Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/Vg9VpLhmO6b0Zb0fHjf6JdZXu2c.roa
File:                     Vg9VpLhmO6b0Zb0fHjf6JdZXu2c.roa (raw, json)
Hash identifier:          uRwhry2ZCbF8WqpcpPxI7aJFip8zGE0IEZPPgdl26rw=
Subject key identifier:   56:0F:55:A4:B8:66:3B:A6:F4:65:BD:1F:1E:37:FA:25:D6:57:BB:67
Certificate issuer:       /CN=57b80e60b5adf45aeba5c0c8abccc63997a0f1db
Certificate serial:       01856B93614FD25C4844489166A9D97F78D5
Authority key identifier: 57:B8:0E:60:B5:AD:F4:5A:EB:A5:C0:C8:AB:CC:C6:39:97:A0:F1:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V7gOYLWt9FrrpcDIq8zGOZeg8ds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/Vg9VpLhmO6b0Zb0fHjf6JdZXu2c.roa
Signing time:             Sun 01 Jan 2023 04:24:58 +0000
ROA not before:           Sun 01 Jan 2023 04:24:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198949
IP address blocks:        78.108.224.0/20 maxlen: 24
                          213.55.0.0/18 maxlen: 24
                          80.69.208.0/20 maxlen: 24
                          109.122.128.0/18 maxlen: 24
                          185.147.224.0/22 maxlen: 24
                          5.57.96.0/19 maxlen: 24
                          2a00:a080::/32 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:93:61:4f:d2:5c:48:44:48:91:66:a9:d9:7f:78:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57b80e60b5adf45aeba5c0c8abccc63997a0f1db
        Validity
            Not Before: Jan  1 04:24:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=560f55a4b8663ba6f465bd1f1e37fa25d657bb67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:58:75:70:ad:1b:33:8d:dc:ef:10:38:56:58:
                    f6:d6:f5:53:99:58:c7:7c:3c:b5:c5:49:21:b5:10:
                    f8:21:6a:93:09:d4:df:c9:84:60:d0:1e:c7:d3:49:
                    6d:5f:0f:f5:54:0d:b7:a4:e5:4a:e7:64:05:bc:64:
                    a0:f2:c3:a4:cc:39:93:d8:84:3f:55:33:64:2c:13:
                    f2:c9:09:bd:0c:7f:ae:1c:ae:27:e6:f8:8f:e3:f0:
                    95:e3:ad:d0:e8:b5:a5:7d:83:88:e3:b9:8c:2b:c7:
                    a0:4e:b0:eb:04:50:55:83:f6:b7:6c:41:0e:f1:4b:
                    8b:47:25:da:ee:51:ea:bb:6b:ca:df:3a:49:99:95:
                    76:db:a1:33:2a:68:25:cd:06:df:41:1c:da:55:c4:
                    1e:0d:1f:6e:ee:c4:59:63:10:f4:bd:8b:22:29:d9:
                    ee:7e:4f:c6:d5:61:1d:fc:42:c4:ba:f5:38:b7:cc:
                    13:eb:9a:f1:d3:74:5f:74:fe:7e:86:f9:37:c5:b4:
                    b3:dd:e4:a8:95:00:5d:a3:dc:63:b6:f6:12:b9:c9:
                    c8:9b:e1:f6:20:ba:cb:99:16:aa:da:e0:bf:90:c6:
                    ee:70:12:76:42:e8:2e:a0:5c:50:37:8b:3a:6c:f2:
                    d0:e6:f2:0e:d4:33:1e:fe:9c:b7:2b:1e:e4:1b:50:
                    30:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:0F:55:A4:B8:66:3B:A6:F4:65:BD:1F:1E:37:FA:25:D6:57:BB:67
            X509v3 Authority Key Identifier:
                keyid:57:B8:0E:60:B5:AD:F4:5A:EB:A5:C0:C8:AB:CC:C6:39:97:A0:F1:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V7gOYLWt9FrrpcDIq8zGOZeg8ds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/Vg9VpLhmO6b0Zb0fHjf6JdZXu2c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/V7gOYLWt9FrrpcDIq8zGOZeg8ds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.57.96.0/19
                  78.108.224.0/20
                  80.69.208.0/20
                  109.122.128.0/18
                  185.147.224.0/22
                  213.55.0.0/18
                IPv6:
                  2a00:a080::/32

    Signature Algorithm: sha256WithRSAEncryption
         3f:ef:c7:76:ce:bb:d9:82:54:0a:8e:ce:32:c6:d3:5c:90:9e:
         14:71:54:7b:61:8d:a1:79:e8:5e:2b:b4:6b:3a:1d:55:56:a4:
         ed:54:0d:6c:b6:62:48:84:82:7e:dd:31:b4:ec:d4:ab:e5:bc:
         17:b4:1d:86:33:74:7c:f1:5b:10:03:1e:ef:b7:41:3e:85:7a:
         77:dd:4c:60:22:8a:a0:5d:9b:d5:b1:b4:1b:e6:cb:4e:c0:6b:
         2d:61:8c:33:99:25:b4:e0:92:c5:74:7a:aa:17:c7:0e:0c:6f:
         cd:1f:76:8d:e1:fc:05:5f:f3:6a:1c:08:d8:2e:00:b4:af:f7:
         5a:b4:58:a0:e8:c1:99:b8:0c:34:b7:b3:68:b8:32:90:28:42:
         0c:4f:01:d6:e3:3b:6a:65:40:b3:7f:ae:f0:63:42:f7:a0:72:
         72:25:6f:16:fe:38:32:41:7a:18:eb:ee:f6:1f:70:8d:32:e0:
         75:a7:f4:8b:03:e9:49:62:53:57:5b:56:3f:ba:cf:c9:f8:e5:
         97:06:29:81:b4:f1:9d:cb:54:4f:8b:bf:78:13:22:56:9d:1b:
         8d:8f:32:99:2e:d8:20:dc:b0:5e:cf:9f:fb:51:1f:75:00:3f:
         7d:cf:ad:da:d2:e8:66:55:db:ee:39:a3:cb:32:aa:d4:dd:c8:
         13:d9:4f:95
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVrk2FP0lxIREiRZqnZf3jVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YjgwZTYwYjVhZGY0NWFlYmE1YzBjOGFiY2NjNjM5OTdh
MGYxZGIwHhcNMjMwMTAxMDQyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjBmNTVhNGI4NjYzYmE2ZjQ2NWJkMWYxZTM3ZmEyNWQ2NTdiYjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFh1cK0bM43c7xA4Vlj21vVTmVjH
fDy1xUkhtRD4IWqTCdTfyYRg0B7H00ltXw/1VA23pOVK52QFvGSg8sOkzDmT2IQ/
VTNkLBPyyQm9DH+uHK4n5viP4/CV463Q6LWlfYOI47mMK8egTrDrBFBVg/a3bEEO
8UuLRyXa7lHqu2vK3zpJmZV226EzKmglzQbfQRzaVcQeDR9u7sRZYxD0vYsiKdnu
fk/G1WEd/ELEuvU4t8wT65rx03RfdP5+hvk3xbSz3eSolQBdo9xjtvYSucnIm+H2
ILrLmRaq2uC/kMbucBJ2QuguoFxQN4s6bPLQ5vIO1DMe/py3Kx7kG1AwswIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFFYPVaS4Zjum9GW9Hx43+iXWV7tnMB8GA1UdIwQY
MBaAFFe4DmC1rfRa66XAyKvMxjmXoPHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjdnT1lMV3Q5RnJycGNESXE4ekdPWmVnOGRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi83OWRkOWMtY2U2NC00YjI1LThmMjMt
ZTZlOGFhZTM0ODI2LzEvVmc5VnBMaG1PNmIwWmIwZkhqZjZKZFpYdTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi83OWRkOWMtY2U2NC00YjI1LThmMjMtZTZlOGFhZTM0ODI2
LzEvVjdnT1lMV3Q5RnJycGNESXE4ekdPWmVnOGRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFBTlgAwQE
TmzgAwQEUEXQAwQGbXqAAwQCuZPgAwQG1TcAMA0EAgACMAcDBQAqAKCAMA0GCSqG
SIb3DQEBCwUAA4IBAQA/78d2zrvZglQKjs4yxtNckJ4UcVR7YY2heeheK7RrOh1V
VqTtVA1stmJIhIJ+3TG07NSr5bwXtB2GM3R88VsQAx7vt0E+hXp33UxgIoqgXZvV
sbQb5stOwGstYYwzmSW04JLFdHqqF8cODG/NH3aN4fwFX/NqHAjYLgC0r/datFig
6MGZuAw0t7NouDKQKEIMTwHW4ztqZUCzf67wY0L3oHJyJW8W/jgyQXoY6+72H3CN
MuB1p/SLA+lJYlNXW1Y/us/J+OWXBimBtPGdy1RPi794EyJWnRuNjzKZLtgg3LBe
z5/7UR91AD99z63a0uhmVdvuOaPLMqrU3cgT2U+V
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:27 2024 by rpki-client on console-fra.rpki-client.org