Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/o6LEG4eU3IQL0vD3-V0KjUm7d7A.roa
File:                     o6LEG4eU3IQL0vD3-V0KjUm7d7A.roa (raw, json)
Hash identifier:          TenV5uPn3Orhv9+RGAh6Lu2Otw9wWHBSzupYqNYrmvg=
Subject key identifier:   A3:A2:C4:1B:87:94:DC:84:0B:D2:F0:F7:F9:5D:0A:8D:49:BB:77:B0
Certificate issuer:       /CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Certificate serial:       01856CAF0B577485D9A0E48E3B41CDF0FDB2
Authority key identifier: 05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/o6LEG4eU3IQL0vD3-V0KjUm7d7A.roa
Signing time:             Sun 01 Jan 2023 09:34:48 +0000
ROA not before:           Sun 01 Jan 2023 09:34:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399641
IP address blocks:        213.170.145.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:af:0b:57:74:85:d9:a0:e4:8e:3b:41:cd:f0:fd:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
        Validity
            Not Before: Jan  1 09:34:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a3a2c41b8794dc840bd2f0f7f95d0a8d49bb77b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:39:ae:70:49:ad:df:f5:51:fd:43:f9:7f:98:
                    76:88:a6:39:85:4d:ea:dc:23:ba:04:1c:60:01:e9:
                    2a:d8:8c:69:9d:08:52:72:c7:ab:68:2b:57:c1:58:
                    ea:26:f8:79:5c:24:24:aa:f9:d7:fa:ed:ea:49:6c:
                    39:c0:68:37:36:d3:2d:a3:41:02:45:47:26:eb:65:
                    0d:f2:0f:55:c6:58:76:7b:46:9b:0c:21:bb:59:56:
                    af:e3:69:af:a8:03:e4:a2:e6:b9:a4:73:cc:55:28:
                    77:d0:15:5e:42:32:be:73:72:0d:35:b5:a2:34:ce:
                    a4:2a:fa:05:9e:ad:f7:b8:9b:77:0f:f6:df:05:c5:
                    88:16:d7:d1:b9:b3:fb:09:62:04:e3:0d:14:ef:b0:
                    87:e4:de:09:4b:db:e2:4f:5b:da:da:16:f2:d4:13:
                    28:01:93:56:a1:af:3e:30:a9:56:73:a7:ed:96:a0:
                    2a:69:2a:af:df:b4:dc:d0:4f:85:44:23:5c:d9:73:
                    ca:96:56:12:f2:39:23:58:52:2d:ca:35:52:fc:05:
                    18:df:ca:9a:c1:1e:70:19:71:ac:9a:ef:e0:e8:5a:
                    01:7d:e8:bb:a0:2f:2f:96:ad:b0:ec:c5:5c:3c:4f:
                    b4:c6:c9:85:f9:79:4e:c4:92:07:58:a2:aa:96:c2:
                    e1:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:A2:C4:1B:87:94:DC:84:0B:D2:F0:F7:F9:5D:0A:8D:49:BB:77:B0
            X509v3 Authority Key Identifier:
                keyid:05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/o6LEG4eU3IQL0vD3-V0KjUm7d7A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.170.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:f6:cc:d3:48:0e:5f:7b:08:52:07:fd:f3:29:d3:36:6a:31:
         85:b9:ca:ec:f8:c3:f3:e7:3d:84:ed:31:46:38:ba:0f:a3:26:
         17:df:50:a7:7b:f2:2b:7e:25:7e:43:75:e4:e2:80:58:d8:9f:
         66:d8:bc:7f:26:a4:7a:63:01:a9:c5:e1:02:fe:ac:c0:9c:9c:
         94:fe:e4:14:36:06:4d:de:26:5d:b9:22:2c:2b:f5:79:a9:3a:
         30:66:6e:7a:c1:ed:9e:6a:72:4e:6f:d6:30:40:9a:c2:dd:f3:
         d9:4d:a2:cb:e1:f5:ee:b3:58:6a:e5:9e:8f:0c:4f:cf:8c:1b:
         b6:c1:f5:fc:60:95:6f:cd:e8:27:04:d5:01:15:77:78:57:99:
         5c:d8:8b:5d:b5:12:41:31:65:af:76:e4:02:68:dc:75:64:db:
         d5:fb:13:bc:97:95:c3:cf:42:54:c0:11:4c:a5:de:13:38:22:
         90:76:5e:b0:01:68:df:09:5e:25:78:65:d4:93:42:97:cf:ad:
         9f:b9:c4:4d:c9:93:38:09:ee:41:5f:61:13:65:a1:fe:e6:31:
         07:a0:aa:57:50:0f:ad:f2:43:64:51:f3:32:3f:ce:c8:77:2e:
         ee:67:bc:86:dc:89:0d:7e:04:8d:7b:a9:39:0d:59:67:09:2e:
         0f:8c:44:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsrwtXdIXZoOSOO0HN8P2yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NTE2MDViNjc1ZWNlNGUwZmNlNzE3NWFlMzFhOTNmYTgy
NzJiYTYwHhcNMjMwMTAxMDkzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2EyYzQxYjg3OTRkYzg0MGJkMmYwZjdmOTVkMGE4ZDQ5YmI3N2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTmucEmt3/VR/UP5f5h2iKY5hU3q
3CO6BBxgAekq2IxpnQhScseraCtXwVjqJvh5XCQkqvnX+u3qSWw5wGg3NtMto0EC
RUcm62UN8g9Vxlh2e0abDCG7WVav42mvqAPkoua5pHPMVSh30BVeQjK+c3INNbWi
NM6kKvoFnq33uJt3D/bfBcWIFtfRubP7CWIE4w0U77CH5N4JS9viT1va2hby1BMo
AZNWoa8+MKlWc6ftlqAqaSqv37Tc0E+FRCNc2XPKllYS8jkjWFItyjVS/AUY38qa
wR5wGXGsmu/g6FoBfei7oC8vlq2w7MVcPE+0xsmF+XlOxJIHWKKqlsLhiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKOixBuHlNyEC9Lw9/ldCo1Ju3ewMB8GA1UdIwQY
MBaAFAVRYFtnXs5OD85xda4xqT+oJyumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEt
MDc3OWY0OGVjZWEwLzEvbzZMRUc0ZVUzSVFMMHZEMy1WMEtqVW03ZDdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEtMDc3OWY0OGVjZWEw
LzEvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1aqRMA0G
CSqGSIb3DQEBCwUAA4IBAQBA9szTSA5fewhSB/3zKdM2ajGFucrs+MPz5z2E7TFG
OLoPoyYX31Cne/IrfiV+Q3Xk4oBY2J9m2Lx/JqR6YwGpxeEC/qzAnJyU/uQUNgZN
3iZduSIsK/V5qTowZm56we2eanJOb9YwQJrC3fPZTaLL4fXus1hq5Z6PDE/PjBu2
wfX8YJVvzegnBNUBFXd4V5lc2ItdtRJBMWWvduQCaNx1ZNvV+xO8l5XDz0JUwBFM
pd4TOCKQdl6wAWjfCV4leGXUk0KXz62fucRNyZM4Ce5BX2ETZaH+5jEHoKpXUA+t
8kNkUfMyP87Idy7uZ7yG3IkNfgSNe6k5DVlnCS4PjERt
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:36 2024 by rpki-client on console-ams.rpki-client.org