Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/ihf2TGRXI7lUFNSnfIUQUU0QbEA.roa
File:                     ihf2TGRXI7lUFNSnfIUQUU0QbEA.roa (raw, json)
Hash identifier:          uttcNDJLF7iug6u2SoSMHH2AUPfExOPRrK2PDCRPVig=
Subject key identifier:   8A:17:F6:4C:64:57:23:B9:54:14:D4:A7:7C:85:10:51:4D:10:6C:40
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       018DDA89017F828CECFCCA849BC3CAACD624
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/ihf2TGRXI7lUFNSnfIUQUU0QbEA.roa
Signing time:             Sat 24 Feb 2024 09:53:48 +0000
ROA not before:           Sat 24 Feb 2024 09:53:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     39238
IP address blocks:        147.45.52.0/22 maxlen: 22
                          147.45.56.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 26 Feb 2024 16:04:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:da:89:01:7f:82:8c:ec:fc:ca:84:9b:c3:ca:ac:d6:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Feb 24 09:53:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8a17f64c645723b95414d4a77c8510514d106c40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:32:b1:3e:f9:33:60:38:cf:c6:ce:59:11:3b:
                    31:d0:93:7b:91:97:2e:40:b2:07:c1:19:c9:6b:98:
                    e3:a4:2f:b8:37:b7:2f:75:ea:d5:55:5d:9f:35:fd:
                    19:fb:42:ec:9e:bb:ac:40:c1:1c:d7:f5:11:23:d4:
                    62:d4:14:eb:0f:64:9c:65:1a:f1:55:dc:03:03:e9:
                    d3:73:25:59:92:47:e6:01:5c:56:17:bc:e6:aa:df:
                    ed:b1:7f:99:73:8a:61:a2:5c:6a:24:92:bd:e6:f1:
                    66:15:e4:3b:a8:9a:6b:aa:f9:fd:ba:d4:60:1c:d4:
                    17:45:b8:5f:c1:c1:c4:d7:fb:f9:f2:eb:72:70:3a:
                    16:73:c6:3e:6b:6a:d9:95:27:fe:0f:ae:af:38:cc:
                    d0:03:9d:43:2a:3e:1d:56:58:6b:fd:79:5d:b3:44:
                    37:fb:2e:22:50:c9:ab:55:60:c1:d1:9d:68:c9:75:
                    1f:ce:d8:fe:c6:15:ce:2a:5d:42:2b:a3:62:ea:1f:
                    f9:27:41:1b:b4:fd:bf:81:55:1c:9e:29:b1:e4:d6:
                    9d:db:e8:b0:a4:f1:17:52:13:18:ad:b7:84:de:a1:
                    62:f8:54:e7:99:6c:b8:77:69:4c:c5:b0:83:d7:c3:
                    66:14:af:e6:2b:da:3a:2d:90:5d:0b:47:68:25:d1:
                    ae:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:17:F6:4C:64:57:23:B9:54:14:D4:A7:7C:85:10:51:4D:10:6C:40
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/ihf2TGRXI7lUFNSnfIUQUU0QbEA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.45.52.0-147.45.59.255

    Signature Algorithm: sha256WithRSAEncryption
         08:82:a4:58:01:85:25:31:e9:7c:db:8e:36:98:48:3d:ac:8e:
         91:be:9b:26:c6:95:fc:aa:7b:4b:96:1f:e1:23:0a:17:94:ff:
         38:34:ad:0b:31:d7:14:0b:91:0d:26:82:2b:2e:44:a6:1e:ee:
         6c:5d:ea:12:25:7d:f9:b3:89:c2:4d:29:27:14:cf:43:69:84:
         50:9b:1d:ba:eb:28:55:77:87:94:16:ea:b7:f2:b0:20:ac:64:
         e4:39:c8:84:1b:e7:49:80:41:40:d6:30:38:25:91:e9:d8:49:
         bb:3c:7f:e8:ca:a5:01:ca:d7:d7:96:27:ce:95:13:6a:9e:05:
         24:f0:b0:94:98:2b:a9:69:f5:92:e4:dd:ea:d8:04:37:41:2b:
         34:a1:5c:11:2e:47:43:bd:a4:59:cd:78:08:1b:36:9f:fd:c3:
         2a:8a:70:ca:92:32:24:c8:a3:f7:c4:80:90:97:3d:54:11:6d:
         7f:d5:fb:59:2f:3a:34:16:6d:11:f9:2e:8d:7e:1a:13:a2:1e:
         f7:26:21:30:53:b3:51:90:c5:ce:0d:28:f2:c7:1f:bc:16:86:
         31:8c:7b:12:ac:08:8d:da:2f:b1:35:ef:3c:66:f3:6b:75:48:
         9b:3d:46:fa:73:a7:79:3e:aa:b4:b2:f7:0b:c3:7d:11:9b:78:
         cd:ad:24:fe
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY3aiQF/gozs/MqEm8PKrNYkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMjI0MDk1MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTE3ZjY0YzY0NTcyM2I5NTQxNGQ0YTc3Yzg1MTA1MTRkMTA2YzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjKxPvkzYDjPxs5ZETsx0JN7kZcu
QLIHwRnJa5jjpC+4N7cvderVVV2fNf0Z+0LsnrusQMEc1/URI9Ri1BTrD2ScZRrx
VdwDA+nTcyVZkkfmAVxWF7zmqt/tsX+Zc4pholxqJJK95vFmFeQ7qJprqvn9utRg
HNQXRbhfwcHE1/v58utycDoWc8Y+a2rZlSf+D66vOMzQA51DKj4dVlhr/Xlds0Q3
+y4iUMmrVWDB0Z1oyXUfztj+xhXOKl1CK6Ni6h/5J0EbtP2/gVUcnimx5Nad2+iw
pPEXUhMYrbeE3qFi+FTnmWy4d2lMxbCD18NmFK/mK9o6LZBdC0doJdGu7wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIoX9kxkVyO5VBTUp3yFEFFNEGxAMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvaWhmMlRHUlhJN2xVRk5TbmZJVVFVVTBRYkVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKTLTQD
BAKTLTgwDQYJKoZIhvcNAQELBQADggEBAAiCpFgBhSUx6XzbjjaYSD2sjpG+mybG
lfyqe0uWH+EjCheU/zg0rQsx1xQLkQ0mgisuRKYe7mxd6hIlffmzicJNKScUz0Np
hFCbHbrrKFV3h5QW6rfysCCsZOQ5yIQb50mAQUDWMDglkenYSbs8f+jKpQHK19eW
J86VE2qeBSTwsJSYK6lp9ZLk3erYBDdBKzShXBEuR0O9pFnNeAgbNp/9wyqKcMqS
MiTIo/fEgJCXPVQRbX/V+1kvOjQWbRH5Lo1+GhOiHvcmITBTs1GQxc4NKPLHH7wW
hjGMexKsCI3aL7E17zxm82t1SJs9Rvpzp3k+qrSy9wvDfRGbeM2tJP4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org