Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/ba402c-b00e-4a26-bf53-8e747e34e162/1/TyHp8SrpP1kbbFiP8GchOUXgDtE.roa
File:                     TyHp8SrpP1kbbFiP8GchOUXgDtE.roa (raw, json)
Hash identifier:          ozsiLymPogqXWmfKh13XAW5OQtn/LHDTTrMlcBSE6Jo=
Subject key identifier:   4F:21:E9:F1:2A:E9:3F:59:1B:6C:58:8F:F0:67:21:39:45:E0:0E:D1
Certificate issuer:       /CN=65d9e9266eecabc0fd4a6077eb0ba8fa9f3bde27
Certificate serial:       01856B8A4300858F7CED2B62312A5A899CB3
Authority key identifier: 65:D9:E9:26:6E:EC:AB:C0:FD:4A:60:77:EB:0B:A8:FA:9F:3B:DE:27
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZdnpJm7sq8D9SmB36wuo-p873ic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/ba402c-b00e-4a26-bf53-8e747e34e162/1/TyHp8SrpP1kbbFiP8GchOUXgDtE.roa
Signing time:             Sun 01 Jan 2023 04:15:01 +0000
ROA not before:           Sun 01 Jan 2023 04:15:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        95.214.50.0/24 maxlen: 24
                          95.214.51.0/24 maxlen: 24
                          95.214.48.0/24 maxlen: 24
                          95.214.49.0/24 maxlen: 24
                          2a09:d682::/32 maxlen: 48
                          2a09:d685::/32 maxlen: 48
                          2a09:d686::/32 maxlen: 48
                          2a09:d681::/32 maxlen: 48
                          2a09:d683::/32 maxlen: 48
                          2a09:d684::/32 maxlen: 48
                          2a09:d687::/32 maxlen: 48
                          2a09:d680::/32 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:8a:43:00:85:8f:7c:ed:2b:62:31:2a:5a:89:9c:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65d9e9266eecabc0fd4a6077eb0ba8fa9f3bde27
        Validity
            Not Before: Jan  1 04:15:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4f21e9f12ae93f591b6c588ff067213945e00ed1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:ef:a0:32:d2:c1:39:6e:53:62:fd:3d:39:e1:
                    1b:8a:32:3b:05:05:a8:c2:3e:e4:3c:0a:d1:bb:42:
                    3b:7b:af:94:ac:8f:4b:a5:7d:aa:9b:34:c9:7f:77:
                    dd:af:65:86:d3:ac:b8:fa:f4:03:80:8b:d0:5a:34:
                    46:b4:63:dc:ee:ad:99:d3:66:38:5c:d0:58:c3:86:
                    35:e0:76:97:16:04:e0:35:af:e9:52:e7:4d:da:33:
                    ab:db:b6:02:e6:04:04:c6:c6:0f:27:1c:54:ad:fc:
                    c9:b2:0b:d6:c0:24:06:cb:9c:ea:4b:ab:fd:5b:fc:
                    0d:79:7a:d8:be:6c:d3:88:93:53:3b:a6:32:a7:a5:
                    1a:ba:06:c9:5a:7f:c3:e7:c3:3b:8c:d8:b3:f5:2e:
                    f6:64:fe:ea:85:5c:b4:7e:e9:19:2b:00:00:50:1a:
                    8e:ad:5a:b7:57:36:20:2e:44:3f:01:0e:a9:7a:47:
                    2a:17:7f:94:7b:f2:45:53:34:08:fb:b4:26:31:bf:
                    e5:9f:09:47:af:da:12:0b:31:d1:e4:a6:68:2b:fe:
                    0c:ec:cb:a5:41:e0:41:57:c9:5e:09:a7:84:8b:26:
                    db:a4:03:12:12:5b:db:9b:cf:cc:2c:a0:f7:72:99:
                    e9:ac:5f:9f:e6:16:f2:15:fd:de:c2:8c:32:e3:be:
                    8f:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:21:E9:F1:2A:E9:3F:59:1B:6C:58:8F:F0:67:21:39:45:E0:0E:D1
            X509v3 Authority Key Identifier:
                keyid:65:D9:E9:26:6E:EC:AB:C0:FD:4A:60:77:EB:0B:A8:FA:9F:3B:DE:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZdnpJm7sq8D9SmB36wuo-p873ic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/ba402c-b00e-4a26-bf53-8e747e34e162/1/TyHp8SrpP1kbbFiP8GchOUXgDtE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/ba402c-b00e-4a26-bf53-8e747e34e162/1/ZdnpJm7sq8D9SmB36wuo-p873ic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.214.48.0/22
                IPv6:
                  2a09:d680::/29

    Signature Algorithm: sha256WithRSAEncryption
         3b:9a:90:8a:29:59:f2:fc:ec:09:19:09:0c:a1:d5:ac:01:4f:
         cf:68:87:38:81:98:3e:e8:8e:da:1c:a4:b1:c7:42:e0:40:bc:
         d6:8a:df:2a:3c:46:91:5e:46:92:3d:df:4b:b7:bb:b5:06:94:
         f1:a9:ac:7e:8c:90:17:26:fb:c5:21:84:37:29:7b:d7:a7:71:
         c0:3d:d0:ab:3f:36:40:d5:b1:a3:82:11:d0:e8:e0:95:87:db:
         0d:00:38:3f:2e:d5:aa:ac:47:ba:ad:d0:68:2e:f1:f4:41:3e:
         25:2f:1c:34:b1:05:7b:0f:0a:8a:57:16:8a:99:ee:a1:d8:e9:
         a9:4a:da:e8:1b:87:49:e9:4b:ff:71:6e:04:42:20:a3:08:c9:
         18:9f:c7:ba:99:6f:0b:53:3b:4a:fc:0a:2e:e2:ad:ff:4c:25:
         32:7b:75:64:46:ca:70:c0:cb:7f:03:5b:25:2f:84:d1:0d:4a:
         e6:4e:b8:3d:c3:b5:a0:c6:f1:c2:29:2a:9f:47:ba:02:a7:18:
         09:52:7a:47:fe:e5:9a:75:69:2f:cb:cf:fc:5b:08:76:0f:ea:
         3d:56:f7:35:3d:c2:16:0e:b8:4c:ab:26:2b:d9:ec:ba:10:05:
         67:8b:4b:ff:06:e5:16:c1:41:d8:1a:8e:41:97:23:c2:aa:bd:
         3d:d8:ad:ae
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrikMAhY987StiMSpaiZyzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZDllOTI2NmVlY2FiYzBmZDRhNjA3N2ViMGJhOGZhOWYz
YmRlMjcwHhcNMjMwMTAxMDQxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjIxZTlmMTJhZTkzZjU5MWI2YzU4OGZmMDY3MjEzOTQ1ZTAwZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1e+gMtLBOW5TYv09OeEbijI7BQWo
wj7kPArRu0I7e6+UrI9LpX2qmzTJf3fdr2WG06y4+vQDgIvQWjRGtGPc7q2Z02Y4
XNBYw4Y14HaXFgTgNa/pUudN2jOr27YC5gQExsYPJxxUrfzJsgvWwCQGy5zqS6v9
W/wNeXrYvmzTiJNTO6Yyp6UaugbJWn/D58M7jNiz9S72ZP7qhVy0fukZKwAAUBqO
rVq3VzYgLkQ/AQ6pekcqF3+Ue/JFUzQI+7QmMb/lnwlHr9oSCzHR5KZoK/4M7Mul
QeBBV8leCaeEiybbpAMSElvbm8/MLKD3cpnprF+f5hbyFf3ewowy476PFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE8h6fEq6T9ZG2xYj/BnITlF4A7RMB8GA1UdIwQY
MBaAFGXZ6SZu7KvA/Upgd+sLqPqfO94nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmRucEptN3NxOEQ5U21CMzZ3dW8tcDg3M2ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9iYTQwMmMtYjAwZS00YTI2LWJmNTMt
OGU3NDdlMzRlMTYyLzEvVHlIcDhTcnBQMWtiYkZpUDhHY2hPVVhnRHRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9iYTQwMmMtYjAwZS00YTI2LWJmNTMtOGU3NDdlMzRlMTYy
LzEvWmRucEptN3NxOEQ5U21CMzZ3dW8tcDg3M2ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCX9YwMA0E
AgACMAcDBQMqCdaAMA0GCSqGSIb3DQEBCwUAA4IBAQA7mpCKKVny/OwJGQkModWs
AU/PaIc4gZg+6I7aHKSxx0LgQLzWit8qPEaRXkaSPd9Lt7u1BpTxqax+jJAXJvvF
IYQ3KXvXp3HAPdCrPzZA1bGjghHQ6OCVh9sNADg/LtWqrEe6rdBoLvH0QT4lLxw0
sQV7DwqKVxaKme6h2OmpStroG4dJ6Uv/cW4EQiCjCMkYn8e6mW8LUztK/Aou4q3/
TCUye3VkRspwwMt/A1slL4TRDUrmTrg9w7WgxvHCKSqfR7oCpxgJUnpH/uWadWkv
y8/8Wwh2D+o9Vvc1PcIWDrhMqyYr2ey6EAVni0v/BuUWwUHYGo5BlyPCqr092K2u
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:51 2024 by rpki-client on console-fra.rpki-client.org