Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/8MAyNPxQd3jL1lU_POhg4JDd7mo.roa
File:                     8MAyNPxQd3jL1lU_POhg4JDd7mo.roa (raw, json)
Hash identifier:          FR7K7iMn1ECyOZjnbpSqB0qXLgeBHeY+Yicxeorwrv8=
Subject key identifier:   F0:C0:32:34:FC:50:77:78:CB:D6:55:3F:3C:E8:60:E0:90:DD:EE:6A
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       01856ED4DC65001E584A157EB853142E3071
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/8MAyNPxQd3jL1lU_POhg4JDd7mo.roa
Signing time:             Sun 01 Jan 2023 19:35:21 +0000
ROA not before:           Sun 01 Jan 2023 19:35:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209919
IP address blocks:        171.22.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 31 Jan 2023 11:19:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d4:dc:65:00:1e:58:4a:15:7e:b8:53:14:2e:30:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jan  1 19:35:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f0c03234fc507778cbd6553f3ce860e090ddee6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:86:c5:45:51:42:5e:3f:66:5f:6d:6a:54:c2:
                    e8:f0:93:78:23:f6:38:37:02:02:60:1d:a3:7e:1e:
                    3a:e4:38:e5:aa:56:27:59:44:9d:52:2c:f0:95:be:
                    9f:b3:21:66:41:41:9e:e2:bf:b7:50:d6:5c:ad:9e:
                    51:31:4c:2b:66:0e:f7:e4:0a:f9:cc:af:4a:bb:99:
                    c6:78:94:ee:65:6e:44:f3:48:0d:1f:1a:3b:ce:38:
                    e6:61:24:cf:d0:6b:ec:ed:eb:fb:e6:ca:bd:b7:fc:
                    96:8d:5f:de:23:90:c3:de:c0:34:09:45:c3:bc:62:
                    80:0e:66:2d:db:ef:ab:96:0c:c9:60:33:09:34:0a:
                    b7:7f:bb:f4:e7:b7:0a:9a:38:e7:f1:66:b0:8a:9a:
                    5f:8a:0b:04:bb:3a:52:de:80:ae:03:3a:cf:86:04:
                    61:aa:ac:a5:0f:73:0c:bd:df:df:6e:94:ff:57:16:
                    a5:ca:a4:1a:6a:fa:81:89:28:95:72:b0:f4:9a:8c:
                    c7:8e:93:5b:30:2e:24:b1:c9:e0:27:00:0a:09:6f:
                    f9:0a:9d:1b:f0:aa:62:b2:c3:10:b3:7b:60:13:bb:
                    85:38:e8:bd:59:d3:cb:8a:fe:cf:48:95:6b:6b:ab:
                    f8:9b:22:f1:29:64:57:5e:1c:b3:fb:13:85:fe:07:
                    ff:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:C0:32:34:FC:50:77:78:CB:D6:55:3F:3C:E8:60:E0:90:DD:EE:6A
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/8MAyNPxQd3jL1lU_POhg4JDd7mo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  171.22.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:c4:e3:e7:99:74:bb:ad:e7:1f:1c:3b:6f:28:9c:5e:02:0b:
         54:1f:bd:1e:59:79:d3:61:4e:ab:87:46:33:eb:f4:86:51:bf:
         23:27:27:96:7c:32:52:ed:dd:ee:cd:a7:87:65:d1:ee:9c:90:
         e1:3a:46:ab:b5:56:81:96:9d:32:4f:8d:7c:bf:27:0d:d2:0b:
         42:d4:9c:8d:6a:6d:87:82:ea:61:42:f9:7f:42:07:80:92:1c:
         6c:8e:49:c8:ea:12:f9:15:7b:28:ff:0c:a2:49:c6:76:64:02:
         af:49:dd:bf:d7:07:af:5d:63:d5:cb:21:a6:a5:da:0e:65:bc:
         fe:93:1d:59:67:19:08:09:b5:6e:a3:0c:4e:6b:4f:33:d8:16:
         2f:44:ec:eb:c1:cd:aa:52:10:4a:76:d6:2b:d9:45:f2:0a:a8:
         b5:61:36:46:ff:66:0a:09:f0:ad:50:89:5a:d0:bf:88:93:be:
         5a:39:12:2a:ca:d1:a8:5b:bd:33:74:7f:3d:23:73:99:f0:bf:
         b3:14:45:8a:f9:02:b3:8c:40:75:5b:f9:4c:bc:fc:51:42:97:
         0c:ac:54:34:53:dc:de:03:99:9d:fa:eb:f6:a4:ab:39:16:aa:
         f8:94:5c:a2:e8:b6:42:eb:05:e4:97:f8:80:70:dc:7d:f4:2e:
         db:24:68:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1NxlAB5YShV+uFMULjBxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwMTAxMTkzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGMwMzIzNGZjNTA3Nzc4Y2JkNjU1M2YzY2U4NjBlMDkwZGRlZTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkobFRVFCXj9mX21qVMLo8JN4I/Y4
NwICYB2jfh465DjlqlYnWUSdUizwlb6fsyFmQUGe4r+3UNZcrZ5RMUwrZg735Ar5
zK9Ku5nGeJTuZW5E80gNHxo7zjjmYSTP0Gvs7ev75sq9t/yWjV/eI5DD3sA0CUXD
vGKADmYt2++rlgzJYDMJNAq3f7v057cKmjjn8WawippfigsEuzpS3oCuAzrPhgRh
qqylD3MMvd/fbpT/VxalyqQaavqBiSiVcrD0mozHjpNbMC4kscngJwAKCW/5Cp0b
8KpissMQs3tgE7uFOOi9WdPLiv7PSJVra6v4myLxKWRXXhyz+xOF/gf/ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPDAMjT8UHd4y9ZVPzzoYOCQ3e5qMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvOE1BeU5QeFFkM2pMMWxVX1BPaGc0SkRkN21vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqxanMA0G
CSqGSIb3DQEBCwUAA4IBAQAaxOPnmXS7recfHDtvKJxeAgtUH70eWXnTYU6rh0Yz
6/SGUb8jJyeWfDJS7d3uzaeHZdHunJDhOkartVaBlp0yT418vycN0gtC1JyNam2H
guphQvl/QgeAkhxsjknI6hL5FXso/wyiScZ2ZAKvSd2/1wevXWPVyyGmpdoOZbz+
kx1ZZxkICbVuowxOa08z2BYvROzrwc2qUhBKdtYr2UXyCqi1YTZG/2YKCfCtUIla
0L+Ik75aORIqytGoW70zdH89I3OZ8L+zFEWK+QKzjEB1W/lMvPxRQpcMrFQ0U9ze
A5md+uv2pKs5Fqr4lFyi6LZC6wXkl/iAcNx99C7bJGg4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:34 2024 by rpki-client on console-ams.rpki-client.org