Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/_nvSqaPWXzhJ4GE_MDlJVK-JyQg.roa
File:                     _nvSqaPWXzhJ4GE_MDlJVK-JyQg.roa (raw, json)
Hash identifier:          5QWvqSajAgiDW5o89AP5nf9BYuwuIZMglaobD2GpuwQ=
Subject key identifier:   FE:7B:D2:A9:A3:D6:5F:38:49:E0:61:3F:30:39:49:54:AF:89:C9:08
Certificate issuer:       /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial:       018C6D04B2F65885BB7D8218B35D89A87F47
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/_nvSqaPWXzhJ4GE_MDlJVK-JyQg.roa
Signing time:             Fri 15 Dec 2023 10:27:53 +0000
ROA not before:           Fri 15 Dec 2023 10:27:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48678
IP address blocks:        94.154.40.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:6d:04:b2:f6:58:85:bb:7d:82:18:b3:5d:89:a8:7f:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
        Validity
            Not Before: Dec 15 10:27:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fe7bd2a9a3d65f3849e0613f30394954af89c908
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:56:43:5d:eb:cb:29:be:7e:2b:28:a0:e6:6b:
                    50:fa:c3:1b:e2:93:6d:8c:af:6e:d8:c0:86:19:0b:
                    8f:25:29:6d:1d:ae:f9:e4:92:de:c2:fa:06:c9:ba:
                    a3:12:7d:f0:f1:b6:5f:b0:80:97:08:96:d4:58:3f:
                    fe:d6:49:b5:db:8d:fb:d0:0f:a6:7e:49:be:fd:83:
                    44:76:a3:57:d8:4b:3d:ee:26:bd:d7:fd:9e:f4:d6:
                    4b:6f:ea:d6:35:86:5b:49:88:3d:c6:fb:d0:5a:f9:
                    b7:56:68:2e:1b:b3:c9:f3:93:8a:4d:44:de:5b:6b:
                    f4:bf:b6:22:93:9c:da:3e:29:de:f0:c7:d8:50:a0:
                    de:aa:f8:5d:8e:79:ca:e3:0f:69:05:95:4b:35:e1:
                    69:b0:dc:ac:c8:bf:37:84:8e:4f:22:d2:56:6d:28:
                    b2:b0:68:6b:e2:b2:98:c3:05:e0:ae:9d:6f:16:f9:
                    27:1f:46:54:e7:95:72:29:2e:d1:f4:8a:0a:d3:51:
                    b0:e3:fb:7d:48:da:2a:82:ce:c9:ee:17:e0:7a:eb:
                    61:6e:9d:3d:61:53:72:a0:c0:35:8d:51:f7:88:93:
                    c7:1d:bf:6f:80:d2:84:50:04:e0:b6:22:d5:e2:c4:
                    9c:1a:5b:5d:e1:53:52:b2:6b:a1:c6:44:9f:80:e9:
                    42:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:7B:D2:A9:A3:D6:5F:38:49:E0:61:3F:30:39:49:54:AF:89:C9:08
            X509v3 Authority Key Identifier:
                keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/_nvSqaPWXzhJ4GE_MDlJVK-JyQg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.154.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:95:69:d3:3a:d2:85:ea:52:7c:58:6e:55:f2:42:23:87:30:
         48:22:e8:44:21:d6:23:5e:f7:f0:4f:ab:fa:ee:4f:09:ee:1a:
         03:a6:78:fa:b5:09:cb:7e:87:85:f7:40:d2:7a:60:68:98:70:
         e7:7d:5b:2e:4f:0c:46:70:b4:0e:ed:05:a2:7b:e9:b3:58:fe:
         18:ea:c7:2a:0e:4b:90:0c:c4:c4:44:90:9f:57:d3:90:5a:87:
         b9:c1:b6:b4:a2:7b:a2:05:50:24:53:72:91:e3:94:49:d0:44:
         c6:0e:dc:a6:d6:47:51:71:c5:9c:b4:5f:86:50:a1:e6:c7:8f:
         90:39:4c:fd:76:0d:f6:2e:84:d3:91:0d:f1:71:ad:e3:61:7b:
         b5:4f:1f:37:0a:cc:ff:5f:6c:a0:32:b9:90:9c:63:0b:94:56:
         4b:7d:3f:11:a5:15:22:34:82:44:30:28:78:7e:8d:dc:63:9b:
         71:8c:64:ae:de:be:40:90:58:d3:30:45:2b:c0:dc:2c:91:af:
         82:ca:eb:b3:ac:3e:04:23:0f:d8:f2:12:61:bb:59:6c:76:a6:
         90:8b:ef:8a:89:f3:ba:38:69:be:1b:ca:e7:bd:a6:dc:95:f7:
         ac:73:b8:47:62:6e:09:75:3b:de:9d:7f:65:c9:0d:b8:1f:18:
         c9:02:4a:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxtBLL2WIW7fYIYs12JqH9HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjMxMjE1MTAyNzUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTdiZDJhOWEzZDY1ZjM4NDllMDYxM2YzMDM5NDk1NGFmODljOTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1ZDXevLKb5+Kyig5mtQ+sMb4pNt
jK9u2MCGGQuPJSltHa755JLewvoGybqjEn3w8bZfsICXCJbUWD/+1km124370A+m
fkm+/YNEdqNX2Es97ia91/2e9NZLb+rWNYZbSYg9xvvQWvm3VmguG7PJ85OKTUTe
W2v0v7Yik5zaPine8MfYUKDeqvhdjnnK4w9pBZVLNeFpsNysyL83hI5PItJWbSiy
sGhr4rKYwwXgrp1vFvknH0ZU55VyKS7R9IoK01Gw4/t9SNoqgs7J7hfgeuthbp09
YVNyoMA1jVH3iJPHHb9vgNKEUATgtiLV4sScGltd4VNSsmuhxkSfgOlClQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP570qmj1l84SeBhPzA5SVSvickIMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvX252U3FhUFdYemhKNEdFX01EbEpWSy1KeVFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXpooMA0G
CSqGSIb3DQEBCwUAA4IBAQAdlWnTOtKF6lJ8WG5V8kIjhzBIIuhEIdYjXvfwT6v6
7k8J7hoDpnj6tQnLfoeF90DSemBomHDnfVsuTwxGcLQO7QWie+mzWP4Y6scqDkuQ
DMTERJCfV9OQWoe5wba0onuiBVAkU3KR45RJ0ETGDtym1kdRccWctF+GUKHmx4+Q
OUz9dg32LoTTkQ3xca3jYXu1Tx83Csz/X2ygMrmQnGMLlFZLfT8RpRUiNIJEMCh4
fo3cY5txjGSu3r5AkFjTMEUrwNwska+CyuuzrD4EIw/Y8hJhu1lsdqaQi++KifO6
OGm+G8rnvabclfesc7hHYm4JdTvenX9lyQ24HxjJAkp5
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:55 2024 by rpki-client on console-ams.rpki-client.org