Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MuhYh8frycDta-SfX3s0hyKcQ_k.roa
File:                     MuhYh8frycDta-SfX3s0hyKcQ_k.roa (raw, json)
Hash identifier:          /hHJij6ED0ir1xdCqjapgaZeGr8ouCTVJQm37s2kK8M=
Subject key identifier:   32:E8:58:87:C7:EB:C9:C0:ED:6B:E4:9F:5F:7B:34:87:22:9C:43:F9
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       01878E1484BB3608C0C87CD7991B8C2C323D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MuhYh8frycDta-SfX3s0hyKcQ_k.roa
Signing time:             Mon 17 Apr 2023 07:18:42 +0000
ROA not before:           Mon 17 Apr 2023 07:18:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7411
IP address blocks:        94.156.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:8e:14:84:bb:36:08:c0:c8:7c:d7:99:1b:8c:2c:32:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Apr 17 07:18:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=32e85887c7ebc9c0ed6be49f5f7b3487229c43f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:7d:30:7a:84:64:82:d2:1a:72:7f:6f:17:7e:
                    c0:dd:3d:f7:fd:9c:c4:f9:29:26:00:8c:04:c6:8c:
                    01:87:d1:19:11:02:75:38:78:a0:40:ea:fa:5c:30:
                    d4:5f:0d:ad:a5:26:cd:97:dd:75:d6:a6:62:df:18:
                    97:ac:48:fe:50:0d:2b:82:36:85:b6:ba:57:2d:78:
                    ab:5e:60:cc:0d:37:67:2b:3e:e1:1a:d0:10:ac:67:
                    ad:21:72:b0:1f:64:a7:65:bb:a1:ba:96:65:9f:5d:
                    ae:49:c2:94:6a:78:3c:18:f3:cd:bd:36:c5:5d:00:
                    00:99:50:63:26:60:fb:98:b8:f9:6a:f7:b8:8b:3c:
                    b9:e9:9f:02:a5:98:45:c7:53:4f:06:3e:42:fe:2b:
                    ea:b1:f7:60:3b:c9:fb:91:3e:f7:d2:3f:75:61:c1:
                    e0:e6:50:e9:40:42:ea:b9:a6:83:d5:9b:df:f0:0a:
                    5d:3d:91:34:13:7e:2a:02:61:2b:8d:db:74:ef:d7:
                    d0:a2:aa:bc:89:da:0a:70:be:f5:b3:2d:13:b2:73:
                    06:a3:ee:01:4f:77:a9:23:49:36:7c:56:ba:d2:86:
                    25:cc:4c:70:79:be:12:eb:5b:64:98:a5:ce:39:42:
                    a8:c8:f5:24:cc:65:ea:a5:8f:98:24:55:67:33:82:
                    e1:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:E8:58:87:C7:EB:C9:C0:ED:6B:E4:9F:5F:7B:34:87:22:9C:43:F9
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MuhYh8frycDta-SfX3s0hyKcQ_k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.156.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:f7:7f:7e:a8:e0:e4:ed:d0:bd:12:ee:db:e2:45:e4:12:8d:
         ee:ac:ae:34:a5:40:26:33:ad:56:95:49:4b:e7:20:41:d3:df:
         fe:88:fa:2e:02:12:94:ba:96:4d:d5:29:0e:43:a6:19:9a:46:
         7c:0b:7f:9d:f0:2e:99:93:5d:99:0a:4e:1c:95:bb:33:e5:80:
         d3:bd:0e:a5:67:f0:ed:cd:ef:2e:74:b6:de:b0:3c:00:94:8d:
         cd:88:ec:b6:50:a6:b8:09:8c:9c:d8:57:b3:33:7c:d3:a7:6f:
         b4:05:a8:fb:dc:5f:a2:aa:c3:eb:17:c6:fd:24:3c:8f:98:6d:
         98:50:46:e8:dc:8d:c0:f2:3a:2f:f3:80:09:31:b8:23:bb:be:
         5a:3e:4e:8f:6c:12:e9:07:66:20:46:36:54:c7:94:0a:6e:c9:
         9a:d4:b6:64:25:7f:aa:63:24:a4:9b:ce:5d:54:97:a1:4e:eb:
         49:9c:b5:e2:a5:7a:67:3b:c5:a3:91:0d:ef:6a:83:39:72:c5:
         1d:e6:12:58:2c:85:39:ff:0b:85:f5:8a:c6:27:17:53:ac:7e:
         09:02:c0:85:fb:0d:3e:09:20:a3:f0:5b:4e:fe:cd:96:74:11:
         13:57:4d:d3:e2:03:e1:09:ac:01:53:81:a3:23:5e:35:de:57:
         66:1f:89:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeOFIS7NgjAyHzXmRuMLDI9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDE3MDcxODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmU4NTg4N2M3ZWJjOWMwZWQ2YmU0OWY1ZjdiMzQ4NzIyOWM0M2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvH0weoRkgtIacn9vF37A3T33/ZzE
+SkmAIwExowBh9EZEQJ1OHigQOr6XDDUXw2tpSbNl9111qZi3xiXrEj+UA0rgjaF
trpXLXirXmDMDTdnKz7hGtAQrGetIXKwH2SnZbuhupZln12uScKUang8GPPNvTbF
XQAAmVBjJmD7mLj5ave4izy56Z8CpZhFx1NPBj5C/ivqsfdgO8n7kT730j91YcHg
5lDpQELquaaD1Zvf8ApdPZE0E34qAmErjdt079fQoqq8idoKcL71sy0TsnMGo+4B
T3epI0k2fFa60oYlzExweb4S61tkmKXOOUKoyPUkzGXqpY+YJFVnM4LhlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDLoWIfH68nA7Wvkn197NIcinEP5MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTXVoWWg4ZnJ5Y0R0YS1TZlgzczBoeUtjUV9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXpz9MA0G
CSqGSIb3DQEBCwUAA4IBAQCJ939+qODk7dC9Eu7b4kXkEo3urK40pUAmM61WlUlL
5yBB09/+iPouAhKUupZN1SkOQ6YZmkZ8C3+d8C6Zk12ZCk4clbsz5YDTvQ6lZ/Dt
ze8udLbesDwAlI3NiOy2UKa4CYyc2FezM3zTp2+0Baj73F+iqsPrF8b9JDyPmG2Y
UEbo3I3A8jov84AJMbgju75aPk6PbBLpB2YgRjZUx5QKbsma1LZkJX+qYySkm85d
VJehTutJnLXipXpnO8WjkQ3vaoM5csUd5hJYLIU5/wuF9YrGJxdTrH4JAsCF+w0+
CSCj8FtO/s2WdBETV03T4gPhCawBU4GjI1413ldmH4lU
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:41 2023 by rpki-client on console-fra.rpki-client.org