Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/H2Yv4SOCMxFYK-JOXFELAhfYtjo.roa
File:                     H2Yv4SOCMxFYK-JOXFELAhfYtjo.roa (raw, json)
Hash identifier:          /1k+wAK9nJu1me3Eel0g7tCcBD8TiPPZPPrInyb3euQ=
Subject key identifier:   1F:66:2F:E1:23:82:33:11:58:2B:E2:4E:5C:51:0B:02:17:D8:B6:3A
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018805C4E519B1587D7942F008507A720EBD
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/H2Yv4SOCMxFYK-JOXFELAhfYtjo.roa
Signing time:             Wed 10 May 2023 13:06:09 +0000
ROA not before:           Wed 10 May 2023 13:06:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48678
IP address blocks:        94.156.11.0/24 maxlen: 24
                          37.221.120.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:05:c4:e5:19:b1:58:7d:79:42:f0:08:50:7a:72:0e:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: May 10 13:06:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1f662fe123823311582be24e5c510b0217d8b63a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:6d:95:85:04:e2:fb:8e:68:cf:b2:44:3c:f3:
                    8d:9d:43:bc:bc:6d:7f:03:d3:d6:5f:46:d6:2f:4d:
                    e7:3f:1d:cf:9c:82:37:eb:56:a5:d5:36:6c:18:e8:
                    e1:86:9d:12:7a:76:c6:49:70:30:97:91:83:07:c9:
                    57:d3:d6:65:be:41:d7:39:ea:01:46:7e:72:cc:c1:
                    78:0f:4f:13:36:7a:d6:76:66:8d:ae:7a:f4:02:56:
                    cd:de:2f:97:35:c8:e4:87:d2:55:f4:56:6a:53:18:
                    2a:cf:ef:74:62:a4:13:cb:a5:d7:59:7e:e8:64:e5:
                    bc:1d:e2:7c:62:dc:ee:f4:3d:61:11:c3:2b:1a:8a:
                    56:28:fd:5d:b7:f9:a7:d8:3a:58:bb:0b:7b:b3:cf:
                    7c:9c:97:5a:41:7d:52:27:e0:61:e9:2b:9d:d6:43:
                    0d:23:c6:00:e8:79:58:bc:9b:1e:23:3b:fc:95:00:
                    40:45:83:32:89:b3:b0:9b:ce:55:92:0b:1a:cd:fe:
                    e5:81:c3:41:12:30:53:13:8d:d1:fb:6d:3a:a6:57:
                    5a:3f:11:ef:32:51:a9:90:8c:c3:2c:55:ef:7d:a2:
                    4f:2e:7f:59:97:9f:a0:98:4a:22:9a:2c:84:4a:51:
                    cf:a9:74:e2:e2:a8:92:8f:94:f5:53:56:39:e6:d6:
                    a3:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:66:2F:E1:23:82:33:11:58:2B:E2:4E:5C:51:0B:02:17:D8:B6:3A
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/H2Yv4SOCMxFYK-JOXFELAhfYtjo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.221.120.0/22
                  94.156.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:61:23:90:b5:69:62:6d:66:26:b6:9a:fd:1f:97:ff:24:a3:
         0c:56:c8:06:6f:1f:29:68:3c:44:41:c4:fd:fc:ce:b1:8b:19:
         0d:47:70:84:11:a0:08:2a:25:32:ba:76:29:c7:4e:12:eb:99:
         b1:ef:e3:35:0b:1b:ee:53:5e:df:b1:f6:51:ca:76:13:a4:e2:
         52:f8:f0:d2:bf:bf:a3:76:1a:c4:61:3b:e1:fc:f2:47:3a:0e:
         d7:a1:34:dd:07:e1:94:a3:48:70:ba:e6:d9:18:96:51:a8:33:
         bd:23:ed:a4:2b:48:56:19:0a:e2:62:16:bd:ac:3a:16:01:31:
         19:3a:63:e5:84:c9:df:72:64:e7:ea:16:1c:aa:49:78:dd:d3:
         1f:a3:77:a9:2a:18:17:68:f9:3a:91:33:a6:90:67:5d:fb:4b:
         7c:3c:a6:6d:c2:2d:9a:59:61:2f:9e:59:bf:8b:1f:6b:64:fe:
         44:46:c4:1e:82:da:58:1e:61:52:fc:8f:f5:4e:b9:a3:1d:d3:
         68:22:37:a4:67:f8:00:21:ea:8d:9e:80:a0:dc:47:a7:8e:e5:
         e4:cc:2e:29:24:ff:f8:73:90:88:d5:8d:5a:b4:0f:89:14:d9:
         66:60:56:49:1e:2b:a6:d0:d4:e3:87:c4:5a:43:bc:0c:00:2b:
         6c:30:7f:bd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgFxOUZsVh9eULwCFB6cg69MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTEwMTMwNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjY2MmZlMTIzODIzMzExNTgyYmUyNGU1YzUxMGIwMjE3ZDhiNjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmm2VhQTi+45oz7JEPPONnUO8vG1/
A9PWX0bWL03nPx3PnII361al1TZsGOjhhp0SenbGSXAwl5GDB8lX09ZlvkHXOeoB
Rn5yzMF4D08TNnrWdmaNrnr0AlbN3i+XNcjkh9JV9FZqUxgqz+90YqQTy6XXWX7o
ZOW8HeJ8Ytzu9D1hEcMrGopWKP1dt/mn2DpYuwt7s898nJdaQX1SJ+Bh6Sud1kMN
I8YA6HlYvJseIzv8lQBARYMyibOwm85Vkgsazf7lgcNBEjBTE43R+206pldaPxHv
MlGpkIzDLFXvfaJPLn9Zl5+gmEoimiyESlHPqXTi4qiSj5T1U1Y55tajlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB9mL+EjgjMRWCviTlxRCwIX2LY6MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSDJZdjRTT0NNeEZZSy1KT1hGRUxBaGZZdGpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCJd14AwQA
XpwLMA0GCSqGSIb3DQEBCwUAA4IBAQChYSOQtWlibWYmtpr9H5f/JKMMVsgGbx8p
aDxEQcT9/M6xixkNR3CEEaAIKiUyunYpx04S65mx7+M1CxvuU17fsfZRynYTpOJS
+PDSv7+jdhrEYTvh/PJHOg7XoTTdB+GUo0hwuubZGJZRqDO9I+2kK0hWGQriYha9
rDoWATEZOmPlhMnfcmTn6hYcqkl43dMfo3epKhgXaPk6kTOmkGdd+0t8PKZtwi2a
WWEvnlm/ix9rZP5ERsQegtpYHmFS/I/1TrmjHdNoIjekZ/gAIeqNnoCg3EenjuXk
zC4pJP/4c5CI1Y1atA+JFNlmYFZJHium0NTjh8RaQ7wMACtsMH+9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:03 2024 by rpki-client on console-fra.rpki-client.org