Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/1-LBa39mFUozHN_X-XzjljYneOVk.roa
File:                     1-LBa39mFUozHN_X-XzjljYneOVk.roa (raw, json)
Hash identifier:          MFlnDkHWhqVM9S3FThjfuUK+zOdrofhU7zXC6kI1DaA=
Subject key identifier:   F8:B0:5A:DF:D9:85:52:8C:C7:37:F5:FE:5F:38:E5:8D:89:DE:39:59
Certificate issuer:       /CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
Certificate serial:       018BF153C84F7980970DBD6A676870640BAC
Authority key identifier: 2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/1-LBa39mFUozHN_X-XzjljYneOVk.roa
Signing time:             Tue 21 Nov 2023 10:01:21 +0000
ROA not before:           Tue 21 Nov 2023 10:01:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211028
IP address blocks:        94.125.98.0/23 maxlen: 24
                          185.78.232.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:f1:53:c8:4f:79:80:97:0d:bd:6a:67:68:70:64:0b:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
        Validity
            Not Before: Nov 21 10:01:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f8b05adfd985528cc737f5fe5f38e58d89de3959
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:83:96:9c:17:46:20:13:dc:93:fe:99:b8:d2:
                    25:a8:1e:9c:51:75:75:1c:52:4b:31:1e:e7:aa:7e:
                    da:d5:8d:85:f2:ba:d9:06:4e:28:d5:1d:45:35:ea:
                    5b:15:c3:ac:1f:d1:30:18:fa:d5:3a:2e:fd:3a:b6:
                    b5:48:7f:b6:50:79:57:1a:9b:0f:5f:e9:ad:05:57:
                    53:3d:df:29:cc:6e:5e:99:01:73:21:01:de:f6:06:
                    68:5d:b9:d6:c9:a8:44:17:bc:e0:38:23:aa:2f:a6:
                    74:b4:04:c3:44:49:d6:21:b0:fa:85:31:fb:b2:cf:
                    8b:c6:f6:b5:df:f1:04:36:aa:d7:bc:cc:53:16:2d:
                    5e:00:e8:22:98:1e:a8:a0:33:e2:0b:d4:d2:26:d0:
                    91:7a:e9:88:8a:ee:17:07:d5:47:e8:3a:e5:2d:cc:
                    5e:18:6a:b7:08:7d:42:5a:1e:45:c5:58:4d:72:f1:
                    2c:4d:a3:67:58:10:68:12:8d:a5:54:3f:a3:50:3b:
                    2b:c0:06:fd:96:e3:b6:0b:1b:12:e6:02:d2:5f:14:
                    9c:30:ce:1d:c8:23:40:cf:b8:32:7d:66:32:e9:be:
                    19:bb:d4:b7:80:1a:a8:7b:f8:78:9c:58:2a:05:f5:
                    86:ab:7c:a2:d9:58:39:41:df:cd:0f:b8:b3:5b:8c:
                    f3:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:B0:5A:DF:D9:85:52:8C:C7:37:F5:FE:5F:38:E5:8D:89:DE:39:59
            X509v3 Authority Key Identifier:
                keyid:2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/1-LBa39mFUozHN_X-XzjljYneOVk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.125.98.0/23
                  185.78.232.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1c:65:58:20:be:fa:95:fb:d8:4e:b8:e8:3e:6b:1c:31:ba:2a:
         27:3e:80:a3:84:da:e9:e8:28:17:d7:9f:79:56:0a:93:ad:00:
         a6:d7:22:dd:ba:ce:53:19:d1:0d:c8:87:9b:ba:c9:90:5f:20:
         da:7b:ad:f3:10:de:54:d5:69:d7:79:c2:7a:2c:ec:31:1c:2b:
         6c:09:f3:dd:d8:46:e1:c3:db:93:00:fa:aa:49:3b:33:3f:52:
         ae:f7:18:f3:2b:e5:c6:22:60:f0:69:48:1f:85:6b:ba:96:9f:
         51:22:29:b5:5c:5a:e9:4c:49:d0:3a:f7:ff:84:a6:cd:32:0f:
         8f:9e:90:99:44:2c:a1:38:c5:a6:b3:0d:f1:cd:57:6e:99:5f:
         b0:84:83:14:85:f1:85:4c:99:eb:b3:2b:a6:e2:d0:70:4e:7f:
         b3:71:b8:df:a9:b9:7d:55:09:7b:8d:e6:79:7e:94:0d:6e:85:
         33:e6:52:6d:dd:9f:59:a8:f2:b5:c0:a9:6d:bc:b4:ab:7d:39:
         20:28:45:8b:db:62:33:eb:4a:14:df:80:81:d1:05:c5:09:cb:
         62:99:f9:f5:e6:32:71:a6:2a:c0:b7:a1:54:74:bd:65:dc:b5:
         bc:25:b2:e3:a9:8c:df:ff:67:86:42:61:6a:49:24:29:2b:fc:
         75:24:9a:56
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYvxU8hPeYCXDb1qZ2hwZAusMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmOTNkM2JhMTk3ZjVjZTMwOThiZmE3NzAwYjQzODU0ZWFh
ODBlOWUwHhcNMjMxMTIxMTAwMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGIwNWFkZmQ5ODU1MjhjYzczN2Y1ZmU1ZjM4ZTU4ZDg5ZGUzOTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14OWnBdGIBPck/6ZuNIlqB6cUXV1
HFJLMR7nqn7a1Y2F8rrZBk4o1R1FNepbFcOsH9EwGPrVOi79Ora1SH+2UHlXGpsP
X+mtBVdTPd8pzG5emQFzIQHe9gZoXbnWyahEF7zgOCOqL6Z0tATDREnWIbD6hTH7
ss+Lxva13/EENqrXvMxTFi1eAOgimB6ooDPiC9TSJtCReumIiu4XB9VH6DrlLcxe
GGq3CH1CWh5FxVhNcvEsTaNnWBBoEo2lVD+jUDsrwAb9luO2CxsS5gLSXxScMM4d
yCNAz7gyfWYy6b4Zu9S3gBqoe/h4nFgqBfWGq3yi2Vg5Qd/ND7izW4zz4wIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPiwWt/ZhVKMxzf1/l845Y2J3jlZMB8GA1UdIwQY
MBaAFC+T07oZf1zjCYv6dwC0OFTqqA6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUt
OWU3MWRjMjRhNjgzLzEvMS1MQmEzOW1GVW96SE5fWC1YempsalluZU9Way5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjQvN2E4N2EwLTgwMTQtNDYwNS05ZmI1LTllNzFkYzI0YTY4
My8xL0w1UFR1aGxfWE9NSmlfcDNBTFE0Vk9xb0RwNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAV59YgME
AblO6DANBgkqhkiG9w0BAQsFAAOCAQEAHGVYIL76lfvYTrjoPmscMboqJz6Ao4Ta
6egoF9efeVYKk60Aptci3brOUxnRDciHm7rJkF8g2nut8xDeVNVp13nCeizsMRwr
bAnz3dhG4cPbkwD6qkk7Mz9SrvcY8yvlxiJg8GlIH4VrupafUSIptVxa6UxJ0Dr3
/4SmzTIPj56QmUQsoTjFprMN8c1XbplfsISDFIXxhUyZ67MrpuLQcE5/s3G436m5
fVUJe43meX6UDW6FM+ZSbd2fWajytcCpbby0q305IChFi9tiM+tKFN+AgdEFxQnL
Ypn59eYycaYqwLehVHS9Zdy1vCWy46mM3/9nhkJhakkkKSv8dSSaVg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:34 2024 by rpki-client on console-fra.rpki-client.org