Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/l2zqKugbHJUj0pgXIEgtUWumgdE.roa
File:                     l2zqKugbHJUj0pgXIEgtUWumgdE.roa (raw, json)
Hash identifier:          x96l5EH/aOZvrbDZyL5EpIyL3Nz00rguMahC7+TT8Zo=
Subject key identifier:   97:6C:EA:2A:E8:1B:1C:95:23:D2:98:17:20:48:2D:51:6B:A6:81:D1
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       01856D81ECBF58D24E8877EFB4B80E5693EF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/l2zqKugbHJUj0pgXIEgtUWumgdE.roa
Signing time:             Sun 01 Jan 2023 13:25:09 +0000
ROA not before:           Sun 01 Jan 2023 13:25:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44901
IP address blocks:        94.156.174.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:81:ec:bf:58:d2:4e:88:77:ef:b4:b8:0e:56:93:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  1 13:25:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=976cea2ae81b1c9523d2981720482d516ba681d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:9f:1c:76:ca:3e:ce:40:b6:a4:00:02:19:30:
                    e9:cb:60:8a:61:cd:ea:2d:d9:cb:21:9e:c2:b1:d3:
                    bf:ee:13:95:47:65:ec:96:87:a6:32:f4:c1:60:32:
                    a1:b3:8c:be:43:f5:b2:41:9d:d6:56:aa:f7:41:25:
                    75:8c:d6:41:ff:7c:03:b3:d6:b1:20:89:6e:97:3e:
                    93:4a:11:27:b7:0b:de:00:86:73:87:7c:1b:48:9b:
                    81:1e:a8:da:fe:98:c7:05:a8:d7:59:ba:82:87:47:
                    8c:7b:2e:cb:32:57:59:d6:5f:56:ff:18:37:16:b6:
                    06:3d:57:49:d4:06:a3:d1:dd:32:05:cd:c4:01:13:
                    eb:04:e7:ec:77:c5:5a:ad:0e:5d:0a:4f:67:c9:00:
                    e2:17:ac:fa:c4:3b:1e:4a:0f:14:e6:e8:06:23:50:
                    3b:51:24:4e:7f:f5:45:2b:b2:b5:49:cd:07:85:f5:
                    9b:b4:48:24:ac:8d:c6:0c:f5:e2:cd:9a:be:6c:d5:
                    fc:e5:2b:48:d0:7b:81:62:5a:f5:fd:43:9a:e9:9e:
                    51:f3:ab:ff:8f:93:95:21:09:22:cc:5e:a6:08:53:
                    38:08:4c:5e:d0:60:fc:28:5c:7a:ee:aa:5f:d4:a5:
                    c4:0a:f8:78:a5:df:d2:8b:2e:28:65:8d:fd:9c:da:
                    9a:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:6C:EA:2A:E8:1B:1C:95:23:D2:98:17:20:48:2D:51:6B:A6:81:D1
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/l2zqKugbHJUj0pgXIEgtUWumgdE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.156.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:01:67:33:0a:8b:3a:8f:57:a6:09:bd:a4:e6:f1:3c:1c:2d:
         3b:e6:21:7e:fb:3e:25:72:5e:22:8a:ca:b9:d8:ae:f3:8c:95:
         ef:9f:95:c3:c1:08:78:fe:be:8b:ff:15:bc:05:ed:da:8a:42:
         0a:cd:07:db:b2:a1:42:87:d0:cd:b3:38:81:77:26:c8:11:2d:
         64:94:26:3b:b2:c4:0a:ff:52:02:5c:a0:e7:77:19:bb:13:6c:
         9b:84:d2:fe:91:86:1b:9c:9e:af:1c:9c:41:bf:5a:a8:2a:8c:
         af:61:a7:33:3d:05:e5:c3:fc:ee:54:b8:db:26:45:c7:f0:bb:
         d8:f8:3f:31:55:b5:0b:8a:6a:a8:02:d5:ad:90:6b:e9:dc:3b:
         7a:d3:a2:5d:39:2f:e7:c0:40:ad:c7:8e:5e:c2:93:2f:38:76:
         a3:25:23:ef:db:97:3b:55:b7:64:39:11:88:a9:ed:e2:07:2b:
         0a:64:8a:21:97:a1:7a:26:4b:bc:b5:a7:bd:f6:a9:c8:f0:ef:
         0a:87:16:8e:2d:7c:c2:b4:89:56:d5:6b:f5:d6:3e:5e:d8:4c:
         61:d5:c6:70:ec:fa:13:75:a5:7f:49:07:0c:a1:dd:0e:7c:98:
         3c:ae:b2:15:2e:cf:40:7c:ff:d4:98:ea:ff:1a:c5:32:ba:9c:
         b0:1c:da:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtgey/WNJOiHfvtLgOVpPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzZjZWEyYWU4MWIxYzk1MjNkMjk4MTcyMDQ4MmQ1MTZiYTY4MWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZ8cdso+zkC2pAACGTDpy2CKYc3q
LdnLIZ7CsdO/7hOVR2XsloemMvTBYDKhs4y+Q/WyQZ3WVqr3QSV1jNZB/3wDs9ax
IIlulz6TShEntwveAIZzh3wbSJuBHqja/pjHBajXWbqCh0eMey7LMldZ1l9W/xg3
FrYGPVdJ1Aaj0d0yBc3EARPrBOfsd8VarQ5dCk9nyQDiF6z6xDseSg8U5ugGI1A7
USROf/VFK7K1Sc0HhfWbtEgkrI3GDPXizZq+bNX85StI0HuBYlr1/UOa6Z5R86v/
j5OVIQkizF6mCFM4CExe0GD8KFx67qpf1KXECvh4pd/Siy4oZY39nNqaNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJds6iroGxyVI9KYFyBILVFrpoHRMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbDJ6cUt1Z2JISlVqMHBnWElFZ3RVV3VtZ2RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXpyuMA0G
CSqGSIb3DQEBCwUAA4IBAQBHAWczCos6j1emCb2k5vE8HC075iF++z4lcl4iisq5
2K7zjJXvn5XDwQh4/r6L/xW8Be3aikIKzQfbsqFCh9DNsziBdybIES1klCY7ssQK
/1ICXKDndxm7E2ybhNL+kYYbnJ6vHJxBv1qoKoyvYaczPQXlw/zuVLjbJkXH8LvY
+D8xVbULimqoAtWtkGvp3Dt606JdOS/nwECtx45ewpMvOHajJSPv25c7VbdkORGI
qe3iBysKZIohl6F6Jku8tae99qnI8O8KhxaOLXzCtIlW1Wv11j5e2Exh1cZw7PoT
daV/SQcMod0OfJg8rrIVLs9AfP/UmOr/GsUyupywHNqJ
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:13 2024 by rpki-client on console-ams.rpki-client.org