Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/1ca469-2086-4c4c-a0b8-8d0857a1a4d7/1/SoHi3M-phAXinIjE_Lhn02lpoT0.roa
File:                     SoHi3M-phAXinIjE_Lhn02lpoT0.roa (raw, json)
Hash identifier:          itcTxG1fkzTLV+w0J+5zi0+3YglNS8zMjiIVuOwawzk=
Subject key identifier:   4A:81:E2:DC:CF:A9:84:05:E2:9C:88:C4:FC:B8:67:D3:69:69:A1:3D
Certificate issuer:       /CN=e41798a3ee49d523e88e1ad103e63e121d84d1b5
Certificate serial:       01857115404CB53863B2F87BA730511F722F
Authority key identifier: E4:17:98:A3:EE:49:D5:23:E8:8E:1A:D1:03:E6:3E:12:1D:84:D1:B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5BeYo-5J1SPojhrRA-Y-Eh2E0bU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/1ca469-2086-4c4c-a0b8-8d0857a1a4d7/1/SoHi3M-phAXinIjE_Lhn02lpoT0.roa
Signing time:             Mon 02 Jan 2023 06:04:56 +0000
ROA not before:           Mon 02 Jan 2023 06:04:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48314
IP address blocks:        91.214.8.0/23 maxlen: 23

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:15:40:4c:b5:38:63:b2:f8:7b:a7:30:51:1f:72:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e41798a3ee49d523e88e1ad103e63e121d84d1b5
        Validity
            Not Before: Jan  2 06:04:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4a81e2dccfa98405e29c88c4fcb867d36969a13d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:2c:bc:31:e5:16:53:92:b4:bd:69:a4:2e:98:
                    36:eb:12:c5:f0:c8:4a:8b:2d:f6:52:9f:c6:34:cd:
                    6d:4d:a9:23:89:25:21:3f:60:aa:c8:62:20:3c:30:
                    29:55:fd:3b:28:de:e5:d1:c9:e7:b2:50:ec:54:29:
                    47:f6:b3:dd:b5:88:d2:2d:4c:e6:f8:51:01:38:f7:
                    44:c0:61:db:1f:14:f3:5c:4a:e4:d4:8d:ce:9c:38:
                    c3:1d:5a:fe:06:15:7d:4b:c1:73:34:37:fa:dd:71:
                    35:69:8b:e8:fc:3f:92:6d:75:40:78:29:fe:d5:f1:
                    1c:95:d0:85:9e:6e:f1:4b:a9:5e:2e:b7:15:43:99:
                    bc:13:1d:1d:b1:f2:8a:e9:2e:5c:ad:55:24:d9:c2:
                    07:78:87:c4:5c:3e:bd:c4:33:2e:fa:a6:34:37:65:
                    af:89:44:6a:54:a1:24:23:0b:e2:66:10:2c:c0:23:
                    cb:59:b2:80:86:b4:11:f7:ce:0d:22:e6:90:99:31:
                    e9:cd:4d:d6:57:b2:1e:db:88:d8:04:a3:ef:cd:7a:
                    d9:ce:a8:c8:ce:2f:eb:b8:cf:c2:9c:11:e3:e1:0b:
                    e6:61:ea:3b:a6:dc:57:b9:c5:a2:d5:6e:a9:3a:bb:
                    78:e2:a6:6b:fe:af:be:76:5f:53:13:71:dc:0f:c6:
                    9f:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:81:E2:DC:CF:A9:84:05:E2:9C:88:C4:FC:B8:67:D3:69:69:A1:3D
            X509v3 Authority Key Identifier:
                keyid:E4:17:98:A3:EE:49:D5:23:E8:8E:1A:D1:03:E6:3E:12:1D:84:D1:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5BeYo-5J1SPojhrRA-Y-Eh2E0bU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/1ca469-2086-4c4c-a0b8-8d0857a1a4d7/1/SoHi3M-phAXinIjE_Lhn02lpoT0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/1ca469-2086-4c4c-a0b8-8d0857a1a4d7/1/5BeYo-5J1SPojhrRA-Y-Eh2E0bU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.214.8.0/23

    Signature Algorithm: sha256WithRSAEncryption
         81:85:66:01:99:27:5a:82:2b:84:d3:f2:d8:c5:22:91:e7:57:
         f4:03:29:ff:e8:4a:f5:d7:2c:09:0d:ad:f1:20:8a:63:09:f2:
         f7:de:6b:c3:1a:65:ec:b2:cc:fe:01:52:78:aa:f7:e0:4b:c6:
         2d:8a:9f:d8:f8:a4:12:30:fc:c5:89:8e:99:8e:b7:03:11:7f:
         e7:86:80:06:c0:1a:3b:95:78:05:29:df:77:b8:44:4b:c1:40:
         07:d4:cb:53:c6:53:9b:6c:73:49:5d:93:96:f4:55:b0:69:3a:
         4d:e6:e0:fa:c0:b4:d9:66:38:45:23:b5:36:df:f1:aa:23:62:
         7a:7f:4f:30:dc:02:cd:4e:63:0f:fe:44:a9:bf:c2:b9:3d:51:
         a2:07:77:34:c1:74:a5:59:20:c2:b5:08:53:32:fe:28:d2:42:
         3f:a9:cb:e1:a0:93:53:48:78:85:7a:bd:21:34:4d:f3:8c:e0:
         b4:8f:3b:47:0f:d8:88:30:e8:b8:33:4a:44:45:cc:99:cc:de:
         62:bd:62:4e:60:ac:22:f2:03:7e:c9:12:ec:19:82:ee:e2:20:
         65:ab:ab:b5:87:6d:3a:46:2c:e7:18:a8:ff:ae:bb:db:c4:2f:
         9f:e8:f5:28:13:91:02:be:c9:b9:28:b1:68:62:e3:11:11:1d:
         38:96:93:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFUBMtThjsvh7pzBRH3IvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MTc5OGEzZWU0OWQ1MjNlODhlMWFkMTAzZTYzZTEyMWQ4
NGQxYjUwHhcNMjMwMTAyMDYwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTgxZTJkY2NmYTk4NDA1ZTI5Yzg4YzRmY2I4NjdkMzY5NjlhMTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviy8MeUWU5K0vWmkLpg26xLF8MhK
iy32Up/GNM1tTakjiSUhP2CqyGIgPDApVf07KN7l0cnnslDsVClH9rPdtYjSLUzm
+FEBOPdEwGHbHxTzXErk1I3OnDjDHVr+BhV9S8FzNDf63XE1aYvo/D+SbXVAeCn+
1fEcldCFnm7xS6leLrcVQ5m8Ex0dsfKK6S5crVUk2cIHeIfEXD69xDMu+qY0N2Wv
iURqVKEkIwviZhAswCPLWbKAhrQR984NIuaQmTHpzU3WV7Ie24jYBKPvzXrZzqjI
zi/ruM/CnBHj4QvmYeo7ptxXucWi1W6pOrt44qZr/q++dl9TE3HcD8afDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEqB4tzPqYQF4pyIxPy4Z9NpaaE9MB8GA1UdIwQY
MBaAFOQXmKPuSdUj6I4a0QPmPhIdhNG1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUJlWW8tNUoxU1BvamhyUkEtWS1FaDJFMGJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8xY2E0NjktMjA4Ni00YzRjLWEwYjgt
OGQwODU3YTFhNGQ3LzEvU29IaTNNLXBoQVhpbklqRV9MaG4wMmxwb1QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC8xY2E0NjktMjA4Ni00YzRjLWEwYjgtOGQwODU3YTFhNGQ3
LzEvNUJlWW8tNUoxU1BvamhyUkEtWS1FaDJFMGJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW9YIMA0G
CSqGSIb3DQEBCwUAA4IBAQCBhWYBmSdagiuE0/LYxSKR51f0Ayn/6Er11ywJDa3x
IIpjCfL33mvDGmXsssz+AVJ4qvfgS8Ytip/Y+KQSMPzFiY6ZjrcDEX/nhoAGwBo7
lXgFKd93uERLwUAH1MtTxlObbHNJXZOW9FWwaTpN5uD6wLTZZjhFI7U23/GqI2J6
f08w3ALNTmMP/kSpv8K5PVGiB3c0wXSlWSDCtQhTMv4o0kI/qcvhoJNTSHiFer0h
NE3zjOC0jztHD9iIMOi4M0pERcyZzN5ivWJOYKwi8gN+yRLsGYLu4iBlq6u1h206
RiznGKj/rrvbxC+f6PUoE5ECvsm5KLFoYuMRER04lpPJ
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:37 2024 by rpki-client on console-ams.rpki-client.org