Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/G94h-vnJs0-C7oFh207tT958meg.roa
File:                     G94h-vnJs0-C7oFh207tT958meg.roa (raw, json)
Hash identifier:          LErEofNEOLHaELK9eVfCZUu69jnRlxwpG99QkDTvsVg=
Subject key identifier:   1B:DE:21:FA:F9:C9:B3:4F:82:EE:81:61:DB:4E:ED:4F:DE:7C:99:E8
Certificate issuer:       /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial:       01856F14D3A8C359300664CF60B5258C5CAC
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/G94h-vnJs0-C7oFh207tT958meg.roa
Signing time:             Sun 01 Jan 2023 20:45:13 +0000
ROA not before:           Sun 01 Jan 2023 20:45:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209588
IP address blocks:        147.78.47.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:14:d3:a8:c3:59:30:06:64:cf:60:b5:25:8c:5c:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
        Validity
            Not Before: Jan  1 20:45:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1bde21faf9c9b34f82ee8161db4eed4fde7c99e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:96:2a:9e:3f:26:fe:00:2e:d4:73:ac:23:6d:
                    69:e1:0d:64:44:41:74:4b:b4:45:27:c4:69:7b:c3:
                    38:c1:8f:7d:3c:f7:aa:de:44:c6:a1:6a:fb:f0:20:
                    b6:d6:a6:f1:d7:11:bf:5c:39:5f:f8:be:b9:01:58:
                    ad:45:ee:4b:07:47:5e:cd:63:f4:40:46:48:1d:f0:
                    db:58:71:2c:e4:f3:1a:fa:ae:87:b5:a8:8c:4b:c7:
                    63:30:60:4a:29:8d:dc:69:74:d6:6d:de:82:f7:14:
                    f2:c6:67:e3:71:35:d1:56:a2:7b:04:5d:ac:07:78:
                    07:b3:87:65:4e:13:42:b3:92:20:35:11:f2:83:bd:
                    fc:38:00:85:91:ec:21:fe:f8:e6:15:fd:49:37:de:
                    c0:d3:5f:fb:ff:c7:b0:62:ba:50:78:20:00:f7:ac:
                    b4:31:89:e6:55:9c:1e:70:37:d6:cc:a1:72:fe:29:
                    cb:f2:a1:0b:ef:62:d7:91:46:52:24:67:fd:29:2b:
                    4f:20:34:4d:79:d9:c5:62:56:28:f7:dc:c7:40:70:
                    08:af:67:92:ce:3f:b0:c3:ef:0e:9e:56:61:20:99:
                    a4:60:35:62:3a:a6:3e:a9:07:7b:3e:55:a3:5a:a7:
                    e3:70:5c:e5:8b:10:94:6f:cf:7b:c0:52:77:d1:21:
                    27:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:DE:21:FA:F9:C9:B3:4F:82:EE:81:61:DB:4E:ED:4F:DE:7C:99:E8
            X509v3 Authority Key Identifier:
                keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/G94h-vnJs0-C7oFh207tT958meg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.78.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:97:99:d2:bb:71:82:f7:73:90:61:f6:db:5c:f5:36:f2:4f:
         72:9a:f9:03:ef:b8:a4:54:ef:be:5f:4b:fc:29:ca:07:85:80:
         60:cc:a2:dc:4e:ab:9f:ac:01:0c:86:fc:38:74:cd:9a:bd:61:
         38:d8:c7:14:9c:b7:52:10:8a:c3:15:73:9e:a2:bc:86:25:f7:
         45:10:4b:d1:76:84:79:54:18:18:aa:2a:d8:a8:76:34:7c:3e:
         25:66:4c:ec:e3:93:f3:06:a9:2c:31:e1:05:50:19:39:72:59:
         be:62:fe:b8:0b:83:3b:33:bb:93:9b:ed:c5:f5:55:ac:d0:96:
         8e:3b:6f:b3:5c:bd:4d:06:6a:08:68:83:1d:08:16:93:01:d8:
         7d:58:97:d0:3c:7c:18:74:68:1a:e8:4b:fe:25:14:b5:ac:d4:
         eb:c3:68:07:ff:37:2b:4c:8a:1a:f7:e8:5d:0d:6b:3a:8f:db:
         f6:af:b0:3c:72:13:a6:3f:8c:18:89:95:44:8a:51:4e:05:3b:
         22:af:e3:23:05:5b:0e:03:02:a9:65:cf:28:3b:9c:fb:21:5d:
         16:dc:33:20:f6:16:80:03:21:4b:38:41:ba:75:05:8f:bc:67:
         87:dd:5a:9d:cc:ff:36:c4:d2:a5:0b:d0:bd:2b:ef:d5:87:6c:
         5a:e1:97:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFNOow1kwBmTPYLUljFysMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTVkN2ZlZTRhNDk5ZWNhZjExZDJkM2RhOGUzODlkZTMy
MzQxMmYwHhcNMjMwMTAxMjA0NTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmRlMjFmYWY5YzliMzRmODJlZTgxNjFkYjRlZWQ0ZmRlN2M5OWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZYqnj8m/gAu1HOsI21p4Q1kREF0
S7RFJ8Rpe8M4wY99PPeq3kTGoWr78CC21qbx1xG/XDlf+L65AVitRe5LB0dezWP0
QEZIHfDbWHEs5PMa+q6HtaiMS8djMGBKKY3caXTWbd6C9xTyxmfjcTXRVqJ7BF2s
B3gHs4dlThNCs5IgNRHyg738OACFkewh/vjmFf1JN97A01/7/8ewYrpQeCAA96y0
MYnmVZwecDfWzKFy/inL8qEL72LXkUZSJGf9KStPIDRNednFYlYo99zHQHAIr2eS
zj+ww+8OnlZhIJmkYDViOqY+qQd7PlWjWqfjcFzlixCUb897wFJ30SEnWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBveIfr5ybNPgu6BYdtO7U/efJnoMB8GA1UdIwQY
MBaAFCRV1/7kpJnsrxHS09qOOJ3jI0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEt
MWUwNDY1NTEzYjYzLzEvRzk0aC12bkpzMC1DN29GaDIwN3RUOTU4bWVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEtMWUwNDY1NTEzYjYz
LzEvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk04vMA0G
CSqGSIb3DQEBCwUAA4IBAQA3l5nSu3GC93OQYfbbXPU28k9ymvkD77ikVO++X0v8
KcoHhYBgzKLcTqufrAEMhvw4dM2avWE42McUnLdSEIrDFXOeoryGJfdFEEvRdoR5
VBgYqirYqHY0fD4lZkzs45PzBqksMeEFUBk5clm+Yv64C4M7M7uTm+3F9VWs0JaO
O2+zXL1NBmoIaIMdCBaTAdh9WJfQPHwYdGga6Ev+JRS1rNTrw2gH/zcrTIoa9+hd
DWs6j9v2r7A8chOmP4wYiZVEilFOBTsir+MjBVsOAwKpZc8oO5z7IV0W3DMg9haA
AyFLOEG6dQWPvGeH3VqdzP82xNKlC9C9K+/Vh2xa4ZeW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:36 2024 by rpki-client on console-fra.rpki-client.org