Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/4YZ1BZRayjIk3QYeg6HORaX5s-c.roa
File:                     4YZ1BZRayjIk3QYeg6HORaX5s-c.roa (raw, json)
Hash identifier:          iHm/d5GPpQdC1XbwZBQQ1yquvdpnt3TibibDL/AvzTE=
Subject key identifier:   E1:86:75:05:94:5A:CA:32:24:DD:06:1E:83:A1:CE:45:A5:F9:B3:E7
Certificate issuer:       /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial:       01856B532ABDCF472C6707FC7F2A401535C5
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/4YZ1BZRayjIk3QYeg6HORaX5s-c.roa
Signing time:             Sun 01 Jan 2023 03:14:50 +0000
ROA not before:           Sun 01 Jan 2023 03:14:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203917
IP address blocks:        212.70.156.0/24 maxlen: 24
                          78.108.251.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:53:2a:bd:cf:47:2c:67:07:fc:7f:2a:40:15:35:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
        Validity
            Not Before: Jan  1 03:14:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e1867505945aca3224dd061e83a1ce45a5f9b3e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:19:b4:55:36:89:13:e8:58:a0:99:84:31:28:
                    fd:7c:d6:71:97:36:a9:64:9c:9e:00:a9:cd:98:2b:
                    7c:de:65:0f:68:0a:e8:6c:21:3e:67:64:0a:63:9f:
                    0d:f9:58:49:3b:fc:2f:c4:a3:72:50:d7:41:a5:9f:
                    42:ad:bc:d0:ae:a7:2a:cf:db:4e:40:5e:ec:12:78:
                    f1:23:87:e0:69:ff:ce:80:1d:d9:34:da:7e:13:b5:
                    0c:20:df:6e:93:3b:ab:60:2c:c2:f1:9f:d3:91:73:
                    3f:0d:81:ac:1c:93:11:99:1d:d4:f1:bb:1d:bc:3a:
                    a1:2d:50:37:b0:ce:bc:a7:82:65:ab:b5:59:30:8f:
                    3d:67:e4:71:03:cf:3e:f3:b3:82:d3:55:0f:55:1a:
                    bc:56:5a:c3:8e:a3:5e:f3:ff:16:2e:c7:3c:5b:94:
                    f6:20:d2:14:78:ff:cc:26:a7:3a:96:1b:05:66:18:
                    62:38:5f:7a:3d:c6:2e:3c:1a:ea:9d:f7:ef:b5:a3:
                    d8:b6:e3:36:bc:55:d4:d2:37:12:84:fe:9b:69:7f:
                    76:27:63:48:1c:e3:6a:b0:9c:ba:4c:2e:aa:86:f1:
                    f5:64:7a:7f:7b:7b:80:c6:20:9a:44:75:7d:7a:64:
                    6e:5e:77:9a:91:fb:e1:54:5d:bd:d0:90:9e:53:fe:
                    3c:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:86:75:05:94:5A:CA:32:24:DD:06:1E:83:A1:CE:45:A5:F9:B3:E7
            X509v3 Authority Key Identifier:
                keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/4YZ1BZRayjIk3QYeg6HORaX5s-c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.108.251.0/24
                  212.70.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:2a:65:6c:9c:99:12:85:e6:89:59:38:71:0e:d2:fc:00:43:
         ae:27:76:c9:b3:b3:9d:f1:9f:83:ad:02:62:21:4a:ea:97:6f:
         8a:0f:d3:e0:7f:3c:bb:5d:de:56:8e:e8:08:4f:a4:1c:d5:e7:
         77:12:4c:13:e0:c3:f5:f5:21:1e:04:a9:1a:da:28:49:6f:5e:
         0c:76:4f:f9:53:c5:c2:25:91:cf:c0:55:4a:78:8c:ea:a7:ad:
         77:26:7a:d3:7a:bb:fa:06:53:c1:bc:37:5a:59:ee:1e:3b:66:
         1e:3a:bf:3b:71:4e:5c:38:08:92:92:13:24:c9:d0:bd:ab:4f:
         97:7d:c9:e6:96:de:bb:05:0b:1d:0e:3e:47:d4:af:1d:be:69:
         43:87:e0:f3:60:69:ae:2c:21:3a:93:78:65:f9:ea:3b:5f:a0:
         2c:66:67:d1:be:c2:34:0a:13:83:7f:51:02:82:ef:0d:67:a9:
         53:05:ac:b9:1e:4d:31:07:98:48:d6:59:61:d7:37:74:04:14:
         6c:a0:c7:69:52:73:73:13:c7:30:bb:9d:d2:59:5e:4d:d1:2c:
         85:84:55:e2:d2:d2:97:40:cc:09:91:01:4c:2c:bc:3a:85:1d:
         4b:c6:e4:cb:3c:3a:ce:af:f9:d3:88:f2:d1:89:f6:a5:d6:53:
         10:e0:4e:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrUyq9z0csZwf8fypAFTXFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjMwMTAxMDMxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTg2NzUwNTk0NWFjYTMyMjRkZDA2MWU4M2ExY2U0NWE1ZjliM2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRm0VTaJE+hYoJmEMSj9fNZxlzap
ZJyeAKnNmCt83mUPaArobCE+Z2QKY58N+VhJO/wvxKNyUNdBpZ9CrbzQrqcqz9tO
QF7sEnjxI4fgaf/OgB3ZNNp+E7UMIN9ukzurYCzC8Z/TkXM/DYGsHJMRmR3U8bsd
vDqhLVA3sM68p4Jlq7VZMI89Z+RxA88+87OC01UPVRq8VlrDjqNe8/8WLsc8W5T2
INIUeP/MJqc6lhsFZhhiOF96PcYuPBrqnffvtaPYtuM2vFXU0jcShP6baX92J2NI
HONqsJy6TC6qhvH1ZHp/e3uAxiCaRHV9emRuXneakfvhVF290JCeU/48MwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOGGdQWUWsoyJN0GHoOhzkWl+bPnMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvNFlaMUJaUmF5aklrM1FZZWc2SE9SYVg1cy1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATmz7AwQA
1EacMA0GCSqGSIb3DQEBCwUAA4IBAQARKmVsnJkSheaJWThxDtL8AEOuJ3bJs7Od
8Z+DrQJiIUrql2+KD9Pgfzy7Xd5WjugIT6Qc1ed3EkwT4MP19SEeBKka2ihJb14M
dk/5U8XCJZHPwFVKeIzqp613JnrTerv6BlPBvDdaWe4eO2YeOr87cU5cOAiSkhMk
ydC9q0+Xfcnmlt67BQsdDj5H1K8dvmlDh+DzYGmuLCE6k3hl+eo7X6AsZmfRvsI0
ChODf1ECgu8NZ6lTBay5Hk0xB5hI1llh1zd0BBRsoMdpUnNzE8cwu53SWV5N0SyF
hFXi0tKXQMwJkQFMLLw6hR1LxuTLPDrOr/nTiPLRifal1lMQ4E6W
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:14 2024 by rpki-client on console-fra.rpki-client.org