Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/b1a67d-5fb3-4855-8d19-09a28e0d7178/1/Dba7hoTGrqhe_DIgBF0uGVwWS_E.roa
File:                     Dba7hoTGrqhe_DIgBF0uGVwWS_E.roa (raw, json)
Hash identifier:          WubzCSm0lcRL5QuUGMRwimi3H7XzWG0PNkdKdJOIJoI=
Subject key identifier:   0D:B6:BB:86:84:C6:AE:A8:5E:FC:32:20:04:5D:2E:19:5C:16:4B:F1
Certificate issuer:       /CN=372ac6ef92b81d705787a4ef89fd4673805c7abc
Certificate serial:       0185D05D5CDEC62B77C4813DC3830DE5503B
Authority key identifier: 37:2A:C6:EF:92:B8:1D:70:57:87:A4:EF:89:FD:46:73:80:5C:7A:BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NyrG75K4HXBXh6Tvif1Gc4Bcerw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/b1a67d-5fb3-4855-8d19-09a28e0d7178/1/Dba7hoTGrqhe_DIgBF0uGVwWS_E.roa
Signing time:             Fri 20 Jan 2023 18:07:37 +0000
ROA not before:           Fri 20 Jan 2023 18:07:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198386
IP address blocks:        147.78.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 13 Sep 2023 13:49:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:d0:5d:5c:de:c6:2b:77:c4:81:3d:c3:83:0d:e5:50:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=372ac6ef92b81d705787a4ef89fd4673805c7abc
        Validity
            Not Before: Jan 20 18:07:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0db6bb8684c6aea85efc3220045d2e195c164bf1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:9a:29:a1:3f:03:33:5b:54:11:f5:56:01:a4:
                    07:53:4f:ec:6a:91:81:d7:c4:fc:50:4f:9b:70:2e:
                    aa:8b:ca:28:71:eb:2f:ec:de:8c:21:a3:e5:ec:12:
                    08:2f:f9:26:ee:a9:9d:8e:04:b1:ae:ea:77:c6:af:
                    36:5e:c1:20:11:aa:2f:0e:09:37:70:41:4b:db:0f:
                    a8:a3:ff:f9:0d:43:33:15:3f:4a:ec:c8:1d:0f:cd:
                    0c:2a:39:31:ca:20:99:91:d0:1b:8f:1a:57:66:63:
                    dd:df:89:e6:24:bf:26:a6:08:8a:f7:0e:c6:1a:8a:
                    7f:e4:29:0f:c2:49:a8:76:e0:31:9a:11:e3:79:cd:
                    9c:63:8c:d8:05:fb:3b:dd:06:2e:1f:99:a1:93:6c:
                    82:4f:5e:60:b9:bc:fd:a9:e1:68:99:43:8a:3f:67:
                    8d:df:72:91:05:36:1b:10:a6:e0:5a:96:6f:25:79:
                    b1:6f:cf:00:af:db:7c:48:71:54:71:1a:38:07:27:
                    b4:69:d5:39:75:73:9f:13:6c:11:e9:be:30:1a:b9:
                    84:ad:a7:17:6b:5e:86:ab:d7:d9:61:80:f1:a9:73:
                    42:0e:5f:d9:c6:bd:2a:90:93:92:74:c5:b3:6b:90:
                    c2:03:ef:9d:69:08:c1:7e:79:78:e9:fd:2e:1f:f8:
                    03:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:B6:BB:86:84:C6:AE:A8:5E:FC:32:20:04:5D:2E:19:5C:16:4B:F1
            X509v3 Authority Key Identifier:
                keyid:37:2A:C6:EF:92:B8:1D:70:57:87:A4:EF:89:FD:46:73:80:5C:7A:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NyrG75K4HXBXh6Tvif1Gc4Bcerw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/b1a67d-5fb3-4855-8d19-09a28e0d7178/1/Dba7hoTGrqhe_DIgBF0uGVwWS_E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/b1a67d-5fb3-4855-8d19-09a28e0d7178/1/NyrG75K4HXBXh6Tvif1Gc4Bcerw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.78.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:8b:4c:81:09:0f:38:aa:42:be:4a:4c:ba:55:83:fd:22:2f:
         cb:9c:37:83:84:ca:1e:32:75:15:f5:32:40:1c:32:55:ec:8c:
         de:bb:dd:11:73:46:9e:c2:24:b1:6f:5f:49:db:2a:c5:91:8d:
         62:63:ca:b1:66:a6:8e:08:71:df:24:52:02:4e:8c:4d:98:72:
         ff:5f:bd:07:f8:57:d6:bc:f0:ab:8c:37:da:c1:54:6d:b0:c3:
         48:a8:2c:b1:86:e4:e2:59:50:a3:47:2e:1e:12:14:bc:22:10:
         8d:87:35:2d:cb:fb:a0:a6:a9:23:2c:8e:29:b2:a9:06:a7:a3:
         ca:98:8e:96:b4:b1:2d:31:ec:c7:ef:ef:b6:9a:d6:c7:37:86:
         de:9d:2a:0f:b8:91:4e:7b:8b:fb:97:7a:4d:4b:a7:f6:8d:89:
         6b:2e:5a:e2:c4:53:23:ce:41:f1:0c:56:33:69:3a:e8:e6:b1:
         7d:75:0e:9f:03:7e:ec:72:55:98:df:47:f4:91:21:c0:33:b2:
         b5:a3:5c:8c:33:dc:c6:14:89:53:05:12:0d:50:cb:56:54:f5:
         4a:3a:83:ee:41:30:ea:94:a0:8c:0b:d2:47:ac:b6:12:54:d9:
         b4:d2:c3:9a:da:5b:34:f4:46:e8:16:1a:e5:55:4e:6e:d1:7c:
         4d:a8:e0:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXQXVzexit3xIE9w4MN5VA7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MmFjNmVmOTJiODFkNzA1Nzg3YTRlZjg5ZmQ0NjczODA1
YzdhYmMwHhcNMjMwMTIwMTgwNzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGI2YmI4Njg0YzZhZWE4NWVmYzMyMjAwNDVkMmUxOTVjMTY0YmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpopoT8DM1tUEfVWAaQHU0/sapGB
18T8UE+bcC6qi8oocesv7N6MIaPl7BIIL/km7qmdjgSxrup3xq82XsEgEaovDgk3
cEFL2w+oo//5DUMzFT9K7MgdD80MKjkxyiCZkdAbjxpXZmPd34nmJL8mpgiK9w7G
Gop/5CkPwkmoduAxmhHjec2cY4zYBfs73QYuH5mhk2yCT15gubz9qeFomUOKP2eN
33KRBTYbEKbgWpZvJXmxb88Ar9t8SHFUcRo4Bye0adU5dXOfE2wR6b4wGrmEracX
a16Gq9fZYYDxqXNCDl/Zxr0qkJOSdMWza5DCA++daQjBfnl46f0uH/gDjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA22u4aExq6oXvwyIARdLhlcFkvxMB8GA1UdIwQY
MBaAFDcqxu+SuB1wV4ek74n9RnOAXHq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnlyRzc1SzRIWEJYaDZUdmlmMUdjNEJjZXJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9iMWE2N2QtNWZiMy00ODU1LThkMTkt
MDlhMjhlMGQ3MTc4LzEvRGJhN2hvVEdycWhlX0RJZ0JGMHVHVndXU19FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9iMWE2N2QtNWZiMy00ODU1LThkMTktMDlhMjhlMGQ3MTc4
LzEvTnlyRzc1SzRIWEJYaDZUdmlmMUdjNEJjZXJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk04/MA0G
CSqGSIb3DQEBCwUAA4IBAQAQi0yBCQ84qkK+Sky6VYP9Ii/LnDeDhMoeMnUV9TJA
HDJV7Izeu90Rc0aewiSxb19J2yrFkY1iY8qxZqaOCHHfJFICToxNmHL/X70H+FfW
vPCrjDfawVRtsMNIqCyxhuTiWVCjRy4eEhS8IhCNhzUty/ugpqkjLI4psqkGp6PK
mI6WtLEtMezH7++2mtbHN4benSoPuJFOe4v7l3pNS6f2jYlrLlrixFMjzkHxDFYz
aTro5rF9dQ6fA37sclWY30f0kSHAM7K1o1yMM9zGFIlTBRINUMtWVPVKOoPuQTDq
lKCMC9JHrLYSVNm00sOa2ls09EboFhrlVU5u0XxNqOCY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:17 2024 by rpki-client on console-fra.rpki-client.org