Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/2eb41a-6fa6-416b-8752-36ef73f2c900/1/d29EqEHOnRTzT3d8jJEMoHENYQ8.roa
File:                     d29EqEHOnRTzT3d8jJEMoHENYQ8.roa (raw, json)
Hash identifier:          D6o8s7HuaT3CAjRsQ3eShO2wLzpSGcQCZNk7GUArZjs=
Subject key identifier:   77:6F:44:A8:41:CE:9D:14:F3:4F:77:7C:8C:91:0C:A0:71:0D:61:0F
Certificate issuer:       /CN=acaec954f476f77ef1a33b619d44a5730bebd7bf
Certificate serial:       01856F66EF099868F6AF97966C8957D006B9
Authority key identifier: AC:AE:C9:54:F4:76:F7:7E:F1:A3:3B:61:9D:44:A5:73:0B:EB:D7:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rK7JVPR2937xozthnUSlcwvr178.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/2eb41a-6fa6-416b-8752-36ef73f2c900/1/d29EqEHOnRTzT3d8jJEMoHENYQ8.roa
Signing time:             Sun 01 Jan 2023 22:14:54 +0000
ROA not before:           Sun 01 Jan 2023 22:14:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50285
IP address blocks:        78.41.56.0/21 maxlen: 21

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:66:ef:09:98:68:f6:af:97:96:6c:89:57:d0:06:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=acaec954f476f77ef1a33b619d44a5730bebd7bf
        Validity
            Not Before: Jan  1 22:14:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=776f44a841ce9d14f34f777c8c910ca0710d610f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:fe:f2:fb:8d:ec:73:2c:5e:e0:76:50:29:73:
                    ce:7b:00:75:6d:70:bc:f9:65:73:9a:02:ee:2a:7f:
                    a2:a3:65:40:60:7b:a0:1f:58:61:f2:0d:b8:a4:b3:
                    a2:87:c6:05:4f:ac:87:20:f9:43:0a:8c:c7:30:2a:
                    c3:38:d0:37:a1:57:a0:80:85:9e:78:2b:d2:7d:48:
                    25:fc:9b:55:35:72:e6:7d:52:9b:c8:df:ca:02:07:
                    56:2a:8b:d6:8b:db:af:2b:06:ba:58:e3:0e:12:62:
                    c9:93:7e:1f:be:11:60:c3:c5:52:b2:68:8d:59:06:
                    85:68:e0:a1:19:88:4c:00:b3:dc:3a:71:da:23:19:
                    df:e1:44:cb:ee:f5:9b:eb:be:40:98:88:ba:75:dc:
                    eb:41:6a:3f:a7:a9:3b:d1:2a:16:5b:d5:44:db:7e:
                    7d:31:db:92:c7:d3:e7:ac:02:ca:f1:f7:1b:a0:f6:
                    94:b1:de:39:41:72:81:32:61:cf:cb:3f:e5:ea:48:
                    bc:23:6d:f9:e2:fc:35:41:15:31:4b:20:54:d1:06:
                    7d:b6:4b:31:ec:8f:bc:04:6e:22:ef:32:26:85:e4:
                    96:b2:3c:28:be:b6:55:da:a8:57:a4:2b:df:38:ed:
                    74:e5:b3:d2:4c:75:26:7d:3a:a0:65:09:03:36:60:
                    1c:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:6F:44:A8:41:CE:9D:14:F3:4F:77:7C:8C:91:0C:A0:71:0D:61:0F
            X509v3 Authority Key Identifier:
                keyid:AC:AE:C9:54:F4:76:F7:7E:F1:A3:3B:61:9D:44:A5:73:0B:EB:D7:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rK7JVPR2937xozthnUSlcwvr178.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/2eb41a-6fa6-416b-8752-36ef73f2c900/1/d29EqEHOnRTzT3d8jJEMoHENYQ8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/2eb41a-6fa6-416b-8752-36ef73f2c900/1/rK7JVPR2937xozthnUSlcwvr178.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.41.56.0/21

    Signature Algorithm: sha256WithRSAEncryption
         b6:a3:bc:16:c8:72:bd:9c:6c:ee:a6:56:a7:7f:85:e4:e6:07:
         2c:87:48:24:c9:2a:f5:f0:6a:26:54:ac:69:5d:b4:62:33:b6:
         1e:c4:25:b9:fc:c2:16:11:5b:6b:fe:89:bd:f2:00:d7:06:d5:
         de:98:8f:87:fb:a0:0c:c1:74:c2:2e:4a:d7:c2:d3:6d:08:a6:
         2a:9d:cb:c0:82:6a:32:a0:f2:75:05:f6:03:b0:d2:78:fb:59:
         77:35:5d:ee:fd:9b:3b:b8:02:58:88:d6:02:35:d7:51:dc:96:
         98:e3:39:25:56:de:2f:c2:71:af:d5:61:2d:b0:3c:6d:22:e6:
         8b:9a:4d:89:22:bc:2e:6e:3c:9a:e7:ef:8c:63:98:c6:68:f0:
         b9:f1:c7:dc:67:02:c9:9e:a0:ff:3b:ee:ef:5a:93:04:02:92:
         af:d4:73:79:34:d4:bf:72:44:03:ed:b5:2b:76:90:61:ec:0f:
         b4:52:01:c8:53:48:b8:8f:1d:0d:0e:7b:f0:54:f1:b9:33:eb:
         ae:5f:56:7c:25:76:35:ca:e1:59:43:80:23:d5:be:a0:e8:4c:
         9d:e8:cc:1c:19:87:7c:ab:f0:fd:e5:47:2e:80:de:67:92:be:
         a5:0d:d5:ed:b4:af:1c:e4:34:13:7e:42:3e:bc:a7:c0:0b:52:
         fa:73:18:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZu8JmGj2r5eWbIlX0Aa5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYWVjOTU0ZjQ3NmY3N2VmMWEzM2I2MTlkNDRhNTczMGJl
YmQ3YmYwHhcNMjMwMTAxMjIxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzZmNDRhODQxY2U5ZDE0ZjM0Zjc3N2M4YzkxMGNhMDcxMGQ2MTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxP7y+43scyxe4HZQKXPOewB1bXC8
+WVzmgLuKn+io2VAYHugH1hh8g24pLOih8YFT6yHIPlDCozHMCrDONA3oVeggIWe
eCvSfUgl/JtVNXLmfVKbyN/KAgdWKovWi9uvKwa6WOMOEmLJk34fvhFgw8VSsmiN
WQaFaOChGYhMALPcOnHaIxnf4UTL7vWb675AmIi6ddzrQWo/p6k70SoWW9VE2359
MduSx9PnrALK8fcboPaUsd45QXKBMmHPyz/l6ki8I2354vw1QRUxSyBU0QZ9tksx
7I+8BG4i7zImheSWsjwovrZV2qhXpCvfOO105bPSTHUmfTqgZQkDNmAcwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHdvRKhBzp0U8093fIyRDKBxDWEPMB8GA1UdIwQY
MBaAFKyuyVT0dvd+8aM7YZ1EpXML69e/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcks3SlZQUjI5Mzd4b3p0aG5VU2xjd3ZyMTc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8yZWI0MWEtNmZhNi00MTZiLTg3NTIt
MzZlZjczZjJjOTAwLzEvZDI5RXFFSE9uUlR6VDNkOGpKRU1vSEVOWVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC8yZWI0MWEtNmZhNi00MTZiLTg3NTItMzZlZjczZjJjOTAw
LzEvcks3SlZQUjI5Mzd4b3p0aG5VU2xjd3ZyMTc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDTik4MA0G
CSqGSIb3DQEBCwUAA4IBAQC2o7wWyHK9nGzuplanf4Xk5gcsh0gkySr18GomVKxp
XbRiM7YexCW5/MIWEVtr/om98gDXBtXemI+H+6AMwXTCLkrXwtNtCKYqncvAgmoy
oPJ1BfYDsNJ4+1l3NV3u/Zs7uAJYiNYCNddR3JaY4zklVt4vwnGv1WEtsDxtIuaL
mk2JIrwubjya5++MY5jGaPC58cfcZwLJnqD/O+7vWpMEApKv1HN5NNS/ckQD7bUr
dpBh7A+0UgHIU0i4jx0NDnvwVPG5M+uuX1Z8JXY1yuFZQ4Aj1b6g6Eyd6MwcGYd8
q/D95UcugN5nkr6lDdXttK8c5DQTfkI+vKfAC1L6cxin
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:18:44 2024 by rpki-client on console-fra.rpki-client.org