Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/7z8VQBxmD_NCbv6GpHpK9iahAA8.roa
File:                     7z8VQBxmD_NCbv6GpHpK9iahAA8.roa (raw, json)
Hash identifier:          OrJE1G7xlSVqyfuSb2C4w4nFLWJzrIIjrjiCBbW3fRo=
Subject key identifier:   EF:3F:15:40:1C:66:0F:F3:42:6E:FE:86:A4:7A:4A:F6:26:A1:00:0F
Certificate issuer:       /CN=b82e7b8068c4ae9ae4ca4c3a6b2096199a741ff2
Certificate serial:       01856FCBBA1F9E245FA60CD10F7130B32723
Authority key identifier: B8:2E:7B:80:68:C4:AE:9A:E4:CA:4C:3A:6B:20:96:19:9A:74:1F:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uC57gGjErprkykw6ayCWGZp0H_I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/7z8VQBxmD_NCbv6GpHpK9iahAA8.roa
Signing time:             Mon 02 Jan 2023 00:05:00 +0000
ROA not before:           Mon 02 Jan 2023 00:05:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43624
IP address blocks:        178.159.107.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 12 Jan 2023 18:50:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:cb:ba:1f:9e:24:5f:a6:0c:d1:0f:71:30:b3:27:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b82e7b8068c4ae9ae4ca4c3a6b2096199a741ff2
        Validity
            Not Before: Jan  2 00:05:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ef3f15401c660ff3426efe86a47a4af626a1000f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:33:7a:19:fc:ac:79:fb:51:99:b9:1d:64:a8:
                    78:e0:f8:92:cc:36:0a:e6:91:e3:bc:d5:dd:92:15:
                    e7:43:05:a6:c7:22:ee:c0:3e:44:31:16:98:d1:30:
                    af:1f:ee:1d:ab:5b:78:26:58:db:b3:73:ed:ad:3f:
                    26:9e:00:2e:fd:0f:b5:55:25:2b:73:ee:6f:05:ff:
                    b3:29:bf:67:67:a7:7d:02:de:c8:a4:75:91:35:0f:
                    1c:2d:9d:da:42:75:d2:ca:44:06:89:b4:4d:e8:03:
                    78:95:56:ea:5b:9a:2e:af:00:44:60:be:dd:4e:96:
                    9b:d1:92:aa:ca:b5:7d:5e:84:dd:94:88:cb:f0:d5:
                    fa:2b:0b:95:84:d0:2a:23:34:e0:5d:d8:f5:6e:7b:
                    1b:9e:0d:14:cc:80:66:4a:70:f7:56:d2:8d:b9:bf:
                    8d:0a:51:0c:a2:b1:cf:0e:b7:2d:36:5b:74:60:49:
                    6c:ad:f8:c9:59:ca:7e:88:91:ec:9d:07:40:71:c7:
                    8d:ad:e5:a1:a5:3f:07:e3:4f:38:fa:9b:71:8d:c9:
                    2f:b6:c3:ad:91:ca:e8:4d:f4:6e:ae:e6:75:9f:3b:
                    12:b5:84:3e:b1:e6:44:d5:59:56:2e:6e:84:97:88:
                    b6:04:5f:f2:01:29:29:85:4a:2d:03:1f:35:51:1c:
                    8e:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:3F:15:40:1C:66:0F:F3:42:6E:FE:86:A4:7A:4A:F6:26:A1:00:0F
            X509v3 Authority Key Identifier:
                keyid:B8:2E:7B:80:68:C4:AE:9A:E4:CA:4C:3A:6B:20:96:19:9A:74:1F:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uC57gGjErprkykw6ayCWGZp0H_I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/7z8VQBxmD_NCbv6GpHpK9iahAA8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/uC57gGjErprkykw6ayCWGZp0H_I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.159.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:1a:47:c4:f9:06:c9:56:48:eb:2d:4c:d2:bc:57:f5:f3:86:
         36:df:d0:32:c1:cc:a6:f6:45:4c:26:c1:a8:2c:53:74:eb:55:
         f9:3c:31:6c:98:c2:fe:50:cb:92:5c:a3:7c:75:64:e0:56:ae:
         99:77:30:9d:66:70:cc:a2:91:49:38:cd:86:27:a4:99:2d:43:
         bb:15:cf:fb:7d:13:b2:19:7b:55:1b:5b:c1:27:ac:72:47:31:
         b9:1d:6f:54:6d:bd:04:23:4a:7d:79:c3:f3:99:a5:d8:c8:51:
         f5:47:1e:3c:6c:1f:fd:0a:c8:fb:13:7c:d7:f0:b4:23:fa:2f:
         7f:95:2a:8c:f4:c6:24:cc:77:d7:09:97:2d:f4:b9:a1:2f:0c:
         4c:ec:67:4e:75:3e:08:4a:32:99:f2:a0:95:f3:90:78:9e:f8:
         f9:08:c5:d7:4a:7f:e7:9f:ca:2f:18:62:6b:d8:43:3c:d4:26:
         80:fd:9b:24:88:05:02:ed:2e:ee:06:63:62:e3:7f:c3:9f:1d:
         1d:15:29:ad:8a:c4:e6:fd:23:7d:1d:9d:7f:b2:84:8e:7b:bb:
         3b:88:08:26:69:8a:70:68:30:eb:ad:6e:d2:f9:e6:e3:34:01:
         fb:01:72:38:df:74:2a:2b:ff:6c:4c:98:fb:8a:c4:92:8b:6b:
         7f:42:de:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy7ofniRfpgzRD3EwsycjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MmU3YjgwNjhjNGFlOWFlNGNhNGMzYTZiMjA5NjE5OWE3
NDFmZjIwHhcNMjMwMTAyMDAwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjNmMTU0MDFjNjYwZmYzNDI2ZWZlODZhNDdhNGFmNjI2YTEwMDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDN6GfyseftRmbkdZKh44PiSzDYK
5pHjvNXdkhXnQwWmxyLuwD5EMRaY0TCvH+4dq1t4Jljbs3PtrT8mngAu/Q+1VSUr
c+5vBf+zKb9nZ6d9At7IpHWRNQ8cLZ3aQnXSykQGibRN6AN4lVbqW5ourwBEYL7d
Tpab0ZKqyrV9XoTdlIjL8NX6KwuVhNAqIzTgXdj1bnsbng0UzIBmSnD3VtKNub+N
ClEMorHPDrctNlt0YElsrfjJWcp+iJHsnQdAcceNreWhpT8H4084+ptxjckvtsOt
kcroTfRuruZ1nzsStYQ+seZE1VlWLm6El4i2BF/yASkphUotAx81URyONQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO8/FUAcZg/zQm7+hqR6SvYmoQAPMB8GA1UdIwQY
MBaAFLgue4BoxK6a5MpMOmsglhmadB/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUM1N2dHakVycHJreWt3NmF5Q1dHWnAwSF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8yOWM5MTUtMmNiYy00NzY4LTg0MGMt
YWFkZmE5YzA2NzQyLzEvN3o4VlFCeG1EX05DYnY2R3BIcEs5aWFoQUE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8yOWM5MTUtMmNiYy00NzY4LTg0MGMtYWFkZmE5YzA2NzQy
LzEvdUM1N2dHakVycHJreWt3NmF5Q1dHWnAwSF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsp9rMA0G
CSqGSIb3DQEBCwUAA4IBAQAlGkfE+QbJVkjrLUzSvFf184Y239Aywcym9kVMJsGo
LFN061X5PDFsmML+UMuSXKN8dWTgVq6ZdzCdZnDMopFJOM2GJ6SZLUO7Fc/7fROy
GXtVG1vBJ6xyRzG5HW9Ubb0EI0p9ecPzmaXYyFH1Rx48bB/9Csj7E3zX8LQj+i9/
lSqM9MYkzHfXCZct9LmhLwxM7GdOdT4ISjKZ8qCV85B4nvj5CMXXSn/nn8ovGGJr
2EM81CaA/ZskiAUC7S7uBmNi43/Dnx0dFSmtisTm/SN9HZ1/soSOe7s7iAgmaYpw
aDDrrW7S+ebjNAH7AXI433QqK/9sTJj7isSSi2t/Qt7N
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:44 2024 by rpki-client on console-fra.rpki-client.org