Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/StNihDvClNysa8mfxjDaoD0VE1w.roa
File:                     StNihDvClNysa8mfxjDaoD0VE1w.roa (raw, json)
Hash identifier:          k/kLmy1eH9QnxoeY4X95CMvAmTjqi0Ae5umwOeeZ4bk=
Subject key identifier:   4A:D3:62:84:3B:C2:94:DC:AC:6B:C9:9F:C6:30:DA:A0:3D:15:13:5C
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       01876603DF0DDB98F9D4AE93FB7B84C365B3
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/StNihDvClNysa8mfxjDaoD0VE1w.roa
Signing time:             Sun 09 Apr 2023 12:35:42 +0000
ROA not before:           Sun 09 Apr 2023 12:35:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1004
IP address blocks:        2.56.164.0/24 maxlen: 24
                          85.202.160.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:66:03:df:0d:db:98:f9:d4:ae:93:fb:7b:84:c3:65:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Apr  9 12:35:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4ad362843bc294dcac6bc99fc630daa03d15135c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:84:78:5e:73:d1:23:c6:59:1e:a1:72:e6:6e:
                    31:9d:58:af:4e:0b:a7:65:2e:ce:9c:20:cc:9e:6e:
                    b8:54:70:a5:26:51:cf:d0:4e:f0:99:92:80:1d:23:
                    c0:b1:95:99:0a:bd:06:59:41:05:67:c1:15:a7:7d:
                    d4:f6:d9:75:a4:e8:50:db:df:79:41:b4:ce:0e:a5:
                    19:b9:fc:f1:95:35:d7:9f:02:00:8c:3d:2e:02:00:
                    44:0e:cc:9e:0b:89:fc:19:5c:99:a7:0c:33:c9:e9:
                    3a:c7:b9:ef:05:3e:f8:19:30:cc:7d:79:eb:64:24:
                    67:a0:73:90:59:ce:d8:8a:34:4d:7c:4e:b0:66:fb:
                    c9:94:3b:cd:82:50:2a:08:be:81:8a:b9:12:1b:41:
                    ed:67:84:51:d2:57:4b:6a:b5:ea:79:84:15:48:d5:
                    40:62:3b:e5:d5:41:61:fb:aa:11:ff:45:46:27:87:
                    84:8b:c4:34:c4:ae:05:0c:1c:40:5a:28:24:dd:fd:
                    b0:43:69:f9:a8:2f:1a:7f:0f:69:bb:70:96:d0:64:
                    7a:de:ba:e9:63:e9:52:d6:36:04:ac:02:72:5b:5f:
                    d4:b6:2d:89:e4:58:fc:9e:1c:72:f5:df:df:cf:db:
                    b2:d2:3c:05:15:91:cb:0d:05:ae:d5:59:91:12:36:
                    ae:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:D3:62:84:3B:C2:94:DC:AC:6B:C9:9F:C6:30:DA:A0:3D:15:13:5C
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/StNihDvClNysa8mfxjDaoD0VE1w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.164.0/24
                  85.202.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bb:19:83:57:2c:e1:7e:22:95:34:8a:04:1d:91:da:bf:db:2a:
         a2:fc:2f:75:34:d8:72:0d:b6:e5:5a:22:ff:36:53:39:fd:e9:
         a4:94:97:56:9c:e7:c3:09:91:75:01:b6:14:c7:6c:22:ac:36:
         7c:ce:96:1f:2d:23:54:41:41:3d:de:e5:a7:4f:dd:62:ef:30:
         14:ad:1a:f9:ac:17:24:f2:fe:d5:53:0c:c0:df:2d:66:ff:60:
         62:fa:d6:e3:c6:29:f9:28:2c:d4:a5:54:14:fe:5d:83:87:da:
         5a:eb:7a:36:14:b8:18:45:98:23:f4:c8:20:af:5a:2c:cd:dd:
         f0:7c:01:8c:3c:96:bb:f6:09:1d:a8:99:bf:79:1a:e5:b9:37:
         4f:1e:33:56:3e:6b:4a:c2:d2:68:78:92:44:c0:6c:7d:d8:77:
         e2:5e:34:80:33:5a:73:38:a5:a6:df:d6:95:ff:97:00:af:88:
         d7:e7:24:a8:a6:9c:f1:fb:23:ed:96:f8:d6:14:ce:65:54:f7:
         28:8a:b5:97:48:a5:f9:2f:7c:3b:b6:db:b4:08:c5:4c:24:05:
         7c:f6:a1:63:b1:be:ff:a9:25:fd:10:51:4b:e3:18:a9:11:9c:
         8a:52:9b:34:ba:9d:12:1a:40:0c:66:c1:6e:bc:74:18:9a:28:
         81:4d:b8:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdmA98N25j51K6T+3uEw2WzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwNDA5MTIzNTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWQzNjI4NDNiYzI5NGRjYWM2YmM5OWZjNjMwZGFhMDNkMTUxMzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5YR4XnPRI8ZZHqFy5m4xnVivTgun
ZS7OnCDMnm64VHClJlHP0E7wmZKAHSPAsZWZCr0GWUEFZ8EVp33U9tl1pOhQ2995
QbTODqUZufzxlTXXnwIAjD0uAgBEDsyeC4n8GVyZpwwzyek6x7nvBT74GTDMfXnr
ZCRnoHOQWc7YijRNfE6wZvvJlDvNglAqCL6BirkSG0HtZ4RR0ldLarXqeYQVSNVA
Yjvl1UFh+6oR/0VGJ4eEi8Q0xK4FDBxAWigk3f2wQ2n5qC8afw9pu3CW0GR63rrp
Y+lS1jYErAJyW1/Uti2J5Fj8nhxy9d/fz9uy0jwFFZHLDQWu1VmREjauIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFErTYoQ7wpTcrGvJn8Yw2qA9FRNcMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvU3ROaWhEdkNsTnlzYThtZnhqRGFvRDBWRTF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjikAwQA
VcqgMA0GCSqGSIb3DQEBCwUAA4IBAQC7GYNXLOF+IpU0igQdkdq/2yqi/C91NNhy
DbblWiL/NlM5/emklJdWnOfDCZF1AbYUx2wirDZ8zpYfLSNUQUE93uWnT91i7zAU
rRr5rBck8v7VUwzA3y1m/2Bi+tbjxin5KCzUpVQU/l2Dh9pa63o2FLgYRZgj9Mgg
r1oszd3wfAGMPJa79gkdqJm/eRrluTdPHjNWPmtKwtJoeJJEwGx92HfiXjSAM1pz
OKWm39aV/5cAr4jX5ySoppzx+yPtlvjWFM5lVPcoirWXSKX5L3w7ttu0CMVMJAV8
9qFjsb7/qSX9EFFL4xipEZyKUps0up0SGkAMZsFuvHQYmiiBTbhl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org