Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/2fa624-5b5d-4646-b13d-16511a6ed9c6/1/78S7m5A1H8mDDAA8vNAfeZa9flY.roa
File:                     78S7m5A1H8mDDAA8vNAfeZa9flY.roa (raw, json)
Hash identifier:          2tGx9NAk5gXj6JJZwWOhjQIcdeXOKGkd+hOd75uE6jc=
Subject key identifier:   EF:C4:BB:9B:90:35:1F:C9:83:0C:00:3C:BC:D0:1F:79:96:BD:7E:56
Certificate issuer:       /CN=9ff2f682053d43c9ad1c6539caee9f4621b0da16
Certificate serial:       018882167D18CED3A73A30C3B0E31D939D70
Authority key identifier: 9F:F2:F6:82:05:3D:43:C9:AD:1C:65:39:CA:EE:9F:46:21:B0:DA:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n_L2ggU9Q8mtHGU5yu6fRiGw2hY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/2fa624-5b5d-4646-b13d-16511a6ed9c6/1/78S7m5A1H8mDDAA8vNAfeZa9flY.roa
Signing time:             Sat 03 Jun 2023 16:28:11 +0000
ROA not before:           Sat 03 Jun 2023 16:28:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     13039
IP address blocks:        194.76.14.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:82:16:7d:18:ce:d3:a7:3a:30:c3:b0:e3:1d:93:9d:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ff2f682053d43c9ad1c6539caee9f4621b0da16
        Validity
            Not Before: Jun  3 16:28:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=efc4bb9b90351fc9830c003cbcd01f7996bd7e56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d0:38:ca:c3:08:45:a9:e2:a1:f4:a0:9a:fa:
                    48:6d:4d:cb:3d:a1:fd:51:ad:56:a2:6c:7b:f2:d0:
                    01:eb:d1:77:93:e3:56:fc:b2:5c:a2:3a:69:42:51:
                    1e:e5:b4:68:81:d1:34:ee:b5:62:b4:ed:0a:da:a6:
                    5a:6b:7d:24:d1:8d:ac:ad:05:e4:8a:fa:f9:6b:65:
                    7d:db:dd:e0:0c:2a:76:8f:15:3f:81:42:ba:1e:6b:
                    7c:80:22:45:3a:bf:0d:fc:cd:11:9c:de:f3:9d:4b:
                    81:97:95:b1:02:02:be:e4:35:48:7a:0c:72:b7:cb:
                    01:d3:aa:0e:df:0c:99:b1:c9:7b:89:ba:d6:28:fc:
                    0d:db:ee:e4:1e:6b:6e:2d:4d:80:0e:02:79:0a:73:
                    f4:01:ec:8c:d7:89:c9:37:c4:0f:6b:42:c3:7f:50:
                    9a:e3:db:28:f5:c0:b5:a0:8f:38:7e:fe:c5:fc:79:
                    1c:11:45:19:79:d1:be:05:33:95:82:6a:e5:0c:89:
                    07:8f:51:ba:30:05:8b:fe:97:1f:56:95:85:46:cb:
                    ff:af:2d:65:d7:7f:24:ee:0b:b6:46:40:8d:01:8b:
                    7d:c6:e7:69:74:4f:53:8a:27:3b:a1:e5:c9:e0:c1:
                    68:85:99:76:13:a6:7d:7e:bc:49:d8:cb:a6:d8:45:
                    75:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:C4:BB:9B:90:35:1F:C9:83:0C:00:3C:BC:D0:1F:79:96:BD:7E:56
            X509v3 Authority Key Identifier:
                keyid:9F:F2:F6:82:05:3D:43:C9:AD:1C:65:39:CA:EE:9F:46:21:B0:DA:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n_L2ggU9Q8mtHGU5yu6fRiGw2hY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/2fa624-5b5d-4646-b13d-16511a6ed9c6/1/78S7m5A1H8mDDAA8vNAfeZa9flY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/2fa624-5b5d-4646-b13d-16511a6ed9c6/1/n_L2ggU9Q8mtHGU5yu6fRiGw2hY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.76.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:63:ce:bf:35:d3:2b:bb:10:6e:3d:e1:22:e0:e2:68:f6:88:
         c5:fc:b5:53:34:31:b5:03:50:d5:db:4e:3b:d8:3f:0c:6c:f7:
         8e:52:8e:32:8d:b9:85:25:f8:3a:98:ac:d8:6f:1b:a1:d1:5f:
         00:c3:f9:14:e2:7c:ae:6c:84:d5:0a:da:a4:26:75:cb:d8:f1:
         ab:4c:22:21:7f:aa:f3:bf:14:ab:98:1d:8f:79:0f:70:ed:57:
         0e:67:e1:47:fc:97:31:43:3e:ba:82:d6:fb:2b:f6:c6:fa:60:
         ec:97:24:cb:35:b9:6b:18:63:5f:56:d7:6b:18:bf:a9:84:d1:
         ac:49:c5:29:e6:99:fe:ac:70:d3:5f:ce:fc:6f:cc:15:0e:17:
         92:75:94:f1:6f:b6:5d:cd:6d:72:7e:18:d0:7d:d3:78:0c:ba:
         3d:b2:c9:8e:29:5c:53:6b:8d:1c:cd:5a:50:01:da:00:06:49:
         61:40:c4:da:61:de:a8:f3:69:39:fa:1d:a1:bc:34:4f:af:9c:
         62:16:52:4d:b3:f2:a0:df:a4:f0:cd:bb:b7:99:40:71:d5:af:
         0b:17:e5:56:33:81:36:34:cf:75:d8:58:e7:0f:61:97:05:69:
         fa:c5:54:40:98:a8:f3:91:aa:76:f2:7a:41:5f:0f:88:30:7e:
         62:8b:f1:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiCFn0YztOnOjDDsOMdk51wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmZjJmNjgyMDUzZDQzYzlhZDFjNjUzOWNhZWU5ZjQ2MjFi
MGRhMTYwHhcNMjMwNjAzMTYyODExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmM0YmI5YjkwMzUxZmM5ODMwYzAwM2NiY2QwMWY3OTk2YmQ3ZTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9A4ysMIRaniofSgmvpIbU3LPaH9
Ua1Womx78tAB69F3k+NW/LJcojppQlEe5bRogdE07rVitO0K2qZaa30k0Y2srQXk
ivr5a2V9293gDCp2jxU/gUK6Hmt8gCJFOr8N/M0RnN7znUuBl5WxAgK+5DVIegxy
t8sB06oO3wyZscl7ibrWKPwN2+7kHmtuLU2ADgJ5CnP0AeyM14nJN8QPa0LDf1Ca
49so9cC1oI84fv7F/HkcEUUZedG+BTOVgmrlDIkHj1G6MAWL/pcfVpWFRsv/ry1l
138k7gu2RkCNAYt9xudpdE9Tiic7oeXJ4MFohZl2E6Z9frxJ2Mum2EV1SwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO/Eu5uQNR/JgwwAPLzQH3mWvX5WMB8GA1UdIwQY
MBaAFJ/y9oIFPUPJrRxlOcrun0YhsNoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbl9MMmdnVTlROG10SEdVNXl1NmZSaUd3MmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8yZmE2MjQtNWI1ZC00NjQ2LWIxM2Qt
MTY1MTFhNmVkOWM2LzEvNzhTN201QTFIOG1EREFBOHZOQWZlWmE5ZmxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8yZmE2MjQtNWI1ZC00NjQ2LWIxM2QtMTY1MTFhNmVkOWM2
LzEvbl9MMmdnVTlROG10SEdVNXl1NmZSaUd3MmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkwOMA0G
CSqGSIb3DQEBCwUAA4IBAQAVY86/NdMruxBuPeEi4OJo9ojF/LVTNDG1A1DV2047
2D8MbPeOUo4yjbmFJfg6mKzYbxuh0V8Aw/kU4nyubITVCtqkJnXL2PGrTCIhf6rz
vxSrmB2PeQ9w7VcOZ+FH/JcxQz66gtb7K/bG+mDslyTLNblrGGNfVtdrGL+phNGs
ScUp5pn+rHDTX878b8wVDheSdZTxb7ZdzW1yfhjQfdN4DLo9ssmOKVxTa40czVpQ
AdoABklhQMTaYd6o82k5+h2hvDRPr5xiFlJNs/Kg36Twzbu3mUBx1a8LF+VWM4E2
NM912FjnD2GXBWn6xVRAmKjzkap28npBXw+IMH5ii/Ef
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:53 2024 by rpki-client on console-fra.rpki-client.org