Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/j_m8-GqklspDtwRkezKmEJg7vns.roa
File:                     j_m8-GqklspDtwRkezKmEJg7vns.roa (raw, json)
Hash identifier:          764AEu6BpYRlFNny2bK43noC6fSWJRIZhJkBLZ0T1oQ=
Subject key identifier:   8F:F9:BC:F8:6A:A4:96:CA:43:B7:04:64:7B:32:A6:10:98:3B:BE:7B
Certificate issuer:       /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial:       018650B742B332F66D88337C9CAFA7F660AC
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/j_m8-GqklspDtwRkezKmEJg7vns.roa
Signing time:             Tue 14 Feb 2023 16:17:12 +0000
ROA not before:           Tue 14 Feb 2023 16:17:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9009
IP address blocks:        185.45.94.0/24 maxlen: 24
                          171.22.60.0/23 maxlen: 23
                          5.183.240.0/23 maxlen: 23
                          92.119.24.0/23 maxlen: 23
                          171.22.62.0/23 maxlen: 23
                          5.183.242.0/23 maxlen: 23
                          92.119.26.0/23 maxlen: 23
                          45.14.80.0/24 maxlen: 24
                          45.14.81.0/24 maxlen: 24
                          45.86.24.0/22 maxlen: 22

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:50:b7:42:b3:32:f6:6d:88:33:7c:9c:af:a7:f6:60:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
        Validity
            Not Before: Feb 14 16:17:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8ff9bcf86aa496ca43b704647b32a610983bbe7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:51:49:19:cc:90:2b:91:8b:fe:09:70:f0:a1:
                    b9:6b:59:8c:92:ac:37:1f:65:ed:46:40:68:f6:ca:
                    ff:81:36:23:de:ca:bd:8a:d0:b9:7c:d5:42:d2:ca:
                    49:2f:b5:6b:01:ee:9c:85:92:ce:cc:4e:5c:c5:c5:
                    2d:9b:1e:8b:74:dd:5a:83:4c:12:dc:12:7c:5a:94:
                    0a:05:2a:29:12:f1:f7:45:28:a8:d0:00:63:49:86:
                    78:f7:eb:dc:ec:49:6c:ae:51:80:37:3d:de:94:87:
                    22:43:b4:e2:f6:ca:c6:a4:25:c8:47:39:e3:e1:04:
                    7e:18:ce:23:2e:1e:0e:e7:19:d5:6e:0b:ff:18:e0:
                    f5:f7:0d:6a:e0:41:70:a6:bf:56:d5:11:6a:89:d8:
                    79:1d:a9:16:40:64:01:5a:91:4e:d4:77:68:da:1d:
                    f1:63:81:f9:87:13:15:4f:a0:ad:37:40:3a:1b:5e:
                    43:68:be:d8:63:47:5c:2a:6a:a5:70:cb:9f:ae:d8:
                    18:7f:29:7a:31:0f:a7:fe:ea:5c:94:43:aa:ea:9b:
                    ae:05:37:0a:6b:f9:8f:cb:0c:5a:71:44:fd:ac:64:
                    44:e8:7e:72:d2:ca:b3:d8:81:09:96:c5:ef:ea:53:
                    5e:f8:d6:e3:ea:d6:67:ae:9d:3b:be:be:b8:6f:89:
                    63:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:F9:BC:F8:6A:A4:96:CA:43:B7:04:64:7B:32:A6:10:98:3B:BE:7B
            X509v3 Authority Key Identifier:
                keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/j_m8-GqklspDtwRkezKmEJg7vns.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.183.240.0/22
                  45.14.80.0/23
                  45.86.24.0/22
                  92.119.24.0/22
                  171.22.60.0/22
                  185.45.94.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:61:e5:61:66:7b:9a:5c:20:f6:7b:75:41:72:8a:27:81:3a:
         6c:01:25:8e:63:20:df:4f:dd:f0:b7:ef:1f:78:40:a8:0d:35:
         ce:e6:fe:ee:7a:84:a0:b0:f3:e4:bc:99:a2:d7:27:89:0c:b2:
         32:6b:12:13:25:ac:4d:c3:68:77:86:49:80:b1:fc:26:1f:5b:
         7b:63:aa:8c:b8:40:4f:5c:cf:7d:a2:c3:2f:f2:43:97:d7:35:
         45:ad:5d:4c:4e:85:09:8d:0c:6d:95:f2:0f:b2:fc:83:62:49:
         2f:a5:99:65:79:06:a8:b9:34:03:95:55:a8:66:fe:cc:41:ec:
         ef:64:1e:ae:77:f6:23:a0:55:c9:e1:4a:31:90:c8:e4:b6:88:
         be:40:63:3c:c1:b0:e3:8b:39:4d:3a:20:0b:86:1b:d1:0b:c5:
         ef:cd:fb:41:03:2c:74:b0:de:c8:ee:2c:4d:3a:90:7e:c8:b2:
         b6:6f:7d:c3:50:50:00:62:f3:de:7f:ed:81:32:a4:1d:25:82:
         bc:2b:82:2b:45:a9:3b:49:01:50:a0:ee:3c:a0:04:5c:b4:25:
         cf:2b:43:b2:31:74:44:eb:6b:03:74:11:a8:34:1d:97:31:d3:
         09:20:43:07:7b:1e:8e:06:ac:5a:72:1a:0c:43:6e:22:b3:be:
         c5:6d:14:90
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYZQt0KzMvZtiDN8nK+n9mCsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjMwMjE0MTYxNzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmY5YmNmODZhYTQ5NmNhNDNiNzA0NjQ3YjMyYTYxMDk4M2JiZTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1FJGcyQK5GL/glw8KG5a1mMkqw3
H2XtRkBo9sr/gTYj3sq9itC5fNVC0spJL7VrAe6chZLOzE5cxcUtmx6LdN1ag0wS
3BJ8WpQKBSopEvH3RSio0ABjSYZ49+vc7ElsrlGANz3elIciQ7Ti9srGpCXIRznj
4QR+GM4jLh4O5xnVbgv/GOD19w1q4EFwpr9W1RFqidh5HakWQGQBWpFO1Hdo2h3x
Y4H5hxMVT6CtN0A6G15DaL7YY0dcKmqlcMufrtgYfyl6MQ+n/upclEOq6puuBTcK
a/mPywxacUT9rGRE6H5y0sqz2IEJlsXv6lNe+Nbj6tZnrp07vr64b4ljzQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFI/5vPhqpJbKQ7cEZHsyphCYO757MB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEval9tOC1HcWtsc3BEdHdSa2V6S21FSmc3dm5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBbfwAwQB
LQ5QAwQCLVYYAwQCXHcYAwQCqxY8AwQAuS1eMA0GCSqGSIb3DQEBCwUAA4IBAQB9
YeVhZnuaXCD2e3VBcoongTpsASWOYyDfT93wt+8feECoDTXO5v7ueoSgsPPkvJmi
1yeJDLIyaxITJaxNw2h3hkmAsfwmH1t7Y6qMuEBPXM99osMv8kOX1zVFrV1MToUJ
jQxtlfIPsvyDYkkvpZlleQaouTQDlVWoZv7MQezvZB6ud/YjoFXJ4UoxkMjktoi+
QGM8wbDjizlNOiALhhvRC8XvzftBAyx0sN7I7ixNOpB+yLK2b33DUFAAYvPef+2B
MqQdJYK8K4IrRak7SQFQoO48oARctCXPK0OyMXRE62sDdBGoNB2XMdMJIEMHex6O
BqxachoMQ24is77FbRSQ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:52 2023 by rpki-client on console-fra.rpki-client.org