Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/18cb86-f8f3-4042-a26a-9b53a517a157/1/l1xdspUKaluRuhPFvia3u_N8ESk.roa
File:                     l1xdspUKaluRuhPFvia3u_N8ESk.roa (raw, json)
Hash identifier:          7x8ixxntkvRw0eRw7yEKco2hkoV2UZO3TdQ8/8YqwOE=
Subject key identifier:   97:5C:5D:B2:95:0A:6A:5B:91:BA:13:C5:BE:26:B7:BB:F3:7C:11:29
Certificate issuer:       /CN=85fccaab6898aa22242fa847ce02a5ba1a67dd22
Certificate serial:       01856D38566EAB677DDEE29EFFD72A2A70A0
Authority key identifier: 85:FC:CA:AB:68:98:AA:22:24:2F:A8:47:CE:02:A5:BA:1A:67:DD:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hfzKq2iYqiIkL6hHzgKluhpn3SI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/18cb86-f8f3-4042-a26a-9b53a517a157/1/l1xdspUKaluRuhPFvia3u_N8ESk.roa
Signing time:             Sun 01 Jan 2023 12:04:46 +0000
ROA not before:           Sun 01 Jan 2023 12:04:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        91.247.172.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:38:56:6e:ab:67:7d:de:e2:9e:ff:d7:2a:2a:70:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85fccaab6898aa22242fa847ce02a5ba1a67dd22
        Validity
            Not Before: Jan  1 12:04:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=975c5db2950a6a5b91ba13c5be26b7bbf37c1129
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:c8:4e:94:ef:5c:0e:9f:7d:77:1b:af:d1:e6:
                    4b:7d:59:ed:86:5b:bc:d0:1f:79:b0:46:b8:e7:10:
                    d2:e2:70:23:ec:9c:12:ec:3d:79:5d:5c:03:06:f8:
                    3e:75:58:9c:20:c2:cc:fa:dd:d4:bb:69:2f:42:4d:
                    bf:fa:1b:76:fa:e8:e3:e8:27:af:b5:56:e4:e3:79:
                    79:2c:30:dd:08:d6:94:63:e8:23:7c:9c:9a:e6:69:
                    dc:8f:cc:dd:38:de:79:20:b6:8b:fa:2f:12:f3:27:
                    9d:b4:ec:03:a9:ec:e8:a7:e8:10:30:29:f7:b8:3b:
                    98:57:33:74:35:8d:5c:d8:0e:dd:8a:1a:66:c2:3a:
                    fc:c0:f8:55:64:22:e6:6a:21:0e:08:dd:e5:63:e3:
                    b8:e7:c0:6a:5a:57:0f:a3:68:25:88:c4:51:7c:c2:
                    5f:90:e6:c2:fb:dd:62:27:6f:53:da:57:08:ee:32:
                    05:6e:f9:87:05:24:ba:d0:95:ea:fe:45:a4:bb:f1:
                    18:71:94:4e:f4:6b:14:e4:35:25:87:2d:c4:9a:e7:
                    ed:e9:e0:3a:18:d7:3c:70:fb:70:4f:ae:3f:5b:9f:
                    c6:d4:90:ec:4b:8a:e2:62:ce:aa:4b:bf:32:c5:fb:
                    b9:c3:96:a3:b2:e4:5c:f1:90:d7:bc:e2:6e:36:6b:
                    ce:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:5C:5D:B2:95:0A:6A:5B:91:BA:13:C5:BE:26:B7:BB:F3:7C:11:29
            X509v3 Authority Key Identifier:
                keyid:85:FC:CA:AB:68:98:AA:22:24:2F:A8:47:CE:02:A5:BA:1A:67:DD:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfzKq2iYqiIkL6hHzgKluhpn3SI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/18cb86-f8f3-4042-a26a-9b53a517a157/1/l1xdspUKaluRuhPFvia3u_N8ESk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/18cb86-f8f3-4042-a26a-9b53a517a157/1/hfzKq2iYqiIkL6hHzgKluhpn3SI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.247.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:6e:9a:fc:4f:79:56:59:89:27:f3:7c:fa:76:95:a0:7e:9b:
         97:d3:49:58:5b:38:12:b4:d3:2a:31:d6:53:92:e0:d5:16:02:
         80:89:1b:c9:eb:00:68:39:15:a7:8c:62:a3:f1:8d:e3:6a:8a:
         17:c3:7a:6e:ad:91:9e:8c:60:12:4a:fb:61:9d:5e:0d:dc:39:
         9c:19:4a:1b:ef:e0:c4:03:7a:95:8c:dc:44:a0:44:9c:ba:ec:
         8e:76:84:44:da:bc:76:f5:ff:21:c8:88:74:22:2e:f3:e3:3c:
         e7:c2:37:80:30:5e:a3:94:38:39:ae:41:de:c8:c2:bb:6f:b8:
         2d:fc:74:f0:92:f3:a3:26:69:fb:88:9e:bf:39:88:6e:1c:42:
         83:d3:94:e1:fa:81:26:6f:b8:26:e1:cc:fc:9a:1a:f7:eb:3b:
         42:93:fb:db:5d:9e:95:32:47:32:bf:70:bf:b2:06:f2:a0:4b:
         04:68:31:51:f0:ab:8f:2b:80:e9:65:0d:ab:59:63:99:ff:22:
         b0:a5:0b:11:a3:d1:f5:bb:08:b6:e7:25:4f:04:ac:63:63:5c:
         e0:c5:21:a2:08:84:1c:2f:36:d3:e9:91:df:d9:b2:3c:02:6f:
         ef:7b:9c:e6:7e:26:a9:e2:c8:72:ca:97:15:61:8b:5b:86:af:
         50:78:79:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtOFZuq2d93uKe/9cqKnCgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZmNjYWFiNjg5OGFhMjIyNDJmYTg0N2NlMDJhNWJhMWE2
N2RkMjIwHhcNMjMwMTAxMTIwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzVjNWRiMjk1MGE2YTViOTFiYTEzYzViZTI2YjdiYmYzN2MxMTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8hOlO9cDp99dxuv0eZLfVnthlu8
0B95sEa45xDS4nAj7JwS7D15XVwDBvg+dVicIMLM+t3Uu2kvQk2/+ht2+ujj6Cev
tVbk43l5LDDdCNaUY+gjfJya5mncj8zdON55ILaL+i8S8yedtOwDqezop+gQMCn3
uDuYVzN0NY1c2A7dihpmwjr8wPhVZCLmaiEOCN3lY+O458BqWlcPo2gliMRRfMJf
kObC+91iJ29T2lcI7jIFbvmHBSS60JXq/kWku/EYcZRO9GsU5DUlhy3Emuft6eA6
GNc8cPtwT64/W5/G1JDsS4riYs6qS78yxfu5w5ajsuRc8ZDXvOJuNmvOqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJdcXbKVCmpbkboTxb4mt7vzfBEpMB8GA1UdIwQY
MBaAFIX8yqtomKoiJC+oR84CpboaZ90iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZ6S3EyaVlxaUlrTDZoSHpnS2x1aHBuM1NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8xOGNiODYtZjhmMy00MDQyLWEyNmEt
OWI1M2E1MTdhMTU3LzEvbDF4ZHNwVUthbHVSdWhQRnZpYTN1X044RVNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8xOGNiODYtZjhmMy00MDQyLWEyNmEtOWI1M2E1MTdhMTU3
LzEvaGZ6S3EyaVlxaUlrTDZoSHpnS2x1aHBuM1NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/esMA0G
CSqGSIb3DQEBCwUAA4IBAQAKbpr8T3lWWYkn83z6dpWgfpuX00lYWzgStNMqMdZT
kuDVFgKAiRvJ6wBoORWnjGKj8Y3jaooXw3purZGejGASSvthnV4N3DmcGUob7+DE
A3qVjNxEoEScuuyOdoRE2rx29f8hyIh0Ii7z4zznwjeAMF6jlDg5rkHeyMK7b7gt
/HTwkvOjJmn7iJ6/OYhuHEKD05Th+oEmb7gm4cz8mhr36ztCk/vbXZ6VMkcyv3C/
sgbyoEsEaDFR8KuPK4DpZQ2rWWOZ/yKwpQsRo9H1uwi25yVPBKxjY1zgxSGiCIQc
LzbT6ZHf2bI8Am/ve5zmfiap4shyypcVYYtbhq9QeHlX
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:00 2023 by rpki-client on console-ams.rpki-client.org