Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Qm0boQGe14dc9NvtlGkxnQ9nLdM.roa
File:                     Qm0boQGe14dc9NvtlGkxnQ9nLdM.roa (raw, json)
Hash identifier:          55TMxMVcy7Hagfn9X1J7KeCNK0OZD/ycgjmZdChCbhA=
Subject key identifier:   42:6D:1B:A1:01:9E:D7:87:5C:F4:DB:ED:94:69:31:9D:0F:67:2D:D3
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       0185F2B9E96A84E227318AFFA33A294678A1
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Qm0boQGe14dc9NvtlGkxnQ9nLdM.roa
Signing time:             Fri 27 Jan 2023 10:15:48 +0000
ROA not before:           Fri 27 Jan 2023 10:15:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29802
IP address blocks:        147.78.102.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 26 May 2023 08:51:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:f2:b9:e9:6a:84:e2:27:31:8a:ff:a3:3a:29:46:78:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan 27 10:15:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=426d1ba1019ed7875cf4dbed9469319d0f672dd3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:54:34:ef:8b:cc:4b:89:ee:98:c7:0f:98:17:
                    79:30:f8:24:a6:f8:a8:d0:e9:2d:32:42:f3:ca:a9:
                    58:a1:c6:72:9c:c7:eb:fd:45:42:39:99:01:88:88:
                    47:8a:2a:44:d1:9d:cf:8f:ff:77:3a:a3:bf:52:92:
                    14:e9:89:eb:60:5c:a5:86:13:5f:cc:01:8a:9a:1a:
                    89:b3:45:f2:79:eb:77:00:e8:70:ba:e5:3b:33:d5:
                    35:07:fa:f0:58:bc:99:7f:9b:17:fe:d5:5e:0f:74:
                    62:e1:c0:ca:09:e5:a8:a2:a4:c9:1a:b5:7a:92:62:
                    b4:61:77:1f:87:45:a4:2f:9d:bc:9a:fb:67:a0:41:
                    84:29:5c:4e:42:11:9b:37:a2:9c:0a:b7:37:83:e7:
                    5a:b2:db:60:f4:22:3f:75:d2:1b:2e:11:00:61:8b:
                    85:59:a7:6c:76:46:52:fa:4f:4d:1d:1e:50:cc:d8:
                    a6:26:56:3d:e1:21:74:9d:e0:f7:64:81:e2:2d:4c:
                    f5:66:43:af:f6:9d:47:23:e7:d3:bf:ff:a2:18:f2:
                    6e:b7:30:d4:8d:a7:55:b2:8f:4a:f5:bd:93:c2:a6:
                    64:18:73:00:b5:26:4a:dd:f9:3d:78:4f:61:a7:91:
                    7b:c5:5a:10:da:ff:26:2d:42:6e:e9:e5:85:87:f4:
                    a3:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:6D:1B:A1:01:9E:D7:87:5C:F4:DB:ED:94:69:31:9D:0F:67:2D:D3
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Qm0boQGe14dc9NvtlGkxnQ9nLdM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.78.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:f5:2d:3d:8a:be:f1:27:29:d7:9e:fb:de:4c:82:1f:46:d7:
         82:c2:7d:4d:0e:93:62:e9:a3:f7:68:d2:cc:0e:87:15:f1:25:
         d3:44:9a:03:ad:65:c4:fa:94:83:f5:3f:85:cd:e1:34:57:23:
         16:f8:78:af:1b:69:62:84:3b:4a:8a:c2:10:b7:f5:5a:e7:d8:
         de:93:d1:ae:05:61:c5:30:7a:f3:48:99:6f:0f:42:2b:28:9c:
         6d:c2:21:86:97:e8:a8:01:cb:a9:ed:83:3c:d6:a0:83:6f:fb:
         a0:27:2d:ee:dc:5a:13:24:6d:04:5f:83:0e:07:57:41:bf:8b:
         29:35:e5:95:dd:81:c6:b5:ce:d3:1d:27:74:9f:cc:73:59:2c:
         24:03:ee:7b:8b:43:ca:b8:fe:4f:5d:2f:f3:f4:59:58:d6:42:
         5d:96:37:5f:9e:58:42:16:7d:20:b1:f9:50:1d:c7:8b:37:80:
         07:09:08:89:01:09:d1:34:72:1e:d0:2a:9c:14:5d:4f:89:1e:
         9c:44:45:0c:22:ac:85:8b:6f:40:2e:cb:00:6b:10:89:8f:d9:
         c6:b6:26:57:d9:8b:de:69:d8:30:9d:04:2f:df:a4:84:7a:98:
         52:fb:40:a9:53:94:74:c3:4e:4e:7c:ad:79:12:08:4a:a0:6b:
         12:38:5c:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXyuelqhOInMYr/ozopRnihMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTI3MTAxNTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjZkMWJhMTAxOWVkNzg3NWNmNGRiZWQ5NDY5MzE5ZDBmNjcyZGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFQ074vMS4numMcPmBd5MPgkpvio
0OktMkLzyqlYocZynMfr/UVCOZkBiIhHiipE0Z3Pj/93OqO/UpIU6YnrYFylhhNf
zAGKmhqJs0Xyeet3AOhwuuU7M9U1B/rwWLyZf5sX/tVeD3Ri4cDKCeWooqTJGrV6
kmK0YXcfh0WkL528mvtnoEGEKVxOQhGbN6KcCrc3g+dasttg9CI/ddIbLhEAYYuF
WadsdkZS+k9NHR5QzNimJlY94SF0neD3ZIHiLUz1ZkOv9p1HI+fTv/+iGPJutzDU
jadVso9K9b2TwqZkGHMAtSZK3fk9eE9hp5F7xVoQ2v8mLUJu6eWFh/SjfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEJtG6EBnteHXPTb7ZRpMZ0PZy3TMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUW0wYm9RR2UxNGRjOU52dGxHa3huUTluTGRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk05mMA0G
CSqGSIb3DQEBCwUAA4IBAQCX9S09ir7xJynXnvveTIIfRteCwn1NDpNi6aP3aNLM
DocV8SXTRJoDrWXE+pSD9T+FzeE0VyMW+HivG2lihDtKisIQt/Va59jek9GuBWHF
MHrzSJlvD0IrKJxtwiGGl+ioAcup7YM81qCDb/ugJy3u3FoTJG0EX4MOB1dBv4sp
NeWV3YHGtc7THSd0n8xzWSwkA+57i0PKuP5PXS/z9FlY1kJdljdfnlhCFn0gsflQ
HceLN4AHCQiJAQnRNHIe0CqcFF1PiR6cREUMIqyFi29ALssAaxCJj9nGtiZX2Yve
adgwnQQv36SEephS+0CpU5R0w05OfK15EghKoGsSOFzo
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:32 2024 by rpki-client on console-ams.rpki-client.org