Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/q76eWaPdf6tGAWmTrrlzE_g9kIo.roa
File:                     q76eWaPdf6tGAWmTrrlzE_g9kIo.roa (raw, json)
Hash identifier:          7lLyqmy+q5Dweeoj8TldhcbSoPhNPSHWhif2OgtGpfc=
Subject key identifier:   AB:BE:9E:59:A3:DD:7F:AB:46:01:69:93:AE:B9:73:13:F8:3D:90:8A
Certificate issuer:       /CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Certificate serial:       018722CC7212583CDC3F44F65D663710396F
Authority key identifier: 17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/q76eWaPdf6tGAWmTrrlzE_g9kIo.roa
Signing time:             Mon 27 Mar 2023 11:20:36 +0000
ROA not before:           Mon 27 Mar 2023 11:20:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     13448
IP address blocks:        157.167.3.0/24 maxlen: 24
                          157.167.1.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:22:cc:72:12:58:3c:dc:3f:44:f6:5d:66:37:10:39:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
        Validity
            Not Before: Mar 27 11:20:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=abbe9e59a3dd7fab46016993aeb97313f83d908a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:26:39:b6:84:11:a7:e5:80:da:22:db:e8:f3:
                    6e:4e:ea:66:bc:b9:09:e4:c0:f0:94:ff:ef:35:7d:
                    11:4e:4b:e5:2e:0b:e7:24:cd:82:db:18:d6:f4:06:
                    71:92:1b:8e:69:61:9a:9b:ab:da:cb:5a:91:33:79:
                    31:6d:d8:31:61:ed:b0:ca:fa:00:f9:73:d1:6f:a7:
                    f0:fb:38:e0:5b:c0:38:f4:93:55:19:3f:ae:6b:6e:
                    a4:82:d8:38:76:b6:99:f6:d6:93:ab:a5:74:b3:10:
                    a9:ae:98:0a:01:05:c9:8e:64:d6:65:5d:5e:2f:9c:
                    00:c8:61:91:c8:8b:b5:a6:9a:16:59:35:4d:55:da:
                    d2:ba:03:ff:fd:f1:5f:97:82:9f:77:da:8e:6c:ad:
                    ee:b5:c2:ba:ce:b4:bb:e4:a9:c2:16:67:ee:fd:31:
                    b7:c0:18:96:64:64:f2:b6:1b:9a:fa:eb:20:ee:93:
                    b4:c1:84:27:c5:be:c0:68:72:34:bb:2a:d8:93:68:
                    c0:b1:ec:ee:29:e1:08:4a:93:b5:85:47:26:54:60:
                    9f:cb:05:fa:0b:2f:11:69:a5:5f:72:28:ab:fe:01:
                    87:f8:0e:81:9c:e3:11:d5:76:7a:9a:eb:6d:c4:13:
                    68:46:ad:e2:ab:21:34:50:39:11:b6:1d:85:df:b2:
                    9e:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:BE:9E:59:A3:DD:7F:AB:46:01:69:93:AE:B9:73:13:F8:3D:90:8A
            X509v3 Authority Key Identifier:
                keyid:17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/q76eWaPdf6tGAWmTrrlzE_g9kIo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/F92cI69p7Czbb-K5k260lM_RYh8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.167.1.0/24
                  157.167.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:5d:92:5b:2c:b8:c4:9f:a9:50:57:95:a6:42:ce:1e:4d:00:
         da:67:86:92:e5:dd:cc:d2:f0:dc:18:a8:90:e4:aa:b4:72:e0:
         f1:e5:32:e4:71:0e:12:1e:a3:b8:44:9f:f0:fa:8f:de:9d:b7:
         6e:8b:2d:98:93:9f:d5:b7:d8:e0:c1:34:97:2d:3b:e0:ef:0f:
         fb:12:a3:3f:f2:39:82:1f:c1:e8:a6:bb:bf:7f:e3:1e:1c:0b:
         79:c0:e0:2b:6d:07:2f:aa:77:4a:77:8e:81:66:ca:2d:48:d5:
         6a:8e:29:a9:2b:e8:75:e6:81:a1:62:f6:20:78:55:16:00:4c:
         74:00:6e:54:88:9b:a7:6b:0a:f1:7a:5b:f1:16:04:c4:77:e2:
         11:e5:f7:7e:9d:3f:67:84:f9:ae:f9:03:ae:ca:46:b0:0d:67:
         8a:5c:b6:36:27:2b:85:86:fb:b6:02:43:05:8d:c6:6d:80:34:
         52:aa:c3:d8:89:a8:46:a8:df:63:62:ac:1d:da:b6:ec:8b:0c:
         11:6d:ef:3a:da:60:4b:d3:20:66:69:38:60:44:17:e9:d4:2a:
         1a:23:67:39:ef:99:42:16:9a:4d:95:17:69:78:63:24:06:44:
         ea:20:3e:17:da:7e:ad:80:ae:94:0d:2a:16:39:e4:60:78:8a:
         ff:58:4c:e4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcizHISWDzcP0T2XWY3EDlvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZGQ5YzIzYWY2OWVjMmNkYjZmZTJiOTkzNmViNDk0Y2Zk
MTYyMWYwHhcNMjMwMzI3MTEyMDM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmJlOWU1OWEzZGQ3ZmFiNDYwMTY5OTNhZWI5NzMxM2Y4M2Q5MDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiY5toQRp+WA2iLb6PNuTupmvLkJ
5MDwlP/vNX0RTkvlLgvnJM2C2xjW9AZxkhuOaWGam6vay1qRM3kxbdgxYe2wyvoA
+XPRb6fw+zjgW8A49JNVGT+ua26kgtg4draZ9taTq6V0sxCprpgKAQXJjmTWZV1e
L5wAyGGRyIu1ppoWWTVNVdrSugP//fFfl4Kfd9qObK3utcK6zrS75KnCFmfu/TG3
wBiWZGTythua+usg7pO0wYQnxb7AaHI0uyrYk2jAsezuKeEISpO1hUcmVGCfywX6
Cy8RaaVfciir/gGH+A6BnOMR1XZ6muttxBNoRq3iqyE0UDkRth2F37KelQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKu+nlmj3X+rRgFpk665cxP4PZCKMB8GA1UdIwQY
MBaAFBfdnCOvaews22/iuZNutJTP0WIfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYt
OGZhN2I0YzUzMDczLzEvcTc2ZVdhUGRmNnRHQVdtVHJybHpFX2c5a0lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYtOGZhN2I0YzUzMDcz
LzEvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnacBAwQA
nacDMA0GCSqGSIb3DQEBCwUAA4IBAQBoXZJbLLjEn6lQV5WmQs4eTQDaZ4aS5d3M
0vDcGKiQ5Kq0cuDx5TLkcQ4SHqO4RJ/w+o/enbduiy2Yk5/Vt9jgwTSXLTvg7w/7
EqM/8jmCH8Hopru/f+MeHAt5wOArbQcvqndKd46BZsotSNVqjimpK+h15oGhYvYg
eFUWAEx0AG5UiJunawrxelvxFgTEd+IR5fd+nT9nhPmu+QOuykawDWeKXLY2JyuF
hvu2AkMFjcZtgDRSqsPYiahGqN9jYqwd2rbsiwwRbe862mBL0yBmaThgRBfp1Coa
I2c575lCFppNlRdpeGMkBkTqID4X2n6tgK6UDSoWOeRgeIr/WEzk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:27 2024 by rpki-client on console-ams.rpki-client.org