Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/735e42-c608-46b6-8f70-f23f66f8d242/1/CrbPNCqz6Vd5UOXAz29Z-TcD7Pw.roa
File:                     CrbPNCqz6Vd5UOXAz29Z-TcD7Pw.roa (raw, json)
Hash identifier:          3skrU/l1fEjZBYij0Frmt7VmYxUKgDDy6IK72mX9tKI=
Subject key identifier:   0A:B6:CF:34:2A:B3:E9:57:79:50:E5:C0:CF:6F:59:F9:37:03:EC:FC
Certificate issuer:       /CN=844582ca704717eb0c94be4d89413f4bc2d8b8e5
Certificate serial:       0186CA7865AE9C23363F9AE8A35E7703AA73
Authority key identifier: 84:45:82:CA:70:47:17:EB:0C:94:BE:4D:89:41:3F:4B:C2:D8:B8:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hEWCynBHF-sMlL5NiUE_S8LYuOU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/735e42-c608-46b6-8f70-f23f66f8d242/1/CrbPNCqz6Vd5UOXAz29Z-TcD7Pw.roa
Signing time:             Fri 10 Mar 2023 07:42:13 +0000
ROA not before:           Fri 10 Mar 2023 07:42:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56335
IP address blocks:        147.78.7.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:ca:78:65:ae:9c:23:36:3f:9a:e8:a3:5e:77:03:aa:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=844582ca704717eb0c94be4d89413f4bc2d8b8e5
        Validity
            Not Before: Mar 10 07:42:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0ab6cf342ab3e9577950e5c0cf6f59f93703ecfc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:91:af:14:ee:3b:ae:40:30:9e:68:f6:c0:15:
                    23:a1:e9:91:47:d5:3b:44:e9:81:89:6f:01:d7:40:
                    dc:5c:3a:c7:19:eb:ec:8c:87:b1:0e:37:9b:1d:cd:
                    50:0e:8c:d0:b1:3a:a7:b3:77:26:6c:42:4d:b0:d1:
                    71:23:60:07:24:b8:0a:fb:0f:97:06:40:99:14:69:
                    e4:85:d8:b6:d8:f8:11:bf:16:66:b0:fc:44:7f:33:
                    61:7d:04:5c:34:bf:69:b1:63:9a:42:8d:d8:9d:6e:
                    ef:6c:bb:a6:65:c6:98:cc:2a:18:71:d7:8d:e9:13:
                    59:71:4f:e1:fc:93:31:7c:74:27:99:09:d1:68:8b:
                    ac:3b:23:e2:71:a8:2b:af:e6:7a:7f:85:f8:44:2c:
                    62:42:e9:94:cc:d4:94:33:b3:98:9c:49:eb:ad:fd:
                    ae:6b:25:be:01:9a:4e:39:c7:9d:dd:61:06:cb:92:
                    90:dd:40:91:93:20:7a:9e:f4:41:93:de:ce:2e:3a:
                    48:d4:3e:0f:7f:87:d9:b8:65:07:d7:5a:e2:8d:ad:
                    91:31:25:c0:a6:c4:e8:cd:fc:e9:cf:25:c7:13:73:
                    4e:bb:1b:8c:dd:f1:8e:d8:55:a0:4f:e2:57:8d:0e:
                    e0:00:41:65:8d:30:1e:5c:ac:28:5d:21:d9:ab:da:
                    3c:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:B6:CF:34:2A:B3:E9:57:79:50:E5:C0:CF:6F:59:F9:37:03:EC:FC
            X509v3 Authority Key Identifier:
                keyid:84:45:82:CA:70:47:17:EB:0C:94:BE:4D:89:41:3F:4B:C2:D8:B8:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEWCynBHF-sMlL5NiUE_S8LYuOU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/735e42-c608-46b6-8f70-f23f66f8d242/1/CrbPNCqz6Vd5UOXAz29Z-TcD7Pw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/735e42-c608-46b6-8f70-f23f66f8d242/1/hEWCynBHF-sMlL5NiUE_S8LYuOU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.78.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:93:14:96:86:0a:9e:82:9e:fa:90:5e:e7:3a:e5:f7:28:1d:
         d5:53:12:70:75:8b:aa:03:33:b4:e9:27:5d:dc:b6:29:a3:10:
         03:8c:52:7e:6e:7c:8c:4f:46:d6:0a:ef:80:f4:16:f3:68:af:
         d3:e5:54:2a:a7:96:52:6d:8f:07:e5:a1:37:18:00:36:33:23:
         45:40:2b:50:e5:66:c6:5e:d1:e9:5b:3b:01:12:65:2e:20:c0:
         a1:d6:62:d0:72:d8:d9:0a:89:6d:cb:71:d5:ae:61:c7:8c:95:
         9d:1d:f4:d1:ec:bc:b3:37:97:07:7d:33:2f:98:b0:25:73:11:
         e5:aa:93:89:4b:9f:5a:16:e8:36:53:9d:e0:4f:0b:65:88:36:
         33:57:f5:c8:0a:c6:5b:78:81:b7:97:82:88:96:56:8a:bd:19:
         38:88:ed:b6:92:44:d0:a3:0c:cb:eb:6c:d7:67:7b:d5:d1:11:
         e7:87:a7:d1:3f:70:92:ae:1a:4e:e2:46:f7:0b:b7:45:f2:44:
         26:0c:66:fc:ec:8d:8c:35:98:b6:a5:2f:82:55:53:fd:82:87:
         dd:17:3b:5b:94:9c:6e:63:ea:71:84:29:ad:24:f6:ed:19:1d:
         1f:50:79:d9:71:94:2c:2a:2d:eb:8a:ee:5d:e5:b7:d6:e6:8b:
         cf:07:12:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbKeGWunCM2P5roo153A6pzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDU4MmNhNzA0NzE3ZWIwYzk0YmU0ZDg5NDEzZjRiYzJk
OGI4ZTUwHhcNMjMwMzEwMDc0MjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWI2Y2YzNDJhYjNlOTU3Nzk1MGU1YzBjZjZmNTlmOTM3MDNlY2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5GvFO47rkAwnmj2wBUjoemRR9U7
ROmBiW8B10DcXDrHGevsjIexDjebHc1QDozQsTqns3cmbEJNsNFxI2AHJLgK+w+X
BkCZFGnkhdi22PgRvxZmsPxEfzNhfQRcNL9psWOaQo3YnW7vbLumZcaYzCoYcdeN
6RNZcU/h/JMxfHQnmQnRaIusOyPicagrr+Z6f4X4RCxiQumUzNSUM7OYnEnrrf2u
ayW+AZpOOced3WEGy5KQ3UCRkyB6nvRBk97OLjpI1D4Pf4fZuGUH11rija2RMSXA
psTozfzpzyXHE3NOuxuM3fGO2FWgT+JXjQ7gAEFljTAeXKwoXSHZq9o8/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAq2zzQqs+lXeVDlwM9vWfk3A+z8MB8GA1UdIwQY
MBaAFIRFgspwRxfrDJS+TYlBP0vC2LjlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVXQ3luQkhGLXNNbEw1TmlVRV9TOExZdU9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC83MzVlNDItYzYwOC00NmI2LThmNzAt
ZjIzZjY2ZjhkMjQyLzEvQ3JiUE5DcXo2VmQ1VU9YQXoyOVotVGNEN1B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC83MzVlNDItYzYwOC00NmI2LThmNzAtZjIzZjY2ZjhkMjQy
LzEvaEVXQ3luQkhGLXNNbEw1TmlVRV9TOExZdU9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk04HMA0G
CSqGSIb3DQEBCwUAA4IBAQCIkxSWhgqegp76kF7nOuX3KB3VUxJwdYuqAzO06Sdd
3LYpoxADjFJ+bnyMT0bWCu+A9BbzaK/T5VQqp5ZSbY8H5aE3GAA2MyNFQCtQ5WbG
XtHpWzsBEmUuIMCh1mLQctjZColty3HVrmHHjJWdHfTR7LyzN5cHfTMvmLAlcxHl
qpOJS59aFug2U53gTwtliDYzV/XICsZbeIG3l4KIllaKvRk4iO22kkTQowzL62zX
Z3vV0RHnh6fRP3CSrhpO4kb3C7dF8kQmDGb87I2MNZi2pS+CVVP9gofdFztblJxu
Y+pxhCmtJPbtGR0fUHnZcZQsKi3riu5d5bfW5ovPBxJq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:34 2024 by rpki-client on console-fra.rpki-client.org