Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/Z9bUxtfyEonivCVbxSiHJ6iO-H8.roa
File:                     Z9bUxtfyEonivCVbxSiHJ6iO-H8.roa (raw, json)
Hash identifier:          UaiI7ikpOCgT4ErkF/w2b3t4UfzQ9PxobJwCBBkDNFM=
Subject key identifier:   67:D6:D4:C6:D7:F2:12:89:E2:BC:25:5B:C5:28:87:27:A8:8E:F8:7F
Certificate issuer:       /CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Certificate serial:       01856FB11D732E512679A0F7D576F6A94941
Authority key identifier: B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/Z9bUxtfyEonivCVbxSiHJ6iO-H8.roa
Signing time:             Sun 01 Jan 2023 23:35:56 +0000
ROA not before:           Sun 01 Jan 2023 23:35:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        217.114.35.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:b1:1d:73:2e:51:26:79:a0:f7:d5:76:f6:a9:49:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
        Validity
            Not Before: Jan  1 23:35:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=67d6d4c6d7f21289e2bc255bc5288727a88ef87f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:99:05:f1:04:1b:bd:8b:42:ea:d8:f6:23:9e:
                    a3:8e:8b:d0:7b:b7:24:21:3e:d3:1d:55:ad:50:30:
                    17:f0:83:04:a4:35:aa:8c:f6:0a:c3:c3:c9:b8:95:
                    c5:bc:59:dd:cb:38:6d:96:bc:8e:f7:0b:69:ce:a6:
                    80:df:00:2f:4d:39:76:96:66:c4:03:50:bd:3b:ca:
                    15:3c:c8:ad:e5:16:65:ec:7d:6a:90:97:af:ff:23:
                    d0:81:ae:d7:8c:b8:e8:7b:53:42:a6:60:f3:01:27:
                    d8:bc:6e:12:cc:f3:a5:ee:0b:0c:92:71:fa:1b:f9:
                    2e:73:a2:69:53:53:5e:da:28:61:a1:40:56:33:aa:
                    98:21:14:9f:5e:6f:d5:eb:65:37:75:8c:dd:a5:22:
                    e8:65:be:75:5c:61:9f:41:39:97:6b:2d:60:98:f1:
                    e7:2b:c8:c1:67:49:1b:d4:13:a5:1f:0e:cd:26:ee:
                    36:bc:96:81:a1:9a:e0:85:9f:79:18:68:72:b1:1c:
                    3c:0c:b6:d5:dd:08:a5:a5:ad:c0:31:df:fc:6a:c2:
                    88:ee:ad:5e:bc:5c:dc:b3:aa:ac:c7:27:59:a9:93:
                    c4:9f:12:51:1a:5b:1e:0a:42:21:11:8d:5e:1f:c5:
                    64:18:9b:32:8a:0e:4b:0d:4b:75:3c:78:88:44:18:
                    41:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:D6:D4:C6:D7:F2:12:89:E2:BC:25:5B:C5:28:87:27:A8:8E:F8:7F
            X509v3 Authority Key Identifier:
                keyid:B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/Z9bUxtfyEonivCVbxSiHJ6iO-H8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/tATMDgOOsOaX7G565J0ChhRuDBo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.114.35.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:c2:23:83:44:90:91:1c:26:24:d9:ca:79:a3:39:d5:8f:d5:
         06:e4:c7:71:7d:5d:ff:ab:6d:70:72:1e:22:72:d1:ca:e3:7e:
         76:61:d3:d9:36:32:a9:d1:65:58:a3:4d:5c:9e:61:1d:b4:87:
         e0:55:58:99:df:a4:ca:5b:56:7c:32:59:f0:2b:a3:22:af:3d:
         a0:f9:4d:f2:88:5c:74:e6:3d:47:f7:fc:85:7b:d3:97:f4:24:
         ac:bb:20:ad:1a:c5:f6:8c:4a:59:fe:cb:49:05:66:35:72:93:
         9d:74:a7:e1:76:c0:2c:c2:3c:d9:e2:3b:71:66:85:c6:76:ef:
         98:55:0e:19:76:e0:e2:d7:0e:e0:5a:50:56:da:40:b6:2a:5f:
         81:7d:28:f1:5a:a2:ff:e7:9a:3d:24:52:9e:44:96:d1:dc:c5:
         c5:d5:b2:6d:3a:98:20:e6:5d:dd:02:ed:1a:60:2b:c4:fc:de:
         43:45:54:5a:0f:c0:78:7e:16:35:6c:79:34:bc:1e:63:26:b5:
         bf:08:42:ca:d1:3a:2d:30:d2:b4:cf:21:94:ca:a1:05:bf:ab:
         ed:93:de:94:9a:c2:cb:99:de:69:69:8a:7f:2e:40:d4:2f:47:
         60:c5:e2:69:d3:e0:38:a0:cb:80:32:76:26:a1:4d:d6:9f:a4:
         1b:6b:21:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvsR1zLlEmeaD31Xb2qUlBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDRjYzBlMDM4ZWIwZTY5N2VjNmU3YWU0OWQwMjg2MTQ2
ZTBjMWEwHhcNMjMwMTAxMjMzNTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2Q2ZDRjNmQ3ZjIxMjg5ZTJiYzI1NWJjNTI4ODcyN2E4OGVmODdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpkF8QQbvYtC6tj2I56jjovQe7ck
IT7THVWtUDAX8IMEpDWqjPYKw8PJuJXFvFndyzhtlryO9wtpzqaA3wAvTTl2lmbE
A1C9O8oVPMit5RZl7H1qkJev/yPQga7XjLjoe1NCpmDzASfYvG4SzPOl7gsMknH6
G/kuc6JpU1Ne2ihhoUBWM6qYIRSfXm/V62U3dYzdpSLoZb51XGGfQTmXay1gmPHn
K8jBZ0kb1BOlHw7NJu42vJaBoZrghZ95GGhysRw8DLbV3Qilpa3AMd/8asKI7q1e
vFzcs6qsxydZqZPEnxJRGlseCkIhEY1eH8VkGJsyig5LDUt1PHiIRBhB9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGfW1MbX8hKJ4rwlW8Uohyeojvh/MB8GA1UdIwQY
MBaAFLQEzA4DjrDml+xueuSdAoYUbgwaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1Yjkt
ODZhMmYwNjdiNGU4LzEvWjliVXh0ZnlFb25pdkNWYnhTaUhKNmlPLUg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1YjktODZhMmYwNjdiNGU4
LzEvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2XIjMA0G
CSqGSIb3DQEBCwUAA4IBAQB4wiODRJCRHCYk2cp5oznVj9UG5MdxfV3/q21wch4i
ctHK4352YdPZNjKp0WVYo01cnmEdtIfgVViZ36TKW1Z8MlnwK6Mirz2g+U3yiFx0
5j1H9/yFe9OX9CSsuyCtGsX2jEpZ/stJBWY1cpOddKfhdsAswjzZ4jtxZoXGdu+Y
VQ4ZduDi1w7gWlBW2kC2Kl+BfSjxWqL/55o9JFKeRJbR3MXF1bJtOpgg5l3dAu0a
YCvE/N5DRVRaD8B4fhY1bHk0vB5jJrW/CELK0TotMNK0zyGUyqEFv6vtk96UmsLL
md5paYp/LkDUL0dgxeJp0+A4oMuAMnYmoU3Wn6QbayH7
-----END CERTIFICATE-----
Generated at Mon Oct 9 21:27:00 2023 by rpki-client on console-ams.rpki-client.org