Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/m7ZbNgMXwlg-uqhn4hirZepOCtg.roa
File:                     m7ZbNgMXwlg-uqhn4hirZepOCtg.roa (raw, json)
Hash identifier:          oJd/Oavgai5poCCjBpPG/p0/EiC3aRXdI1onnTdkCP0=
Subject key identifier:   9B:B6:5B:36:03:17:C2:58:3E:BA:A8:67:E2:18:AB:65:EA:4E:0A:D8
Certificate issuer:       /CN=5dde4b3b82f209b701ae340cf53b974078f16a9f
Certificate serial:       01856FCBB3413F129AEF619043DB452D85B4
Authority key identifier: 5D:DE:4B:3B:82:F2:09:B7:01:AE:34:0C:F5:3B:97:40:78:F1:6A:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xd5LO4LyCbcBrjQM9TuXQHjxap8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/m7ZbNgMXwlg-uqhn4hirZepOCtg.roa
Signing time:             Mon 02 Jan 2023 00:04:58 +0000
ROA not before:           Mon 02 Jan 2023 00:04:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     53340
IP address blocks:        185.143.240.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:cb:b3:41:3f:12:9a:ef:61:90:43:db:45:2d:85:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dde4b3b82f209b701ae340cf53b974078f16a9f
        Validity
            Not Before: Jan  2 00:04:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9bb65b360317c2583ebaa867e218ab65ea4e0ad8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:7e:23:6d:e5:17:ab:f0:73:60:92:4a:9a:ed:
                    25:c8:7c:ed:c2:a4:d3:8c:08:ef:15:5f:45:79:ea:
                    2e:7f:dc:06:62:45:e4:59:8f:e2:5f:b7:4e:8f:61:
                    65:f7:09:05:01:60:ae:7c:79:61:28:f6:bc:de:99:
                    f8:0d:4c:a9:61:09:31:8e:9c:3b:60:1b:5c:43:a8:
                    19:a2:89:eb:4e:bd:85:20:f6:c4:38:7b:bc:3d:4a:
                    17:0a:15:5b:00:1c:6f:ce:06:d8:0c:bc:60:85:10:
                    f5:05:6d:aa:85:23:dd:2d:89:de:d8:7b:a6:eb:42:
                    79:c2:ab:ad:55:21:a3:1c:bc:4a:d6:57:01:63:7d:
                    61:10:ca:c8:97:e9:22:fd:33:df:2b:3e:fa:34:74:
                    3c:70:2e:b8:18:26:48:6c:fd:52:d9:ab:ab:11:c8:
                    e5:a9:7b:b1:f1:c4:91:cf:78:1e:fc:f2:f1:02:4f:
                    33:4f:23:a7:4d:99:de:95:4f:42:e6:b0:f2:e4:e1:
                    4d:5a:dc:23:de:4e:a3:a3:0c:06:54:32:c6:1c:2d:
                    e8:2e:df:a1:5f:a9:ae:04:da:12:4c:68:2b:aa:ed:
                    93:dd:34:15:b7:44:89:c3:a1:d5:2d:0d:b2:76:66:
                    d2:9e:6c:94:9b:34:cd:08:50:73:56:f2:ed:0f:d5:
                    0d:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:B6:5B:36:03:17:C2:58:3E:BA:A8:67:E2:18:AB:65:EA:4E:0A:D8
            X509v3 Authority Key Identifier:
                keyid:5D:DE:4B:3B:82:F2:09:B7:01:AE:34:0C:F5:3B:97:40:78:F1:6A:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xd5LO4LyCbcBrjQM9TuXQHjxap8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/m7ZbNgMXwlg-uqhn4hirZepOCtg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/Xd5LO4LyCbcBrjQM9TuXQHjxap8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.143.240.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:2b:91:3f:90:ed:61:a2:e2:2e:10:a2:40:65:dc:9d:54:f4:
         51:6f:a5:25:fc:d1:3c:27:69:08:99:d9:eb:65:ea:12:30:90:
         d4:01:c2:8b:80:7b:bc:d7:d3:28:dc:5d:39:5d:f1:a1:f9:17:
         d7:e7:e5:9c:06:ef:c7:63:44:c5:d2:4b:48:93:07:9b:46:5e:
         e6:dd:60:0f:8f:9f:ed:52:26:d2:1a:e5:11:13:48:06:8e:cb:
         8c:cb:d9:5a:d3:97:6b:d4:7e:1e:66:d4:00:77:58:e6:3b:fd:
         df:44:c0:1d:f3:82:01:91:c5:b2:19:25:fc:27:31:59:85:b4:
         77:94:4e:4e:f6:1b:1a:5d:5b:93:42:bf:0c:03:73:da:1f:83:
         d6:f8:50:45:06:af:0e:67:e3:14:80:9e:a2:a5:8f:9d:0e:cc:
         94:dc:4c:3c:24:0b:20:41:be:f9:f4:e2:86:89:ba:53:cc:80:
         ab:c7:8f:07:97:ca:26:51:49:e2:ea:1f:4e:40:d5:f5:b6:e1:
         c2:ff:70:2e:07:0a:0a:71:82:20:4b:e5:a5:17:80:07:32:0d:
         f1:73:3d:8e:ab:de:ed:5e:c7:14:51:32:2d:59:68:c5:0e:b2:
         fa:6e:90:20:1d:5e:ae:79:36:e8:5a:41:43:e2:cd:22:af:cf:
         e9:09:7f:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy7NBPxKa72GQQ9tFLYW0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZGU0YjNiODJmMjA5YjcwMWFlMzQwY2Y1M2I5NzQwNzhm
MTZhOWYwHhcNMjMwMTAyMDAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmI2NWIzNjAzMTdjMjU4M2ViYWE4NjdlMjE4YWI2NWVhNGUwYWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkn4jbeUXq/BzYJJKmu0lyHztwqTT
jAjvFV9Feeouf9wGYkXkWY/iX7dOj2Fl9wkFAWCufHlhKPa83pn4DUypYQkxjpw7
YBtcQ6gZoonrTr2FIPbEOHu8PUoXChVbABxvzgbYDLxghRD1BW2qhSPdLYne2Hum
60J5wqutVSGjHLxK1lcBY31hEMrIl+ki/TPfKz76NHQ8cC64GCZIbP1S2aurEcjl
qXux8cSRz3ge/PLxAk8zTyOnTZnelU9C5rDy5OFNWtwj3k6jowwGVDLGHC3oLt+h
X6muBNoSTGgrqu2T3TQVt0SJw6HVLQ2ydmbSnmyUmzTNCFBzVvLtD9UNXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJu2WzYDF8JYPrqoZ+IYq2XqTgrYMB8GA1UdIwQY
MBaAFF3eSzuC8gm3Aa40DPU7l0B48WqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGQ1TE80THlDYmNCcmpRTTlUdVhRSGp4YXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8wMmJkZjAtYmYyOS00ZGFlLWIxOWIt
ODZhNTUxOGUyZDUyLzEvbTdaYk5nTVh3bGctdXFobjRoaXJaZXBPQ3RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8wMmJkZjAtYmYyOS00ZGFlLWIxOWItODZhNTUxOGUyZDUy
LzEvWGQ1TE80THlDYmNCcmpRTTlUdVhRSGp4YXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuY/wMA0G
CSqGSIb3DQEBCwUAA4IBAQA3K5E/kO1houIuEKJAZdydVPRRb6Ul/NE8J2kImdnr
ZeoSMJDUAcKLgHu819Mo3F05XfGh+RfX5+WcBu/HY0TF0ktIkwebRl7m3WAPj5/t
UibSGuURE0gGjsuMy9la05dr1H4eZtQAd1jmO/3fRMAd84IBkcWyGSX8JzFZhbR3
lE5O9hsaXVuTQr8MA3PaH4PW+FBFBq8OZ+MUgJ6ipY+dDsyU3Ew8JAsgQb759OKG
ibpTzICrx48Hl8omUUni6h9OQNX1tuHC/3AuBwoKcYIgS+WlF4AHMg3xcz2Oq97t
XscUUTItWWjFDrL6bpAgHV6ueTboWkFD4s0ir8/pCX/k
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:07 2024 by rpki-client on console-fra.rpki-client.org