Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/pA7XoyTGlTueJQu3ZhybOfl4Hi0.roa
File:                     pA7XoyTGlTueJQu3ZhybOfl4Hi0.roa (raw, json)
Hash identifier:          qkOF0s38duB2o+Qq/MFOJR1HVLk2jKZWOn6GpBwnnjQ=
Subject key identifier:   A4:0E:D7:A3:24:C6:95:3B:9E:25:0B:B7:66:1C:9B:39:F9:78:1E:2D
Certificate issuer:       /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial:       018571556C17B4133DA8F70BC550783970B3
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/pA7XoyTGlTueJQu3ZhybOfl4Hi0.roa
Signing time:             Mon 02 Jan 2023 07:15:01 +0000
ROA not before:           Mon 02 Jan 2023 07:15:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        178.171.50.0/23 maxlen: 23
                          178.171.48.0/22 maxlen: 22
                          178.171.48.0/23 maxlen: 23
                          178.171.60.0/23 maxlen: 23
                          178.171.60.0/22 maxlen: 22
                          178.171.62.0/23 maxlen: 23
                          158.46.176.0/22 maxlen: 22

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:55:6c:17:b4:13:3d:a8:f7:0b:c5:50:78:39:70:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
        Validity
            Not Before: Jan  2 07:15:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a40ed7a324c6953b9e250bb7661c9b39f9781e2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:f6:c7:15:45:e5:c6:94:84:af:35:20:65:aa:
                    25:c8:1f:b3:1a:5c:9e:f6:e5:df:0a:b4:b8:1b:53:
                    e8:92:d9:ee:b1:50:a4:ba:74:9f:21:7d:f0:a9:0d:
                    07:c0:3d:98:37:2d:b4:59:be:ff:41:7f:21:3f:f6:
                    fb:7b:8c:da:f8:b4:5f:46:ad:56:a5:12:9e:aa:74:
                    e1:d4:00:b5:6d:2e:a7:bf:1e:d4:2c:96:a1:83:a1:
                    ee:59:21:9b:bb:a9:28:81:6a:b5:da:a3:b9:a6:ac:
                    cd:1a:22:4b:6e:62:c6:0d:be:f4:96:d6:4b:8b:d8:
                    27:5f:a4:c1:19:91:a7:71:75:00:0d:af:1e:de:a0:
                    2c:74:fb:db:94:f8:ae:a1:b4:ea:4b:46:37:4b:54:
                    88:1c:a4:b0:94:16:60:91:b6:f1:4c:a1:1d:42:78:
                    86:63:1d:36:cf:52:5a:2e:f5:3b:35:ed:b1:d6:55:
                    52:86:58:bc:97:fb:1c:30:a0:75:81:56:b5:f1:44:
                    19:b4:ee:34:f8:a3:7a:45:63:a0:4b:9e:f1:f7:b4:
                    f9:2c:bc:60:8c:d6:cc:3e:38:6d:68:58:cb:27:3c:
                    e5:aa:9a:8a:6b:07:95:50:16:88:a7:d8:1c:df:15:
                    5e:8e:15:9f:4d:43:18:15:7c:3a:9d:9d:b8:b8:9f:
                    3a:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:0E:D7:A3:24:C6:95:3B:9E:25:0B:B7:66:1C:9B:39:F9:78:1E:2D
            X509v3 Authority Key Identifier:
                keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/pA7XoyTGlTueJQu3ZhybOfl4Hi0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.46.176.0/22
                  178.171.48.0/22
                  178.171.60.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1d:5f:7d:35:93:32:86:ec:a5:bc:5c:91:dd:70:47:2b:09:dc:
         9a:8c:87:bf:36:41:f6:be:04:63:72:42:e7:82:af:ce:5d:f4:
         dc:5e:a3:f9:bb:b3:16:ec:21:c4:22:1a:5d:28:20:14:ef:a8:
         4e:ba:8e:09:b7:29:fa:7b:31:b2:a5:56:ad:5f:da:03:2f:3f:
         fe:be:08:78:33:95:56:89:18:e6:84:fd:23:41:24:57:c8:a3:
         bf:24:33:d8:a2:10:8b:fb:9c:26:62:c6:14:fe:4b:48:b2:b5:
         39:83:52:c5:d2:cd:5d:57:6c:5a:09:36:fb:80:7a:9e:72:f3:
         38:ac:01:21:74:92:f8:7c:92:ad:2e:96:15:3f:c3:83:f3:07:
         d8:23:c7:f4:6e:06:2e:19:d9:6f:6a:8f:7b:6f:8a:cb:cb:64:
         aa:3e:d0:9b:7e:24:f7:7a:9d:eb:94:6d:e9:34:67:6b:4d:38:
         2d:36:d6:ee:4a:1c:29:0d:2f:ae:1d:62:44:36:f5:9d:bc:a4:
         92:ea:2d:48:f5:2a:58:74:f7:df:89:62:95:1a:23:40:e8:3b:
         85:0a:72:26:61:f9:a5:d6:62:3f:6a:5c:8d:6c:f6:36:67:1f:
         15:21:32:b9:67:a7:f4:9e:5b:07:fc:28:2b:69:04:59:0c:01:
         7f:8a:17:75
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxVWwXtBM9qPcLxVB4OXCzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjMwMTAyMDcxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDBlZDdhMzI0YzY5NTNiOWUyNTBiYjc2NjFjOWIzOWY5NzgxZTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfbHFUXlxpSErzUgZaolyB+zGlye
9uXfCrS4G1PoktnusVCkunSfIX3wqQ0HwD2YNy20Wb7/QX8hP/b7e4za+LRfRq1W
pRKeqnTh1AC1bS6nvx7ULJahg6HuWSGbu6kogWq12qO5pqzNGiJLbmLGDb70ltZL
i9gnX6TBGZGncXUADa8e3qAsdPvblPiuobTqS0Y3S1SIHKSwlBZgkbbxTKEdQniG
Yx02z1JaLvU7Ne2x1lVShli8l/scMKB1gVa18UQZtO40+KN6RWOgS57x97T5LLxg
jNbMPjhtaFjLJzzlqpqKaweVUBaIp9gc3xVejhWfTUMYFXw6nZ24uJ864wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKQO16MkxpU7niULt2Ycmzn5eB4tMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvcEE3WG95VEdsVHVlSlF1M1poeWJPZmw0SGkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCni6wAwQC
sqswAwQCsqs8MA0GCSqGSIb3DQEBCwUAA4IBAQAdX301kzKG7KW8XJHdcEcrCdya
jIe/NkH2vgRjckLngq/OXfTcXqP5u7MW7CHEIhpdKCAU76hOuo4Jtyn6ezGypVat
X9oDLz/+vgh4M5VWiRjmhP0jQSRXyKO/JDPYohCL+5wmYsYU/ktIsrU5g1LF0s1d
V2xaCTb7gHqecvM4rAEhdJL4fJKtLpYVP8OD8wfYI8f0bgYuGdlvao97b4rLy2Sq
PtCbfiT3ep3rlG3pNGdrTTgtNtbuShwpDS+uHWJENvWdvKSS6i1I9SpYdPffiWKV
GiNA6DuFCnImYfml1mI/alyNbPY2Zx8VITK5Z6f0nlsH/CgraQRZDAF/ihd1
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:37 2024 by rpki-client on console-fra.rpki-client.org