Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IX0Grlgrnxfih6eJI6AVSVq2pmM.roa
File:                     IX0Grlgrnxfih6eJI6AVSVq2pmM.roa (raw, json)
Hash identifier:          IH9miDrkiWM7ckAB0uPEvkznR66eI3fp+E1DXBPg8Z0=
Subject key identifier:   21:7D:06:AE:58:2B:9F:17:E2:87:A7:89:23:A0:15:49:5A:B6:A6:63
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       01856D81FC053C36AE4C60A86362AD6D6F1C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IX0Grlgrnxfih6eJI6AVSVq2pmM.roa
Signing time:             Sun 01 Jan 2023 13:25:13 +0000
ROA not before:           Sun 01 Jan 2023 13:25:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197516
IP address blocks:        217.145.95.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:81:fc:05:3c:36:ae:4c:60:a8:63:62:ad:6d:6f:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  1 13:25:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=217d06ae582b9f17e287a78923a015495ab6a663
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:18:92:9a:67:8c:df:84:a8:0f:63:c5:93:08:
                    1b:89:eb:f9:31:ef:d8:e4:85:b4:b1:75:8e:e1:13:
                    75:ed:d8:eb:f3:8c:64:a3:95:dc:ba:43:df:2a:b2:
                    87:cd:da:18:7a:2a:19:d4:be:8b:8e:f2:c3:c0:86:
                    41:cf:60:59:26:da:cd:5e:df:fa:1c:d0:5e:12:dc:
                    d6:12:ff:fa:69:52:79:bf:f7:09:b2:c4:66:0b:25:
                    3a:32:60:de:44:56:04:e2:66:0d:76:a7:19:cf:19:
                    f2:fa:98:31:6c:b3:ab:54:fc:d3:f2:24:0e:81:fd:
                    12:71:d6:20:55:5b:f6:76:62:59:4b:5c:fd:68:83:
                    9a:51:c8:6f:9d:a7:4a:49:7b:c6:29:34:69:b1:f6:
                    ac:bc:27:cc:78:03:d5:2a:69:60:cc:8f:c4:97:20:
                    77:f9:1a:49:05:e9:46:db:9c:b5:d5:1f:93:8b:12:
                    1c:ee:6d:3a:b1:3e:f0:c2:00:89:e5:36:71:e5:f0:
                    8a:7b:a5:b4:3f:21:f3:53:6b:8b:90:5c:e2:e9:75:
                    c9:2e:b6:2d:d2:59:23:18:12:3f:b2:44:41:d3:e4:
                    a2:79:22:33:25:9a:52:87:47:ac:2d:13:75:5d:73:
                    47:47:78:74:91:bd:ff:c1:6f:4d:5c:36:ce:3f:df:
                    28:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:7D:06:AE:58:2B:9F:17:E2:87:A7:89:23:A0:15:49:5A:B6:A6:63
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IX0Grlgrnxfih6eJI6AVSVq2pmM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.145.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:b0:13:62:c7:82:af:ad:06:60:ed:8f:bc:60:d5:3b:8d:35:
         76:f9:8e:4b:7b:2e:0e:82:8b:9e:de:4a:af:d0:db:4c:3d:af:
         de:eb:05:3f:16:55:05:0b:13:99:b5:d7:3f:a2:6e:1b:5f:df:
         5c:85:dc:16:b8:77:70:f7:e6:03:ba:de:d6:8a:55:c7:ff:4c:
         87:cb:99:1b:f5:c6:17:86:f1:79:64:cf:4c:76:f4:5f:8b:9e:
         2b:5d:0e:98:49:02:d3:d8:41:a7:f6:f2:b2:c9:63:4d:38:c5:
         37:cf:3a:f1:39:5a:2f:4c:02:a3:4c:48:06:4d:e1:40:11:24:
         94:ba:85:ca:52:ac:9c:f3:65:9e:1c:a3:b6:c7:83:be:bb:43:
         6a:00:60:e4:e6:bd:13:64:41:4c:18:7e:2e:14:0b:dd:ea:ae:
         65:b3:87:1a:65:5c:d8:5f:a4:de:96:87:aa:f1:c0:2d:78:e9:
         9f:9c:db:c3:fa:92:05:c0:15:c0:49:bf:ce:5d:00:a2:59:df:
         fb:91:fd:74:b5:c7:5f:17:21:07:88:a4:da:79:27:64:4d:eb:
         8d:ac:d0:4d:d6:25:26:b5:95:b1:60:e4:c4:dc:71:91:91:0a:
         a1:cf:c5:ff:47:56:6e:85:66:81:95:99:21:36:ab:c5:4d:42:
         d7:8b:04:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtgfwFPDauTGCoY2KtbW8cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTdkMDZhZTU4MmI5ZjE3ZTI4N2E3ODkyM2EwMTU0OTVhYjZhNjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBiSmmeM34SoD2PFkwgbiev5Me/Y
5IW0sXWO4RN17djr84xko5XcukPfKrKHzdoYeioZ1L6LjvLDwIZBz2BZJtrNXt/6
HNBeEtzWEv/6aVJ5v/cJssRmCyU6MmDeRFYE4mYNdqcZzxny+pgxbLOrVPzT8iQO
gf0ScdYgVVv2dmJZS1z9aIOaUchvnadKSXvGKTRpsfasvCfMeAPVKmlgzI/ElyB3
+RpJBelG25y11R+TixIc7m06sT7wwgCJ5TZx5fCKe6W0PyHzU2uLkFzi6XXJLrYt
0lkjGBI/skRB0+SieSIzJZpSh0esLRN1XXNHR3h0kb3/wW9NXDbOP98oJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCF9Bq5YK58X4oeniSOgFUlatqZjMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSVgwR3JsZ3JueGZpaDZlSkk2QVZTVnEycG1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZFfMA0G
CSqGSIb3DQEBCwUAA4IBAQAPsBNix4KvrQZg7Y+8YNU7jTV2+Y5Ley4Ogoue3kqv
0NtMPa/e6wU/FlUFCxOZtdc/om4bX99chdwWuHdw9+YDut7WilXH/0yHy5kb9cYX
hvF5ZM9MdvRfi54rXQ6YSQLT2EGn9vKyyWNNOMU3zzrxOVovTAKjTEgGTeFAESSU
uoXKUqyc82WeHKO2x4O+u0NqAGDk5r0TZEFMGH4uFAvd6q5ls4caZVzYX6Teloeq
8cAteOmfnNvD+pIFwBXASb/OXQCiWd/7kf10tcdfFyEHiKTaeSdkTeuNrNBN1iUm
tZWxYOTE3HGRkQqhz8X/R1ZuhWaBlZkhNqvFTULXiwR1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:04 2024 by rpki-client on console-fra.rpki-client.org