Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vlrzSsC8TK0dO7upJgulnD8jrvg.roa
File:                     vlrzSsC8TK0dO7upJgulnD8jrvg.roa (raw, json)
Hash identifier:          XiBJuq0qVmVK2m/oBI8VX2LuGnpAPGRxy/s722dqgEs=
Subject key identifier:   BE:5A:F3:4A:C0:BC:4C:AD:1D:3B:BB:A9:26:0B:A5:9C:3F:23:AE:F8
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       01856D82009B9D7976B7FF86F4F44D6D374A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vlrzSsC8TK0dO7upJgulnD8jrvg.roa
Signing time:             Sun 01 Jan 2023 13:25:14 +0000
ROA not before:           Sun 01 Jan 2023 13:25:14 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201159
IP address blocks:        94.156.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 17 Apr 2023 07:30:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:82:00:9b:9d:79:76:b7:ff:86:f4:f4:4d:6d:37:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  1 13:25:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=be5af34ac0bc4cad1d3bbba9260ba59c3f23aef8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:5e:08:7e:9f:46:06:55:1f:3d:95:3a:5b:22:
                    73:57:0c:37:3a:08:70:ea:ac:b7:34:c5:29:d0:00:
                    41:3b:39:c5:3b:e7:45:27:13:b5:1b:6c:a3:1c:0e:
                    10:fc:6b:9c:fe:d9:30:f3:60:ef:a8:67:68:4a:80:
                    01:47:98:f4:ae:25:82:f0:f1:80:3a:46:37:a5:a8:
                    9c:80:b2:0f:fa:58:c6:d4:7f:cb:b0:a6:a3:23:9e:
                    4d:06:c4:d8:27:43:b7:f0:cf:39:59:85:61:31:5e:
                    df:0d:a2:6c:c7:46:12:e6:a9:d7:18:44:80:4c:df:
                    17:09:4b:27:66:1f:d4:94:75:53:d0:cc:9f:b9:a0:
                    7d:d6:9f:b8:a4:e9:0e:a2:0f:37:82:93:a6:cc:a8:
                    70:2e:9e:0b:07:26:21:0b:d3:9f:81:9b:2a:89:1f:
                    69:c2:82:56:28:26:6a:fa:2c:47:4f:4c:95:f3:ac:
                    42:84:ff:94:c2:a6:23:9f:4e:07:ca:de:75:4a:7a:
                    30:86:8f:6b:8e:b4:7e:5b:73:e8:1d:f4:e7:8f:72:
                    e1:2d:2e:da:23:6b:44:d2:2a:87:25:84:a3:ec:b1:
                    80:15:81:69:5c:c0:ca:0b:d0:4e:75:15:0b:5f:b1:
                    41:6a:c0:a0:47:8b:03:e8:bd:12:32:07:aa:44:19:
                    27:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:5A:F3:4A:C0:BC:4C:AD:1D:3B:BB:A9:26:0B:A5:9C:3F:23:AE:F8
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vlrzSsC8TK0dO7upJgulnD8jrvg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.156.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:b2:e1:1e:b4:a4:99:83:a9:15:39:ac:42:f3:19:53:35:63:
         71:b8:91:19:40:af:8c:80:70:ad:d6:91:cc:f2:94:6f:eb:85:
         1d:fe:ee:fd:a0:df:a8:90:78:89:ac:10:73:d5:8f:d9:71:02:
         c9:a5:46:f0:67:1f:6c:9a:83:c0:f5:e7:3f:59:aa:ef:1d:14:
         e4:8a:c5:33:8e:5d:3e:4e:e9:e8:f9:e3:95:f3:ed:b3:f0:d8:
         9c:c0:ad:a9:4e:53:c2:6b:90:31:ac:59:a8:b1:bf:18:48:b3:
         c7:78:78:b8:ee:25:14:22:bb:4f:af:da:55:50:b4:44:48:a8:
         11:36:bb:24:da:eb:da:84:8e:e1:f0:33:17:e4:66:e7:87:c8:
         56:2a:8d:c8:cf:fc:07:f9:d7:e3:8e:b8:08:83:20:d9:9c:6c:
         35:f9:71:fd:74:ed:00:fe:59:96:63:a4:fe:e2:20:6c:e7:d6:
         fd:c7:90:14:22:57:02:cd:05:d5:f7:24:35:4e:2b:a8:3b:dc:
         5a:e3:0e:ab:f6:14:9e:84:3d:b1:b6:3c:4c:51:af:65:7f:f0:
         82:bb:f2:b1:57:3d:62:30:33:d9:97:6c:3a:0e:55:9b:a1:3b:
         7e:f7:46:ae:03:2e:9d:fd:e9:e9:b2:d9:55:a9:05:bc:39:bb:
         75:81:59:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtggCbnXl2t/+G9PRNbTdKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTVhZjM0YWMwYmM0Y2FkMWQzYmJiYTkyNjBiYTU5YzNmMjNhZWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm14Ifp9GBlUfPZU6WyJzVww3Oghw
6qy3NMUp0ABBOznFO+dFJxO1G2yjHA4Q/Guc/tkw82DvqGdoSoABR5j0riWC8PGA
OkY3paicgLIP+ljG1H/LsKajI55NBsTYJ0O38M85WYVhMV7fDaJsx0YS5qnXGESA
TN8XCUsnZh/UlHVT0MyfuaB91p+4pOkOog83gpOmzKhwLp4LByYhC9OfgZsqiR9p
woJWKCZq+ixHT0yV86xChP+UwqYjn04Hyt51Snowho9rjrR+W3PoHfTnj3LhLS7a
I2tE0iqHJYSj7LGAFYFpXMDKC9BOdRULX7FBasCgR4sD6L0SMgeqRBknvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL5a80rAvEytHTu7qSYLpZw/I674MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdmxyelNzQzhUSzBkTzd1cEpndWxuRDhqcnZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXpz9MA0G
CSqGSIb3DQEBCwUAA4IBAQApsuEetKSZg6kVOaxC8xlTNWNxuJEZQK+MgHCt1pHM
8pRv64Ud/u79oN+okHiJrBBz1Y/ZcQLJpUbwZx9smoPA9ec/WarvHRTkisUzjl0+
Tuno+eOV8+2z8NicwK2pTlPCa5AxrFmosb8YSLPHeHi47iUUIrtPr9pVULRESKgR
Nrsk2uvahI7h8DMX5Gbnh8hWKo3Iz/wH+dfjjrgIgyDZnGw1+XH9dO0A/lmWY6T+
4iBs59b9x5AUIlcCzQXV9yQ1TiuoO9xa4w6r9hSehD2xtjxMUa9lf/CCu/KxVz1i
MDPZl2w6DlWboTt+90auAy6d/enpstlVqQW8Obt1gVmU
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:46 2024 by rpki-client on console-ams.rpki-client.org