Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/4e198e-2f61-46f3-b5f6-06d6e947e38f/1/DphDCrJioUD7C4fMjF9X_U6HDQc.roa
File:                     DphDCrJioUD7C4fMjF9X_U6HDQc.roa (raw, json)
Hash identifier:          h8WE8XgLx9f7+cf1eftJF5l6zd8vK88LU3Ty4W6umXo=
Subject key identifier:   0E:98:43:0A:B2:62:A1:40:FB:0B:87:CC:8C:5F:57:FD:4E:87:0D:07
Certificate issuer:       /CN=0589ee303ff7d0d557599fa04b293dc2b16bb4d4
Certificate serial:       0185708CA4AA19F08A2854645F1812800D79
Authority key identifier: 05:89:EE:30:3F:F7:D0:D5:57:59:9F:A0:4B:29:3D:C2:B1:6B:B4:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BYnuMD_30NVXWZ-gSyk9wrFrtNQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/4e198e-2f61-46f3-b5f6-06d6e947e38f/1/DphDCrJioUD7C4fMjF9X_U6HDQc.roa
Signing time:             Mon 02 Jan 2023 03:35:43 +0000
ROA not before:           Mon 02 Jan 2023 03:35:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43435
IP address blocks:        78.155.96.0/19 maxlen: 19

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:30:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:8c:a4:aa:19:f0:8a:28:54:64:5f:18:12:80:0d:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0589ee303ff7d0d557599fa04b293dc2b16bb4d4
        Validity
            Not Before: Jan  2 03:35:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0e98430ab262a140fb0b87cc8c5f57fd4e870d07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:e5:5d:65:93:f8:0e:8b:5a:3c:1e:23:f5:03:
                    5b:31:b1:a6:27:e6:3e:83:57:18:e0:2e:b1:15:df:
                    c1:13:26:3e:42:74:dd:a0:3d:53:a9:b1:cd:0d:1e:
                    f2:e0:74:41:61:6e:0b:f2:e8:18:b5:bd:6b:60:d4:
                    e1:df:16:40:10:1e:06:68:fd:e5:e2:82:18:53:6a:
                    48:45:25:ff:ac:0d:ff:a0:a1:d1:a8:35:f3:b1:1d:
                    4f:fd:ed:d0:5f:d3:46:a2:e5:39:b8:3c:74:a1:68:
                    a5:ed:3d:56:ee:c7:1e:4d:2a:72:b6:34:32:ba:e5:
                    d8:52:f6:23:1c:32:ff:93:47:28:c1:64:1c:9e:e3:
                    9d:21:d1:bf:03:02:58:71:0c:a0:91:bd:70:53:e1:
                    4e:df:75:f1:72:02:43:ec:89:33:6a:77:52:6a:d9:
                    24:90:ce:39:b0:9d:31:c4:f7:43:7e:f4:d8:7f:df:
                    a8:18:f7:46:e6:68:16:ae:7f:19:5d:90:e1:e0:60:
                    e5:a1:08:93:a9:2f:8e:9c:19:95:19:04:22:e7:8a:
                    52:c7:4c:0a:11:8a:96:97:44:8d:f8:7c:9e:cb:cf:
                    0d:66:06:9d:0d:74:96:00:61:76:18:5e:9d:f8:c8:
                    a0:30:ac:56:10:a9:06:8d:4d:63:18:9c:d5:04:88:
                    e3:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:98:43:0A:B2:62:A1:40:FB:0B:87:CC:8C:5F:57:FD:4E:87:0D:07
            X509v3 Authority Key Identifier:
                keyid:05:89:EE:30:3F:F7:D0:D5:57:59:9F:A0:4B:29:3D:C2:B1:6B:B4:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BYnuMD_30NVXWZ-gSyk9wrFrtNQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4e198e-2f61-46f3-b5f6-06d6e947e38f/1/DphDCrJioUD7C4fMjF9X_U6HDQc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4e198e-2f61-46f3-b5f6-06d6e947e38f/1/BYnuMD_30NVXWZ-gSyk9wrFrtNQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.155.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         63:e5:1a:bc:69:88:6b:e7:18:6c:07:c5:ef:42:59:8f:82:62:
         d0:d7:e3:99:4f:37:ef:53:99:a1:fe:79:76:30:63:17:f5:e6:
         90:fb:07:3f:e7:9d:b9:51:2f:7c:ab:fa:9a:74:e0:0b:9c:a7:
         6f:75:f9:f9:8e:85:59:1b:c3:21:6f:09:93:0f:27:4b:37:df:
         c4:f1:3e:d8:f6:00:30:cb:67:72:a9:94:49:99:2d:13:e1:27:
         bb:02:8d:b4:10:1d:75:dc:28:5b:32:21:ac:f5:25:a2:8b:79:
         f3:08:a7:22:5b:bf:2c:1b:f4:69:bb:a3:43:0c:1a:ef:9c:fb:
         4e:9d:bb:e6:dc:01:92:76:d9:ae:a3:38:41:0e:03:08:c7:b2:
         24:dc:f2:05:79:6e:23:56:5e:e6:01:58:1f:0b:20:e7:6e:4b:
         22:09:15:cd:c4:2e:dd:b6:47:93:4e:2c:8e:36:08:d5:3f:6b:
         19:9d:be:9d:d7:89:49:a6:c9:98:8c:e3:cb:4c:c9:f4:33:ba:
         26:5e:cc:07:4d:63:b7:3d:19:21:c5:f0:eb:e7:bf:7a:68:6a:
         9a:e8:1b:88:40:3b:c3:ad:79:66:18:85:99:f1:c9:a7:55:f4:
         75:da:30:88:d0:c6:2a:bc:fa:8f:77:a6:a8:ff:6e:09:92:34:
         ab:18:a2:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjKSqGfCKKFRkXxgSgA15MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ODllZTMwM2ZmN2QwZDU1NzU5OWZhMDRiMjkzZGMyYjE2
YmI0ZDQwHhcNMjMwMTAyMDMzNTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTk4NDMwYWIyNjJhMTQwZmIwYjg3Y2M4YzVmNTdmZDRlODcwZDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuVdZZP4DotaPB4j9QNbMbGmJ+Y+
g1cY4C6xFd/BEyY+QnTdoD1TqbHNDR7y4HRBYW4L8ugYtb1rYNTh3xZAEB4GaP3l
4oIYU2pIRSX/rA3/oKHRqDXzsR1P/e3QX9NGouU5uDx0oWil7T1W7sceTSpytjQy
uuXYUvYjHDL/k0cowWQcnuOdIdG/AwJYcQygkb1wU+FO33XxcgJD7IkzandSatkk
kM45sJ0xxPdDfvTYf9+oGPdG5mgWrn8ZXZDh4GDloQiTqS+OnBmVGQQi54pSx0wK
EYqWl0SN+Hyey88NZgadDXSWAGF2GF6d+MigMKxWEKkGjU1jGJzVBIjjLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA6YQwqyYqFA+wuHzIxfV/1Ohw0HMB8GA1UdIwQY
MBaAFAWJ7jA/99DVV1mfoEspPcKxa7TUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlludU1EXzMwTlZYV1otZ1N5azl3ckZydE5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My80ZTE5OGUtMmY2MS00NmYzLWI1ZjYt
MDZkNmU5NDdlMzhmLzEvRHBoRENySmlvVUQ3QzRmTWpGOVhfVTZIRFFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My80ZTE5OGUtMmY2MS00NmYzLWI1ZjYtMDZkNmU5NDdlMzhm
LzEvQlludU1EXzMwTlZYV1otZ1N5azl3ckZydE5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFTptgMA0G
CSqGSIb3DQEBCwUAA4IBAQBj5Rq8aYhr5xhsB8XvQlmPgmLQ1+OZTzfvU5mh/nl2
MGMX9eaQ+wc/5525US98q/qadOALnKdvdfn5joVZG8MhbwmTDydLN9/E8T7Y9gAw
y2dyqZRJmS0T4Se7Ao20EB113ChbMiGs9SWii3nzCKciW78sG/Rpu6NDDBrvnPtO
nbvm3AGSdtmuozhBDgMIx7Ik3PIFeW4jVl7mAVgfCyDnbksiCRXNxC7dtkeTTiyO
NgjVP2sZnb6d14lJpsmYjOPLTMn0M7omXswHTWO3PRkhxfDr5796aGqa6BuIQDvD
rXlmGIWZ8cmnVfR12jCI0MYqvPqPd6ao/24JkjSrGKJq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:34 2024 by rpki-client on console-fra.rpki-client.org