Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/ab7a04-ffe1-4a05-a5ef-8f539b64b8db/1/sNbtq0zsU21X0jFuc_iPDqihJq4.roa
File:                     sNbtq0zsU21X0jFuc_iPDqihJq4.roa (raw, json)
Hash identifier:          tFKMZDN//RE2h/mWxEA3PlBra2nPMC96gQc3XotlaPI=
Subject key identifier:   B0:D6:ED:AB:4C:EC:53:6D:57:D2:31:6E:73:F8:8F:0E:A8:A1:26:AE
Certificate issuer:       /CN=7b8254253dc0213fe58a7aff4b82463e47978063
Certificate serial:       01856F94C309DBBCF24E1BFBA2B4F876BDFC
Authority key identifier: 7B:82:54:25:3D:C0:21:3F:E5:8A:7A:FF:4B:82:46:3E:47:97:80:63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e4JUJT3AIT_linr_S4JGPkeXgGM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/ab7a04-ffe1-4a05-a5ef-8f539b64b8db/1/sNbtq0zsU21X0jFuc_iPDqihJq4.roa
Signing time:             Sun 01 Jan 2023 23:04:58 +0000
ROA not before:           Sun 01 Jan 2023 23:04:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8220
IP address blocks:        94.154.125.0/24 maxlen: 24
                          2a11:fd40:1000::/36 maxlen: 36

Validation:               Failed, certificate revoked on Mon 13 Mar 2023 16:45:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:94:c3:09:db:bc:f2:4e:1b:fb:a2:b4:f8:76:bd:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b8254253dc0213fe58a7aff4b82463e47978063
        Validity
            Not Before: Jan  1 23:04:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b0d6edab4cec536d57d2316e73f88f0ea8a126ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:c3:38:4a:5a:cf:71:e5:49:e6:07:24:61:2e:
                    42:59:a4:6b:ca:3f:6a:e3:e6:52:d5:2b:ab:05:45:
                    4a:b2:3f:8e:5a:cd:71:d2:66:b3:5e:ca:d0:7a:a6:
                    c2:e2:db:ad:07:b5:7f:54:dc:b2:49:29:e2:44:52:
                    c1:5b:7f:2a:bd:8f:5b:b4:a7:3e:37:9c:2a:d4:bf:
                    07:bd:2e:f5:30:af:40:28:65:88:23:6a:05:4b:d6:
                    85:94:b2:ca:84:cb:38:4d:07:99:3b:f7:95:eb:23:
                    6b:60:01:ed:ca:b0:cf:3f:6e:d7:2d:3c:fe:78:0e:
                    79:c3:6a:04:f2:c8:d4:9b:c5:8a:66:1b:48:e5:6c:
                    bd:ee:ac:2f:81:bf:f2:f1:dd:86:f7:15:c2:32:87:
                    03:ef:42:36:47:0a:50:87:65:3e:2b:71:5c:34:db:
                    e3:75:46:0e:ad:b6:fc:dd:e9:90:1e:ad:55:ad:35:
                    3e:5b:4e:27:30:89:32:41:61:3d:4e:1a:4a:57:d2:
                    f9:da:dc:7c:7c:41:9d:16:e8:58:2a:bf:cb:bf:74:
                    f4:51:cb:0b:1f:1a:af:7c:07:93:4e:f5:4a:6f:08:
                    bd:5f:27:60:64:fe:4b:60:b8:11:c5:50:38:21:96:
                    34:8f:fc:69:b0:85:9b:62:54:ab:f1:52:5f:29:6e:
                    64:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:D6:ED:AB:4C:EC:53:6D:57:D2:31:6E:73:F8:8F:0E:A8:A1:26:AE
            X509v3 Authority Key Identifier:
                keyid:7B:82:54:25:3D:C0:21:3F:E5:8A:7A:FF:4B:82:46:3E:47:97:80:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4JUJT3AIT_linr_S4JGPkeXgGM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ab7a04-ffe1-4a05-a5ef-8f539b64b8db/1/sNbtq0zsU21X0jFuc_iPDqihJq4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ab7a04-ffe1-4a05-a5ef-8f539b64b8db/1/e4JUJT3AIT_linr_S4JGPkeXgGM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.154.125.0/24
                IPv6:
                  2a11:fd40:1000::/36

    Signature Algorithm: sha256WithRSAEncryption
         60:08:73:f0:d2:88:8a:fc:f6:3b:71:00:64:8a:70:1b:e7:13:
         42:29:4d:90:26:0a:50:08:84:8f:d7:76:57:31:d4:25:5a:34:
         ef:44:dc:bf:09:77:5a:fe:39:a6:f3:81:87:24:1d:6f:c0:d4:
         bf:f4:1d:d2:31:f8:68:0d:34:31:97:38:53:66:b7:23:59:ba:
         01:4d:c1:0a:02:e5:4d:e4:c9:c9:97:e6:9c:c1:05:2f:c4:50:
         0a:80:43:ac:0e:7a:44:06:b2:d4:98:ad:e9:1b:61:f2:26:95:
         1f:94:34:bf:95:90:b9:87:79:aa:e9:02:54:29:90:89:58:0b:
         5e:ad:66:1b:1d:04:78:8f:07:f3:5e:ef:b6:98:b8:0e:46:35:
         37:63:40:74:0c:29:c6:61:a5:65:00:fb:2c:58:fc:a7:87:31:
         94:15:80:97:5b:7b:5e:44:6f:56:3b:52:de:3c:25:62:5f:41:
         29:e6:07:08:ff:e9:df:f0:bd:fc:a1:7d:8a:e2:99:a1:84:e5:
         c1:26:39:e4:72:e5:c6:aa:f3:7a:b3:8a:1b:fe:97:96:b5:cb:
         33:44:3e:b4:f9:8a:9b:d2:2a:65:75:fd:49:fe:23:c0:ab:a5:
         67:05:20:77:4d:39:6e:90:91:7c:73:19:18:c9:ee:9e:2d:b4:
         6b:fe:60:d6
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVvlMMJ27zyThv7orT4dr38MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiODI1NDI1M2RjMDIxM2ZlNThhN2FmZjRiODI0NjNlNDc5
NzgwNjMwHhcNMjMwMTAxMjMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGQ2ZWRhYjRjZWM1MzZkNTdkMjMxNmU3M2Y4OGYwZWE4YTEyNmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMM4SlrPceVJ5gckYS5CWaRryj9q
4+ZS1SurBUVKsj+OWs1x0mazXsrQeqbC4tutB7V/VNyySSniRFLBW38qvY9btKc+
N5wq1L8HvS71MK9AKGWII2oFS9aFlLLKhMs4TQeZO/eV6yNrYAHtyrDPP27XLTz+
eA55w2oE8sjUm8WKZhtI5Wy97qwvgb/y8d2G9xXCMocD70I2RwpQh2U+K3FcNNvj
dUYOrbb83emQHq1VrTU+W04nMIkyQWE9ThpKV9L52tx8fEGdFuhYKr/Lv3T0UcsL
HxqvfAeTTvVKbwi9XydgZP5LYLgRxVA4IZY0j/xpsIWbYlSr8VJfKW5kSwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFLDW7atM7FNtV9IxbnP4jw6ooSauMB8GA1UdIwQY
MBaAFHuCVCU9wCE/5Yp6/0uCRj5Hl4BjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTRKVUpUM0FJVF9saW5yX1M0SkdQa2VYZ0dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9hYjdhMDQtZmZlMS00YTA1LWE1ZWYt
OGY1MzliNjRiOGRiLzEvc05idHEwenNVMjFYMGpGdWNfaVBEcWloSnE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9hYjdhMDQtZmZlMS00YTA1LWE1ZWYtOGY1MzliNjRiOGRi
LzEvZTRKVUpUM0FJVF9saW5yX1M0SkdQa2VYZ0dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAXpp9MA4E
AgACMAgDBgQqEf1AEDANBgkqhkiG9w0BAQsFAAOCAQEAYAhz8NKIivz2O3EAZIpw
G+cTQilNkCYKUAiEj9d2VzHUJVo070Tcvwl3Wv45pvOBhyQdb8DUv/Qd0jH4aA00
MZc4U2a3I1m6AU3BCgLlTeTJyZfmnMEFL8RQCoBDrA56RAay1Jit6Rth8iaVH5Q0
v5WQuYd5qukCVCmQiVgLXq1mGx0EeI8H817vtpi4DkY1N2NAdAwpxmGlZQD7LFj8
p4cxlBWAl1t7XkRvVjtS3jwlYl9BKeYHCP/p3/C9/KF9iuKZoYTlwSY55HLlxqrz
erOKG/6XlrXLM0Q+tPmKm9IqZXX9Sf4jwKulZwUgd005bpCRfHMZGMnuni20a/5g
1g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:05 2024 by rpki-client on console-ams.rpki-client.org