Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/dVHjLU6MNnrM-9hPHU0ajmhb07U.roa
File:                     dVHjLU6MNnrM-9hPHU0ajmhb07U.roa (raw, json)
Hash identifier:          ko3GdQ8eudwqbBYzKY1KhH5sczHzCD8sgHzj9Sl8y0s=
Subject key identifier:   75:51:E3:2D:4E:8C:36:7A:CC:FB:D8:4F:1D:4D:1A:8E:68:5B:D3:B5
Certificate issuer:       /CN=2101f439debaff5880395d78f0bbfad8ca7608bf
Certificate serial:       01856F66D99B5D9BDB71682BB6F46DBFA569
Authority key identifier: 21:01:F4:39:DE:BA:FF:58:80:39:5D:78:F0:BB:FA:D8:CA:76:08:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IQH0Od66_1iAOV148Lv62Mp2CL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/dVHjLU6MNnrM-9hPHU0ajmhb07U.roa
Signing time:             Sun 01 Jan 2023 22:14:49 +0000
ROA not before:           Sun 01 Jan 2023 22:14:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15404
IP address blocks:        193.178.140.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:66:d9:9b:5d:9b:db:71:68:2b:b6:f4:6d:bf:a5:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2101f439debaff5880395d78f0bbfad8ca7608bf
        Validity
            Not Before: Jan  1 22:14:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7551e32d4e8c367accfbd84f1d4d1a8e685bd3b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:4b:3d:5a:65:f1:f8:11:b0:ff:5a:53:28:cc:
                    75:c0:27:ca:a6:08:24:82:51:cf:52:2e:42:c9:4f:
                    0b:06:af:97:9d:79:e0:a7:08:91:94:4c:5b:6a:f2:
                    69:26:00:da:50:c2:d9:18:f9:56:65:bd:55:20:fa:
                    45:21:28:b4:e7:72:52:6b:3d:99:b6:49:06:7d:77:
                    f6:1f:65:db:8f:94:10:e9:35:7c:ac:83:dc:83:44:
                    a5:dc:52:18:f6:ce:d7:40:d3:e2:4b:2f:88:a1:e9:
                    73:a9:91:44:9e:8c:85:03:df:3e:3c:35:d4:9d:e4:
                    c1:5a:29:bf:93:0d:fe:1b:10:98:b6:31:bb:44:54:
                    5e:bb:22:53:18:5d:bb:91:07:e7:d6:7e:27:ac:5c:
                    66:dd:1e:7e:61:83:0b:f3:1d:24:50:52:5c:7a:ea:
                    b5:30:03:d5:e4:34:a4:b3:4c:d1:f4:da:39:eb:fb:
                    e5:b0:47:b9:e3:a5:e3:e4:19:7d:7a:20:22:eb:03:
                    9d:ca:e8:af:7f:65:f1:96:60:c5:f2:4c:3a:a4:02:
                    fa:e8:09:6c:7c:11:b1:51:9c:30:10:36:72:e1:d5:
                    03:90:bc:07:85:a1:57:4d:ed:44:97:5a:9c:82:58:
                    be:34:2f:26:1c:2d:d6:be:99:a7:34:31:3d:9b:dd:
                    46:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:51:E3:2D:4E:8C:36:7A:CC:FB:D8:4F:1D:4D:1A:8E:68:5B:D3:B5
            X509v3 Authority Key Identifier:
                keyid:21:01:F4:39:DE:BA:FF:58:80:39:5D:78:F0:BB:FA:D8:CA:76:08:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQH0Od66_1iAOV148Lv62Mp2CL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/dVHjLU6MNnrM-9hPHU0ajmhb07U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/IQH0Od66_1iAOV148Lv62Mp2CL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.178.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         38:3d:b9:3c:58:99:13:64:05:8d:68:30:fc:db:fa:d9:50:ee:
         62:59:50:d8:aa:a2:1b:7d:c8:57:3f:da:e5:1a:ed:29:be:aa:
         80:c0:37:53:41:8a:1d:8c:59:0c:3f:f8:54:b8:3d:86:7b:81:
         34:23:bc:77:20:4a:e0:7e:04:49:d4:3e:48:23:65:d6:11:8b:
         54:4e:73:36:3e:21:f3:40:b3:af:09:85:4c:eb:d1:23:74:5e:
         93:8b:3b:73:09:d5:ca:06:0c:76:3d:95:35:48:3b:23:6e:9d:
         99:25:d5:55:82:c5:fe:34:63:45:3d:2a:0b:91:bc:0b:22:43:
         66:b7:5d:f3:67:f2:33:16:7e:8c:ba:02:93:17:12:af:b3:38:
         65:35:fd:17:8d:02:bf:59:22:d9:1c:e9:f2:71:1a:32:dc:f9:
         82:cd:f8:bc:80:96:29:e3:01:33:c7:9e:5a:81:89:df:c3:b0:
         70:c5:a3:e2:f6:93:9e:97:52:c6:50:9e:79:c2:89:df:87:bf:
         be:f2:22:4a:39:61:d4:8f:d6:c7:a2:ad:74:21:6e:22:68:73:
         5a:32:fd:2b:27:5d:59:5d:52:dc:24:20:1d:17:a9:ee:ba:ef:
         b1:2f:a9:79:bc:cf:ec:94:43:06:e3:d3:07:21:6a:99:9e:e3:
         d5:52:2d:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZtmbXZvbcWgrtvRtv6VpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDFmNDM5ZGViYWZmNTg4MDM5NWQ3OGYwYmJmYWQ4Y2E3
NjA4YmYwHhcNMjMwMTAxMjIxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTUxZTMyZDRlOGMzNjdhY2NmYmQ4NGYxZDRkMWE4ZTY4NWJkM2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0s9WmXx+BGw/1pTKMx1wCfKpggk
glHPUi5CyU8LBq+XnXngpwiRlExbavJpJgDaUMLZGPlWZb1VIPpFISi053JSaz2Z
tkkGfXf2H2Xbj5QQ6TV8rIPcg0Sl3FIY9s7XQNPiSy+IoelzqZFEnoyFA98+PDXU
neTBWim/kw3+GxCYtjG7RFReuyJTGF27kQfn1n4nrFxm3R5+YYML8x0kUFJceuq1
MAPV5DSks0zR9No56/vlsEe546Xj5Bl9eiAi6wOdyuivf2XxlmDF8kw6pAL66Als
fBGxUZwwEDZy4dUDkLwHhaFXTe1El1qcgli+NC8mHC3WvpmnNDE9m91GvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHVR4y1OjDZ6zPvYTx1NGo5oW9O1MB8GA1UdIwQY
MBaAFCEB9Dneuv9YgDldePC7+tjKdgi/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFIME9kNjZfMWlBT1YxNDhMdjYyTXAyQ0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83OGM0MTQtOWIwOS00Nzc1LWE1NTgt
ZTNkZWZiN2UyNTE4LzEvZFZIakxVNk1ObnJNLTloUEhVMGFqbWhiMDdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83OGM0MTQtOWIwOS00Nzc1LWE1NTgtZTNkZWZiN2UyNTE4
LzEvSVFIME9kNjZfMWlBT1YxNDhMdjYyTXAyQ0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwbKMMA0G
CSqGSIb3DQEBCwUAA4IBAQA4Pbk8WJkTZAWNaDD82/rZUO5iWVDYqqIbfchXP9rl
Gu0pvqqAwDdTQYodjFkMP/hUuD2Ge4E0I7x3IErgfgRJ1D5II2XWEYtUTnM2PiHz
QLOvCYVM69EjdF6TiztzCdXKBgx2PZU1SDsjbp2ZJdVVgsX+NGNFPSoLkbwLIkNm
t13zZ/IzFn6MugKTFxKvszhlNf0XjQK/WSLZHOnycRoy3PmCzfi8gJYp4wEzx55a
gYnfw7BwxaPi9pOel1LGUJ55wonfh7++8iJKOWHUj9bHoq10IW4iaHNaMv0rJ11Z
XVLcJCAdF6nuuu+xL6l5vM/slEMG49MHIWqZnuPVUi3q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:07 2024 by rpki-client on console-ams.rpki-client.org