Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/npCy9N5AQT5muqbfDaSewATJNYg.roa
File:                     npCy9N5AQT5muqbfDaSewATJNYg.roa (raw, json)
Hash identifier:          PQz50YlDDY97THIUB+F0zVrLbH0TgUTPfguIhyD59vY=
Subject key identifier:   9E:90:B2:F4:DE:40:41:3E:66:BA:A6:DF:0D:A4:9E:C0:04:C9:35:88
Certificate issuer:       /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial:       01886DBA96C5BA487A6BAD674DC1201E3A5B
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/npCy9N5AQT5muqbfDaSewATJNYg.roa
Signing time:             Tue 30 May 2023 17:35:24 +0000
ROA not before:           Tue 30 May 2023 17:35:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        14.102.238.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:6d:ba:96:c5:ba:48:7a:6b:ad:67:4d:c1:20:1e:3a:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
        Validity
            Not Before: May 30 17:35:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9e90b2f4de40413e66baa6df0da49ec004c93588
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:68:37:b7:15:34:b2:08:38:db:60:df:4f:79:
                    89:ea:10:33:40:6d:e4:eb:2d:48:95:4f:59:2d:33:
                    07:63:39:01:e6:4a:3b:c7:f8:99:dc:da:eb:16:71:
                    64:02:1e:37:5b:b5:ac:24:ce:07:cd:15:26:34:cb:
                    7b:64:3a:fb:a2:9d:82:f2:3e:89:ad:cd:07:1e:94:
                    c0:28:b7:07:32:70:80:b8:ca:90:32:7b:40:c6:8a:
                    c3:9e:5f:c3:14:92:6c:04:a1:fb:e7:15:89:9f:0e:
                    8b:4a:b2:0d:dd:2a:e5:18:75:df:78:7f:fe:db:09:
                    3c:cf:dc:ab:a9:81:59:de:e2:b7:bf:69:16:d7:4d:
                    be:64:fc:37:87:4e:fe:58:66:f0:b0:0a:e6:f8:04:
                    0d:55:8e:01:bc:78:57:b9:f4:ab:22:04:ce:2a:74:
                    a7:2e:4f:b8:11:8e:0f:64:bd:97:99:e7:4a:e7:f7:
                    97:e3:d2:92:85:11:4d:d5:55:16:04:fd:50:b8:11:
                    24:0b:6f:9d:b8:5d:8e:23:53:82:0a:ab:5f:e8:c0:
                    48:ad:88:61:32:9e:bd:2e:17:b9:6d:c8:81:03:f1:
                    ee:6c:7a:b1:b6:3b:c7:9f:91:13:b4:d7:05:53:30:
                    4d:f6:4d:a4:43:d2:50:6c:b2:3d:bf:ca:38:8b:d6:
                    e2:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:90:B2:F4:DE:40:41:3E:66:BA:A6:DF:0D:A4:9E:C0:04:C9:35:88
            X509v3 Authority Key Identifier:
                keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/npCy9N5AQT5muqbfDaSewATJNYg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  14.102.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:57:24:df:64:32:a0:71:d8:24:9c:af:32:f5:70:6f:7a:cb:
         1c:27:3c:37:b9:5a:0d:08:a6:ee:4c:fa:77:21:71:5f:7e:1e:
         67:ae:67:96:dc:d1:eb:4a:02:2c:7a:ac:9f:2c:c0:60:8f:9e:
         59:47:7f:73:80:36:ae:9f:16:1d:e7:93:75:40:70:2d:a9:66:
         f1:24:ee:26:6a:3e:42:9a:6d:8d:bd:76:a6:ca:7b:ff:8f:9a:
         8a:3e:c6:e8:9d:91:3a:9c:ce:22:bb:6c:f2:f3:fa:83:b0:06:
         88:c0:22:82:fd:0a:3f:92:de:c3:02:23:5f:2b:1a:e0:28:bd:
         54:76:4a:48:b9:75:23:25:66:23:55:7d:0e:4b:29:98:da:08:
         c4:f5:6a:fb:cc:82:4f:89:d4:b8:60:fd:81:11:7e:ce:8a:2f:
         09:c4:b4:c1:e3:c6:13:b2:32:6b:ed:d6:21:5d:38:4e:aa:be:
         4b:8f:40:ab:b2:ff:06:db:8f:4d:89:cc:f4:09:42:02:20:4a:
         b3:e9:75:fd:08:5f:9e:ff:7c:79:d3:62:af:6a:7f:4d:dc:82:
         5d:5c:a2:44:5c:a6:5e:15:1f:31:e3:98:b7:9d:3a:33:64:a6:
         ae:b1:32:52:64:3b:24:7c:de:19:7e:f9:14:6a:c5:7c:8d:e5:
         e1:aa:89:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhtupbFukh6a61nTcEgHjpbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjMwNTMwMTczNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTkwYjJmNGRlNDA0MTNlNjZiYWE2ZGYwZGE0OWVjMDA0YzkzNTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWg3txU0sgg422DfT3mJ6hAzQG3k
6y1IlU9ZLTMHYzkB5ko7x/iZ3NrrFnFkAh43W7WsJM4HzRUmNMt7ZDr7op2C8j6J
rc0HHpTAKLcHMnCAuMqQMntAxorDnl/DFJJsBKH75xWJnw6LSrIN3SrlGHXfeH/+
2wk8z9yrqYFZ3uK3v2kW102+ZPw3h07+WGbwsArm+AQNVY4BvHhXufSrIgTOKnSn
Lk+4EY4PZL2XmedK5/eX49KShRFN1VUWBP1QuBEkC2+duF2OI1OCCqtf6MBIrYhh
Mp69Lhe5bciBA/HubHqxtjvHn5ETtNcFUzBN9k2kQ9JQbLI9v8o4i9biSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ6QsvTeQEE+Zrqm3w2knsAEyTWIMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvbnBDeTlONUFRVDVtdXFiZkRhU2V3QVRKTllnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQADmbuMA0G
CSqGSIb3DQEBCwUAA4IBAQB+VyTfZDKgcdgknK8y9XBvesscJzw3uVoNCKbuTPp3
IXFffh5nrmeW3NHrSgIseqyfLMBgj55ZR39zgDaunxYd55N1QHAtqWbxJO4maj5C
mm2NvXamynv/j5qKPsbonZE6nM4iu2zy8/qDsAaIwCKC/Qo/kt7DAiNfKxrgKL1U
dkpIuXUjJWYjVX0OSymY2gjE9Wr7zIJPidS4YP2BEX7Oii8JxLTB48YTsjJr7dYh
XThOqr5Lj0Crsv8G249Nicz0CUICIEqz6XX9CF+e/3x502Kvan9N3IJdXKJEXKZe
FR8x45i3nTozZKausTJSZDskfN4ZfvkUasV8jeXhqomy
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:54 2023 by rpki-client on console-fra.rpki-client.org