Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/uhIW2hlVnjB0td4eZqsUkt9uI-M.roa
File:                     uhIW2hlVnjB0td4eZqsUkt9uI-M.roa (raw, json)
Hash identifier:          r7VT9ZqYdLR+EtCzoFb/8iRNSdluZgdLZugKCrZ071s=
Subject key identifier:   BA:12:16:DA:19:55:9E:30:74:B5:DE:1E:66:AB:14:92:DF:6E:23:E3
Certificate issuer:       /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial:       018570796C644E40950D38467CCE9A410700
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/uhIW2hlVnjB0td4eZqsUkt9uI-M.roa
Signing time:             Mon 02 Jan 2023 03:14:43 +0000
ROA not before:           Mon 02 Jan 2023 03:14:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8038
IP address blocks:        157.97.123.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:79:6c:64:4e:40:95:0d:38:46:7c:ce:9a:41:07:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
        Validity
            Not Before: Jan  2 03:14:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ba1216da19559e3074b5de1e66ab1492df6e23e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:b7:b0:96:f1:f3:cb:4e:94:5d:1a:b8:24:14:
                    f0:3f:af:97:83:db:2f:14:75:1f:6d:cf:dc:c3:bf:
                    79:f3:0e:d7:78:92:28:f9:40:fa:ef:a1:31:42:22:
                    94:e6:e3:74:b1:ab:47:e0:6c:49:e2:3a:32:7c:6b:
                    2e:7f:23:1b:f9:2d:be:4a:af:7c:25:f9:4a:2f:56:
                    87:6e:85:f5:63:41:6d:f9:92:ac:06:81:e5:7e:f9:
                    c3:18:d6:cc:15:0d:fb:f7:a4:58:32:97:87:e5:13:
                    41:6e:c5:4d:48:e6:57:c7:b3:57:79:e1:34:d3:b3:
                    ea:e8:d6:4d:10:c6:c0:76:5d:ea:02:a7:27:5c:c2:
                    c1:0b:84:01:69:99:8d:15:27:a7:88:f8:18:e9:2f:
                    32:02:ab:2b:b1:87:c8:42:6f:3c:ea:4c:c1:f3:c4:
                    e5:7b:84:ca:84:1c:40:05:c8:46:26:4a:41:16:48:
                    46:48:d9:55:41:d8:6e:aa:f7:03:30:32:57:2d:13:
                    44:64:56:74:83:ed:9a:3e:0e:61:fc:ed:1c:50:57:
                    a8:2d:9d:c4:aa:21:58:25:83:86:0d:35:e2:9f:f2:
                    8b:42:07:94:d1:cd:45:97:04:bc:77:cc:d9:48:cf:
                    d5:8c:35:08:83:65:88:20:b9:af:ce:01:b4:b1:61:
                    fd:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:12:16:DA:19:55:9E:30:74:B5:DE:1E:66:AB:14:92:DF:6E:23:E3
            X509v3 Authority Key Identifier:
                keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/uhIW2hlVnjB0td4eZqsUkt9uI-M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.97.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:30:45:da:8e:4c:0d:47:f4:d1:9a:2d:c9:84:f1:5b:19:2b:
         ba:3b:da:c2:84:c1:ad:57:1b:b5:f7:bd:5d:13:7a:f7:e9:6f:
         07:7f:d8:6a:2b:ee:f1:96:32:4d:8a:c5:a3:15:3a:0c:82:98:
         df:1e:6f:93:b6:04:c5:77:8f:2d:eb:ec:73:a3:bb:2d:31:52:
         b5:29:9e:42:fc:cc:a8:dd:ec:6b:bd:d6:06:cf:2d:54:02:8e:
         14:13:4d:20:10:eb:27:eb:89:b6:fb:88:48:16:0a:3a:47:5d:
         c5:28:71:f8:f4:24:9b:d3:ed:cd:b7:0a:bb:e2:e8:97:ed:a9:
         8f:e1:39:83:52:75:bd:b8:9d:b7:9b:9a:b8:61:20:74:84:ce:
         ec:3c:eb:b6:56:7d:2d:af:76:af:30:8e:e4:ac:c4:77:20:53:
         37:6b:a1:0c:c7:07:c6:8c:6d:d3:3c:7f:c8:a1:98:10:27:2d:
         9a:75:df:39:d6:8f:8d:84:8c:9a:c9:13:67:b8:8c:58:9c:64:
         77:f1:d2:7e:dd:bb:d9:62:7f:4e:22:b2:12:7e:b4:ae:a2:0c:
         89:40:99:95:36:43:4f:2e:e8:af:cb:c7:3b:2e:a4:85:32:6e:
         cb:15:07:ab:ec:19:23:44:f5:2a:af:33:ee:3b:4b:70:2a:37:
         be:fc:8c:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVweWxkTkCVDThGfM6aQQcAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy
NzFlMTAwHhcNMjMwMTAyMDMxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTEyMTZkYTE5NTU5ZTMwNzRiNWRlMWU2NmFiMTQ5MmRmNmUyM2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2bewlvHzy06UXRq4JBTwP6+Xg9sv
FHUfbc/cw7958w7XeJIo+UD676ExQiKU5uN0satH4GxJ4joyfGsufyMb+S2+Sq98
JflKL1aHboX1Y0Ft+ZKsBoHlfvnDGNbMFQ3796RYMpeH5RNBbsVNSOZXx7NXeeE0
07Pq6NZNEMbAdl3qAqcnXMLBC4QBaZmNFSeniPgY6S8yAqsrsYfIQm886kzB88Tl
e4TKhBxABchGJkpBFkhGSNlVQdhuqvcDMDJXLRNEZFZ0g+2aPg5h/O0cUFeoLZ3E
qiFYJYOGDTXin/KLQgeU0c1FlwS8d8zZSM/VjDUIg2WIILmvzgG0sWH9dQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLoSFtoZVZ4wdLXeHmarFJLfbiPjMB8GA1UdIwQY
MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt
NjM0MTEzNjdkOTBhLzEvdWhJVzJobFZuakIwdGQ0ZVpxc1VrdDl1SS1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh
LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnWF7MA0G
CSqGSIb3DQEBCwUAA4IBAQAnMEXajkwNR/TRmi3JhPFbGSu6O9rChMGtVxu1971d
E3r36W8Hf9hqK+7xljJNisWjFToMgpjfHm+TtgTFd48t6+xzo7stMVK1KZ5C/Myo
3exrvdYGzy1UAo4UE00gEOsn64m2+4hIFgo6R13FKHH49CSb0+3Ntwq74uiX7amP
4TmDUnW9uJ23m5q4YSB0hM7sPOu2Vn0tr3avMI7krMR3IFM3a6EMxwfGjG3TPH/I
oZgQJy2add851o+NhIyayRNnuIxYnGR38dJ+3bvZYn9OIrISfrSuogyJQJmVNkNP
Luivy8c7LqSFMm7LFQer7BkjRPUqrzPuO0twKje+/IyZ
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:31 2024 by rpki-client on console-fra.rpki-client.org