Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/OFeIHn7q1dANLu_6IArLQiyYAM0.roa
File:                     OFeIHn7q1dANLu_6IArLQiyYAM0.roa (raw, json)
Hash identifier:          YI0gJB1YRDsMos0JWIJn0rjGwop1yjc0L2pfu1fKUBw=
Subject key identifier:   38:57:88:1E:7E:EA:D5:D0:0D:2E:EF:FA:20:0A:CB:42:2C:98:00:CD
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       018C8742E982AED480250C779506BFBB0EFD
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/OFeIHn7q1dANLu_6IArLQiyYAM0.roa
Signing time:             Wed 20 Dec 2023 12:45:58 +0000
ROA not before:           Wed 20 Dec 2023 12:45:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62904
IP address blocks:        147.45.120.0/22 maxlen: 22
                          147.45.124.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:87:42:e9:82:ae:d4:80:25:0c:77:95:06:bf:bb:0e:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Dec 20 12:45:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3857881e7eead5d00d2eeffa200acb422c9800cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:6a:c5:03:65:fc:9e:99:42:e8:72:d4:e9:d4:
                    8c:f7:4f:a0:42:bf:52:e5:7b:d8:e9:ca:4a:3b:4d:
                    84:9f:5a:dd:2b:d3:e7:3c:bd:96:17:7d:38:7f:32:
                    14:05:85:e2:6b:89:e1:0f:9b:c7:6e:5e:70:06:c2:
                    b0:60:85:4b:2e:ea:5d:62:40:f9:1b:dc:b2:8b:3f:
                    a9:93:12:d0:77:d8:0a:89:99:f9:b8:d9:b2:93:c1:
                    9a:69:f9:06:c4:c3:f8:0b:22:10:a9:fc:78:31:cf:
                    c4:82:24:c1:ad:f0:57:3e:76:2f:ed:b0:8f:7c:13:
                    7f:9d:c9:e0:6c:1e:8d:be:d9:d9:dc:2d:e6:1a:37:
                    93:87:9d:5f:0e:60:d0:b0:b6:4e:da:a7:95:ad:e8:
                    02:09:ae:55:29:9d:f2:0d:e7:86:78:37:70:e0:fe:
                    83:4e:ea:a5:7d:e0:d7:b7:88:a5:53:b4:4b:57:2a:
                    b8:91:33:b7:b9:1c:d8:6b:f7:07:9f:36:7f:e6:ca:
                    2d:4a:df:9e:cb:d5:fb:10:7e:7e:bb:37:f7:c5:9a:
                    77:96:da:ba:93:d0:3d:9e:bc:65:57:9f:bb:9d:ca:
                    8a:c2:7a:92:ac:de:cd:b9:41:eb:fe:af:60:6e:98:
                    30:31:c8:82:98:12:e7:c1:a9:28:dd:f3:fa:9c:78:
                    51:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:57:88:1E:7E:EA:D5:D0:0D:2E:EF:FA:20:0A:CB:42:2C:98:00:CD
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/OFeIHn7q1dANLu_6IArLQiyYAM0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.45.120.0/21

    Signature Algorithm: sha256WithRSAEncryption
         08:27:7b:5b:42:0d:e3:16:f3:a4:af:57:c0:fa:9e:00:84:76:
         54:f6:a2:97:a2:2c:1d:76:f1:be:8c:ec:4f:b3:eb:ea:e2:92:
         fe:3c:69:47:50:eb:f1:60:ee:53:6f:5c:5a:a1:8e:75:c5:07:
         e5:cc:ca:f8:69:b2:68:86:bb:66:d9:72:e2:49:42:d8:6e:f9:
         18:85:d7:fd:dd:a9:e9:4f:f8:cf:79:f1:2c:e7:c9:41:a9:9f:
         66:ee:e0:99:0d:a0:3e:b3:70:f9:34:1e:ef:e7:97:a2:c3:8c:
         35:88:96:ed:7f:99:28:16:41:d0:a0:7c:f8:76:6e:47:51:76:
         95:b4:7f:46:23:61:85:9b:16:66:11:4c:d9:8e:87:6a:35:68:
         34:e8:3b:9a:2a:0d:7f:cb:ab:83:3d:eb:f8:0e:89:64:99:71:
         b7:e8:d2:61:a9:7d:ca:a9:86:ab:4e:38:8e:84:fa:12:ce:b1:
         b4:30:0d:4d:9b:b0:94:2c:bc:e3:59:d4:a4:d1:18:84:a9:7a:
         5c:ad:76:16:a5:eb:50:e0:b4:db:d9:0f:7a:f9:c8:d5:af:3d:
         2b:3a:d5:cd:d5:68:cb:e3:d3:39:b1:dd:8e:6e:f1:ac:0c:66:
         a9:dc:38:91:fe:9e:c5:14:75:f1:da:a6:f2:94:39:0a:59:f9:
         c4:47:39:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyHQumCrtSAJQx3lQa/uw79MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMxMjIwMTI0NTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODU3ODgxZTdlZWFkNWQwMGQyZWVmZmEyMDBhY2I0MjJjOTgwMGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGrFA2X8nplC6HLU6dSM90+gQr9S
5XvY6cpKO02En1rdK9PnPL2WF304fzIUBYXia4nhD5vHbl5wBsKwYIVLLupdYkD5
G9yyiz+pkxLQd9gKiZn5uNmyk8GaafkGxMP4CyIQqfx4Mc/EgiTBrfBXPnYv7bCP
fBN/ncngbB6NvtnZ3C3mGjeTh51fDmDQsLZO2qeVregCCa5VKZ3yDeeGeDdw4P6D
TuqlfeDXt4ilU7RLVyq4kTO3uRzYa/cHnzZ/5sotSt+ey9X7EH5+uzf3xZp3ltq6
k9A9nrxlV5+7ncqKwnqSrN7NuUHr/q9gbpgwMciCmBLnwako3fP6nHhRXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDhXiB5+6tXQDS7v+iAKy0IsmADNMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvT0ZlSUhuN3ExZEFOTHVfNklBckxRaXlZQU0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDky14MA0G
CSqGSIb3DQEBCwUAA4IBAQAIJ3tbQg3jFvOkr1fA+p4AhHZU9qKXoiwddvG+jOxP
s+vq4pL+PGlHUOvxYO5Tb1xaoY51xQflzMr4abJohrtm2XLiSULYbvkYhdf93anp
T/jPefEs58lBqZ9m7uCZDaA+s3D5NB7v55eiw4w1iJbtf5koFkHQoHz4dm5HUXaV
tH9GI2GFmxZmEUzZjodqNWg06DuaKg1/y6uDPev4DolkmXG36NJhqX3KqYarTjiO
hPoSzrG0MA1Nm7CULLzjWdSk0RiEqXpcrXYWpetQ4LTb2Q96+cjVrz0rOtXN1WjL
49M5sd2ObvGsDGap3DiR/p7FFHXx2qbylDkKWfnERzlV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org