9w.roa
File:                     IJdRNYZn5cBCrd1hv8JYkyy_b9w.roa (raw, json)
Hash identifier:          AXQWOx5CiN1QJa2n1o7GY9M3wzg5kRK1ZscTtcBFUxU=
Subject key identifier:   20:97:51:35:86:67:E5:C0:42:AD:DD:61:BF:C2:58:93:2C:BF:6F:DC
Certificate issuer:       /CN=46fe7b56722245116d4234be484a02a48a1dde1f
Certificate serial:       01857127753359B71C522CD63167F5AB330D
Authority key identifier: 46:FE:7B:56:72:22:45:11:6D:42:34:BE:48:4A:02:A4:8A:1D:DE:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Rv57VnIiRRFtQjS-SEoCpIod3h8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/908143-f916-4718-8f97-4bd3392d55d1/1/IJdRNYZn5cBCrd1hv8JYkyy_b9w.roa
Signing time:             Mon 02 Jan 2023 06:24:49 +0000
ROA not before:           Mon 02 Jan 2023 06:24:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15576
IP address blocks:        185.79.200.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:27:75:33:59:b7:1c:52:2c:d6:31:67:f5:ab:33:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=46fe7b56722245116d4234be484a02a48a1dde1f
        Validity
            Not Before: Jan  2 06:24:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=209751358667e5c042addd61bfc258932cbf6fdc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:fc:40:6c:83:c1:c7:bf:b6:d8:7e:84:5e:46:
                    ba:ed:4a:8a:a4:77:f9:cd:b3:7a:55:fc:ff:a3:29:
                    b4:59:d3:82:b0:04:9f:63:41:d7:3f:e0:d7:ab:bc:
                    a3:c2:a0:43:61:51:02:a9:1c:66:17:3c:b8:0e:2d:
                    41:a0:f6:dc:09:b2:a4:f1:cb:fa:a7:61:ec:49:1c:
                    29:c7:ea:12:74:d8:46:2c:98:77:fa:d7:be:5c:a8:
                    5e:ef:bb:98:a9:83:ab:b4:fb:46:2c:cc:1f:f9:f9:
                    7e:3b:fb:0b:f7:ff:e5:4b:99:36:4f:08:5f:b0:8a:
                    c5:bb:13:5d:a7:76:be:64:88:dd:43:2e:5a:41:6e:
                    0e:ea:0c:63:c8:6a:fe:d6:3b:a2:9d:fe:ac:06:42:
                    cc:76:33:e0:2c:ff:ca:7c:24:fb:c2:be:84:b7:de:
                    e0:7d:f4:e0:64:1b:2f:ce:87:4c:bb:d2:07:53:47:
                    87:eb:b4:cc:56:c4:28:32:47:6c:ab:a0:2e:89:98:
                    6e:b4:a8:6d:1c:88:3f:de:91:36:7f:71:8b:85:8b:
                    f1:dc:46:5b:c0:ae:92:27:4d:7f:dd:4e:d1:d6:ed:
                    c8:69:6e:98:3b:5b:20:c9:af:be:40:01:ab:f8:58:
                    05:99:9f:ab:5a:18:10:54:de:9a:17:6c:bf:72:78:
                    7c:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:97:51:35:86:67:E5:C0:42:AD:DD:61:BF:C2:58:93:2C:BF:6F:DC
            X509v3 Authority Key Identifier:
                keyid:46:FE:7B:56:72:22:45:11:6D:42:34:BE:48:4A:02:A4:8A:1D:DE:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rv57VnIiRRFtQjS-SEoCpIod3h8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/908143-f916-4718-8f97-4bd3392d55d1/1/IJdRNYZn5cBCrd1hv8JYkyy_b9w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/908143-f916-4718-8f97-4bd3392d55d1/1/Rv57VnIiRRFtQjS-SEoCpIod3h8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.79.200.0/23

    Signature Algorithm: sha256WithRSAEncryption
         65:0e:93:bb:19:10:ce:c8:40:4c:80:50:ab:16:5d:d2:95:73:
         aa:7c:c2:32:12:60:67:e0:9f:60:e6:b0:54:1c:f5:3d:92:b6:
         e2:9d:7f:e2:67:16:a2:7d:0c:ee:10:4d:bd:aa:58:f5:26:5a:
         55:03:af:0e:e1:81:99:af:af:4e:fa:c0:41:f7:13:1a:03:10:
         b7:2c:0d:62:b0:17:28:9f:80:8d:30:a8:19:69:b4:e8:ef:32:
         c2:66:d7:f3:4a:3f:1e:9d:03:26:41:46:a1:5a:64:43:48:bd:
         50:ba:f8:57:09:91:69:3e:73:39:99:3f:71:8c:c4:14:42:94:
         6d:f6:e1:c2:3d:b6:98:0a:32:15:eb:6d:3a:58:27:68:e5:b4:
         4c:2c:fe:50:c5:9b:3e:05:40:63:50:28:83:3c:6b:3d:9e:c8:
         eb:7a:02:63:89:db:6d:3c:f5:d3:38:45:15:24:40:a6:f9:55:
         6a:6b:b7:f1:61:87:ec:02:bc:21:eb:b3:68:3c:c2:25:a3:bb:
         87:8e:5c:64:9e:f2:85:e9:7a:60:cd:9a:75:ec:88:1c:3d:07:
         69:a8:c7:d6:98:c0:78:98:8f:c2:e4:2e:85:cb:ba:5f:6f:2b:
         f9:ec:c3:88:29:fb:05:a4:09:f8:91:5b:91:bb:8a:58:79:44:
         20:9a:1c:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxJ3UzWbccUizWMWf1qzMNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZmU3YjU2NzIyMjQ1MTE2ZDQyMzRiZTQ4NGEwMmE0OGEx
ZGRlMWYwHhcNMjMwMTAyMDYyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDk3NTEzNTg2NjdlNWMwNDJhZGRkNjFiZmMyNTg5MzJjYmY2ZmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfxAbIPBx7+22H6EXka67UqKpHf5
zbN6Vfz/oym0WdOCsASfY0HXP+DXq7yjwqBDYVECqRxmFzy4Di1BoPbcCbKk8cv6
p2HsSRwpx+oSdNhGLJh3+te+XKhe77uYqYOrtPtGLMwf+fl+O/sL9//lS5k2Twhf
sIrFuxNdp3a+ZIjdQy5aQW4O6gxjyGr+1juinf6sBkLMdjPgLP/KfCT7wr6Et97g
ffTgZBsvzodMu9IHU0eH67TMVsQoMkdsq6AuiZhutKhtHIg/3pE2f3GLhYvx3EZb
wK6SJ01/3U7R1u3IaW6YO1sgya++QAGr+FgFmZ+rWhgQVN6aF2y/cnh8WwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCCXUTWGZ+XAQq3dYb/CWJMsv2/cMB8GA1UdIwQY
MBaAFEb+e1ZyIkURbUI0vkhKAqSKHd4fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnY1N1ZuSWlSUkZ0UWpTLVNFb0NwSW9kM2g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85MDgxNDMtZjkxNi00NzE4LThmOTct
NGJkMzM5MmQ1NWQxLzEvSUpkUk5ZWm41Y0JDcmQxaHY4SllreXlfYjl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85MDgxNDMtZjkxNi00NzE4LThmOTctNGJkMzM5MmQ1NWQx
LzEvUnY1N1ZuSWlSUkZ0UWpTLVNFb0NwSW9kM2g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuU/IMA0G
CSqGSIb3DQEBCwUAA4IBAQBlDpO7GRDOyEBMgFCrFl3SlXOqfMIyEmBn4J9g5rBU
HPU9krbinX/iZxaifQzuEE29qlj1JlpVA68O4YGZr69O+sBB9xMaAxC3LA1isBco
n4CNMKgZabTo7zLCZtfzSj8enQMmQUahWmRDSL1QuvhXCZFpPnM5mT9xjMQUQpRt
9uHCPbaYCjIV6206WCdo5bRMLP5QxZs+BUBjUCiDPGs9nsjregJjidttPPXTOEUV
JECm+VVqa7fxYYfsArwh67NoPMIlo7uHjlxknvKF6XpgzZp17IgcPQdpqMfWmMB4
mI/C5C6Fy7pfbyv57MOIKfsFpAn4kVuRu4pYeUQgmhxT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:23 2024 by rpki-client on console-ams.rpki-client.org