Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tR2SEvJpcqbB8-GXXyTsFMPDreU.roa
File:                     tR2SEvJpcqbB8-GXXyTsFMPDreU.roa (raw, json)
Hash identifier:          PxqVP0jwhn8u6h9T1hu7pX+2Bv1bs45yX8yStMqIW9g=
Subject key identifier:   B5:1D:92:12:F2:69:72:A6:C1:F3:E1:97:5F:24:EC:14:C3:C3:AD:E5
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       01856D81EB9489235FB600B9298CD0EA2B77
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tR2SEvJpcqbB8-GXXyTsFMPDreU.roa
Signing time:             Sun 01 Jan 2023 13:25:09 +0000
ROA not before:           Sun 01 Jan 2023 13:25:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44564
IP address blocks:        87.121.160.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:81:eb:94:89:23:5f:b6:00:b9:29:8c:d0:ea:2b:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  1 13:25:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b51d9212f26972a6c1f3e1975f24ec14c3c3ade5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:2a:23:c7:84:d9:56:17:b1:e4:7c:e7:35:22:
                    13:b0:6a:27:0f:d4:c9:95:ee:55:dc:64:94:f4:27:
                    8d:0e:77:7f:49:db:b2:31:11:9e:ca:d7:19:4e:6c:
                    d5:b7:f2:9c:0f:57:07:26:ec:2f:bc:bc:e5:db:22:
                    92:69:12:82:34:e7:a1:a6:43:b3:72:67:c9:f0:cc:
                    f8:c2:e1:34:6e:1e:07:e5:80:35:b4:50:1e:d6:96:
                    03:0c:55:4a:58:46:bc:47:bb:d9:0c:aa:b9:09:96:
                    ff:9a:2f:fd:4a:63:df:0b:bd:bc:46:02:70:c0:c9:
                    c5:d2:9b:59:b5:22:37:28:41:26:fd:99:8b:bc:58:
                    c3:ea:a7:56:96:4c:ad:e1:66:1f:e3:a4:03:13:15:
                    7a:c3:40:58:5b:21:05:da:6e:d1:cd:e5:ef:9c:90:
                    f1:22:35:4d:35:9e:fa:07:68:95:6e:ba:45:97:51:
                    77:f0:7f:fa:46:36:b2:d6:54:20:87:1c:ff:49:7a:
                    14:3e:dd:8d:fd:a3:d3:ce:1a:a5:8b:1a:cd:9f:9a:
                    3d:9c:dd:ec:55:92:78:f3:63:dd:5d:25:ad:85:55:
                    f5:36:ec:f1:41:c5:c7:61:d8:c9:36:da:e1:95:db:
                    ca:f2:24:7f:05:11:3f:29:02:75:29:2c:45:21:02:
                    9c:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:1D:92:12:F2:69:72:A6:C1:F3:E1:97:5F:24:EC:14:C3:C3:AD:E5
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tR2SEvJpcqbB8-GXXyTsFMPDreU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.121.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:8e:22:dd:3a:8c:74:7e:39:72:1b:01:5b:24:b9:7c:84:16:
         6a:91:90:ff:fe:c0:a8:94:f7:89:6f:7f:f8:64:fe:11:cc:c2:
         f3:ec:15:50:aa:0d:d5:23:14:25:9e:26:79:aa:b6:e1:5f:ae:
         11:62:9d:95:d8:9f:ed:7b:6b:90:c5:a0:fa:64:4a:bd:b5:9d:
         83:0b:38:e5:f5:6c:73:10:5b:85:7b:c0:ac:a6:3f:56:8c:99:
         17:d0:84:52:c6:c8:77:3f:91:83:2d:da:b2:91:e9:4f:09:b4:
         39:0b:2f:ca:db:d4:3c:8d:cd:92:18:2f:55:18:cc:50:db:2d:
         f0:d7:4e:ea:69:3e:1e:1a:90:73:43:4a:7e:2d:72:97:54:ef:
         30:47:c9:fa:a2:b3:86:58:a5:e4:90:20:14:cf:d7:12:57:ac:
         ac:49:24:3d:eb:cb:30:fd:7a:0c:9e:5b:5a:5b:fb:d6:fb:4b:
         f7:e4:fa:a8:77:8a:45:e2:ee:19:24:b2:ef:51:89:5a:b2:2d:
         61:16:4b:5c:87:b2:4a:f4:c2:0e:61:64:ac:01:47:0c:cf:2c:
         7a:36:2c:28:a9:cf:f9:7e:74:10:b7:d3:cf:3d:41:15:a3:30:
         d1:30:c5:bb:6f:aa:04:db:8c:47:b8:e5:c4:96:08:a7:83:9d:
         04:2a:33:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtgeuUiSNftgC5KYzQ6it3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTFkOTIxMmYyNjk3MmE2YzFmM2UxOTc1ZjI0ZWMxNGMzYzNhZGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriojx4TZVhex5HznNSITsGonD9TJ
le5V3GSU9CeNDnd/SduyMRGeytcZTmzVt/KcD1cHJuwvvLzl2yKSaRKCNOehpkOz
cmfJ8Mz4wuE0bh4H5YA1tFAe1pYDDFVKWEa8R7vZDKq5CZb/mi/9SmPfC728RgJw
wMnF0ptZtSI3KEEm/ZmLvFjD6qdWlkyt4WYf46QDExV6w0BYWyEF2m7RzeXvnJDx
IjVNNZ76B2iVbrpFl1F38H/6Rjay1lQghxz/SXoUPt2N/aPTzhqlixrNn5o9nN3s
VZJ482PdXSWthVX1NuzxQcXHYdjJNtrhldvK8iR/BRE/KQJ1KSxFIQKcCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLUdkhLyaXKmwfPhl18k7BTDw63lMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdFIyU0V2SnBjcWJCOC1HWFh5VHNGTVBEcmVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV3mgMA0G
CSqGSIb3DQEBCwUAA4IBAQBajiLdOox0fjlyGwFbJLl8hBZqkZD//sColPeJb3/4
ZP4RzMLz7BVQqg3VIxQlniZ5qrbhX64RYp2V2J/te2uQxaD6ZEq9tZ2DCzjl9Wxz
EFuFe8Cspj9WjJkX0IRSxsh3P5GDLdqykelPCbQ5Cy/K29Q8jc2SGC9VGMxQ2y3w
107qaT4eGpBzQ0p+LXKXVO8wR8n6orOGWKXkkCAUz9cSV6ysSSQ968sw/XoMnlta
W/vW+0v35Pqod4pF4u4ZJLLvUYlasi1hFktch7JK9MIOYWSsAUcMzyx6Niwoqc/5
fnQQt9PPPUEVozDRMMW7b6oE24xHuOXElging50EKjOo
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:13 2024 by rpki-client on console-ams.rpki-client.org