Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/AIWiBUm7VnIZ7SKAAMBNY_CWp98.roa
File:                     AIWiBUm7VnIZ7SKAAMBNY_CWp98.roa (raw, json)
Hash identifier:          ru+uWaoNwv3HrHLElv0rrqdQZzj/iGHbGuz9rdHsvU8=
Subject key identifier:   00:85:A2:05:49:BB:56:72:19:ED:22:80:00:C0:4D:63:F0:96:A7:DF
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       0185738FF017C0CAD5BCD7C81A620D83AD5F
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/AIWiBUm7VnIZ7SKAAMBNY_CWp98.roa
Signing time:             Mon 02 Jan 2023 17:38:11 +0000
ROA not before:           Mon 02 Jan 2023 17:38:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     54975
IP address blocks:        212.107.14.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 05 Jan 2023 17:26:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:8f:f0:17:c0:ca:d5:bc:d7:c8:1a:62:0d:83:ad:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  2 17:38:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0085a20549bb567219ed228000c04d63f096a7df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:f4:68:ef:fb:22:5f:55:a9:81:8e:b5:0d:ba:
                    d0:39:60:f5:c5:92:1b:60:14:1a:b8:c3:71:34:c5:
                    0e:c8:7e:4e:55:5f:b0:98:0a:fd:0f:96:17:9b:1c:
                    94:5e:78:c9:24:04:90:45:81:af:6f:2b:d4:dc:b3:
                    e9:28:9f:70:85:c4:a4:be:9d:d0:95:91:fd:8a:69:
                    4d:02:ec:67:30:60:34:e5:de:3b:84:92:3d:6c:41:
                    37:84:8e:f2:78:56:4e:5e:bb:65:7b:35:29:03:fa:
                    a0:f5:d7:2f:4b:3f:d8:e4:24:1a:58:a7:1a:84:64:
                    17:3d:b2:88:90:3c:d0:e1:81:eb:65:48:66:ec:c5:
                    bf:a5:e6:42:77:19:d9:ac:b7:3a:90:fc:70:42:7b:
                    88:b1:fd:a3:0b:56:39:b5:d3:26:ea:e8:2e:47:e5:
                    a9:e1:55:87:f1:c2:d6:cf:db:67:63:ed:aa:dd:ce:
                    c1:7c:57:b0:d6:93:11:35:40:37:8d:23:8b:b0:47:
                    1e:4d:44:41:16:c4:ea:ac:3a:7f:db:8e:e1:7c:0a:
                    bb:c6:30:ab:2b:77:c9:f8:78:9d:10:9e:d9:82:c5:
                    9f:ba:40:6f:8c:62:eb:6e:14:1e:5f:51:85:48:9c:
                    42:e6:76:1e:1e:14:1b:0b:86:0a:80:25:2a:d7:42:
                    a7:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:85:A2:05:49:BB:56:72:19:ED:22:80:00:C0:4D:63:F0:96:A7:DF
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/AIWiBUm7VnIZ7SKAAMBNY_CWp98.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.107.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:5e:06:98:95:cc:7b:10:77:27:79:41:fb:42:4c:a5:8b:42:
         3c:e4:d0:af:73:8a:c4:11:06:ae:f4:e8:68:18:2c:bd:b1:85:
         76:ce:e7:f2:a4:1d:be:de:74:05:66:b2:be:3e:37:39:24:e4:
         98:42:4b:f6:fd:b1:c0:8e:09:4c:b1:03:41:03:2b:d5:66:fb:
         dc:8d:82:1e:1f:59:7e:a9:43:19:01:49:92:70:d7:75:06:a9:
         50:b7:80:87:6d:4b:df:d9:de:4b:b5:fb:63:f5:97:9c:12:78:
         cd:6f:9f:af:55:01:8c:8e:00:7c:34:83:9f:67:73:9f:39:10:
         91:10:d1:7f:da:88:c8:96:e5:8d:35:b6:2a:42:8b:a6:5e:1e:
         71:bf:42:d7:6e:42:c9:de:52:b3:7c:8b:d7:f1:8b:1e:c9:63:
         72:f4:47:20:0d:8c:95:c8:ab:63:cf:f8:59:e3:59:71:8a:e7:
         d4:65:99:84:48:ad:f8:d5:d7:18:71:df:b0:ef:78:ca:9f:7a:
         d3:f9:49:20:9a:d6:b4:15:90:6e:2f:40:b2:33:a9:61:bd:41:
         73:b2:eb:21:9f:3c:ba:20:1c:fe:45:59:63:d4:51:74:af:a8:
         2c:12:cc:e4:40:5b:a3:7b:8c:04:4e:19:0e:b4:55:7d:fc:4a:
         17:78:98:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzj/AXwMrVvNfIGmINg61fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDg1YTIwNTQ5YmI1NjcyMTllZDIyODAwMGMwNGQ2M2YwOTZhN2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvRo7/siX1WpgY61DbrQOWD1xZIb
YBQauMNxNMUOyH5OVV+wmAr9D5YXmxyUXnjJJASQRYGvbyvU3LPpKJ9whcSkvp3Q
lZH9imlNAuxnMGA05d47hJI9bEE3hI7yeFZOXrtlezUpA/qg9dcvSz/Y5CQaWKca
hGQXPbKIkDzQ4YHrZUhm7MW/peZCdxnZrLc6kPxwQnuIsf2jC1Y5tdMm6uguR+Wp
4VWH8cLWz9tnY+2q3c7BfFew1pMRNUA3jSOLsEceTURBFsTqrDp/247hfAq7xjCr
K3fJ+HidEJ7ZgsWfukBvjGLrbhQeX1GFSJxC5nYeHhQbC4YKgCUq10KnhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFACFogVJu1ZyGe0igADATWPwlqffMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvQUlXaUJVbTdWbklaN1NLQUFNQk5ZX0NXcDk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1GsOMA0G
CSqGSIb3DQEBCwUAA4IBAQClXgaYlcx7EHcneUH7Qkyli0I85NCvc4rEEQau9Oho
GCy9sYV2zufypB2+3nQFZrK+Pjc5JOSYQkv2/bHAjglMsQNBAyvVZvvcjYIeH1l+
qUMZAUmScNd1BqlQt4CHbUvf2d5Ltftj9ZecEnjNb5+vVQGMjgB8NIOfZ3OfORCR
ENF/2ojIluWNNbYqQoumXh5xv0LXbkLJ3lKzfIvX8YseyWNy9EcgDYyVyKtjz/hZ
41lxiufUZZmESK341dcYcd+w73jKn3rT+Ukgmta0FZBuL0CyM6lhvUFzsushnzy6
IBz+RVlj1FF0r6gsEszkQFuje4wEThkOtFV9/EoXeJiF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:48 2024 by rpki-client on console-fra.rpki-client.org