Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/7aHF-hq2W0ZtwYzAMrfZaB1qnKA.roa
File:                     7aHF-hq2W0ZtwYzAMrfZaB1qnKA.roa (raw, json)
Hash identifier:          Iev7NbsRHUW8nyZqFq73MDt5hR6XPZ1w3xvgzfDrg8o=
Subject key identifier:   ED:A1:C5:FA:1A:B6:5B:46:6D:C1:8C:C0:32:B7:D9:68:1D:6A:9C:A0
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018880EFB0D7DA63D3B8AA09F78B9E947335
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/7aHF-hq2W0ZtwYzAMrfZaB1qnKA.roa
Signing time:             Sat 03 Jun 2023 11:06:11 +0000
ROA not before:           Sat 03 Jun 2023 11:06:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58061
IP address blocks:        194.156.94.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:80:ef:b0:d7:da:63:d3:b8:aa:09:f7:8b:9e:94:73:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jun  3 11:06:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eda1c5fa1ab65b466dc18cc032b7d9681d6a9ca0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:44:3e:b7:9c:2f:44:b7:11:38:34:06:f1:f4:
                    04:a1:59:5b:a6:fe:48:6b:fb:10:b0:b5:6a:fc:73:
                    82:21:98:50:f3:a8:6d:4c:dd:ae:57:48:77:29:4c:
                    6e:6f:eb:62:8f:9c:81:e1:1e:98:1b:6f:56:ba:f0:
                    0f:9a:76:9e:b0:18:98:bc:99:a8:c3:cd:18:03:eb:
                    62:37:3f:bf:8a:a6:03:80:1e:5b:a6:40:75:99:b6:
                    a4:97:c2:f1:06:2d:b5:2f:32:7b:8b:15:57:89:cf:
                    3f:6d:e1:95:d9:11:7e:4b:ca:07:96:68:e2:fc:2e:
                    8d:df:d9:27:50:17:2f:52:21:28:8f:60:9e:9c:78:
                    7f:05:48:09:46:a3:78:f1:ff:69:3e:fb:14:9e:e9:
                    b1:39:a4:06:24:f9:c2:d7:bd:fe:bf:93:74:3d:39:
                    1d:58:b5:40:af:0f:7c:21:de:ee:d3:cc:73:bd:77:
                    3b:5d:17:8c:e5:0f:77:2d:8b:3e:b6:22:27:c0:70:
                    61:a3:2c:45:c5:26:ac:e3:9e:1b:43:b4:62:7c:7d:
                    bb:cf:33:d8:aa:6e:b9:22:50:b2:30:56:8d:75:9a:
                    a6:a1:7f:c4:c8:ad:52:36:f8:bc:4b:5e:f8:50:e8:
                    0c:d5:7e:a6:13:a4:5f:6a:55:5b:96:0a:12:7e:fc:
                    32:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:A1:C5:FA:1A:B6:5B:46:6D:C1:8C:C0:32:B7:D9:68:1D:6A:9C:A0
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/7aHF-hq2W0ZtwYzAMrfZaB1qnKA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.156.94.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:69:41:d3:54:e3:b0:c6:3a:ae:61:9d:14:fc:eb:1d:9d:6d:
         a6:68:89:ed:35:20:14:c9:df:62:00:10:50:00:a8:67:de:ce:
         6d:9d:b1:a5:cb:fa:0e:5d:23:51:75:3f:ae:c4:80:46:59:7c:
         51:f4:d4:11:da:58:d0:e0:13:3c:af:22:67:d6:b6:09:db:e9:
         8e:e5:b4:a4:87:9d:99:45:97:a2:73:87:d4:d3:6b:b8:61:10:
         33:9d:c8:fc:b4:b4:7c:8d:4d:94:25:45:14:22:88:ea:d9:14:
         44:54:14:7f:10:4a:1a:97:03:e9:34:67:24:0e:83:48:cc:44:
         1d:f5:d6:41:5e:31:84:91:1a:2e:a2:a6:1f:f2:d7:49:3c:63:
         a8:d4:d6:73:77:42:be:a0:f4:ac:89:36:13:93:be:e4:95:47:
         b3:f1:15:cd:55:22:35:73:b7:c9:83:07:10:6e:91:35:9e:1b:
         b6:87:bb:eb:52:82:05:45:9e:d4:26:eb:cb:7f:b9:42:63:af:
         1a:df:de:b6:83:8a:00:1c:7d:24:f2:33:89:89:15:66:81:3e:
         48:19:87:eb:1a:06:2f:1f:05:b5:ef:41:9e:c2:52:6b:01:90:
         59:72:34:aa:38:7a:a8:09:47:f9:c8:bf:b9:9b:f5:87:ff:9f:
         1f:f7:8e:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiA77DX2mPTuKoJ94uelHM1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwNjAzMTEwNjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGExYzVmYTFhYjY1YjQ2NmRjMThjYzAzMmI3ZDk2ODFkNmE5Y2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UQ+t5wvRLcRODQG8fQEoVlbpv5I
a/sQsLVq/HOCIZhQ86htTN2uV0h3KUxub+tij5yB4R6YG29WuvAPmnaesBiYvJmo
w80YA+tiNz+/iqYDgB5bpkB1mbakl8LxBi21LzJ7ixVXic8/beGV2RF+S8oHlmji
/C6N39knUBcvUiEoj2CenHh/BUgJRqN48f9pPvsUnumxOaQGJPnC173+v5N0PTkd
WLVArw98Id7u08xzvXc7XReM5Q93LYs+tiInwHBhoyxFxSas454bQ7RifH27zzPY
qm65IlCyMFaNdZqmoX/EyK1SNvi8S174UOgM1X6mE6RfalVblgoSfvwyYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO2hxfoatltGbcGMwDK32WgdapygMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvN2FIRi1ocTJXMFp0d1l6QU1yZlphQjFxbktBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpxeMA0G
CSqGSIb3DQEBCwUAA4IBAQAtaUHTVOOwxjquYZ0U/OsdnW2maIntNSAUyd9iABBQ
AKhn3s5tnbGly/oOXSNRdT+uxIBGWXxR9NQR2ljQ4BM8ryJn1rYJ2+mO5bSkh52Z
RZeic4fU02u4YRAzncj8tLR8jU2UJUUUIojq2RREVBR/EEoalwPpNGckDoNIzEQd
9dZBXjGEkRouoqYf8tdJPGOo1NZzd0K+oPSsiTYTk77klUez8RXNVSI1c7fJgwcQ
bpE1nhu2h7vrUoIFRZ7UJuvLf7lCY68a3962g4oAHH0k8jOJiRVmgT5IGYfrGgYv
HwW170GewlJrAZBZcjSqOHqoCUf5yL+5m/WH/58f946F
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org