Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/08729f-79a6-48d0-b2e1-bb26143c5edc/1/jO0KXImxhFNObbI6M7hs6BNWGeU.roa
File:                     jO0KXImxhFNObbI6M7hs6BNWGeU.roa (raw, json)
Hash identifier:          +08h7QIC/wiB6oKs3oeVGZd9TpwfQfBHIFxItfR7C3M=
Subject key identifier:   8C:ED:0A:5C:89:B1:84:53:4E:6D:B2:3A:33:B8:6C:E8:13:56:19:E5
Certificate issuer:       /CN=1cb464ba038bc0bbbee400f3e908df51482c51bb
Certificate serial:       01857315EDD5994D467D534564CF1A869165
Authority key identifier: 1C:B4:64:BA:03:8B:C0:BB:BE:E4:00:F3:E9:08:DF:51:48:2C:51:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HLRkugOLwLu-5ADz6QjfUUgsUbs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/08729f-79a6-48d0-b2e1-bb26143c5edc/1/jO0KXImxhFNObbI6M7hs6BNWGeU.roa
Signing time:             Mon 02 Jan 2023 15:24:54 +0000
ROA not before:           Mon 02 Jan 2023 15:24:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50474
IP address blocks:        78.40.8.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:15:ed:d5:99:4d:46:7d:53:45:64:cf:1a:86:91:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cb464ba038bc0bbbee400f3e908df51482c51bb
        Validity
            Not Before: Jan  2 15:24:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8ced0a5c89b184534e6db23a33b86ce8135619e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:0b:49:33:ed:a6:2c:e4:5a:58:95:97:0e:b3:
                    90:9e:66:2c:ac:1f:69:9d:b2:de:52:11:33:c9:83:
                    56:5f:c7:0e:ab:8f:34:96:10:b9:c8:49:e8:03:38:
                    85:31:75:71:5e:8d:6a:f4:4c:5a:2c:f3:8a:e0:b4:
                    94:78:19:e5:34:b5:d8:2d:dc:19:6e:4c:ef:5d:ed:
                    c2:cd:47:b8:70:bb:d5:13:6d:38:84:0b:c9:23:9e:
                    ae:72:6a:8d:e4:7c:d1:86:17:9f:94:eb:0a:ef:1f:
                    13:4f:44:02:1f:7a:ea:27:e6:ae:ed:12:9f:d3:d5:
                    78:b6:ce:7d:96:b0:c3:f4:e8:cd:34:fe:35:63:db:
                    27:bd:a0:c7:31:d0:89:7f:39:f3:a1:8e:8d:a0:a0:
                    31:95:0d:90:a3:fc:fe:e5:66:97:c4:a9:be:27:0d:
                    5b:ae:02:1d:76:c9:6b:1d:14:06:a3:9f:56:69:77:
                    93:3f:24:59:df:c8:30:36:47:76:d9:c7:8a:af:75:
                    5b:93:8e:2a:b2:5f:32:ea:13:14:5c:06:ac:7b:e1:
                    01:f9:2f:a7:84:b4:73:fc:fd:50:14:a0:40:f9:ba:
                    60:28:f1:a6:de:6d:5e:8a:0a:40:a7:0f:09:84:da:
                    5c:3d:48:7b:f2:21:54:f3:95:96:c2:3b:c1:46:ad:
                    87:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:ED:0A:5C:89:B1:84:53:4E:6D:B2:3A:33:B8:6C:E8:13:56:19:E5
            X509v3 Authority Key Identifier:
                keyid:1C:B4:64:BA:03:8B:C0:BB:BE:E4:00:F3:E9:08:DF:51:48:2C:51:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HLRkugOLwLu-5ADz6QjfUUgsUbs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/08729f-79a6-48d0-b2e1-bb26143c5edc/1/jO0KXImxhFNObbI6M7hs6BNWGeU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/08729f-79a6-48d0-b2e1-bb26143c5edc/1/HLRkugOLwLu-5ADz6QjfUUgsUbs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.40.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6d:56:f3:00:99:4f:0d:00:c3:cf:e1:cb:d5:ab:da:e0:16:04:
         3f:ac:07:2b:76:2f:be:8b:13:b3:cc:4d:17:b0:a2:ed:b0:8b:
         f4:54:9d:dd:46:69:f7:2a:4a:4b:22:03:e4:15:6e:7a:b0:9a:
         d5:e3:b3:7b:7a:c1:97:62:0f:39:5b:25:cd:07:c0:84:42:cc:
         76:1a:8b:91:98:b5:8d:67:4f:16:53:22:b9:19:ac:7b:e0:e2:
         a0:6b:31:63:3a:c9:34:04:b2:bc:3e:3d:b9:ab:e8:ea:86:b7:
         3a:ef:d5:22:b0:9e:46:fa:0a:3d:e3:75:e5:25:93:cd:b6:d6:
         3b:26:65:f6:5a:24:d7:ad:db:03:12:71:11:7d:b6:7c:af:e8:
         22:4f:38:10:27:ca:91:a2:2d:cc:b0:ae:b0:58:e5:7b:75:ad:
         62:00:b9:bb:9e:1f:fa:41:10:68:74:db:13:77:09:69:25:1f:
         68:8c:08:99:ab:ba:9f:63:61:50:ba:c6:cc:fa:ab:3e:2d:d1:
         28:e1:29:0e:be:77:f2:e9:fb:18:12:17:a0:42:af:33:9c:f2:
         d4:71:74:a7:b8:0c:f3:bb:bc:1e:d8:e0:e9:e5:1d:f1:8f:97:
         1b:d1:a7:25:9f:99:ca:13:18:de:35:bf:68:09:28:57:27:f1:
         33:ca:ad:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzFe3VmU1GfVNFZM8ahpFlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYjQ2NGJhMDM4YmMwYmJiZWU0MDBmM2U5MDhkZjUxNDgy
YzUxYmIwHhcNMjMwMTAyMTUyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2VkMGE1Yzg5YjE4NDUzNGU2ZGIyM2EzM2I4NmNlODEzNTYxOWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAtJM+2mLORaWJWXDrOQnmYsrB9p
nbLeUhEzyYNWX8cOq480lhC5yEnoAziFMXVxXo1q9ExaLPOK4LSUeBnlNLXYLdwZ
bkzvXe3CzUe4cLvVE204hAvJI56ucmqN5HzRhheflOsK7x8TT0QCH3rqJ+au7RKf
09V4ts59lrDD9OjNNP41Y9snvaDHMdCJfznzoY6NoKAxlQ2Qo/z+5WaXxKm+Jw1b
rgIddslrHRQGo59WaXeTPyRZ38gwNkd22ceKr3Vbk44qsl8y6hMUXAase+EB+S+n
hLRz/P1QFKBA+bpgKPGm3m1eigpApw8JhNpcPUh78iFU85WWwjvBRq2HfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIztClyJsYRTTm2yOjO4bOgTVhnlMB8GA1UdIwQY
MBaAFBy0ZLoDi8C7vuQA8+kI31FILFG7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSExSa3VnT0x3THUtNUFEejZRamZVVWdzVWJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wODcyOWYtNzlhNi00OGQwLWIyZTEt
YmIyNjE0M2M1ZWRjLzEvak8wS1hJbXhoRk5PYmJJNk03aHM2Qk5XR2VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wODcyOWYtNzlhNi00OGQwLWIyZTEtYmIyNjE0M2M1ZWRj
LzEvSExSa3VnT0x3THUtNUFEejZRamZVVWdzVWJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCTigIMA0G
CSqGSIb3DQEBCwUAA4IBAQBtVvMAmU8NAMPP4cvVq9rgFgQ/rAcrdi++ixOzzE0X
sKLtsIv0VJ3dRmn3KkpLIgPkFW56sJrV47N7esGXYg85WyXNB8CEQsx2GouRmLWN
Z08WUyK5Gax74OKgazFjOsk0BLK8Pj25q+jqhrc679UisJ5G+go943XlJZPNttY7
JmX2WiTXrdsDEnERfbZ8r+giTzgQJ8qRoi3MsK6wWOV7da1iALm7nh/6QRBodNsT
dwlpJR9ojAiZq7qfY2FQusbM+qs+LdEo4SkOvnfy6fsYEhegQq8znPLUcXSnuAzz
u7we2ODp5R3xj5cb0acln5nKExjeNb9oCShXJ/Ezyq2/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:02 2024 by rpki-client on console-fra.rpki-client.org