Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/FxVYOxr9lwFkSbUTa07z0jiw8t4.roa
File:                     FxVYOxr9lwFkSbUTa07z0jiw8t4.roa (raw, json)
Hash identifier:          rxQaQcqmzE/53tZffkW7Uth4H7/eefH1TN/yR7PeP3M=
Subject key identifier:   17:15:58:3B:1A:FD:97:01:64:49:B5:13:6B:4E:F3:D2:38:B0:F2:DE
Certificate issuer:       /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial:       0189A205A7E73901DEECB450D5F47363E86D
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/FxVYOxr9lwFkSbUTa07z0jiw8t4.roa
Signing time:             Sat 29 Jul 2023 14:20:26 +0000
ROA not before:           Sat 29 Jul 2023 14:20:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51520
IP address blocks:        178.250.191.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:a2:05:a7:e7:39:01:de:ec:b4:50:d5:f4:73:63:e8:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
        Validity
            Not Before: Jul 29 14:20:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1715583b1afd97016449b5136b4ef3d238b0f2de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:43:15:b1:43:a3:f5:90:89:74:0b:d2:dd:54:
                    57:25:96:1f:0b:5a:0b:fd:a9:e9:15:3e:1d:dd:8c:
                    48:76:bd:a3:02:33:3f:e5:78:13:d7:7c:2b:ad:9e:
                    4f:bb:7d:ac:5f:e6:3a:16:44:b0:7f:32:8a:5e:32:
                    65:de:08:c6:24:18:78:fb:a5:33:6a:0c:4e:7b:55:
                    11:f1:e7:7a:95:ee:9c:88:98:dc:28:b3:3b:2f:7a:
                    76:20:b6:bd:d4:20:e9:0b:ea:bb:d0:e2:08:8b:f8:
                    b4:06:53:be:db:47:89:19:ba:e3:d6:ce:72:f2:43:
                    9d:3c:96:71:cd:30:8d:3a:50:2e:44:fc:b7:da:cd:
                    8c:08:97:47:5b:d6:7f:0f:3b:9d:6f:2f:f7:70:b4:
                    16:d4:c0:fd:4f:a1:3d:33:7b:0d:73:01:9a:f3:32:
                    3e:34:a0:a9:d2:2f:19:49:78:0b:3c:06:b5:53:22:
                    6b:69:1d:e8:1c:15:d9:9b:34:03:b6:bd:ae:33:73:
                    c3:cf:9c:ea:83:c2:c0:53:0b:bd:6e:71:a4:8e:62:
                    5a:ce:bf:40:14:91:67:da:fc:81:83:c7:ea:1c:20:
                    20:6f:ad:aa:e1:a6:08:4c:71:6e:a7:d6:73:62:51:
                    6f:19:10:03:9d:ca:d4:9e:ec:01:0b:d1:a2:9a:02:
                    97:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:15:58:3B:1A:FD:97:01:64:49:B5:13:6B:4E:F3:D2:38:B0:F2:DE
            X509v3 Authority Key Identifier:
                keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/FxVYOxr9lwFkSbUTa07z0jiw8t4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.250.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:10:34:96:51:36:d0:9d:cc:05:64:7e:7c:60:ce:4b:11:f1:
         cf:3f:4e:17:9c:89:6a:c5:62:fb:7b:79:d8:20:80:c3:39:9d:
         21:f5:e1:81:94:18:be:bc:0e:c3:9e:2b:59:95:e3:d1:9d:ff:
         33:71:40:78:b7:17:43:db:3e:c1:94:f9:19:0d:c2:54:14:03:
         a4:9a:df:d0:0e:7b:80:6e:25:18:af:e1:29:0f:bd:e9:79:bc:
         73:ec:77:5c:1e:e1:25:18:57:d6:a1:7f:8a:b3:80:ed:98:7e:
         06:71:df:e1:31:0c:49:f6:2f:e0:9c:ba:a6:2d:98:7a:e5:f2:
         c1:e2:a3:a6:ef:60:6e:84:64:39:07:d0:91:d1:61:6f:a2:0f:
         68:e2:41:f8:4f:3f:34:f5:4f:84:63:01:3f:bd:01:60:ae:cf:
         7a:5c:5c:da:62:9d:11:fd:b2:8f:1b:84:ab:91:72:df:5d:bc:
         96:dd:0e:df:95:5d:34:fa:2e:ed:18:20:58:70:2f:aa:c2:53:
         ae:11:e8:5e:0e:ba:8d:7b:7b:7a:da:dd:53:3b:bf:c8:ae:14:
         0c:e3:57:fb:f2:80:25:76:8e:6c:79:07:f1:17:5c:fe:e6:c0:
         1f:22:90:e9:23:d9:c8:6d:3f:86:03:c2:e2:29:5a:be:a7:4f:
         d9:71:d5:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmiBafnOQHe7LRQ1fRzY+htMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjMwNzI5MTQyMDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzE1NTgzYjFhZmQ5NzAxNjQ0OWI1MTM2YjRlZjNkMjM4YjBmMmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEMVsUOj9ZCJdAvS3VRXJZYfC1oL
/anpFT4d3YxIdr2jAjM/5XgT13wrrZ5Pu32sX+Y6FkSwfzKKXjJl3gjGJBh4+6Uz
agxOe1UR8ed6le6ciJjcKLM7L3p2ILa91CDpC+q70OIIi/i0BlO+20eJGbrj1s5y
8kOdPJZxzTCNOlAuRPy32s2MCJdHW9Z/Dzudby/3cLQW1MD9T6E9M3sNcwGa8zI+
NKCp0i8ZSXgLPAa1UyJraR3oHBXZmzQDtr2uM3PDz5zqg8LAUwu9bnGkjmJazr9A
FJFn2vyBg8fqHCAgb62q4aYITHFup9ZzYlFvGRADncrUnuwBC9GimgKXKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBcVWDsa/ZcBZEm1E2tO89I4sPLeMB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvRnhWWU94cjlsd0ZrU2JVVGEwN3owaml3OHQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsvq/MA0G
CSqGSIb3DQEBCwUAA4IBAQCBEDSWUTbQncwFZH58YM5LEfHPP04XnIlqxWL7e3nY
IIDDOZ0h9eGBlBi+vA7DnitZlePRnf8zcUB4txdD2z7BlPkZDcJUFAOkmt/QDnuA
biUYr+EpD73pebxz7HdcHuElGFfWoX+Ks4DtmH4Gcd/hMQxJ9i/gnLqmLZh65fLB
4qOm72BuhGQ5B9CR0WFvog9o4kH4Tz809U+EYwE/vQFgrs96XFzaYp0R/bKPG4Sr
kXLfXbyW3Q7flV00+i7tGCBYcC+qwlOuEeheDrqNe3t62t1TO7/IrhQM41f78oAl
do5seQfxF1z+5sAfIpDpI9nIbT+GA8LiKVq+p0/ZcdUp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:33 2024 by rpki-client on console-fra.rpki-client.org