Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/78B1TjtNpMZhcItlMFyxDYrUGzk.roa
File:                     78B1TjtNpMZhcItlMFyxDYrUGzk.roa (raw, json)
Hash identifier:          PsyIyUtQUXnRAF28BeKk9Mw+sd2kXkP9+5UC1hVcGa8=
Subject key identifier:   EF:C0:75:4E:3B:4D:A4:C6:61:70:8B:65:30:5C:B1:0D:8A:D4:1B:39
Certificate issuer:       /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial:       018572BA56CCCDEA5A754F9B11602FCC7CE4
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/78B1TjtNpMZhcItlMFyxDYrUGzk.roa
Signing time:             Mon 02 Jan 2023 13:44:52 +0000
ROA not before:           Mon 02 Jan 2023 13:44:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207451
IP address blocks:        188.130.232.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:ba:56:cc:cd:ea:5a:75:4f:9b:11:60:2f:cc:7c:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
        Validity
            Not Before: Jan  2 13:44:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=efc0754e3b4da4c661708b65305cb10d8ad41b39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:c0:db:4b:15:92:94:ce:c1:40:c6:ac:8d:a2:
                    05:25:55:34:c8:0d:f6:8e:fc:e5:23:1e:d6:97:c5:
                    0c:9b:80:6e:f2:21:03:db:17:e3:2b:41:86:e8:e3:
                    a2:88:01:11:22:f7:3d:93:72:9f:20:f3:0a:b9:93:
                    8c:d6:be:8c:fc:7f:a2:f3:29:b5:04:76:aa:e7:c2:
                    49:a9:f6:0b:73:1b:88:cb:b4:7f:80:de:0d:ae:07:
                    27:c9:6c:02:f1:1d:27:17:9b:a4:1e:05:6d:4f:59:
                    82:b8:ff:36:8c:0f:e3:90:8d:76:30:80:6a:b7:2a:
                    4a:5c:b0:9a:41:b9:39:d0:9f:c6:59:73:da:3a:ae:
                    07:7c:9e:1d:d9:70:74:90:83:4b:41:54:a8:86:0e:
                    2d:5a:a9:ac:70:43:a6:45:bd:9b:9d:1d:13:f3:81:
                    b5:8f:77:27:94:e7:39:9e:73:ba:db:93:73:f4:30:
                    0d:b3:2b:7d:3f:43:b4:e4:56:66:bc:c8:f3:a3:59:
                    24:47:b8:65:0a:4a:e7:c1:86:b6:8d:d3:2a:50:3d:
                    bd:21:05:ac:b7:41:79:12:94:ce:c9:0e:85:be:8f:
                    da:e2:6c:e0:6c:2f:54:ac:da:52:77:8d:f5:15:8c:
                    9a:45:5e:57:a9:3f:5b:e5:a9:51:a1:45:20:2c:ab:
                    df:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:C0:75:4E:3B:4D:A4:C6:61:70:8B:65:30:5C:B1:0D:8A:D4:1B:39
            X509v3 Authority Key Identifier:
                keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/78B1TjtNpMZhcItlMFyxDYrUGzk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.130.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:a2:31:9e:a7:76:da:5e:3e:5a:04:3e:92:b6:89:e2:a4:b9:
         7a:61:55:64:43:c2:af:d3:9a:06:6b:9c:3e:f4:79:3b:4a:bd:
         ae:d6:49:6e:8a:e5:e2:ca:cc:5c:f4:07:92:d1:79:94:c7:56:
         aa:38:30:d1:a1:91:38:22:9d:46:39:f6:53:77:49:bd:e5:fb:
         9d:53:89:2e:ca:9a:fe:7e:fb:61:7a:83:4b:29:41:b3:a5:5d:
         8e:08:80:7c:0a:33:94:53:cf:5d:9c:15:ba:fe:25:2a:2a:b9:
         70:50:c9:64:78:ab:f4:bb:d1:9c:92:5f:42:5b:1f:1f:d2:5c:
         bc:ad:93:15:f6:18:6f:dc:7e:e1:9e:b6:80:01:b2:4c:e9:7c:
         70:bf:37:1e:2a:13:82:73:f1:fe:11:f9:46:4e:10:c9:ea:b5:
         d5:fc:09:68:80:12:ac:ae:bc:0e:d0:7e:f7:be:6e:fe:3c:bf:
         65:ee:1d:2c:37:43:90:ef:fa:4a:5f:0f:92:6e:63:74:9b:92:
         8c:2e:4a:9d:4e:02:6a:30:07:23:04:24:b5:13:e7:1c:7a:60:
         da:67:90:fc:de:f7:26:81:5d:0e:38:49:8e:3b:63:b0:a4:b6:
         ed:dd:f5:da:46:ee:5c:3a:ea:90:6d:8f:c7:53:b4:10:99:3c:
         f3:fd:09:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyulbMzepadU+bEWAvzHzkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjMwMTAyMTM0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmMwNzU0ZTNiNGRhNGM2NjE3MDhiNjUzMDVjYjEwZDhhZDQxYjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsDbSxWSlM7BQMasjaIFJVU0yA32
jvzlIx7Wl8UMm4Bu8iED2xfjK0GG6OOiiAERIvc9k3KfIPMKuZOM1r6M/H+i8ym1
BHaq58JJqfYLcxuIy7R/gN4NrgcnyWwC8R0nF5ukHgVtT1mCuP82jA/jkI12MIBq
typKXLCaQbk50J/GWXPaOq4HfJ4d2XB0kINLQVSohg4tWqmscEOmRb2bnR0T84G1
j3cnlOc5nnO625Nz9DANsyt9P0O05FZmvMjzo1kkR7hlCkrnwYa2jdMqUD29IQWs
t0F5EpTOyQ6Fvo/a4mzgbC9UrNpSd431FYyaRV5XqT9b5alRoUUgLKvfqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO/AdU47TaTGYXCLZTBcsQ2K1Bs5MB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvNzhCMVRqdE5wTVpoY0l0bE1GeXhEWXJVR3prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvILoMA0G
CSqGSIb3DQEBCwUAA4IBAQCqojGep3baXj5aBD6StonipLl6YVVkQ8Kv05oGa5w+
9Hk7Sr2u1kluiuXiysxc9AeS0XmUx1aqODDRoZE4Ip1GOfZTd0m95fudU4kuypr+
fvtheoNLKUGzpV2OCIB8CjOUU89dnBW6/iUqKrlwUMlkeKv0u9Gckl9CWx8f0ly8
rZMV9hhv3H7hnraAAbJM6XxwvzceKhOCc/H+EflGThDJ6rXV/AlogBKsrrwO0H73
vm7+PL9l7h0sN0OQ7/pKXw+SbmN0m5KMLkqdTgJqMAcjBCS1E+ccemDaZ5D83vcm
gV0OOEmOO2OwpLbt3fXaRu5cOuqQbY/HU7QQmTzz/QmV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:00 2024 by rpki-client on console-ams.rpki-client.org