Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0atjUi2-M7_Sj9mDVK8ZSOaequU.roa
File:                     0atjUi2-M7_Sj9mDVK8ZSOaequU.roa (raw, json)
Hash identifier:          5DmCZ1sIociybAAqSH8/O1Iy9b3lsNmukq+YdSpJEis=
Subject key identifier:   D1:AB:63:52:2D:BE:33:BF:D2:8F:D9:83:54:AF:19:48:E6:9E:AA:E5
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       01856D820F336D589769E409271F2B7F877C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0atjUi2-M7_Sj9mDVK8ZSOaequU.roa
Signing time:             Sun 01 Jan 2023 13:25:18 +0000
ROA not before:           Sun 01 Jan 2023 13:25:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209333
IP address blocks:        212.73.156.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:82:0f:33:6d:58:97:69:e4:09:27:1f:2b:7f:87:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  1 13:25:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d1ab63522dbe33bfd28fd98354af1948e69eaae5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:d0:c1:e5:04:c7:ff:1f:7d:a3:70:c5:ee:0c:
                    bb:9a:e5:b0:d5:19:9d:03:8c:57:50:a2:9a:a2:9b:
                    bd:40:db:72:2e:57:61:c2:fa:74:5e:b3:af:58:63:
                    40:93:13:67:54:2d:91:ce:5c:0c:1d:ae:e7:f9:c5:
                    ad:18:06:cb:60:f2:39:19:15:dd:4c:45:ca:ed:77:
                    ee:af:9d:24:c1:7e:ca:02:2e:81:49:49:2c:48:14:
                    06:e1:64:66:c8:d4:e3:8b:d3:e4:22:23:00:53:0d:
                    10:bb:e3:93:98:b5:c3:af:03:0b:f1:9b:2c:1d:41:
                    73:d9:1c:6d:e7:19:f3:b6:bb:90:da:5e:db:13:a1:
                    a8:e5:b6:58:1f:7a:01:85:c8:63:18:6a:7f:f0:fe:
                    01:46:3a:47:7b:fe:51:97:9b:f5:0e:0a:d3:a5:6d:
                    22:eb:98:c4:0a:7f:3d:29:1f:0c:0e:b1:28:7f:7f:
                    04:b1:6a:be:4d:e2:1c:12:bc:46:77:76:c8:64:53:
                    30:97:7c:10:f6:a7:74:e3:fb:f3:fe:f2:45:7b:cd:
                    22:ed:9f:23:04:ba:74:05:a6:36:9a:a7:3f:28:21:
                    61:0f:50:ff:7d:ee:7b:09:1c:fc:6c:23:50:ba:65:
                    aa:6a:62:02:ac:eb:81:af:08:34:2d:9f:3e:f5:2c:
                    45:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:AB:63:52:2D:BE:33:BF:D2:8F:D9:83:54:AF:19:48:E6:9E:AA:E5
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0atjUi2-M7_Sj9mDVK8ZSOaequU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.73.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:78:88:62:cf:a5:d1:ca:33:6d:a8:40:48:86:61:ba:4d:97:
         eb:d1:6d:47:03:a1:5b:1e:51:c7:60:a6:f6:85:55:de:a6:f3:
         95:6a:cc:f0:45:89:c1:03:71:3d:2c:24:e4:79:e1:95:2f:45:
         5c:07:1e:9d:89:f0:d5:a7:4c:29:b9:ad:65:9c:ff:0f:46:c8:
         40:cc:30:60:0a:32:a3:86:7c:11:dc:7b:a4:9a:1f:e0:7e:8e:
         d9:92:2b:6c:ea:e8:4a:d7:e2:35:33:d0:c0:6b:be:ea:04:11:
         6d:2b:e0:19:de:86:eb:c2:6a:c4:8f:31:dc:13:dc:7e:35:0d:
         0e:2b:a5:37:32:e5:69:b5:01:66:76:ce:d2:b8:5b:4e:72:3d:
         b7:fe:96:3c:54:92:29:55:ac:a2:7c:91:a7:3e:c4:e4:25:f6:
         3d:c8:da:ff:fb:59:61:5a:85:1b:26:9e:d3:21:3a:44:8b:ca:
         e4:1f:46:0b:b7:ab:9d:a7:aa:30:ed:37:27:ad:ed:35:0f:6d:
         5a:ec:1a:5d:67:99:e8:e5:17:4d:29:29:34:77:40:0c:b7:30:
         7b:e1:45:26:49:cf:73:7e:95:e2:d2:24:05:24:d4:26:da:67:
         ed:e4:fc:83:08:84:80:ba:a3:e3:ae:c1:d1:e9:bb:88:6b:0f:
         a8:39:9f:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtgg8zbViXaeQJJx8rf4d8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWFiNjM1MjJkYmUzM2JmZDI4ZmQ5ODM1NGFmMTk0OGU2OWVhYWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9DB5QTH/x99o3DF7gy7muWw1Rmd
A4xXUKKaopu9QNtyLldhwvp0XrOvWGNAkxNnVC2RzlwMHa7n+cWtGAbLYPI5GRXd
TEXK7Xfur50kwX7KAi6BSUksSBQG4WRmyNTji9PkIiMAUw0Qu+OTmLXDrwML8Zss
HUFz2Rxt5xnztruQ2l7bE6Go5bZYH3oBhchjGGp/8P4BRjpHe/5Rl5v1DgrTpW0i
65jECn89KR8MDrEof38EsWq+TeIcErxGd3bIZFMwl3wQ9qd04/vz/vJFe80i7Z8j
BLp0BaY2mqc/KCFhD1D/fe57CRz8bCNQumWqamICrOuBrwg0LZ8+9SxFJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNGrY1ItvjO/0o/Zg1SvGUjmnqrlMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMGF0alVpMi1NN19TajltRFZLOFpTT2FlcXVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1EmcMA0G
CSqGSIb3DQEBCwUAA4IBAQCFeIhiz6XRyjNtqEBIhmG6TZfr0W1HA6FbHlHHYKb2
hVXepvOVaszwRYnBA3E9LCTkeeGVL0VcBx6difDVp0wpua1lnP8PRshAzDBgCjKj
hnwR3Hukmh/gfo7Zkits6uhK1+I1M9DAa77qBBFtK+AZ3obrwmrEjzHcE9x+NQ0O
K6U3MuVptQFmds7SuFtOcj23/pY8VJIpVayifJGnPsTkJfY9yNr/+1lhWoUbJp7T
ITpEi8rkH0YLt6udp6ow7Tcnre01D21a7BpdZ5no5RdNKSk0d0AMtzB74UUmSc9z
fpXi0iQFJNQm2mft5PyDCISAuqPjrsHR6buIaw+oOZ+i
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:18:46 2024 by rpki-client on console-fra.rpki-client.org