Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/163d77-4fea-4131-becb-0f22d89689a0/1/jKJoiro6NKcXFGhy-xyznfNy63k.roa
File:                     jKJoiro6NKcXFGhy-xyznfNy63k.roa (raw, json)
Hash identifier:          3uSHer//SRjbd9g+lteaYqMJRmxrAagemS1/3mpDkbw=
Subject key identifier:   8C:A2:68:8A:BA:3A:34:A7:17:14:68:72:FB:1C:B3:9D:F3:72:EB:79
Certificate issuer:       /CN=a42000c4f4ec4a03cd4d3657e01b70034ec23b97
Certificate serial:       01856F795DFEBAF1677F6B13C4F2635C1AFD
Authority key identifier: A4:20:00:C4:F4:EC:4A:03:CD:4D:36:57:E0:1B:70:03:4E:C2:3B:97
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pCAAxPTsSgPNTTZX4BtwA07CO5c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/163d77-4fea-4131-becb-0f22d89689a0/1/jKJoiro6NKcXFGhy-xyznfNy63k.roa
Signing time:             Sun 01 Jan 2023 22:35:02 +0000
ROA not before:           Sun 01 Jan 2023 22:35:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15533
IP address blocks:        178.218.242.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:79:5d:fe:ba:f1:67:7f:6b:13:c4:f2:63:5c:1a:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a42000c4f4ec4a03cd4d3657e01b70034ec23b97
        Validity
            Not Before: Jan  1 22:35:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8ca2688aba3a34a717146872fb1cb39df372eb79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:60:4c:c9:ab:0a:96:5f:a6:1e:cb:30:9f:1e:
                    76:18:ac:e5:ee:50:4f:9f:46:d6:12:68:e8:3a:a4:
                    b6:5a:a9:db:d3:8d:9c:23:43:ff:aa:c0:b7:6a:69:
                    42:1c:0e:d6:9e:6a:5c:7e:07:1e:9c:96:9f:55:a5:
                    16:03:84:b2:a6:61:ff:ce:3b:bd:36:7b:05:4f:0c:
                    89:a3:98:6c:6f:b9:ae:b4:87:2b:f7:29:d7:06:5f:
                    e0:1d:1a:bb:96:fa:83:71:ca:88:3d:39:4f:43:d2:
                    5e:9d:f4:a2:27:8e:71:5b:eb:69:3e:a5:96:2a:43:
                    02:a9:7a:75:7e:58:b3:dc:37:14:b3:4e:72:65:bd:
                    47:c0:fc:d8:ba:a8:06:67:f1:87:8e:49:18:04:8f:
                    09:ae:e5:24:d3:72:fc:af:ea:45:ac:ee:a7:89:a3:
                    e2:47:0f:d8:22:fb:f2:66:77:7f:e9:8c:95:db:a6:
                    ec:95:08:44:87:ff:4c:b8:9b:16:1f:c7:e3:0a:f3:
                    12:a0:89:3f:63:2b:2a:1e:b3:db:83:ea:0a:e4:ce:
                    4a:4f:4c:9a:71:0a:58:ab:fe:f9:c2:2d:5c:85:4c:
                    15:d5:b2:3e:13:a3:d6:26:21:92:50:91:30:37:d9:
                    da:1d:91:b4:83:fb:75:76:30:bd:d2:23:e9:58:d7:
                    1e:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:A2:68:8A:BA:3A:34:A7:17:14:68:72:FB:1C:B3:9D:F3:72:EB:79
            X509v3 Authority Key Identifier:
                keyid:A4:20:00:C4:F4:EC:4A:03:CD:4D:36:57:E0:1B:70:03:4E:C2:3B:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pCAAxPTsSgPNTTZX4BtwA07CO5c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/163d77-4fea-4131-becb-0f22d89689a0/1/jKJoiro6NKcXFGhy-xyznfNy63k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/163d77-4fea-4131-becb-0f22d89689a0/1/pCAAxPTsSgPNTTZX4BtwA07CO5c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.218.242.0/23

    Signature Algorithm: sha256WithRSAEncryption
         76:a6:b5:93:ad:0b:33:75:b5:aa:d1:f1:da:67:12:94:27:d3:
         aa:75:6b:91:9b:bb:2d:7c:4a:e2:be:c0:7f:5c:3e:5b:3a:f3:
         16:63:dc:22:b3:e9:52:a4:5b:b0:df:1e:45:c3:e0:e4:82:60:
         95:8b:3d:d7:f1:62:fd:ea:c8:43:2f:27:ad:b4:9d:cd:d1:54:
         af:e5:82:f5:21:16:77:78:24:9f:3f:7a:f4:6f:1a:da:b3:a2:
         fc:86:9b:f4:e4:86:60:21:b9:d5:83:cc:d2:4a:1b:2c:e7:4b:
         72:14:74:4f:ca:7e:f3:f3:3a:5b:fb:09:35:f9:dd:7d:ae:b9:
         c3:26:76:f4:65:ba:3c:8b:4f:53:33:e5:7c:78:00:44:ff:20:
         66:0f:88:23:7e:22:7f:11:7a:83:29:3e:56:0c:7f:e5:67:1d:
         e7:1d:73:7a:f9:b8:d4:92:5f:52:ff:dd:4f:35:f0:af:4e:ad:
         3b:48:ae:0d:d0:58:b5:d9:b7:57:70:ba:9b:f3:70:78:d1:cd:
         24:72:d5:55:9d:d1:64:b2:51:fd:89:0c:d6:11:7a:b5:e0:dd:
         71:0f:1d:5c:99:a0:33:7e:81:d3:86:53:d0:f3:93:fb:c7:aa:
         b6:63:27:33:5b:eb:b3:fc:d3:6e:ab:af:ae:cc:af:8a:1b:c6:
         bc:6c:ef:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVveV3+uvFnf2sTxPJjXBr9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MjAwMGM0ZjRlYzRhMDNjZDRkMzY1N2UwMWI3MDAzNGVj
MjNiOTcwHhcNMjMwMTAxMjIzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2EyNjg4YWJhM2EzNGE3MTcxNDY4NzJmYjFjYjM5ZGYzNzJlYjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWBMyasKll+mHsswnx52GKzl7lBP
n0bWEmjoOqS2Wqnb042cI0P/qsC3amlCHA7WnmpcfgcenJafVaUWA4SypmH/zju9
NnsFTwyJo5hsb7mutIcr9ynXBl/gHRq7lvqDccqIPTlPQ9JenfSiJ45xW+tpPqWW
KkMCqXp1fliz3DcUs05yZb1HwPzYuqgGZ/GHjkkYBI8JruUk03L8r+pFrO6niaPi
Rw/YIvvyZnd/6YyV26bslQhEh/9MuJsWH8fjCvMSoIk/YysqHrPbg+oK5M5KT0ya
cQpYq/75wi1chUwV1bI+E6PWJiGSUJEwN9naHZG0g/t1djC90iPpWNceVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIyiaIq6OjSnFxRocvscs53zcut5MB8GA1UdIwQY
MBaAFKQgAMT07EoDzU02V+AbcANOwjuXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcENBQXhQVHNTZ1BOVFRaWDRCdHdBMDdDTzVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xNjNkNzctNGZlYS00MTMxLWJlY2It
MGYyMmQ4OTY4OWEwLzEvaktKb2lybzZOS2NYRkdoeS14eXpuZk55NjNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xNjNkNzctNGZlYS00MTMxLWJlY2ItMGYyMmQ4OTY4OWEw
LzEvcENBQXhQVHNTZ1BOVFRaWDRCdHdBMDdDTzVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBstryMA0G
CSqGSIb3DQEBCwUAA4IBAQB2prWTrQszdbWq0fHaZxKUJ9OqdWuRm7stfErivsB/
XD5bOvMWY9wis+lSpFuw3x5Fw+DkgmCViz3X8WL96shDLyettJ3N0VSv5YL1IRZ3
eCSfP3r0bxras6L8hpv05IZgIbnVg8zSShss50tyFHRPyn7z8zpb+wk1+d19rrnD
Jnb0Zbo8i09TM+V8eABE/yBmD4gjfiJ/EXqDKT5WDH/lZx3nHXN6+bjUkl9S/91P
NfCvTq07SK4N0Fi12bdXcLqb83B40c0kctVVndFkslH9iQzWEXq14N1xDx1cmaAz
foHThlPQ85P7x6q2YyczW+uz/NNuq6+uzK+KG8a8bO+k
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:05 2024 by rpki-client on console-fra.rpki-client.org