Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/ihDrpDS6k44dKLbpq3xUkf4Fc4U.roa
File:                     ihDrpDS6k44dKLbpq3xUkf4Fc4U.roa (raw, json)
Hash identifier:          /MPS6F6hs2nKKnzWHfy6wF4PcJWspIQNod/8++k2AnQ=
Subject key identifier:   8A:10:EB:A4:34:BA:93:8E:1D:28:B6:E9:AB:7C:54:91:FE:05:73:85
Certificate issuer:       /CN=3a0b05f40a6916394782302d1b5660737257a48b
Certificate serial:       01856D819C2ED044C3EBA7B79254CA4CEE73
Authority key identifier: 3A:0B:05:F4:0A:69:16:39:47:82:30:2D:1B:56:60:73:72:57:A4:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OgsF9AppFjlHgjAtG1Zgc3JXpIs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/ihDrpDS6k44dKLbpq3xUkf4Fc4U.roa
Signing time:             Sun 01 Jan 2023 13:24:48 +0000
ROA not before:           Sun 01 Jan 2023 13:24:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207326
IP address blocks:        45.158.14.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:81:9c:2e:d0:44:c3:eb:a7:b7:92:54:ca:4c:ee:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a0b05f40a6916394782302d1b5660737257a48b
        Validity
            Not Before: Jan  1 13:24:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8a10eba434ba938e1d28b6e9ab7c5491fe057385
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:4e:e3:79:12:08:68:ef:c2:89:cb:ea:00:75:
                    67:78:2f:03:2b:2f:61:eb:16:52:f7:db:63:a7:28:
                    c1:55:92:58:d7:c4:6b:56:f3:08:9d:9a:61:4b:a1:
                    a2:05:e0:26:1c:cd:f5:06:a1:a1:38:e3:cc:73:bd:
                    86:2a:fc:c5:87:1a:ed:2c:49:b2:38:3d:2b:02:93:
                    f1:61:0c:3a:2f:a7:c6:6a:d0:3b:a0:9b:24:68:07:
                    c7:f2:98:38:df:0d:ee:c3:f1:6f:ca:57:ba:98:96:
                    7b:dd:6a:90:f3:7b:89:4f:7a:bb:9f:bb:9f:24:33:
                    90:03:72:86:14:fa:78:f3:7b:7f:16:3c:99:12:20:
                    f3:f1:ff:a7:e2:e7:0e:d3:8f:c4:06:8d:c0:3c:9c:
                    55:7c:9e:36:b2:6c:09:44:34:bb:86:20:2f:75:22:
                    8d:8a:07:50:00:75:85:46:0b:e6:64:61:6b:cb:87:
                    8e:d2:88:42:be:19:6f:17:ba:1c:e5:5c:fa:81:05:
                    d4:09:b0:be:24:db:19:4f:82:d2:19:95:00:d4:dc:
                    b0:96:ce:94:d0:9b:a4:b7:83:39:7e:36:46:a5:3d:
                    0d:c7:08:56:9f:ea:01:27:22:b1:d3:2a:e2:c5:00:
                    f9:d2:21:e6:7d:7e:ee:1f:8a:93:71:57:84:ba:ca:
                    b1:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:10:EB:A4:34:BA:93:8E:1D:28:B6:E9:AB:7C:54:91:FE:05:73:85
            X509v3 Authority Key Identifier:
                keyid:3A:0B:05:F4:0A:69:16:39:47:82:30:2D:1B:56:60:73:72:57:A4:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgsF9AppFjlHgjAtG1Zgc3JXpIs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/ihDrpDS6k44dKLbpq3xUkf4Fc4U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/OgsF9AppFjlHgjAtG1Zgc3JXpIs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.158.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c3:47:28:1d:52:83:02:a8:ca:00:75:ae:f8:16:59:ba:eb:74:
         9a:a9:bb:24:f0:ce:ab:1a:ba:15:cb:3a:47:d0:71:a1:d8:79:
         5d:8b:9c:b1:74:02:57:96:3d:ec:24:ac:e7:5a:45:e0:6e:ee:
         21:35:c1:3d:1b:15:e4:00:1c:0b:10:72:85:3c:33:76:a5:c8:
         30:f3:26:22:0e:c5:3d:cd:bc:00:81:b5:28:b2:5a:63:8a:41:
         f1:96:bc:d1:75:94:e9:31:ea:a0:49:23:b6:38:d9:63:45:6c:
         1c:46:c5:87:f5:53:5e:d1:aa:fc:e9:99:a4:e2:63:99:36:df:
         1d:99:75:8b:77:df:d3:7c:4f:16:a0:dc:15:aa:af:c5:39:6d:
         2f:84:67:24:4a:a6:e8:2e:89:bb:ab:1e:4c:43:8f:7c:45:80:
         ed:7b:ce:4c:1a:40:bc:01:45:40:a6:bc:aa:b7:f3:56:43:25:
         22:1b:02:49:44:55:c5:3f:d5:37:cc:ad:d9:5a:40:2d:06:9d:
         38:d7:b9:ef:6c:8c:3d:83:da:19:ad:ef:7b:39:a8:29:ab:be:
         97:35:2b:34:65:62:7c:7c:0a:3c:c6:eb:22:2e:f1:ff:cd:e3:
         7b:78:ce:26:07:df:3d:38:f2:21:91:12:d5:59:c7:94:d7:b2:
         70:41:ed:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtgZwu0ETD66e3klTKTO5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMGIwNWY0MGE2OTE2Mzk0NzgyMzAyZDFiNTY2MDczNzI1
N2E0OGIwHhcNMjMwMTAxMTMyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTEwZWJhNDM0YmE5MzhlMWQyOGI2ZTlhYjdjNTQ5MWZlMDU3Mzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6U7jeRIIaO/CicvqAHVneC8DKy9h
6xZS99tjpyjBVZJY18RrVvMInZphS6GiBeAmHM31BqGhOOPMc72GKvzFhxrtLEmy
OD0rApPxYQw6L6fGatA7oJskaAfH8pg43w3uw/Fvyle6mJZ73WqQ83uJT3q7n7uf
JDOQA3KGFPp483t/FjyZEiDz8f+n4ucO04/EBo3APJxVfJ42smwJRDS7hiAvdSKN
igdQAHWFRgvmZGFry4eO0ohCvhlvF7oc5Vz6gQXUCbC+JNsZT4LSGZUA1Nywls6U
0Jukt4M5fjZGpT0NxwhWn+oBJyKx0yrixQD50iHmfX7uH4qTcVeEusqxFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIoQ66Q0upOOHSi26at8VJH+BXOFMB8GA1UdIwQY
MBaAFDoLBfQKaRY5R4IwLRtWYHNyV6SLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dzRjlBcHBGamxIZ2pBdEcxWmdjM0pYcElzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC83NTgzY2ItZDMxZS00ZTAzLWIxNGIt
YjIwZTI4ZjUxODhmLzEvaWhEcnBEUzZrNDRkS0xicHEzeFVrZjRGYzRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC83NTgzY2ItZDMxZS00ZTAzLWIxNGItYjIwZTI4ZjUxODhm
LzEvT2dzRjlBcHBGamxIZ2pBdEcxWmdjM0pYcElzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ4OMA0G
CSqGSIb3DQEBCwUAA4IBAQDDRygdUoMCqMoAda74Flm663Saqbsk8M6rGroVyzpH
0HGh2Hldi5yxdAJXlj3sJKznWkXgbu4hNcE9GxXkABwLEHKFPDN2pcgw8yYiDsU9
zbwAgbUoslpjikHxlrzRdZTpMeqgSSO2ONljRWwcRsWH9VNe0ar86Zmk4mOZNt8d
mXWLd9/TfE8WoNwVqq/FOW0vhGckSqboLom7qx5MQ498RYDte85MGkC8AUVApryq
t/NWQyUiGwJJRFXFP9U3zK3ZWkAtBp0417nvbIw9g9oZre97Oagpq76XNSs0ZWJ8
fAo8xusiLvH/zeN7eM4mB989OPIhkRLVWceU17JwQe1y
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:21 2024 by rpki-client on console-ams.rpki-client.org