Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/bdd43f-4528-4c92-88ba-56e7f93dcdbf/1/m41I1HLem6fOP69OrHdo-t1WrwI.roa
File:                     m41I1HLem6fOP69OrHdo-t1WrwI.roa (raw, json)
Hash identifier:          9rvZvjx91BA8C7V+6PJATmFSGsD6eGueiBkBEXygYcs=
Subject key identifier:   9B:8D:48:D4:72:DE:9B:A7:CE:3F:AF:4E:AC:77:68:FA:DD:56:AF:02
Certificate issuer:       /CN=094245ee8b5ba4c66fe2ceca64be466fc96f71ed
Certificate serial:       01856E6FC29A78E3FCFD8DB54AFBA4BC779D
Authority key identifier: 09:42:45:EE:8B:5B:A4:C6:6F:E2:CE:CA:64:BE:46:6F:C9:6F:71:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CUJF7otbpMZv4s7KZL5Gb8lvce0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/bdd43f-4528-4c92-88ba-56e7f93dcdbf/1/m41I1HLem6fOP69OrHdo-t1WrwI.roa
Signing time:             Sun 01 Jan 2023 17:44:55 +0000
ROA not before:           Sun 01 Jan 2023 17:44:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48642
IP address blocks:        178.217.224.0/21 maxlen: 21

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:6f:c2:9a:78:e3:fc:fd:8d:b5:4a:fb:a4:bc:77:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=094245ee8b5ba4c66fe2ceca64be466fc96f71ed
        Validity
            Not Before: Jan  1 17:44:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9b8d48d472de9ba7ce3faf4eac7768fadd56af02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:50:b7:0f:c8:e8:37:df:a1:78:d2:f6:59:5f:
                    91:76:5e:cd:75:11:83:f2:c1:77:dd:51:f1:aa:79:
                    97:92:d0:ee:51:a7:e5:3d:d7:4f:a8:ec:93:68:53:
                    01:75:55:29:f9:98:31:de:3b:75:0f:f5:7f:44:8d:
                    e1:42:31:55:78:15:61:43:6d:d3:96:ab:47:b0:e0:
                    e0:ab:92:b9:e6:6e:1b:00:98:e1:67:34:68:7a:4e:
                    10:29:4b:88:0f:f1:b7:58:d4:a9:3b:50:02:61:8c:
                    a5:7f:41:39:7d:99:f7:ab:34:be:f0:bd:cf:ef:6c:
                    3a:85:2f:cf:05:48:bc:cd:8a:f8:ab:b7:f6:a4:a9:
                    b3:29:05:ed:71:54:a0:bb:cc:86:68:48:df:cf:a6:
                    0a:15:75:2b:e0:8e:16:1a:cf:ed:7a:f3:cd:82:e6:
                    f8:64:59:29:1e:25:e1:ac:77:9c:3c:1d:0b:b1:c9:
                    14:21:7b:89:d2:b4:31:a6:c0:48:7b:b0:6f:cd:e0:
                    33:6e:a8:d3:da:de:b7:e9:96:82:10:a6:12:69:a3:
                    30:be:20:f7:22:b7:a2:04:88:c8:67:c1:dc:35:0b:
                    8d:fa:b7:8b:3f:75:38:49:79:50:0d:13:20:45:fe:
                    d0:c4:59:97:f8:0f:4a:31:bc:8e:73:d4:74:c7:24:
                    cb:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:8D:48:D4:72:DE:9B:A7:CE:3F:AF:4E:AC:77:68:FA:DD:56:AF:02
            X509v3 Authority Key Identifier:
                keyid:09:42:45:EE:8B:5B:A4:C6:6F:E2:CE:CA:64:BE:46:6F:C9:6F:71:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUJF7otbpMZv4s7KZL5Gb8lvce0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/bdd43f-4528-4c92-88ba-56e7f93dcdbf/1/m41I1HLem6fOP69OrHdo-t1WrwI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/bdd43f-4528-4c92-88ba-56e7f93dcdbf/1/CUJF7otbpMZv4s7KZL5Gb8lvce0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.217.224.0/21

    Signature Algorithm: sha256WithRSAEncryption
         70:d0:c3:21:9c:5c:9b:66:99:26:5d:03:73:72:b6:89:e7:eb:
         41:60:a4:98:3b:ee:33:ae:52:d0:b3:ab:92:05:90:66:13:e7:
         41:ff:84:0e:a2:36:37:88:fd:b0:a5:ba:ad:0f:ed:53:c3:9b:
         69:5c:1f:4b:f7:f9:04:34:de:db:bf:15:a7:e7:ee:e8:fa:31:
         d4:25:36:2a:36:6a:08:b5:da:17:12:90:53:89:d3:af:27:a4:
         00:82:0e:77:4e:ae:ba:7e:03:4a:ac:fb:b3:a5:59:50:94:21:
         8f:98:48:13:65:38:40:29:6e:b0:1b:8a:0b:d7:5d:fb:75:fe:
         b8:1f:07:d9:82:b0:58:43:e9:91:06:a4:4d:9b:bd:63:13:f4:
         b6:ee:e0:6b:88:a5:e6:97:76:47:39:85:39:9e:95:89:59:8d:
         5e:29:bd:c1:5e:c8:8d:3d:4c:66:6c:32:75:08:dd:66:32:9a:
         6d:bb:0b:d7:d1:67:ad:5f:88:37:7b:be:8e:43:44:c4:00:d6:
         58:df:d4:24:e9:4d:12:26:13:ca:03:ec:16:99:d0:c1:72:dd:
         d7:82:27:94:1e:61:e4:9e:68:3d:d0:ff:b6:07:00:1e:d4:59:
         c9:05:0b:34:2d:f7:28:9a:2b:0c:af:36:c3:ee:21:70:02:d0:
         ca:3d:2c:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVub8KaeOP8/Y21SvukvHedMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NDI0NWVlOGI1YmE0YzY2ZmUyY2VjYTY0YmU0NjZmYzk2
ZjcxZWQwHhcNMjMwMTAxMTc0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjhkNDhkNDcyZGU5YmE3Y2UzZmFmNGVhYzc3NjhmYWRkNTZhZjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1C3D8joN9+heNL2WV+Rdl7NdRGD
8sF33VHxqnmXktDuUaflPddPqOyTaFMBdVUp+Zgx3jt1D/V/RI3hQjFVeBVhQ23T
lqtHsODgq5K55m4bAJjhZzRoek4QKUuID/G3WNSpO1ACYYylf0E5fZn3qzS+8L3P
72w6hS/PBUi8zYr4q7f2pKmzKQXtcVSgu8yGaEjfz6YKFXUr4I4WGs/tevPNgub4
ZFkpHiXhrHecPB0LsckUIXuJ0rQxpsBIe7BvzeAzbqjT2t636ZaCEKYSaaMwviD3
IreiBIjIZ8HcNQuN+reLP3U4SXlQDRMgRf7QxFmX+A9KMbyOc9R0xyTLqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJuNSNRy3punzj+vTqx3aPrdVq8CMB8GA1UdIwQY
MBaAFAlCRe6LW6TGb+LOymS+Rm/Jb3HtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1VKRjdvdGJwTVp2NHM3S1pMNUdiOGx2Y2UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9iZGQ0M2YtNDUyOC00YzkyLTg4YmEt
NTZlN2Y5M2RjZGJmLzEvbTQxSTFITGVtNmZPUDY5T3JIZG8tdDFXcndJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9iZGQ0M2YtNDUyOC00YzkyLTg4YmEtNTZlN2Y5M2RjZGJm
LzEvQ1VKRjdvdGJwTVp2NHM3S1pMNUdiOGx2Y2UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDstngMA0G
CSqGSIb3DQEBCwUAA4IBAQBw0MMhnFybZpkmXQNzcraJ5+tBYKSYO+4zrlLQs6uS
BZBmE+dB/4QOojY3iP2wpbqtD+1Tw5tpXB9L9/kENN7bvxWn5+7o+jHUJTYqNmoI
tdoXEpBTidOvJ6QAgg53Tq66fgNKrPuzpVlQlCGPmEgTZThAKW6wG4oL1137df64
HwfZgrBYQ+mRBqRNm71jE/S27uBriKXml3ZHOYU5npWJWY1eKb3BXsiNPUxmbDJ1
CN1mMpptuwvX0WetX4g3e76OQ0TEANZY39Qk6U0SJhPKA+wWmdDBct3XgieUHmHk
nmg90P+2BwAe1FnJBQs0LfcomisMrzbD7iFwAtDKPSw0
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:23 2024 by rpki-client on console-fra.rpki-client.org