Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/OXxxtcmJIKa5j60q_eMzCDAnSJk.roa
File:                     OXxxtcmJIKa5j60q_eMzCDAnSJk.roa (raw, json)
Hash identifier:          TKjp6/hwpdYiMDL0vae4ylAt2+MlZgZH+kI2mU4u+dI=
Subject key identifier:   39:7C:71:B5:C9:89:20:A6:B9:8F:AD:2A:FD:E3:33:08:30:27:48:99
Certificate issuer:       /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial:       0189C0EFF2DC49E55520B47379DD71060072
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/OXxxtcmJIKa5j60q_eMzCDAnSJk.roa
Signing time:             Fri 04 Aug 2023 14:24:57 +0000
ROA not before:           Fri 04 Aug 2023 14:24:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2856
IP address blocks:        94.154.40.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Fri 03 Nov 2023 20:54:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:c0:ef:f2:dc:49:e5:55:20:b4:73:79:dd:71:06:00:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
        Validity
            Not Before: Aug  4 14:24:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=397c71b5c98920a6b98fad2afde3330830274899
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:cf:a7:c6:58:5c:6b:56:e1:c2:19:25:b8:98:
                    13:da:63:05:9b:a3:41:ae:07:40:00:a4:29:88:40:
                    e0:e1:84:86:13:0c:35:c3:c1:3a:aa:f2:b8:ee:60:
                    17:24:2b:ab:1a:6b:bc:3a:55:4f:bb:7d:be:5d:b4:
                    90:51:b8:fb:ea:4f:8e:0f:90:b3:46:7b:da:2d:f4:
                    93:d1:33:28:a7:cf:ba:a2:cc:3c:79:ce:bc:fb:7b:
                    ff:27:79:68:7f:1b:ef:ae:1b:f4:e0:35:33:11:6e:
                    e2:1e:30:c0:e3:26:9d:07:59:8d:fd:a3:5d:70:c0:
                    a2:c7:de:fe:73:e3:17:21:0e:55:8f:be:9b:b3:d4:
                    c9:6f:1f:64:6e:d7:22:bf:0c:d9:06:22:84:b1:bc:
                    15:08:78:ea:1b:33:12:c5:6f:2b:ec:7c:7d:fb:94:
                    f9:36:f8:7d:d2:2c:9b:0c:2c:8f:da:ad:a4:fb:f2:
                    21:31:19:ec:de:32:84:56:d9:03:99:09:35:13:87:
                    37:29:c2:88:e6:3c:05:5f:c4:8b:2c:97:a1:23:19:
                    27:99:2b:2f:21:a4:25:10:ee:b0:4e:2f:69:bd:a1:
                    b9:2d:07:0b:79:da:ea:52:ff:78:1a:2d:d9:63:69:
                    8c:d2:2e:fb:bd:0d:d8:fd:91:26:0a:28:43:41:d3:
                    ef:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:7C:71:B5:C9:89:20:A6:B9:8F:AD:2A:FD:E3:33:08:30:27:48:99
            X509v3 Authority Key Identifier:
                keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/OXxxtcmJIKa5j60q_eMzCDAnSJk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.154.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         66:f0:4d:c3:69:76:bf:a5:c1:2a:7a:0a:5e:0e:4b:24:09:0e:
         5b:72:92:7e:50:de:12:e6:4f:da:42:c5:27:22:ca:8c:b5:6a:
         9d:cb:96:9d:7c:d8:c7:78:48:27:48:59:7e:96:ee:3b:4c:47:
         d9:da:9d:94:ee:61:58:4f:1f:39:f5:b2:35:20:59:20:83:fd:
         1b:e0:b1:27:12:93:b8:7f:81:05:5a:92:62:ca:cd:1d:bf:0a:
         60:46:3b:57:c9:c7:c8:79:fd:69:29:a8:f6:45:3e:0d:be:4e:
         01:ea:db:a0:54:2d:ba:99:76:65:3e:b6:3e:ba:62:cd:de:db:
         49:7e:3c:e0:4c:79:f4:c4:19:f3:52:dc:7b:af:79:b1:73:de:
         c1:0b:93:e0:5e:5a:85:04:83:b7:8b:07:64:0a:d1:e5:e4:07:
         19:85:b1:fa:8b:1b:87:21:20:2c:3f:78:b1:88:d2:8a:48:bd:
         b0:7d:84:30:90:56:a0:df:10:21:47:ef:fc:fc:a2:da:ed:8f:
         d4:24:8d:c5:53:be:7f:4b:29:c5:5a:3f:c9:28:8d:2e:d7:c9:
         4d:e1:ea:a8:7e:93:7b:1c:0d:ff:19:bd:1c:3e:74:96:6e:6f:
         40:f6:74:8d:d2:6f:df:a6:ba:29:98:05:23:b7:71:60:5a:14:
         5e:76:13:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnA7/LcSeVVILRzed1xBgByMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjMwODA0MTQyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTdjNzFiNWM5ODkyMGE2Yjk4ZmFkMmFmZGUzMzMwODMwMjc0ODk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsM+nxlhca1bhwhkluJgT2mMFm6NB
rgdAAKQpiEDg4YSGEww1w8E6qvK47mAXJCurGmu8OlVPu32+XbSQUbj76k+OD5Cz
RnvaLfST0TMop8+6osw8ec68+3v/J3lofxvvrhv04DUzEW7iHjDA4yadB1mN/aNd
cMCix97+c+MXIQ5Vj76bs9TJbx9kbtcivwzZBiKEsbwVCHjqGzMSxW8r7Hx9+5T5
Nvh90iybDCyP2q2k+/IhMRns3jKEVtkDmQk1E4c3KcKI5jwFX8SLLJehIxknmSsv
IaQlEO6wTi9pvaG5LQcLedrqUv94Gi3ZY2mM0i77vQ3Y/ZEmCihDQdPv9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDl8cbXJiSCmuY+tKv3jMwgwJ0iZMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvT1h4eHRjbUpJS2E1ajYwcV9lTXpDREFuU0prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXpooMA0G
CSqGSIb3DQEBCwUAA4IBAQBm8E3DaXa/pcEqegpeDkskCQ5bcpJ+UN4S5k/aQsUn
IsqMtWqdy5adfNjHeEgnSFl+lu47TEfZ2p2U7mFYTx859bI1IFkgg/0b4LEnEpO4
f4EFWpJiys0dvwpgRjtXycfIef1pKaj2RT4Nvk4B6tugVC26mXZlPrY+umLN3ttJ
fjzgTHn0xBnzUtx7r3mxc97BC5PgXlqFBIO3iwdkCtHl5AcZhbH6ixuHISAsP3ix
iNKKSL2wfYQwkFag3xAhR+/8/KLa7Y/UJI3FU75/SynFWj/JKI0u18lN4eqofpN7
HA3/Gb0cPnSWbm9A9nSN0m/fpropmAUjt3FgWhRedhPQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:55 2024 by rpki-client on console-ams.rpki-client.org