Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/B8MVYaEdP9IoBxZU6zq_6lQPc2U.roa
File:                     B8MVYaEdP9IoBxZU6zq_6lQPc2U.roa (raw, json)
Hash identifier:          lorOZCddacPa1Wi/8gcd84Nx8YNSdkwKR1x//KiFnWk=
Subject key identifier:   07:C3:15:61:A1:1D:3F:D2:28:07:16:54:EB:3A:BF:EA:54:0F:73:65
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       0185738FD35E96CD7691A419733018DC3EBA
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/B8MVYaEdP9IoBxZU6zq_6lQPc2U.roa
Signing time:             Mon 02 Jan 2023 17:38:03 +0000
ROA not before:           Mon 02 Jan 2023 17:38:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     174
IP address blocks:        178.218.145.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:8f:d3:5e:96:cd:76:91:a4:19:73:30:18:dc:3e:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  2 17:38:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=07c31561a11d3fd228071654eb3abfea540f7365
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:9c:ca:cd:6a:87:c0:10:ef:5d:e7:ca:58:52:
                    1d:ce:55:1a:15:2e:e1:8e:e6:62:a9:68:c2:7c:58:
                    88:f2:77:a0:15:0d:57:7f:55:1f:72:7f:1e:34:19:
                    58:1e:e7:b7:94:f0:5e:c6:54:ee:54:60:12:52:b0:
                    cb:a8:d9:07:8b:37:86:4d:6d:01:81:b3:b0:1e:cf:
                    c7:b1:83:17:b0:f3:9b:62:4c:4e:6f:4c:5a:ee:de:
                    65:50:96:ce:0b:69:fd:f1:d6:ad:3e:cc:9c:11:94:
                    75:ce:74:dd:ca:7a:1c:5c:55:96:4c:e9:06:ee:20:
                    6e:8c:bb:21:aa:36:b5:a5:ec:c2:a9:48:21:67:ee:
                    2b:c0:77:e4:d7:1a:63:5e:b3:06:4f:98:f1:94:cc:
                    c0:5f:26:fe:3e:f5:7c:08:2f:12:4f:d3:8e:c6:36:
                    b7:f5:a5:dc:80:66:90:4a:15:c3:f5:2e:04:7b:4c:
                    5e:91:aa:7d:00:ff:bf:58:70:86:7d:cc:97:03:61:
                    79:cb:a1:de:6d:e0:a5:db:e8:39:d1:c8:c9:35:1b:
                    c5:64:94:84:01:d8:8b:e5:fa:27:bc:15:98:d9:45:
                    54:e4:ce:32:e5:0f:c0:3a:db:5c:a6:f9:98:5c:61:
                    0b:fe:80:6e:b5:60:32:68:b1:ac:3c:0e:eb:2d:93:
                    07:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:C3:15:61:A1:1D:3F:D2:28:07:16:54:EB:3A:BF:EA:54:0F:73:65
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/B8MVYaEdP9IoBxZU6zq_6lQPc2U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.218.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:72:a8:39:60:84:c2:1b:3c:f0:17:36:05:07:e6:6c:d7:07:
         5d:5b:88:f1:78:81:00:06:0c:ff:fa:bd:7d:07:b0:80:aa:0a:
         9c:f9:92:13:2e:d1:71:59:3f:8b:8f:90:a6:2a:c7:2f:a1:83:
         a4:b1:71:b2:e4:16:26:c8:79:14:8c:39:46:b9:42:54:30:2c:
         07:03:4f:d4:51:a7:2f:20:32:70:03:18:c1:02:3a:eb:d8:0f:
         d3:5c:a2:1d:a6:b3:5a:32:b4:2e:fa:4a:fc:2a:45:b9:6a:18:
         d8:94:76:c3:bc:04:ce:1e:ff:95:f4:0e:cc:60:94:76:ab:cb:
         37:7b:35:20:5f:e2:e4:49:cb:5d:3a:79:6d:e7:78:4f:09:0a:
         dc:f7:15:26:2c:32:04:36:98:df:02:11:a0:e7:cb:b7:07:1b:
         f5:d3:36:4b:59:ed:f1:94:3a:80:68:ec:97:94:4b:83:36:78:
         50:45:65:33:c7:da:a6:57:d1:c5:9f:d0:cb:ca:83:52:d2:24:
         d9:81:45:aa:bb:2d:35:d6:63:4c:57:49:92:00:30:19:21:f1:
         9d:91:04:5a:35:14:42:1f:03:35:89:93:fa:3f:87:d9:95:ad:
         b2:d9:c5:ac:3c:b6:8d:89:c9:6a:80:6f:cc:c4:8c:8b:97:4d:
         95:a6:ef:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzj9Nels12kaQZczAY3D66MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2MzMTU2MWExMWQzZmQyMjgwNzE2NTRlYjNhYmZlYTU0MGY3MzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJzKzWqHwBDvXefKWFIdzlUaFS7h
juZiqWjCfFiI8negFQ1Xf1Ufcn8eNBlYHue3lPBexlTuVGASUrDLqNkHizeGTW0B
gbOwHs/HsYMXsPObYkxOb0xa7t5lUJbOC2n98datPsycEZR1znTdynocXFWWTOkG
7iBujLshqja1pezCqUghZ+4rwHfk1xpjXrMGT5jxlMzAXyb+PvV8CC8ST9OOxja3
9aXcgGaQShXD9S4Ee0xekap9AP+/WHCGfcyXA2F5y6HebeCl2+g50cjJNRvFZJSE
AdiL5fonvBWY2UVU5M4y5Q/AOttcpvmYXGEL/oButWAyaLGsPA7rLZMHnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAfDFWGhHT/SKAcWVOs6v+pUD3NlMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvQjhNVllhRWRQOUlvQnhaVTZ6cV82bFFQYzJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstqRMA0G
CSqGSIb3DQEBCwUAA4IBAQBpcqg5YITCGzzwFzYFB+Zs1wddW4jxeIEABgz/+r19
B7CAqgqc+ZITLtFxWT+Lj5CmKscvoYOksXGy5BYmyHkUjDlGuUJUMCwHA0/UUacv
IDJwAxjBAjrr2A/TXKIdprNaMrQu+kr8KkW5ahjYlHbDvATOHv+V9A7MYJR2q8s3
ezUgX+LkSctdOnlt53hPCQrc9xUmLDIENpjfAhGg58u3Bxv10zZLWe3xlDqAaOyX
lEuDNnhQRWUzx9qmV9HFn9DLyoNS0iTZgUWquy011mNMV0mSADAZIfGdkQRaNRRC
HwM1iZP6P4fZla2y2cWsPLaNiclqgG/MxIyLl02Vpu+x
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:48 2024 by rpki-client on console-fra.rpki-client.org