Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/sjF1BBvKvoaY9hKQxtpyBMrJeP0.roa
File:                     sjF1BBvKvoaY9hKQxtpyBMrJeP0.roa (raw, json)
Hash identifier:          V1a7e0pImFmjfUK+R0poJ0njq3+hzAD6PD0z1uRy/yQ=
Subject key identifier:   B2:31:75:04:1B:CA:BE:86:98:F6:12:90:C6:DA:72:04:CA:C9:78:FD
Certificate issuer:       /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial:       0185778D3B1C9381EA70CBEB4A771FB1B366
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/sjF1BBvKvoaY9hKQxtpyBMrJeP0.roa
Signing time:             Tue 03 Jan 2023 12:13:42 +0000
ROA not before:           Tue 03 Jan 2023 12:13:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210423
IP address blocks:        84.236.234.0/23 maxlen: 23
                          95.178.112.0/22 maxlen: 22
                          94.24.46.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Wed 05 Apr 2023 07:17:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:77:8d:3b:1c:93:81:ea:70:cb:eb:4a:77:1f:b1:b3:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
        Validity
            Not Before: Jan  3 12:13:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b23175041bcabe8698f61290c6da7204cac978fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:22:8d:a7:24:cc:33:ba:55:ff:05:51:72:9c:
                    be:45:c3:d1:35:e0:53:c1:66:64:e0:43:bf:92:c3:
                    23:e7:f1:1d:63:2b:81:bf:96:b1:7a:3a:14:d8:3e:
                    a9:56:27:0a:5a:f0:c9:7e:ac:1b:e0:ae:30:78:3b:
                    10:4a:98:9b:ac:08:ec:f5:05:d5:ac:15:d1:2c:8a:
                    0e:85:97:32:91:f2:57:7b:15:a5:ee:5a:9b:bf:fe:
                    c5:3b:9a:85:28:7d:de:e6:ad:86:fb:67:92:bc:4a:
                    75:1b:ba:06:51:c9:26:e6:2e:4f:48:9a:ed:b9:86:
                    46:a0:9e:e3:de:f0:c8:b1:02:16:9c:1c:37:3e:43:
                    06:4b:e5:8b:4c:7f:74:59:7a:79:46:58:10:59:07:
                    4d:71:4d:e9:a6:6b:18:0f:42:93:c2:75:39:f4:58:
                    d7:22:d2:62:99:69:2e:33:41:d7:ce:bc:93:2a:88:
                    71:49:3f:25:2f:37:0f:36:78:21:d9:40:9f:ef:b0:
                    bd:11:d6:de:88:65:2e:61:4a:19:92:fb:d3:8e:a8:
                    59:99:7b:17:ab:17:79:97:12:26:fe:37:0d:91:43:
                    f4:1e:85:ec:e4:03:1a:6b:e2:ee:5e:ef:d2:1a:1f:
                    d7:d2:05:48:48:1b:0e:1b:5c:f2:5b:0e:76:68:1f:
                    64:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:31:75:04:1B:CA:BE:86:98:F6:12:90:C6:DA:72:04:CA:C9:78:FD
            X509v3 Authority Key Identifier:
                keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/sjF1BBvKvoaY9hKQxtpyBMrJeP0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.236.234.0/23
                  94.24.46.0/23
                  95.178.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         57:2e:77:d8:3e:ff:da:d3:e3:c4:ee:64:c3:16:64:e9:d4:43:
         9c:9e:e2:74:0d:85:f1:f1:36:15:07:e2:97:7c:5b:18:1c:7a:
         4f:58:74:b8:e5:73:3b:89:aa:ca:55:8a:29:bf:3d:f6:d4:1e:
         96:9a:62:8b:0b:4f:6d:cc:25:87:2b:11:d5:eb:7a:b6:55:b0:
         b0:7f:83:0e:72:dd:ba:5e:23:71:41:43:7e:29:73:a0:be:9c:
         c9:63:b3:1c:e6:b4:1b:37:71:6e:35:71:a2:e0:d9:04:72:a1:
         27:10:d0:20:26:e6:2b:f0:b9:47:a0:77:91:31:e4:83:99:46:
         10:f3:0b:91:43:1c:90:ec:4b:9b:09:b0:34:e7:6a:d4:f8:4b:
         00:a5:a8:66:44:31:06:b1:78:ce:ca:1a:cc:9c:f9:c1:5f:81:
         99:04:a2:c0:fa:a7:59:6b:b4:ca:20:36:21:bf:71:aa:33:d0:
         eb:c3:b7:a8:c9:6c:f3:43:bb:93:0d:ba:b4:87:56:e5:32:ac:
         ed:46:e1:a2:21:32:e0:72:0c:7a:16:0e:ff:84:bb:73:4c:a4:
         a0:ba:a8:cb:0a:20:ea:bf:e1:a6:24:65:3d:01:ed:c0:c7:af:
         ea:92:4a:9a:fa:04:6e:b9:e1:72:da:94:1c:96:76:7e:01:7a:
         ad:34:56:a7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYV3jTsck4HqcMvrSncfsbNmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwMTAzMTIxMzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjMxNzUwNDFiY2FiZTg2OThmNjEyOTBjNmRhNzIwNGNhYzk3OGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSKNpyTMM7pV/wVRcpy+RcPRNeBT
wWZk4EO/ksMj5/EdYyuBv5axejoU2D6pVicKWvDJfqwb4K4weDsQSpibrAjs9QXV
rBXRLIoOhZcykfJXexWl7lqbv/7FO5qFKH3e5q2G+2eSvEp1G7oGUckm5i5PSJrt
uYZGoJ7j3vDIsQIWnBw3PkMGS+WLTH90WXp5RlgQWQdNcU3ppmsYD0KTwnU59FjX
ItJimWkuM0HXzryTKohxST8lLzcPNngh2UCf77C9EdbeiGUuYUoZkvvTjqhZmXsX
qxd5lxIm/jcNkUP0HoXs5AMaa+LuXu/SGh/X0gVISBsOG1zyWw52aB9kFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLIxdQQbyr6GmPYSkMbacgTKyXj9MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvc2pGMUJCdkt2b2FZOWhLUXh0cHlCTXJKZVAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVOzqAwQB
XhguAwQCX7JwMA0GCSqGSIb3DQEBCwUAA4IBAQBXLnfYPv/a0+PE7mTDFmTp1EOc
nuJ0DYXx8TYVB+KXfFsYHHpPWHS45XM7iarKVYopvz321B6WmmKLC09tzCWHKxHV
63q2VbCwf4MOct26XiNxQUN+KXOgvpzJY7Mc5rQbN3FuNXGi4NkEcqEnENAgJuYr
8LlHoHeRMeSDmUYQ8wuRQxyQ7EubCbA052rU+EsApahmRDEGsXjOyhrMnPnBX4GZ
BKLA+qdZa7TKIDYhv3GqM9Drw7eoyWzzQ7uTDbq0h1blMqztRuGiITLgcgx6Fg7/
hLtzTKSguqjLCiDqv+GmJGU9Ae3Ax6/qkkqa+gRuueFy2pQclnZ+AXqtNFan
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:01 2024 by rpki-client on console-ams.rpki-client.org