Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/hvUUYmXR3O-eH7YpxPPJtc4QrPw.roa
File:                     hvUUYmXR3O-eH7YpxPPJtc4QrPw.roa (raw, json)
Hash identifier:          YnAZ6H6wjKedbiCl/uSPvQfu8jdXQewIv/1jZDHR5bI=
Subject key identifier:   86:F5:14:62:65:D1:DC:EF:9E:1F:B6:29:C4:F3:C9:B5:CE:10:AC:FC
Certificate issuer:       /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial:       0185E04DDC38C4BA9609D868417C2033392A
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/hvUUYmXR3O-eH7YpxPPJtc4QrPw.roa
Signing time:             Mon 23 Jan 2023 20:24:37 +0000
ROA not before:           Mon 23 Jan 2023 20:24:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        185.84.162.0/23 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e0:4d:dc:38:c4:ba:96:09:d8:68:41:7c:20:33:39:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
        Validity
            Not Before: Jan 23 20:24:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=86f5146265d1dcef9e1fb629c4f3c9b5ce10acfc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:f2:99:7c:35:bc:f7:65:85:06:8b:81:f9:17:
                    10:f1:ce:5b:a8:71:ed:3c:2c:78:4d:70:0d:b9:f0:
                    13:53:04:81:4d:03:c6:c7:10:c0:45:41:48:83:d4:
                    77:2e:d3:7a:27:26:20:19:3f:9e:02:da:27:43:e3:
                    45:01:6e:72:c2:67:3d:b4:06:28:a8:62:54:f3:4f:
                    30:97:e8:15:a4:f7:35:eb:14:d6:dc:35:c3:ef:c3:
                    cc:b7:5a:43:0f:37:b0:5f:3f:5f:a0:dc:84:72:dc:
                    55:3e:87:ca:1e:4e:33:a0:2a:8c:8d:8f:e7:9e:06:
                    cf:84:ed:15:8f:0e:cb:ae:88:12:40:d3:f6:05:bc:
                    75:ac:67:59:8f:95:78:0e:17:84:d8:c8:32:61:0f:
                    fb:84:ac:bd:e9:b1:99:dc:96:98:56:b1:3d:14:07:
                    1a:63:0f:ca:5f:2c:e3:49:09:7d:f2:1f:17:34:d0:
                    6e:49:51:9a:d4:cf:ec:97:c8:8a:c2:17:62:3e:1e:
                    20:42:75:28:3a:73:14:d3:e4:8c:cb:b5:a5:ee:b8:
                    01:29:88:53:7f:55:49:fc:44:be:b7:5f:82:7b:24:
                    cd:92:87:7f:29:34:5c:da:08:f3:83:f2:7e:1c:20:
                    03:ff:54:67:37:5d:8a:5f:5b:60:16:4d:4d:44:17:
                    79:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:F5:14:62:65:D1:DC:EF:9E:1F:B6:29:C4:F3:C9:B5:CE:10:AC:FC
            X509v3 Authority Key Identifier:
                keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/hvUUYmXR3O-eH7YpxPPJtc4QrPw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.84.162.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a9:c2:fa:58:fe:76:66:49:ae:25:d4:dd:33:ab:b5:ae:7d:68:
         53:58:5a:c0:31:05:2e:e5:c8:89:ae:c8:1a:bf:d3:1e:f9:28:
         ab:17:84:f3:2d:d5:d9:2e:35:0f:4a:24:03:36:d1:61:c9:b4:
         03:73:22:ad:22:0b:7e:9f:d4:c5:f5:7e:bf:ae:9c:5b:f4:82:
         78:93:0e:fd:0e:a1:28:cb:c1:34:b9:0c:2a:68:3b:93:9b:65:
         fd:fd:d3:41:55:54:34:6a:32:13:98:85:1d:33:27:3e:4c:f6:
         6f:0e:c5:55:66:ce:15:8f:0c:e9:e4:6b:04:fd:88:f9:b4:57:
         71:dd:50:d6:04:7e:98:fa:8c:b4:f3:4b:be:66:d7:66:34:41:
         8f:69:40:05:24:13:23:e0:c7:3a:51:6c:eb:3a:7b:e0:d4:18:
         f6:46:5a:25:0b:39:08:69:37:03:36:4a:ff:e1:ee:16:7d:be:
         c8:c7:79:ca:11:cc:c5:cd:59:23:22:9f:d3:a4:b9:3f:38:e7:
         61:ed:66:be:1b:b7:40:13:77:d5:ca:19:0b:9d:ce:01:16:86:
         4d:8b:e8:6f:17:aa:f9:40:2e:79:54:83:66:2b:36:b3:83:6f:
         7d:fc:05:95:e2:ce:c7:bb:15:39:94:b1:de:84:cd:79:25:da:
         73:c6:b9:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXgTdw4xLqWCdhoQXwgMzkqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjMwMTIzMjAyNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmY1MTQ2MjY1ZDFkY2VmOWUxZmI2MjljNGYzYzliNWNlMTBhY2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvKZfDW892WFBouB+RcQ8c5bqHHt
PCx4TXANufATUwSBTQPGxxDARUFIg9R3LtN6JyYgGT+eAtonQ+NFAW5ywmc9tAYo
qGJU808wl+gVpPc16xTW3DXD78PMt1pDDzewXz9foNyEctxVPofKHk4zoCqMjY/n
ngbPhO0Vjw7LrogSQNP2Bbx1rGdZj5V4DheE2MgyYQ/7hKy96bGZ3JaYVrE9FAca
Yw/KXyzjSQl98h8XNNBuSVGa1M/sl8iKwhdiPh4gQnUoOnMU0+SMy7Wl7rgBKYhT
f1VJ/ES+t1+CeyTNkod/KTRc2gjzg/J+HCAD/1RnN12KX1tgFk1NRBd5FQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIb1FGJl0dzvnh+2KcTzybXOEKz8MB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvaHZVVVltWFIzTy1lSDdZcHhQUEp0YzRRclB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuVSiMA0G
CSqGSIb3DQEBCwUAA4IBAQCpwvpY/nZmSa4l1N0zq7WufWhTWFrAMQUu5ciJrsga
v9Me+SirF4TzLdXZLjUPSiQDNtFhybQDcyKtIgt+n9TF9X6/rpxb9IJ4kw79DqEo
y8E0uQwqaDuTm2X9/dNBVVQ0ajITmIUdMyc+TPZvDsVVZs4Vjwzp5GsE/Yj5tFdx
3VDWBH6Y+oy080u+ZtdmNEGPaUAFJBMj4Mc6UWzrOnvg1Bj2RlolCzkIaTcDNkr/
4e4Wfb7Ix3nKEczFzVkjIp/TpLk/OOdh7Wa+G7dAE3fVyhkLnc4BFoZNi+hvF6r5
QC55VINmKzazg299/AWV4s7HuxU5lLHehM15JdpzxrkY
-----END CERTIFICATE-----
Generated at Tue Aug 22 06:56:06 2023 by rpki-client on console-ams.rpki-client.org