Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/735e42-c608-46b6-8f70-f23f66f8d242/1/Pf6FslJ9tr_qJayjDHk0qGyyo6Y.roa
File:                     Pf6FslJ9tr_qJayjDHk0qGyyo6Y.roa (raw, json)
Hash identifier:          VURYOEW/NhZZ+k3aXwyRipnxcqhbswpuzSbx8762raA=
Subject key identifier:   3D:FE:85:B2:52:7D:B6:BF:EA:25:AC:A3:0C:79:34:A8:6C:B2:A3:A6
Certificate issuer:       /CN=844582ca704717eb0c94be4d89413f4bc2d8b8e5
Certificate serial:       01874B0CF97EBF6A4A0A6F0B40268EA4398D
Authority key identifier: 84:45:82:CA:70:47:17:EB:0C:94:BE:4D:89:41:3F:4B:C2:D8:B8:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hEWCynBHF-sMlL5NiUE_S8LYuOU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/735e42-c608-46b6-8f70-f23f66f8d242/1/Pf6FslJ9tr_qJayjDHk0qGyyo6Y.roa
Signing time:             Tue 04 Apr 2023 06:55:54 +0000
ROA not before:           Tue 04 Apr 2023 06:55:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35691
IP address blocks:        147.78.4.0/24 maxlen: 24
                          147.78.5.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 11 Apr 2023 10:57:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:4b:0c:f9:7e:bf:6a:4a:0a:6f:0b:40:26:8e:a4:39:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=844582ca704717eb0c94be4d89413f4bc2d8b8e5
        Validity
            Not Before: Apr  4 06:55:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3dfe85b2527db6bfea25aca30c7934a86cb2a3a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:ad:d3:a7:ad:78:ef:ab:09:29:43:cd:ca:32:
                    3f:24:70:00:c0:95:d4:1d:11:5c:41:79:b3:ef:2d:
                    b7:2a:16:f0:37:88:d1:16:0f:3c:7a:40:22:ad:4a:
                    67:c4:b2:12:79:93:b9:65:c8:af:9f:46:69:a4:60:
                    3e:0e:26:e4:f7:df:cc:6d:ea:50:a4:a2:c1:91:79:
                    7f:c3:55:eb:da:0d:9c:e8:97:9a:eb:ac:72:a8:e1:
                    4b:b4:a1:74:59:d8:7e:78:ec:b6:39:96:28:cb:fd:
                    36:a8:1c:5d:49:f0:21:5c:be:e4:ba:97:4f:92:57:
                    64:cf:5d:e7:57:27:76:e3:3f:de:36:c2:13:22:a0:
                    51:39:93:e4:dd:ff:90:2c:be:c2:92:ea:46:cd:ac:
                    7a:07:a5:32:ce:b7:79:44:55:dd:2e:75:f4:71:8f:
                    82:1e:bc:5f:76:24:95:7c:a8:d2:ce:ed:bc:d7:dc:
                    e5:05:dc:eb:d8:60:c6:00:84:37:6a:ac:b6:4a:80:
                    80:f6:f3:62:38:cf:e6:ce:d7:42:67:4b:eb:e1:9e:
                    30:44:a0:76:0c:4d:2c:c6:44:be:2b:b6:e8:60:75:
                    ff:7e:eb:c8:2a:73:ae:3c:c9:77:61:94:6b:81:c7:
                    3c:92:63:91:16:75:34:30:70:9b:9f:91:ff:5b:2a:
                    f2:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:FE:85:B2:52:7D:B6:BF:EA:25:AC:A3:0C:79:34:A8:6C:B2:A3:A6
            X509v3 Authority Key Identifier:
                keyid:84:45:82:CA:70:47:17:EB:0C:94:BE:4D:89:41:3F:4B:C2:D8:B8:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEWCynBHF-sMlL5NiUE_S8LYuOU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/735e42-c608-46b6-8f70-f23f66f8d242/1/Pf6FslJ9tr_qJayjDHk0qGyyo6Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/735e42-c608-46b6-8f70-f23f66f8d242/1/hEWCynBHF-sMlL5NiUE_S8LYuOU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.78.4.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b1:99:68:e6:3e:14:57:c0:81:e1:48:4f:6e:54:67:23:51:d3:
         dd:d8:64:84:e7:b7:47:76:da:90:ae:16:56:41:2d:2f:25:bb:
         42:0d:76:e4:f0:02:cb:e8:51:e0:f2:77:63:c2:f5:c3:e8:c8:
         6a:c8:49:db:69:e7:88:e9:8f:c6:bd:5d:1b:0f:60:5f:1b:3c:
         b6:f2:34:e1:f0:ac:0d:42:aa:2d:2d:ef:11:eb:06:96:24:87:
         7c:79:9a:19:37:f4:3f:df:64:ba:dd:82:66:b2:30:5c:0e:cd:
         62:75:5c:f8:7a:f0:10:6e:20:1a:b3:c2:2c:a4:f4:c6:fa:fe:
         b0:c2:62:f7:a8:a4:7e:a7:a0:24:9e:42:29:ff:b0:a9:fa:5b:
         2f:b4:85:ad:b4:b7:03:f2:d5:20:f1:8d:bf:c2:3c:e7:92:39:
         6a:8c:1d:0c:1f:c3:ad:98:83:c4:7b:bf:f8:4c:c5:42:6a:ef:
         25:36:41:94:81:3f:6d:44:9e:3c:2b:42:fb:b9:2e:ab:55:8c:
         b3:3b:75:5c:89:86:6b:fe:49:3a:4d:96:77:c7:f5:5b:bc:30:
         76:8c:71:dc:55:6e:21:ba:77:47:9b:0b:88:e4:71:aa:fa:32:
         2b:07:cd:3d:52:cb:47:5e:64:99:73:97:b4:ed:12:1d:cb:aa:
         57:2d:f6:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdLDPl+v2pKCm8LQCaOpDmNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDU4MmNhNzA0NzE3ZWIwYzk0YmU0ZDg5NDEzZjRiYzJk
OGI4ZTUwHhcNMjMwNDA0MDY1NTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGZlODViMjUyN2RiNmJmZWEyNWFjYTMwYzc5MzRhODZjYjJhM2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj63Tp61476sJKUPNyjI/JHAAwJXU
HRFcQXmz7y23KhbwN4jRFg88ekAirUpnxLISeZO5Zcivn0ZppGA+Dibk99/MbepQ
pKLBkXl/w1Xr2g2c6Jea66xyqOFLtKF0Wdh+eOy2OZYoy/02qBxdSfAhXL7kupdP
kldkz13nVyd24z/eNsITIqBROZPk3f+QLL7CkupGzax6B6Uyzrd5RFXdLnX0cY+C
HrxfdiSVfKjSzu2819zlBdzr2GDGAIQ3aqy2SoCA9vNiOM/mztdCZ0vr4Z4wRKB2
DE0sxkS+K7boYHX/fuvIKnOuPMl3YZRrgcc8kmORFnU0MHCbn5H/WyryPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD3+hbJSfba/6iWsowx5NKhssqOmMB8GA1UdIwQY
MBaAFIRFgspwRxfrDJS+TYlBP0vC2LjlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVXQ3luQkhGLXNNbEw1TmlVRV9TOExZdU9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC83MzVlNDItYzYwOC00NmI2LThmNzAt
ZjIzZjY2ZjhkMjQyLzEvUGY2RnNsSjl0cl9xSmF5akRIazBxR3l5bzZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC83MzVlNDItYzYwOC00NmI2LThmNzAtZjIzZjY2ZjhkMjQy
LzEvaEVXQ3luQkhGLXNNbEw1TmlVRV9TOExZdU9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBk04EMA0G
CSqGSIb3DQEBCwUAA4IBAQCxmWjmPhRXwIHhSE9uVGcjUdPd2GSE57dHdtqQrhZW
QS0vJbtCDXbk8ALL6FHg8ndjwvXD6MhqyEnbaeeI6Y/GvV0bD2BfGzy28jTh8KwN
QqotLe8R6waWJId8eZoZN/Q/32S63YJmsjBcDs1idVz4evAQbiAas8IspPTG+v6w
wmL3qKR+p6AknkIp/7Cp+lsvtIWttLcD8tUg8Y2/wjznkjlqjB0MH8OtmIPEe7/4
TMVCau8lNkGUgT9tRJ48K0L7uS6rVYyzO3VciYZr/kk6TZZ3x/VbvDB2jHHcVW4h
undHmwuI5HGq+jIrB809UstHXmSZc5e07RIdy6pXLfbr
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:25 2024 by rpki-client on console-ams.rpki-client.org