Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3EM7j8yhUwvk_16iImx9mhU2ypo.roa
File:                     3EM7j8yhUwvk_16iImx9mhU2ypo.roa (raw, json)
Hash identifier:          cOvsyR4t7UCzrP41G6TMEefyhLv3o0BuYTfsk4gsAIY=
Subject key identifier:   DC:43:3B:8F:CC:A1:53:0B:E4:FF:5E:A2:22:6C:7D:9A:15:36:CA:9A
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018CC8DCE177E6C3BB927AEA58295014BA65
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3EM7j8yhUwvk_16iImx9mhU2ypo.roa
Signing time:             Tue 02 Jan 2024 06:29:27 +0000
ROA not before:           Tue 02 Jan 2024 06:29:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43607
IP address blocks:        84.54.48.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 02 Mar 2024 20:57:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:dc:e1:77:e6:c3:bb:92:7a:ea:58:29:50:14:ba:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  2 06:29:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=dc433b8fcca1530be4ff5ea2226c7d9a1536ca9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:2c:dc:96:6a:94:f3:fa:34:12:cb:1c:cd:a3:
                    10:56:d5:df:ae:db:da:1a:34:6e:e2:b6:f0:23:fc:
                    4c:3c:d0:0f:e5:82:6f:21:83:c2:29:0c:ac:8d:9f:
                    bc:f6:e4:29:42:5e:98:14:75:ae:51:08:54:1e:ff:
                    3d:71:6a:ae:1b:1b:84:bc:ca:2f:d0:d4:de:ad:89:
                    5b:a4:53:15:dd:14:15:36:32:fa:30:f1:9f:4c:67:
                    f0:73:a0:e7:4b:6a:22:bc:4c:87:db:af:04:b0:3c:
                    f6:87:97:61:dd:28:00:5f:b4:f0:3c:f2:3b:1a:a5:
                    7f:86:60:35:87:3c:42:db:e7:d7:b2:29:ba:dc:4d:
                    ac:34:92:28:7f:d2:ab:af:50:e5:f8:85:21:a4:b9:
                    5a:47:48:09:c5:50:f7:a8:33:69:02:8a:e3:f2:a2:
                    42:15:55:68:16:68:1a:52:63:45:12:65:3f:85:aa:
                    d4:21:8d:cc:25:17:c1:e4:08:e6:f7:47:97:98:47:
                    05:a0:ae:5b:0f:09:b9:99:ed:7b:22:a6:46:79:52:
                    ca:b6:5f:83:00:f8:c5:a1:9b:cf:17:2d:be:7e:5a:
                    01:bb:b2:f4:4d:b9:8c:4f:83:07:f7:1d:63:8f:55:
                    52:73:bc:1d:0b:8a:6d:8a:6f:3c:b2:9c:f8:92:84:
                    3e:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:43:3B:8F:CC:A1:53:0B:E4:FF:5E:A2:22:6C:7D:9A:15:36:CA:9A
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3EM7j8yhUwvk_16iImx9mhU2ypo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.54.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:96:40:0b:b6:e9:f1:62:90:5f:a5:92:0d:28:be:0f:22:0a:
         a5:49:a2:60:6f:20:d2:bf:94:25:2d:ce:8f:e4:15:22:77:c4:
         1c:09:5f:e6:72:36:83:1e:e5:75:e7:37:47:ae:62:44:bc:65:
         b0:18:40:86:9e:33:52:d5:a1:83:9b:33:48:2d:34:f6:d2:1a:
         1b:7c:b1:f9:ca:c2:69:98:32:cb:43:0f:3e:e8:80:ff:87:5c:
         b2:fe:5a:95:7d:4f:22:71:34:ff:d2:8f:12:b5:a0:97:8f:1a:
         8c:52:f6:ba:a8:f2:a1:41:1f:7d:8c:85:f8:65:ab:06:cb:99:
         b9:87:51:69:45:30:95:e7:7f:9e:b5:b5:dc:6d:57:ae:0c:82:
         2d:7f:d0:c5:16:d3:cf:a8:ce:0f:e4:37:db:e5:2d:c5:aa:d2:
         02:00:a4:a4:3d:28:c3:fa:ce:7e:fd:cf:3c:b8:5c:5b:17:98:
         a4:02:47:2b:f9:ac:30:55:56:81:7c:9a:42:56:34:ed:66:25:
         7a:c8:fc:46:b9:c8:82:e1:fb:90:02:e0:9e:c9:97:6a:17:4b:
         29:68:ed:db:a7:66:d8:8d:1c:e9:6e:de:ee:e5:8d:a4:fd:16:
         ea:12:65:10:f6:98:7f:08:f6:c3:4a:5c:58:4a:b6:4d:b2:94:
         7d:a2:e6:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3OF35sO7knrqWClQFLplMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzQzM2I4ZmNjYTE1MzBiZTRmZjVlYTIyMjZjN2Q5YTE1MzZjYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSzclmqU8/o0EssczaMQVtXfrtva
GjRu4rbwI/xMPNAP5YJvIYPCKQysjZ+89uQpQl6YFHWuUQhUHv89cWquGxuEvMov
0NTerYlbpFMV3RQVNjL6MPGfTGfwc6DnS2oivEyH268EsDz2h5dh3SgAX7TwPPI7
GqV/hmA1hzxC2+fXsim63E2sNJIof9Krr1Dl+IUhpLlaR0gJxVD3qDNpAorj8qJC
FVVoFmgaUmNFEmU/harUIY3MJRfB5Ajm90eXmEcFoK5bDwm5me17IqZGeVLKtl+D
APjFoZvPFy2+floBu7L0TbmMT4MH9x1jj1VSc7wdC4ptim88spz4koQ+jwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNxDO4/MoVML5P9eoiJsfZoVNsqaMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvM0VNN2o4eWhVd3ZrXzE2aUlteDltaFUyeXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVDYwMA0G
CSqGSIb3DQEBCwUAA4IBAQBLlkALtunxYpBfpZINKL4PIgqlSaJgbyDSv5QlLc6P
5BUid8QcCV/mcjaDHuV15zdHrmJEvGWwGECGnjNS1aGDmzNILTT20hobfLH5ysJp
mDLLQw8+6ID/h1yy/lqVfU8icTT/0o8StaCXjxqMUva6qPKhQR99jIX4ZasGy5m5
h1FpRTCV53+etbXcbVeuDIItf9DFFtPPqM4P5Dfb5S3FqtICAKSkPSjD+s5+/c88
uFxbF5ikAkcr+awwVVaBfJpCVjTtZiV6yPxGuciC4fuQAuCeyZdqF0spaO3bp2bY
jRzpbt7u5Y2k/RbqEmUQ9ph/CPbDSlxYSrZNspR9ouZi
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:23 2024 by rpki-client on console-ams.rpki-client.org