Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/sLeIi41MUUdAHCycZL1bLzMtbX0.roa
File:                     sLeIi41MUUdAHCycZL1bLzMtbX0.roa (raw, json)
Hash identifier:          c7WhXrO0WgTxXBTdN85EYnPAZYQez9P8aa9nsYd6Hmg=
Subject key identifier:   B0:B7:88:8B:8D:4C:51:47:40:1C:2C:9C:64:BD:5B:2F:33:2D:6D:7D
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       018E33D95623FD4DA9A1A3AE09AD66205656
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/sLeIi41MUUdAHCycZL1bLzMtbX0.roa
Signing time:             Tue 12 Mar 2024 18:07:45 +0000
ROA not before:           Tue 12 Mar 2024 18:07:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216068
IP address blocks:        147.45.114.0/24 maxlen: 24
                          147.45.188.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Apr 2024 20:21:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:33:d9:56:23:fd:4d:a9:a1:a3:ae:09:ad:66:20:56:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Mar 12 18:07:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b0b7888b8d4c5147401c2c9c64bd5b2f332d6d7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:6c:e0:0e:6c:5e:0e:88:20:67:30:b5:13:26:
                    9c:8b:94:c0:d9:2e:55:e9:fd:5b:0b:79:4e:4f:22:
                    53:b8:c8:db:26:7c:65:13:df:c1:de:18:75:05:94:
                    33:46:36:d4:e5:1c:1b:ec:ae:e6:14:c1:91:b1:85:
                    bb:c0:a0:77:0b:52:fd:28:94:9e:44:b7:61:52:77:
                    18:da:94:e8:cc:2a:1e:7c:fe:3e:8b:4e:70:2f:35:
                    ba:eb:ff:19:6e:e0:22:c5:af:56:ab:2b:02:0d:9c:
                    a6:ad:10:cc:35:49:bc:5e:25:13:5a:d8:fe:0c:b7:
                    de:1a:10:54:c8:19:22:8a:fe:0d:c3:d8:e2:f4:d9:
                    79:39:07:ef:d3:22:c3:a1:80:76:3a:d0:5f:42:9c:
                    cd:c7:85:6a:8f:25:1a:df:fe:32:1b:b4:b6:7d:95:
                    86:22:0a:a0:99:0b:ba:08:d1:b3:8c:40:11:dd:fc:
                    e2:c3:e5:30:d1:18:a8:1d:3b:be:b6:b2:c5:98:23:
                    4a:78:d5:b9:fe:53:25:d2:96:e4:9b:bd:a6:1f:1f:
                    76:fb:79:7e:a5:12:67:39:56:eb:c3:b5:40:bb:df:
                    ec:2f:1b:2d:bd:9b:ad:78:11:cc:5b:8f:b0:1f:15:
                    05:46:1b:b4:c4:ed:c3:a9:2c:51:30:0d:1b:c9:f2:
                    5a:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:B7:88:8B:8D:4C:51:47:40:1C:2C:9C:64:BD:5B:2F:33:2D:6D:7D
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/sLeIi41MUUdAHCycZL1bLzMtbX0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.45.114.0/24
                  147.45.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:fb:7e:21:14:32:78:7f:89:b8:59:ce:bb:4e:44:1f:2a:97:
         f6:f1:2c:8b:22:33:3d:b5:37:dc:91:d7:bd:3f:af:d9:76:93:
         8e:e2:78:21:eb:2d:a4:da:23:b7:6b:11:b9:9e:a9:ae:da:6a:
         1e:b6:95:1c:da:88:2e:d0:85:58:ba:1e:27:9a:85:81:d9:10:
         64:81:39:c9:cf:f5:ae:8f:b1:01:65:96:08:f8:b3:b4:d5:8b:
         98:4e:39:b8:c1:89:bc:a8:aa:17:1f:95:4f:fa:52:c5:26:a8:
         2e:f9:16:60:f7:30:be:3d:fe:33:9c:15:13:c9:2a:73:18:73:
         7c:fb:af:55:82:8f:ab:25:6b:31:e6:3d:a7:72:03:61:2e:81:
         07:f3:60:97:bf:78:d2:ed:af:51:8b:8d:52:83:e3:63:d1:79:
         f6:9d:1f:e4:bc:66:83:34:2d:52:d6:1c:ad:7d:6a:ff:69:4c:
         f8:86:c1:cb:30:55:f1:10:d1:18:1d:69:7d:cb:b4:21:74:25:
         15:bf:f1:c1:78:93:cd:e0:2b:af:2d:1b:35:e2:32:08:ce:4b:
         b0:e7:c6:2e:f5:53:52:34:37:1f:b5:8e:57:8a:eb:e9:45:82:
         d3:7e:be:56:35:e6:08:15:91:3e:2d:c8:28:6b:92:66:c2:05:
         9e:95:40:a4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4z2VYj/U2poaOuCa1mIFZWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMzEyMTgwNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGI3ODg4YjhkNGM1MTQ3NDAxYzJjOWM2NGJkNWIyZjMzMmQ2ZDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mzgDmxeDoggZzC1Eyaci5TA2S5V
6f1bC3lOTyJTuMjbJnxlE9/B3hh1BZQzRjbU5Rwb7K7mFMGRsYW7wKB3C1L9KJSe
RLdhUncY2pTozCoefP4+i05wLzW66/8ZbuAixa9WqysCDZymrRDMNUm8XiUTWtj+
DLfeGhBUyBkiiv4Nw9ji9Nl5OQfv0yLDoYB2OtBfQpzNx4VqjyUa3/4yG7S2fZWG
IgqgmQu6CNGzjEAR3fziw+Uw0RioHTu+trLFmCNKeNW5/lMl0pbkm72mHx92+3l+
pRJnOVbrw7VAu9/sLxstvZuteBHMW4+wHxUFRhu0xO3DqSxRMA0byfJaswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLC3iIuNTFFHQBwsnGS9Wy8zLW19MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvc0xlSWk0MU1VVWRBSEN5Y1pMMWJMek10YlgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAky1yAwQA
ky28MA0GCSqGSIb3DQEBCwUAA4IBAQCb+34hFDJ4f4m4Wc67TkQfKpf28SyLIjM9
tTfckde9P6/ZdpOO4ngh6y2k2iO3axG5nqmu2moetpUc2ogu0IVYuh4nmoWB2RBk
gTnJz/Wuj7EBZZYI+LO01YuYTjm4wYm8qKoXH5VP+lLFJqgu+RZg9zC+Pf4znBUT
ySpzGHN8+69Vgo+rJWsx5j2ncgNhLoEH82CXv3jS7a9Ri41Sg+Nj0Xn2nR/kvGaD
NC1S1hytfWr/aUz4hsHLMFXxENEYHWl9y7QhdCUVv/HBeJPN4CuvLRs14jIIzkuw
58Yu9VNSNDcftY5XiuvpRYLTfr5WNeYIFZE+Lcgoa5JmwgWelUCk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org