Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/zjH-fMag__1qT2eOV3cLqg3Oios.roa
File:                     zjH-fMag__1qT2eOV3cLqg3Oios.roa (raw, json)
Hash identifier:          /5SyA6E4uAFmcbVkt275R8pXzIiny0PpUzj6i/4U6c8=
Subject key identifier:   CE:31:FE:7C:C6:A0:FF:FD:6A:4F:67:8E:57:77:0B:AA:0D:CE:8A:8B
Certificate issuer:       /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial:       0185711E6AFF1FE9B6824CD746146399DFB8
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/zjH-fMag__1qT2eOV3cLqg3Oios.roa
Signing time:             Mon 02 Jan 2023 06:14:56 +0000
ROA not before:           Mon 02 Jan 2023 06:14:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210703
IP address blocks:        45.156.147.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:1e:6a:ff:1f:e9:b6:82:4c:d7:46:14:63:99:df:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
        Validity
            Not Before: Jan  2 06:14:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ce31fe7cc6a0fffd6a4f678e57770baa0dce8a8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:e2:e6:da:db:ea:45:ee:93:d8:db:df:1d:8e:
                    9a:2c:25:23:ab:f1:d7:c2:95:63:31:7c:49:17:f9:
                    f3:c7:8b:0d:6b:e5:ae:9b:d7:f2:6b:56:e0:9a:f3:
                    4b:2a:4c:66:d4:a6:65:a5:3d:29:0c:aa:92:fd:a4:
                    bb:05:99:2b:df:00:2a:89:03:c1:59:c1:a1:e3:7b:
                    df:65:a2:29:71:ae:49:ca:57:80:bb:4e:e9:21:69:
                    31:78:e2:a8:38:a0:ec:6b:ce:77:0c:7f:e4:1f:4e:
                    63:b2:bc:59:59:c2:cb:25:28:3d:ef:57:04:cd:4c:
                    5f:d0:d7:19:08:c2:39:76:c5:4d:ec:4c:a0:cc:dc:
                    86:cb:6f:6a:bc:aa:ab:73:b7:0e:47:b0:0d:29:e9:
                    10:c4:c9:c4:6b:c3:a6:41:ff:46:62:dc:d7:d6:66:
                    fb:f1:2e:24:96:e4:6f:22:e7:52:42:87:52:56:70:
                    5f:9f:fd:f3:5e:71:04:78:31:fc:d8:eb:5c:61:ff:
                    43:a5:eb:94:bc:31:94:18:84:f7:94:d5:f0:27:29:
                    46:a1:3d:c3:e4:70:9c:43:e2:c2:4e:4d:a8:b7:18:
                    b1:22:6d:fb:9a:79:4b:52:7e:86:8e:e7:71:2b:63:
                    9d:8f:63:77:b7:6e:ea:0c:c6:dd:46:01:55:49:46:
                    04:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:31:FE:7C:C6:A0:FF:FD:6A:4F:67:8E:57:77:0B:AA:0D:CE:8A:8B
            X509v3 Authority Key Identifier:
                keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/zjH-fMag__1qT2eOV3cLqg3Oios.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.156.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b1:c7:a0:b6:e1:ee:0e:9e:e5:53:f8:98:6f:b9:0c:2f:61:8e:
         ae:81:59:ee:ac:2a:8e:cd:38:48:87:40:5b:c8:25:34:06:8a:
         f4:59:c4:6e:31:64:ea:a3:a2:e5:44:29:c0:b7:cc:71:f3:99:
         1c:8c:92:ac:64:ed:6e:a2:bd:62:7b:63:39:f4:b2:05:26:89:
         2a:62:0c:06:a5:0d:a7:5a:40:0d:46:f8:0f:ff:d6:37:92:e8:
         93:c3:04:40:71:8e:25:01:e1:7b:99:76:18:c2:fa:e0:97:57:
         f6:ca:01:38:5f:8f:a7:a6:b2:d0:7c:9f:6b:4e:88:34:e4:09:
         1d:4e:d1:8d:f5:c7:6e:b6:5f:5c:b2:1b:8e:b1:84:ab:be:c4:
         3d:6e:4a:80:35:19:69:e3:aa:42:59:48:15:de:1b:d9:96:f0:
         7e:3e:84:99:54:3d:e0:7e:4d:82:93:f6:7c:0e:19:bb:10:9a:
         a3:e0:b1:49:50:13:90:a0:d3:34:8a:cb:2a:98:77:26:6f:3c:
         9e:00:a6:1b:34:a6:82:51:eb:3c:60:f9:03:5f:f1:a7:b3:a9:
         75:70:ca:06:ee:85:94:f4:87:3a:18:db:48:ad:7f:30:ba:c2:
         71:54:41:a0:2b:17:f2:7c:28:61:61:c8:f9:3c:81:1c:5a:f8:
         b2:d5:78:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxHmr/H+m2gkzXRhRjmd+4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjMwMTAyMDYxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTMxZmU3Y2M2YTBmZmZkNmE0ZjY3OGU1Nzc3MGJhYTBkY2U4YThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+Lm2tvqRe6T2NvfHY6aLCUjq/HX
wpVjMXxJF/nzx4sNa+Wum9fya1bgmvNLKkxm1KZlpT0pDKqS/aS7BZkr3wAqiQPB
WcGh43vfZaIpca5JyleAu07pIWkxeOKoOKDsa853DH/kH05jsrxZWcLLJSg971cE
zUxf0NcZCMI5dsVN7EygzNyGy29qvKqrc7cOR7ANKekQxMnEa8OmQf9GYtzX1mb7
8S4kluRvIudSQodSVnBfn/3zXnEEeDH82OtcYf9DpeuUvDGUGIT3lNXwJylGoT3D
5HCcQ+LCTk2otxixIm37mnlLUn6GjudxK2Odj2N3t27qDMbdRgFVSUYEsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM4x/nzGoP/9ak9njld3C6oNzoqLMB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEvempILWZNYWdfXzFxVDJlT1YzY0xxZzNPaW9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZyTMA0G
CSqGSIb3DQEBCwUAA4IBAQCxx6C24e4OnuVT+JhvuQwvYY6ugVnurCqOzThIh0Bb
yCU0Bor0WcRuMWTqo6LlRCnAt8xx85kcjJKsZO1uor1ie2M59LIFJokqYgwGpQ2n
WkANRvgP/9Y3kuiTwwRAcY4lAeF7mXYYwvrgl1f2ygE4X4+nprLQfJ9rTog05Akd
TtGN9cdutl9cshuOsYSrvsQ9bkqANRlp46pCWUgV3hvZlvB+PoSZVD3gfk2Ck/Z8
Dhm7EJqj4LFJUBOQoNM0issqmHcmbzyeAKYbNKaCUes8YPkDX/Gns6l1cMoG7oWU
9Ic6GNtIrX8wusJxVEGgKxfyfChhYcj5PIEcWviy1Xjd
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:03 2023 by rpki-client on console-fra.rpki-client.org