Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/1-xpe35sNcLwc1PkJthu_6Y5WPYQ.roa
File:                     1-xpe35sNcLwc1PkJthu_6Y5WPYQ.roa (raw, json)
Hash identifier:          3/5Kp77YVl1r7/jwdg6j9KTo4MgfpYNF0/0I83GZEjA=
Subject key identifier:   FB:1A:5E:DF:9B:0D:70:BC:1C:D4:F9:09:B6:1B:BF:E9:8E:56:3D:84
Certificate issuer:       /CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Certificate serial:       01856FF062DDBD653383126B6BBD96BFF47F
Authority key identifier: 02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/1-xpe35sNcLwc1PkJthu_6Y5WPYQ.roa
Signing time:             Mon 02 Jan 2023 00:45:02 +0000
ROA not before:           Mon 02 Jan 2023 00:45:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        217.163.11.0/24 maxlen: 24
                          217.163.10.0/24 maxlen: 24
                          217.163.23.0/24 maxlen: 24
                          217.163.24.0/22 maxlen: 24
                          217.163.30.0/24 maxlen: 24
                          217.163.28.0/23 maxlen: 24
                          217.163.31.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f0:62:dd:bd:65:33:83:12:6b:6b:bd:96:bf:f4:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0232a4bfb7796405a556b759f1d193e4c4d37129
        Validity
            Not Before: Jan  2 00:45:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fb1a5edf9b0d70bc1cd4f909b61bbfe98e563d84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:fb:20:00:3c:08:70:4a:5c:33:b4:45:90:52:
                    72:56:b4:3a:55:a4:fe:96:20:64:9f:d4:2f:a5:50:
                    88:93:84:52:ae:6c:97:72:2b:60:97:60:d9:3a:7d:
                    5f:1e:6b:25:9a:cb:05:d3:dd:88:0c:d1:53:60:62:
                    f1:5b:41:56:a9:d3:88:21:f6:fe:8b:aa:5c:4b:78:
                    6b:e8:54:95:f5:f8:9c:10:26:f1:ab:fe:41:41:11:
                    68:ef:dd:3f:4c:6d:6b:f8:d2:50:3f:8f:ed:42:8f:
                    a3:f3:66:86:ad:c9:41:17:64:f0:12:41:ca:01:61:
                    eb:0f:08:b5:44:d7:9c:b4:28:b9:27:80:66:f4:54:
                    ad:53:ee:ef:aa:e2:2d:6d:e2:14:34:d7:43:83:d9:
                    9c:46:44:b9:6b:f1:7a:36:3f:13:95:dd:18:f4:19:
                    b0:17:4a:c3:b4:3a:ec:01:e0:e0:fc:e7:bf:8d:a3:
                    d9:81:05:fc:27:cb:40:06:8b:b3:bd:52:7f:a9:cc:
                    f0:3c:04:fc:af:d7:98:ca:2a:61:6d:fe:7e:c5:6c:
                    b1:aa:a5:26:fc:e2:90:1b:8e:0f:19:af:ef:45:53:
                    da:e7:ff:3d:f2:05:1a:81:70:87:50:e8:16:c3:7f:
                    fb:96:41:24:a5:15:9d:4b:46:1b:8b:09:35:86:91:
                    d4:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:1A:5E:DF:9B:0D:70:BC:1C:D4:F9:09:B6:1B:BF:E9:8E:56:3D:84
            X509v3 Authority Key Identifier:
                keyid:02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/1-xpe35sNcLwc1PkJthu_6Y5WPYQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.163.10.0/23
                  217.163.23.0-217.163.31.255

    Signature Algorithm: sha256WithRSAEncryption
         0c:1e:98:3b:e5:cc:c3:b4:a1:64:ed:cd:de:c0:7b:72:7b:7e:
         8f:5d:58:f2:e6:00:bd:c6:be:cb:3b:60:4d:ca:51:fb:7d:0e:
         09:a8:ac:cf:b2:df:1d:75:ba:c2:1f:a2:c6:e7:94:13:e4:3b:
         69:1d:8f:31:63:7d:dc:00:22:7f:3b:b9:54:14:0e:73:15:47:
         20:4d:a1:93:c3:d9:62:d8:4b:5c:21:a4:67:a4:91:0a:d9:f2:
         ee:f0:4f:4b:13:3f:e2:94:9d:9f:72:1f:8e:21:0d:3c:f8:52:
         d5:af:64:fd:66:3f:c0:7b:9a:17:e5:e4:e9:17:62:09:27:ca:
         d1:ba:76:94:53:e0:b4:b1:e4:4e:9d:fb:38:b5:cb:3a:42:2f:
         33:42:61:0b:68:fc:d0:ea:bd:11:05:85:ef:23:31:a2:8c:63:
         8f:7d:79:6f:12:9a:0a:27:d7:43:09:2a:de:e8:e0:42:f6:7a:
         6f:f4:2d:96:56:ae:f3:ba:12:46:ff:dd:bb:92:05:08:6a:ed:
         30:b7:9b:34:8b:b5:c7:d2:cf:c3:0b:c6:d6:8f:3c:3d:68:a8:
         d8:4e:fb:6e:93:51:2c:fb:ff:05:e2:9c:33:aa:18:31:f3:f3:
         1e:53:ca:c7:dc:24:21:7d:7e:dc:10:a7:35:0d:4d:11:0a:e3:
         96:fb:cb:9d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv8GLdvWUzgxJra72Wv/R/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzJhNGJmYjc3OTY0MDVhNTU2Yjc1OWYxZDE5M2U0YzRk
MzcxMjkwHhcNMjMwMTAyMDA0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjFhNWVkZjliMGQ3MGJjMWNkNGY5MDliNjFiYmZlOThlNTYzZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/sgADwIcEpcM7RFkFJyVrQ6VaT+
liBkn9QvpVCIk4RSrmyXcitgl2DZOn1fHmslmssF092IDNFTYGLxW0FWqdOIIfb+
i6pcS3hr6FSV9ficECbxq/5BQRFo790/TG1r+NJQP4/tQo+j82aGrclBF2TwEkHK
AWHrDwi1RNectCi5J4Bm9FStU+7vquItbeIUNNdDg9mcRkS5a/F6Nj8Tld0Y9Bmw
F0rDtDrsAeDg/Oe/jaPZgQX8J8tABouzvVJ/qczwPAT8r9eYyiphbf5+xWyxqqUm
/OKQG44PGa/vRVPa5/898gUagXCHUOgWw3/7lkEkpRWdS0Ybiwk1hpHUbQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPsaXt+bDXC8HNT5CbYbv+mOVj2EMB8GA1UdIwQY
MBaAFAIypL+3eWQFpVa3WfHRk+TE03EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEt
M2JiNGQ2MjAwNTE4LzEvMS14cGUzNXNOY0x3YzFQa0p0aHVfNlk1V1BZUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODEvYTdjZTdhLTg0NDMtNDZlYi04Y2JhLTNiYjRkNjIwMDUx
OC8xL0FqS2t2N2Q1WkFXbFZyZFo4ZEdUNU1UVGNTay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAdmjCjAM
AwQA2aMXAwQF2aMAMA0GCSqGSIb3DQEBCwUAA4IBAQAMHpg75czDtKFk7c3ewHty
e36PXVjy5gC9xr7LO2BNylH7fQ4JqKzPst8ddbrCH6LG55QT5DtpHY8xY33cACJ/
O7lUFA5zFUcgTaGTw9li2EtcIaRnpJEK2fLu8E9LEz/ilJ2fch+OIQ08+FLVr2T9
Zj/Ae5oX5eTpF2IJJ8rRunaUU+C0seROnfs4tcs6Qi8zQmELaPzQ6r0RBYXvIzGi
jGOPfXlvEpoKJ9dDCSre6OBC9npv9C2WVq7zuhJG/927kgUIau0wt5s0i7XH0s/D
C8bWjzw9aKjYTvtuk1Es+/8F4pwzqhgx8/MeU8rH3CQhfX7cEKc1DU0RCuOW+8ud
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:42 2023 by rpki-client on console-fra.rpki-client.org