Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/d030ef-92cb-4cc5-86c8-decb92d1a523/1/weWGnONx7Cmtu6vJZFtcXVH7u-0.roa
File:                     weWGnONx7Cmtu6vJZFtcXVH7u-0.roa (raw, json)
Hash identifier:          qQVpIGTkRgWV9OK8Z2hFjBthKGZ95FN9kTyRoA0Xdg0=
Subject key identifier:   C1:E5:86:9C:E3:71:EC:29:AD:BB:AB:C9:64:5B:5C:5D:51:FB:BB:ED
Certificate issuer:       /CN=d634007414cff16cdcf3a3aa22a96677f8be2b68
Certificate serial:       01856D6F5D7FA3A3228AD96D9969C8EC73EA
Authority key identifier: D6:34:00:74:14:CF:F1:6C:DC:F3:A3:AA:22:A9:66:77:F8:BE:2B:68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1jQAdBTP8Wzc86OqIqlmd_i-K2g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/d030ef-92cb-4cc5-86c8-decb92d1a523/1/weWGnONx7Cmtu6vJZFtcXVH7u-0.roa
Signing time:             Sun 01 Jan 2023 13:04:53 +0000
ROA not before:           Sun 01 Jan 2023 13:04:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     28731
IP address blocks:        217.14.144.0/20 maxlen: 20

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:6f:5d:7f:a3:a3:22:8a:d9:6d:99:69:c8:ec:73:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d634007414cff16cdcf3a3aa22a96677f8be2b68
        Validity
            Not Before: Jan  1 13:04:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c1e5869ce371ec29adbbabc9645b5c5d51fbbbed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:44:8a:5b:c6:12:c2:8d:f1:62:9f:bb:32:fc:
                    ad:69:b0:ec:88:5a:5c:ba:bd:a2:39:b5:9c:c0:96:
                    6d:c6:f3:a7:f3:44:c4:c7:9d:8d:0b:16:f4:26:3b:
                    6e:e3:15:33:b9:a1:66:46:40:5d:7f:8d:b2:47:98:
                    2a:38:c9:2d:4b:7c:9c:2b:0b:b4:59:78:a9:84:40:
                    9f:76:96:db:7c:52:14:50:dc:77:51:ee:b1:96:eb:
                    59:37:ef:63:e0:61:6f:8d:a1:e7:e8:00:f7:77:42:
                    ca:63:bd:ab:77:59:5b:d4:18:86:56:a7:7d:2c:77:
                    e5:02:19:c2:a5:3e:9a:76:83:39:7a:d9:3f:03:f4:
                    0b:e5:9a:f1:27:04:2f:6f:4b:11:1c:e0:e2:bd:6d:
                    36:d8:f6:bc:86:5c:4a:55:f8:ed:c1:06:6a:f6:24:
                    d7:31:01:6d:ba:9c:ed:0e:b1:d2:de:5e:c1:f7:8c:
                    48:bf:ef:85:b0:23:1d:d2:80:c6:f0:98:5f:f2:09:
                    8f:82:26:9d:e5:ab:ef:d7:5e:d3:b7:7d:68:9e:da:
                    e3:e0:7a:2b:49:96:da:05:96:8d:a1:9c:e4:a0:e4:
                    35:3c:b3:7b:b3:7f:e8:1a:9c:89:10:97:6d:eb:83:
                    96:b9:b1:69:7e:b8:75:60:cb:1f:41:ca:b8:1d:1e:
                    cf:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:E5:86:9C:E3:71:EC:29:AD:BB:AB:C9:64:5B:5C:5D:51:FB:BB:ED
            X509v3 Authority Key Identifier:
                keyid:D6:34:00:74:14:CF:F1:6C:DC:F3:A3:AA:22:A9:66:77:F8:BE:2B:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1jQAdBTP8Wzc86OqIqlmd_i-K2g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/d030ef-92cb-4cc5-86c8-decb92d1a523/1/weWGnONx7Cmtu6vJZFtcXVH7u-0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/d030ef-92cb-4cc5-86c8-decb92d1a523/1/1jQAdBTP8Wzc86OqIqlmd_i-K2g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.14.144.0/20

    Signature Algorithm: sha256WithRSAEncryption
         56:54:99:bf:33:a0:77:16:40:9c:b6:0c:ac:a2:6f:7d:f3:47:
         e1:d6:da:d3:ee:15:96:00:2e:b9:c1:fc:60:57:bc:23:20:da:
         8c:80:66:a2:c0:39:40:32:52:94:82:21:11:ba:36:df:ba:81:
         05:f9:92:d2:c0:1a:bd:29:46:f1:af:18:4d:6c:04:60:1d:30:
         92:2f:64:13:2d:66:ac:75:ab:73:65:0d:f1:44:46:02:9b:32:
         0e:a7:48:a4:b4:37:fb:5c:a1:8a:33:b3:d4:d4:d6:3f:32:f2:
         a2:0e:ab:a9:29:3a:7b:28:90:5f:b1:5c:be:4a:fe:07:dc:6f:
         65:f1:20:f0:80:e7:8e:c1:e7:66:93:dc:22:49:ec:6c:17:d3:
         9f:fc:41:22:18:d9:4e:3b:48:b2:89:be:3b:6d:90:2e:9b:e2:
         e9:f8:c4:3b:93:77:b2:39:36:04:4b:59:f1:e2:09:88:bf:6a:
         61:5c:92:55:69:60:5f:6c:76:ca:6f:11:76:1a:68:29:d4:dc:
         55:9c:5e:49:06:67:b1:74:36:78:e1:5c:a3:bc:26:3c:f7:40:
         ad:f9:9a:ea:2e:a7:9c:56:d1:66:d1:0e:cd:86:e5:ae:51:9b:
         cd:81:72:44:3c:58:be:b4:ff:4d:9e:6f:18:8e:47:ce:87:04:
         18:26:19:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtb11/o6MiitltmWnI7HPqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MzQwMDc0MTRjZmYxNmNkY2YzYTNhYTIyYTk2Njc3Zjhi
ZTJiNjgwHhcNMjMwMTAxMTMwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWU1ODY5Y2UzNzFlYzI5YWRiYmFiYzk2NDViNWM1ZDUxZmJiYmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0SKW8YSwo3xYp+7MvytabDsiFpc
ur2iObWcwJZtxvOn80TEx52NCxb0Jjtu4xUzuaFmRkBdf42yR5gqOMktS3ycKwu0
WXiphECfdpbbfFIUUNx3Ue6xlutZN+9j4GFvjaHn6AD3d0LKY72rd1lb1BiGVqd9
LHflAhnCpT6adoM5etk/A/QL5ZrxJwQvb0sRHODivW022Pa8hlxKVfjtwQZq9iTX
MQFtupztDrHS3l7B94xIv++FsCMd0oDG8Jhf8gmPgiad5avv117Tt31ontrj4Hor
SZbaBZaNoZzkoOQ1PLN7s3/oGpyJEJdt64OWubFpfrh1YMsfQcq4HR7PjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMHlhpzjcewprburyWRbXF1R+7vtMB8GA1UdIwQY
MBaAFNY0AHQUz/Fs3POjqiKpZnf4vitoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWpRQWRCVFA4V3pjODZPcUlxbG1kX2ktSzJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9kMDMwZWYtOTJjYi00Y2M1LTg2Yzgt
ZGVjYjkyZDFhNTIzLzEvd2VXR25PTng3Q210dTZ2SlpGdGNYVkg3dS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9kMDMwZWYtOTJjYi00Y2M1LTg2YzgtZGVjYjkyZDFhNTIz
LzEvMWpRQWRCVFA4V3pjODZPcUlxbG1kX2ktSzJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2Q6QMA0G
CSqGSIb3DQEBCwUAA4IBAQBWVJm/M6B3FkCctgysom9980fh1trT7hWWAC65wfxg
V7wjINqMgGaiwDlAMlKUgiERujbfuoEF+ZLSwBq9KUbxrxhNbARgHTCSL2QTLWas
datzZQ3xREYCmzIOp0iktDf7XKGKM7PU1NY/MvKiDqupKTp7KJBfsVy+Sv4H3G9l
8SDwgOeOwedmk9wiSexsF9Of/EEiGNlOO0iyib47bZAum+Lp+MQ7k3eyOTYES1nx
4gmIv2phXJJVaWBfbHbKbxF2Gmgp1NxVnF5JBmexdDZ44VyjvCY890Ct+ZrqLqec
VtFm0Q7NhuWuUZvNgXJEPFi+tP9Nnm8YjkfOhwQYJhmu
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:14 2024 by rpki-client on console-ams.rpki-client.org