Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Vhm3hyC5jSx9cG-ejO_c99gz4l4.roa
File:                     Vhm3hyC5jSx9cG-ejO_c99gz4l4.roa (raw, json)
Hash identifier:          0WLna9wjmU7oLyI6uksoALZDBqJs94JAhVfw7fVT/Ak=
Subject key identifier:   56:19:B7:87:20:B9:8D:2C:7D:70:6F:9E:8C:EF:DC:F7:D8:33:E2:5E
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       01856EAFC98EE7990CF378F59D6B37F43D50
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Vhm3hyC5jSx9cG-ejO_c99gz4l4.roa
Signing time:             Sun 01 Jan 2023 18:54:52 +0000
ROA not before:           Sun 01 Jan 2023 18:54:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201364
IP address blocks:        88.216.129.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 02 Jan 2023 10:20:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:af:c9:8e:e7:99:0c:f3:78:f5:9d:6b:37:f4:3d:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Jan  1 18:54:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5619b78720b98d2c7d706f9e8cefdcf7d833e25e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:20:22:0e:f6:b7:4b:57:22:ac:d1:6f:91:0a:
                    11:99:90:94:20:58:ce:7b:4b:1d:8a:ab:c3:dd:dc:
                    31:73:49:aa:7a:2b:55:da:ad:d4:18:4c:6c:2d:08:
                    fa:a9:06:2d:f5:63:c8:05:81:f4:b8:05:08:e2:ce:
                    47:3c:28:fd:48:c2:ad:fb:29:df:6c:e1:35:fc:62:
                    53:5d:de:a5:1b:31:4c:7d:47:97:f7:67:a9:37:65:
                    11:84:d8:b3:69:73:a4:0b:2a:87:15:e6:5d:45:7f:
                    96:ce:8d:e1:d5:38:c5:e8:3c:9a:84:c8:a6:af:8e:
                    f8:54:57:25:8d:05:23:56:4b:20:ad:94:0b:db:f3:
                    ca:13:1c:b4:eb:c4:65:33:ab:30:1a:db:02:a2:27:
                    ea:4c:f4:de:f1:96:ce:b2:39:8b:83:1c:be:ba:86:
                    5e:16:ed:6d:33:07:d9:37:9b:40:de:ac:6d:48:f5:
                    dc:69:5b:e3:06:25:76:4b:10:8e:f3:8b:10:50:65:
                    c5:11:7f:ae:2e:ce:a1:5a:05:a8:e1:61:d9:57:43:
                    70:aa:e8:dc:46:e4:6a:c9:e1:0d:59:9c:97:1a:ed:
                    10:57:32:0a:bf:e5:fc:04:22:79:24:e4:0c:47:09:
                    48:6c:7b:8e:85:d9:a4:47:26:1a:a5:76:38:e4:0e:
                    c9:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:19:B7:87:20:B9:8D:2C:7D:70:6F:9E:8C:EF:DC:F7:D8:33:E2:5E
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Vhm3hyC5jSx9cG-ejO_c99gz4l4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.216.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:da:c1:6f:27:bf:a6:48:03:a2:11:00:39:ef:42:f2:af:f4:
         2e:8a:cf:52:db:de:f3:a0:5c:df:f9:05:78:72:5c:36:61:dc:
         88:ba:cc:c0:44:12:17:76:f8:ce:90:19:ba:47:3e:a0:02:d7:
         dd:f6:3a:13:95:54:a1:32:4e:c4:2a:4d:f7:21:cb:30:75:b3:
         d0:ef:28:13:4b:0c:49:bf:54:47:25:c4:19:59:f3:0c:23:bf:
         b7:14:91:2a:3e:6f:12:98:f8:57:7c:55:24:81:cf:cb:22:12:
         bc:3d:06:b0:da:34:a5:a4:e9:3f:54:76:90:e3:93:e0:d6:72:
         fe:1c:af:12:4e:a1:ae:3a:31:80:57:ff:bd:28:a1:40:0a:ac:
         05:94:b2:66:44:41:eb:9e:82:cc:90:17:24:0b:7f:50:35:16:
         09:0e:0f:71:13:92:e8:29:c5:22:9d:ca:2d:eb:55:fd:0a:92:
         8b:0f:4f:ce:5e:6c:73:4b:b7:d2:26:0c:f0:bc:20:ab:96:f3:
         cd:f4:2e:9b:8c:77:ac:06:78:4d:8a:a4:6d:51:ef:fd:16:09:
         5f:66:a8:aa:aa:0b:cc:27:4b:a1:a7:ea:c9:19:83:71:0d:4f:
         06:17:bd:d6:99:a8:05:63:a1:27:f7:ae:af:cc:30:f4:59:ae:
         f3:71:6a:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur8mO55kM83j1nWs39D1QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTAxMTg1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjE5Yjc4NzIwYjk4ZDJjN2Q3MDZmOWU4Y2VmZGNmN2Q4MzNlMjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCAiDva3S1cirNFvkQoRmZCUIFjO
e0sdiqvD3dwxc0mqeitV2q3UGExsLQj6qQYt9WPIBYH0uAUI4s5HPCj9SMKt+ynf
bOE1/GJTXd6lGzFMfUeX92epN2URhNizaXOkCyqHFeZdRX+Wzo3h1TjF6DyahMim
r474VFcljQUjVksgrZQL2/PKExy068RlM6swGtsCoifqTPTe8ZbOsjmLgxy+uoZe
Fu1tMwfZN5tA3qxtSPXcaVvjBiV2SxCO84sQUGXFEX+uLs6hWgWo4WHZV0Nwqujc
RuRqyeENWZyXGu0QVzIKv+X8BCJ5JOQMRwlIbHuOhdmkRyYapXY45A7J9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFYZt4cguY0sfXBvnozv3PfYM+JeMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVmhtM2h5QzVqU3g5Y0ctZWpPX2M5OWd6NGw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNiBMA0G
CSqGSIb3DQEBCwUAA4IBAQAG2sFvJ7+mSAOiEQA570Lyr/Quis9S297zoFzf+QV4
clw2YdyIuszARBIXdvjOkBm6Rz6gAtfd9joTlVShMk7EKk33IcswdbPQ7ygTSwxJ
v1RHJcQZWfMMI7+3FJEqPm8SmPhXfFUkgc/LIhK8PQaw2jSlpOk/VHaQ45Pg1nL+
HK8STqGuOjGAV/+9KKFACqwFlLJmREHrnoLMkBckC39QNRYJDg9xE5LoKcUincot
61X9CpKLD0/OXmxzS7fSJgzwvCCrlvPN9C6bjHesBnhNiqRtUe/9FglfZqiqqgvM
J0uhp+rJGYNxDU8GF73WmagFY6En966vzDD0Wa7zcWrW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:28 2024 by rpki-client on console-ams.rpki-client.org