Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/7fj3fVykKTz803jvsvYp-VGMvJY.roa
File:                     7fj3fVykKTz803jvsvYp-VGMvJY.roa (raw, json)
Hash identifier:          SENXOGUY01uDsiy1+hvsRiLtmEWXOu8fUl2d8ZSxsUI=
Subject key identifier:   ED:F8:F7:7D:5C:A4:29:3C:FC:D3:78:EF:B2:F6:29:F9:51:8C:BC:96
Certificate issuer:       /CN=65179265803b7804d0fccf5962a8b163743e0d1e
Certificate serial:       018B471788E2BE63BAFD562E53A90AE1DAE1
Authority key identifier: 65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/7fj3fVykKTz803jvsvYp-VGMvJY.roa
Signing time:             Thu 19 Oct 2023 08:40:06 +0000
ROA not before:           Thu 19 Oct 2023 08:40:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     398465
IP address blocks:        160.214.111.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 24 Nov 2023 15:11:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:47:17:88:e2:be:63:ba:fd:56:2e:53:a9:0a:e1:da:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65179265803b7804d0fccf5962a8b163743e0d1e
        Validity
            Not Before: Oct 19 08:40:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=edf8f77d5ca4293cfcd378efb2f629f9518cbc96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:0c:65:03:a9:99:5a:18:14:bd:c2:25:a5:16:
                    d4:23:30:39:f9:2a:82:eb:04:5a:a7:e2:3f:97:78:
                    19:85:f0:ae:2c:82:a5:5a:7e:d0:75:8d:a1:12:42:
                    60:b7:19:16:38:5c:af:a1:5c:32:99:1b:01:6b:59:
                    9a:f4:9e:cb:1f:c5:8f:d2:da:5d:d9:93:fe:c7:ce:
                    5b:c8:da:86:3b:06:01:61:fb:5d:cc:2b:18:ea:61:
                    f2:4c:40:96:2b:e8:63:69:ed:e7:d2:34:9e:43:51:
                    2d:31:99:9f:ed:9b:93:c0:2b:05:f2:38:8b:73:2c:
                    01:82:a1:4c:eb:42:14:4b:16:5b:1e:e3:c0:ac:bc:
                    29:1b:6c:36:b2:38:a0:99:31:ff:4e:cd:df:a8:84:
                    ca:77:e1:14:6b:84:76:cb:d9:73:5d:b9:1b:ca:b1:
                    83:a5:2c:cc:8a:b7:db:7e:12:82:e6:88:78:f2:b7:
                    75:b7:89:f7:f9:11:93:c4:0d:69:a9:6d:ef:ef:e3:
                    c9:3f:d7:ee:90:3c:e3:ae:87:f8:ae:a7:48:b4:af:
                    89:f2:74:60:33:b0:ce:76:a8:62:ef:fe:6d:63:3e:
                    c4:99:d6:6a:68:ab:04:6e:ee:4f:86:b8:a4:61:bb:
                    b3:a0:65:df:b7:7d:37:66:e0:09:db:cd:d8:27:b2:
                    1e:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:F8:F7:7D:5C:A4:29:3C:FC:D3:78:EF:B2:F6:29:F9:51:8C:BC:96
            X509v3 Authority Key Identifier:
                keyid:65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/7fj3fVykKTz803jvsvYp-VGMvJY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.214.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:8b:9d:90:e4:a9:89:92:7b:55:61:4f:31:fd:da:64:dc:0a:
         ad:c0:4c:76:cc:75:5d:91:22:4f:58:ce:be:42:61:92:72:e7:
         cd:86:e0:4d:db:53:f5:45:de:24:94:64:9d:75:98:29:1a:bf:
         d8:e0:fe:31:b5:f8:d3:09:75:ec:64:c7:1f:39:cd:e1:e3:fc:
         fa:8a:20:58:4f:d7:62:f6:e9:2e:7c:a5:10:87:15:14:2f:ba:
         14:c5:d4:02:3c:5f:a0:c9:57:a1:d0:b8:8b:1d:d6:c1:75:d7:
         5b:27:42:21:64:69:44:2b:f4:c9:79:39:63:f0:ff:a2:20:68:
         d1:8a:98:58:28:90:e8:a6:09:a4:2f:72:32:fd:13:9e:97:51:
         64:26:72:df:41:df:16:33:87:51:e0:f7:95:c2:56:98:b0:fb:
         49:73:04:e4:ef:e7:33:89:25:c8:0d:87:ea:22:73:7b:e3:20:
         55:08:1b:4e:e6:c7:44:2e:47:c1:19:8a:05:aa:e4:dc:cf:91:
         9c:f9:af:eb:5f:92:42:21:76:e2:eb:36:5b:e6:19:71:83:37:
         ed:07:39:aa:49:af:ad:91:1c:6d:72:23:95:3e:e0:20:89:a3:
         a4:a4:79:38:04:94:3d:7e:bb:8d:22:68:7e:1d:a5:71:db:c3:
         98:79:3b:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtHF4jivmO6/VYuU6kK4drhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTc5MjY1ODAzYjc4MDRkMGZjY2Y1OTYyYThiMTYzNzQz
ZTBkMWUwHhcNMjMxMDE5MDg0MDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGY4Zjc3ZDVjYTQyOTNjZmNkMzc4ZWZiMmY2MjlmOTUxOGNiYzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgxlA6mZWhgUvcIlpRbUIzA5+SqC
6wRap+I/l3gZhfCuLIKlWn7QdY2hEkJgtxkWOFyvoVwymRsBa1ma9J7LH8WP0tpd
2ZP+x85byNqGOwYBYftdzCsY6mHyTECWK+hjae3n0jSeQ1EtMZmf7ZuTwCsF8jiL
cywBgqFM60IUSxZbHuPArLwpG2w2sjigmTH/Ts3fqITKd+EUa4R2y9lzXbkbyrGD
pSzMirfbfhKC5oh48rd1t4n3+RGTxA1pqW3v7+PJP9fukDzjrof4rqdItK+J8nRg
M7DOdqhi7/5tYz7EmdZqaKsEbu5PhrikYbuzoGXft303ZuAJ283YJ7IeDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO34931cpCk8/NN477L2KflRjLyWMB8GA1UdIwQY
MBaAFGUXkmWAO3gE0PzPWWKosWN0Pg0eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEt
ZjdiYjZkOWEzYmU4LzEvN2ZqM2ZWeWtLVHo4MDNqdnN2WXAtVkdNdkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEtZjdiYjZkOWEzYmU4
LzEvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoNZvMA0G
CSqGSIb3DQEBCwUAA4IBAQCQi52Q5KmJkntVYU8x/dpk3AqtwEx2zHVdkSJPWM6+
QmGScufNhuBN21P1Rd4klGSddZgpGr/Y4P4xtfjTCXXsZMcfOc3h4/z6iiBYT9di
9ukufKUQhxUUL7oUxdQCPF+gyVeh0LiLHdbBdddbJ0IhZGlEK/TJeTlj8P+iIGjR
iphYKJDopgmkL3Iy/ROel1FkJnLfQd8WM4dR4PeVwlaYsPtJcwTk7+cziSXIDYfq
InN74yBVCBtO5sdELkfBGYoFquTcz5Gc+a/rX5JCIXbi6zZb5hlxgzftBzmqSa+t
kRxtciOVPuAgiaOkpHk4BJQ9fruNImh+HaVx28OYeTsA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:11 2024 by rpki-client on console-fra.rpki-client.org