Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/70VMs_gaO3fpzbMxHay5vtxx_pQ.roa
File:                     70VMs_gaO3fpzbMxHay5vtxx_pQ.roa (raw, json)
Hash identifier:          f4YAL/Mb6GHSblUmZfl+r+a2RtltiuPIC1HZ+ZvJRS0=
Subject key identifier:   EF:45:4C:B3:F8:1A:3B:77:E9:CD:B3:31:1D:AC:B9:BE:DC:71:FE:94
Certificate issuer:       /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial:       018A902F8D754D52BC50D707AB7C57929944
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/70VMs_gaO3fpzbMxHay5vtxx_pQ.roa
Signing time:             Wed 13 Sep 2023 20:15:50 +0000
ROA not before:           Wed 13 Sep 2023 20:15:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2856
IP address blocks:        147.78.68.0/22 maxlen: 22
                          193.187.132.0/22 maxlen: 22
                          193.187.140.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Fri 22 Sep 2023 18:27:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:90:2f:8d:75:4d:52:bc:50:d7:07:ab:7c:57:92:99:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
        Validity
            Not Before: Sep 13 20:15:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ef454cb3f81a3b77e9cdb3311dacb9bedc71fe94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:70:a1:75:da:67:c0:70:00:80:f2:c2:ac:61:
                    0c:23:c3:84:ea:05:d9:cf:31:89:0d:b2:21:15:b4:
                    24:8c:f0:42:74:32:b4:32:c7:38:80:d0:d4:d4:d6:
                    13:08:ab:2f:90:31:fd:9a:72:f5:a7:e9:d4:9b:16:
                    61:fa:2a:97:58:d3:2a:72:f1:78:8f:fb:63:b1:10:
                    9c:84:b1:3b:d4:47:f8:6f:da:54:5b:92:fc:0d:1f:
                    cb:af:0b:44:21:27:39:ad:ac:a8:96:cc:7f:5e:2d:
                    c0:f8:d0:35:0d:45:88:5b:45:5f:7f:0b:07:8e:12:
                    43:47:a2:9c:fb:9a:17:df:7f:f7:e6:f5:39:df:94:
                    f8:d0:bd:73:94:73:a9:81:d2:0b:cf:25:15:d8:f8:
                    a6:f4:27:70:a5:81:d0:3c:37:30:75:58:9c:c2:96:
                    f1:e0:08:0e:be:4a:19:29:2f:c7:f8:b1:a5:a2:35:
                    3e:a0:98:93:99:40:74:6e:18:71:b9:31:0c:51:11:
                    98:e5:b0:3d:43:11:c2:13:82:29:14:20:75:c1:18:
                    f0:9c:f3:a6:91:e3:64:45:23:f7:32:cf:fc:a3:60:
                    9f:99:fa:be:cb:6d:0e:5a:39:cf:86:3f:02:65:b6:
                    91:3d:20:6d:62:de:89:f6:6e:3d:71:76:7b:14:dd:
                    3d:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:45:4C:B3:F8:1A:3B:77:E9:CD:B3:31:1D:AC:B9:BE:DC:71:FE:94
            X509v3 Authority Key Identifier:
                keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/70VMs_gaO3fpzbMxHay5vtxx_pQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.78.68.0/22
                  193.187.132.0/22
                  193.187.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8f:74:84:d9:76:60:0c:e5:05:e7:c0:66:c4:67:aa:c0:b9:7a:
         90:ac:20:78:c1:21:12:d4:b0:44:e6:72:b7:93:94:4e:27:c9:
         4c:7b:af:89:06:23:27:6d:94:5f:7b:5d:63:1a:c2:d1:37:f2:
         88:31:2d:f0:eb:d1:bb:20:d8:01:19:35:30:51:fc:5c:8b:f9:
         72:0b:6e:31:04:2a:fa:4f:f5:07:af:af:e2:93:ec:e8:ee:16:
         ec:bd:47:f6:6c:e7:65:2e:77:41:30:ec:0d:88:53:9c:33:4e:
         69:14:af:07:68:d7:02:d4:cb:85:e4:55:d6:31:a3:f9:fb:e7:
         15:53:29:f3:56:b3:dd:dd:a7:25:bb:c1:6c:be:f6:8e:d8:0a:
         7a:29:ce:2b:c4:39:4d:3f:6e:9b:47:9c:31:dd:a3:11:f4:59:
         15:d7:24:e2:38:55:86:4c:50:89:a3:58:2a:57:cf:72:c8:7b:
         f9:0b:bf:9b:30:02:7f:f3:f7:f6:68:41:fc:1a:ad:c2:01:de:
         3e:e2:09:a4:24:58:1a:de:b4:e1:52:bf:11:11:7f:ce:a1:a7:
         23:63:60:0a:3f:1c:64:46:43:5b:13:ce:ee:d9:8d:25:33:0f:
         17:33:50:62:82:26:2a:24:69:e6:fc:47:23:0c:65:78:42:53:
         65:dc:3e:ee
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqQL411TVK8UNcHq3xXkplEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwOTEzMjAxNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjQ1NGNiM2Y4MWEzYjc3ZTljZGIzMzExZGFjYjliZWRjNzFmZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHChddpnwHAAgPLCrGEMI8OE6gXZ
zzGJDbIhFbQkjPBCdDK0Msc4gNDU1NYTCKsvkDH9mnL1p+nUmxZh+iqXWNMqcvF4
j/tjsRCchLE71Ef4b9pUW5L8DR/LrwtEISc5rayolsx/Xi3A+NA1DUWIW0VffwsH
jhJDR6Kc+5oX33/35vU535T40L1zlHOpgdILzyUV2Pim9CdwpYHQPDcwdVicwpbx
4AgOvkoZKS/H+LGlojU+oJiTmUB0bhhxuTEMURGY5bA9QxHCE4IpFCB1wRjwnPOm
keNkRSP3Ms/8o2Cfmfq+y20OWjnPhj8CZbaRPSBtYt6J9m49cXZ7FN09vQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO9FTLP4Gjt36c2zMR2sub7ccf6UMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvNzBWTXNfZ2FPM2ZwemJNeEhheTV2dHh4X3BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCk05EAwQC
wbuEAwQCwbuMMA0GCSqGSIb3DQEBCwUAA4IBAQCPdITZdmAM5QXnwGbEZ6rAuXqQ
rCB4wSES1LBE5nK3k5ROJ8lMe6+JBiMnbZRfe11jGsLRN/KIMS3w69G7INgBGTUw
Ufxci/lyC24xBCr6T/UHr6/ik+zo7hbsvUf2bOdlLndBMOwNiFOcM05pFK8HaNcC
1MuF5FXWMaP5++cVUynzVrPd3aclu8FsvvaO2Ap6Kc4rxDlNP26bR5wx3aMR9FkV
1yTiOFWGTFCJo1gqV89yyHv5C7+bMAJ/8/f2aEH8Gq3CAd4+4gmkJFga3rThUr8R
EX/OoacjY2AKPxxkRkNbE87u2Y0lMw8XM1BigiYqJGnm/EcjDGV4QlNl3D7u
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:49 2024 by rpki-client on console-fra.rpki-client.org