Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/N0474_ACWTuM6_zr8fRR5i2yoMI.roa
File:                     N0474_ACWTuM6_zr8fRR5i2yoMI.roa (raw, json)
Hash identifier:          pKJ3rLgSB1giOBWdvqJH9IdfkMAqQhOZ/xvfrqq8g4g=
Subject key identifier:   37:4E:3B:E3:F0:02:59:3B:8C:EB:FC:EB:F1:F4:51:E6:2D:B2:A0:C2
Certificate issuer:       /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial:       01856FF970843179233A64BE32E2CA617010
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/N0474_ACWTuM6_zr8fRR5i2yoMI.roa
Signing time:             Mon 02 Jan 2023 00:54:56 +0000
ROA not before:           Mon 02 Jan 2023 00:54:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42157
IP address blocks:        151.251.64.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f9:70:84:31:79:23:3a:64:be:32:e2:ca:61:70:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
        Validity
            Not Before: Jan  2 00:54:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=374e3be3f002593b8cebfcebf1f451e62db2a0c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:7d:bf:f3:17:48:c2:85:3f:6a:ed:84:bf:c9:
                    35:ec:a6:47:06:50:00:13:98:b7:06:4d:54:04:35:
                    c2:c1:62:b5:41:69:0f:16:34:c4:90:05:41:96:08:
                    c8:9e:aa:cd:a7:fe:10:9c:68:13:09:1d:bb:0c:21:
                    b1:e7:df:44:cd:1a:c2:a6:df:4c:bc:39:90:51:ab:
                    d1:2d:ff:54:f3:a5:68:0b:5c:af:5a:02:ce:4f:ed:
                    62:18:26:cf:63:01:8c:25:0d:09:d3:6d:06:a7:0e:
                    b7:6d:28:02:b6:26:89:cf:e0:9d:d2:67:ab:28:cb:
                    cd:3b:44:4c:28:7e:1b:96:0f:27:02:f5:0f:71:eb:
                    2e:6c:b2:e4:a6:00:c2:c0:d7:dd:12:8b:6a:65:74:
                    e5:1f:e6:3b:ea:58:40:50:25:4c:bf:b6:5c:06:e5:
                    36:d4:44:ca:07:c0:be:49:68:dd:e5:b4:42:95:5e:
                    f6:52:40:eb:75:51:fa:e6:cd:38:c4:01:41:6b:4a:
                    48:ec:36:8f:49:73:78:af:26:35:89:17:57:4b:e5:
                    df:a2:19:97:cf:12:0d:07:48:a7:2b:6b:bf:83:14:
                    ea:d8:25:d6:f3:1a:e9:56:03:7d:cb:29:24:90:66:
                    4b:d1:0f:92:ff:57:d3:c1:35:45:ba:ba:c9:ee:b5:
                    00:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:4E:3B:E3:F0:02:59:3B:8C:EB:FC:EB:F1:F4:51:E6:2D:B2:A0:C2
            X509v3 Authority Key Identifier:
                keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/N0474_ACWTuM6_zr8fRR5i2yoMI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  151.251.64.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8e:46:91:12:6e:4b:e2:0f:ef:15:2b:53:1c:41:29:6d:c1:53:
         d7:48:a1:59:15:16:d5:fb:9a:97:60:e8:93:80:07:1b:56:dc:
         f9:63:42:a2:2e:44:2c:81:11:97:56:28:9d:bc:91:85:67:1f:
         9b:2f:75:c6:c3:cd:83:ab:bb:7d:76:29:dd:73:17:79:e1:c7:
         38:09:3d:c7:de:dd:4e:8b:a8:0c:17:1d:e9:81:7e:10:03:2c:
         51:67:9d:48:87:26:cd:8b:c0:8f:f0:62:9b:1f:2b:28:86:82:
         d7:4a:20:cf:24:56:22:f2:0b:ab:15:89:2f:a9:ab:db:59:20:
         8d:bb:88:36:c4:28:2b:dc:e9:7c:27:ef:c9:f8:34:e5:99:bc:
         fe:33:73:21:ac:b7:16:6b:27:6c:9a:75:6f:7e:f5:4d:ea:8a:
         7d:b0:c8:f7:1d:ec:7f:15:0a:6d:69:fc:67:ad:5c:6f:e1:ce:
         ce:26:71:f0:e5:cb:17:dd:4f:f6:e0:d5:ed:ea:1d:c0:7e:6a:
         a9:74:18:21:8b:49:96:26:60:bd:1c:29:f0:e2:bd:47:8e:98:
         8c:95:60:ea:f9:a3:cb:e7:6a:d2:85:98:47:43:e8:31:63:cb:
         d6:c6:43:9b:f8:30:c2:34:82:a8:7a:ed:81:41:83:e7:cd:4b:
         59:26:07:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+XCEMXkjOmS+MuLKYXAQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjMwMTAyMDA1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzRlM2JlM2YwMDI1OTNiOGNlYmZjZWJmMWY0NTFlNjJkYjJhMGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy32/8xdIwoU/au2Ev8k17KZHBlAA
E5i3Bk1UBDXCwWK1QWkPFjTEkAVBlgjInqrNp/4QnGgTCR27DCGx599EzRrCpt9M
vDmQUavRLf9U86VoC1yvWgLOT+1iGCbPYwGMJQ0J020Gpw63bSgCtiaJz+Cd0mer
KMvNO0RMKH4blg8nAvUPcesubLLkpgDCwNfdEotqZXTlH+Y76lhAUCVMv7ZcBuU2
1ETKB8C+SWjd5bRClV72UkDrdVH65s04xAFBa0pI7DaPSXN4ryY1iRdXS+XfohmX
zxINB0inK2u/gxTq2CXW8xrpVgN9yykkkGZL0Q+S/1fTwTVFurrJ7rUAwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDdOO+PwAlk7jOv86/H0UeYtsqDCMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvTjA0NzRfQUNXVHVNNl96cjhmUlI1aTJ5b01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBl/tAMA0G
CSqGSIb3DQEBCwUAA4IBAQCORpESbkviD+8VK1McQSltwVPXSKFZFRbV+5qXYOiT
gAcbVtz5Y0KiLkQsgRGXViidvJGFZx+bL3XGw82Dq7t9dindcxd54cc4CT3H3t1O
i6gMFx3pgX4QAyxRZ51IhybNi8CP8GKbHysohoLXSiDPJFYi8gurFYkvqavbWSCN
u4g2xCgr3Ol8J+/J+DTlmbz+M3MhrLcWaydsmnVvfvVN6op9sMj3Hex/FQptafxn
rVxv4c7OJnHw5csX3U/24NXt6h3AfmqpdBghi0mWJmC9HCnw4r1HjpiMlWDq+aPL
52rShZhHQ+gxY8vWxkOb+DDCNIKoeu2BQYPnzUtZJgf+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:06 2024 by rpki-client on console-fra.rpki-client.org