Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/FDzzIyb2aItmNT8oOyFSrg4skxM.roa
File:                     FDzzIyb2aItmNT8oOyFSrg4skxM.roa (raw, json)
Hash identifier:          Nd+9R2nzXGIGVRQ8WuwiFV2DjNh+ITU1oMEx2fdJJBk=
Subject key identifier:   14:3C:F3:23:26:F6:68:8B:66:35:3F:28:3B:21:52:AE:0E:2C:93:13
Certificate issuer:       /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial:       018EA32E9E56D2D2B41CDD27FF886915665F
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/FDzzIyb2aItmNT8oOyFSrg4skxM.roa
Signing time:             Wed 03 Apr 2024 08:58:45 +0000
ROA not before:           Wed 03 Apr 2024 08:58:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44383
IP address blocks:        94.154.46.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 16 May 2024 12:40:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:a3:2e:9e:56:d2:d2:b4:1c:dd:27:ff:88:69:15:66:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
        Validity
            Not Before: Apr  3 08:58:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=143cf32326f6688b66353f283b2152ae0e2c9313
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:1b:cf:70:66:bd:3f:ce:6f:c9:ac:c0:39:5c:
                    7f:f4:4b:de:18:f5:0f:de:28:8e:ec:aa:c1:78:e4:
                    51:cd:40:cd:20:86:8a:fd:e1:22:e5:71:83:79:c8:
                    67:9b:47:78:d6:72:73:2e:b2:10:5d:2e:04:fc:48:
                    34:ac:23:42:92:a7:b8:d1:63:d5:bf:65:74:6f:5a:
                    29:da:c9:31:46:95:68:83:c0:d6:8e:92:22:a9:79:
                    f3:2f:b8:62:62:56:a1:28:28:74:74:70:42:12:90:
                    e3:9a:9d:e0:f6:85:11:bb:44:2d:8a:e1:7c:84:8a:
                    09:d7:35:32:8d:80:dd:5b:77:85:75:6c:5c:c5:00:
                    a1:e5:64:c9:59:8b:6d:5b:6a:0b:85:5f:ad:9b:78:
                    c4:e0:9c:9c:f5:23:89:0c:b1:64:7f:ce:32:e7:f6:
                    cd:e2:db:a8:76:26:c3:c3:da:79:8b:5a:3b:b6:cf:
                    76:db:f2:4b:25:42:1b:2f:44:27:93:b4:b9:85:4e:
                    65:76:12:a0:a4:f1:64:d9:91:df:70:62:f9:6a:a4:
                    7e:c9:c4:ec:67:8d:85:f1:fc:68:85:3b:a9:28:2f:
                    3c:57:6e:b4:8c:39:cb:b3:2f:c8:80:41:9c:4b:e3:
                    c6:fc:78:2b:7d:7d:35:a1:72:4b:0f:f8:42:8e:b2:
                    23:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:3C:F3:23:26:F6:68:8B:66:35:3F:28:3B:21:52:AE:0E:2C:93:13
            X509v3 Authority Key Identifier:
                keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/FDzzIyb2aItmNT8oOyFSrg4skxM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.154.46.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:fd:a2:e3:a2:48:ef:3e:79:80:9a:e3:a1:9a:89:f7:0f:56:
         26:54:e9:b7:b3:72:0b:88:56:7b:4b:d1:e7:67:8b:65:f7:c4:
         1b:0f:e2:c5:bc:8d:4c:d0:3a:63:61:a5:71:d1:28:f7:dd:52:
         ca:fa:fa:12:86:7d:2e:ba:ef:29:8c:e4:f2:47:32:96:20:63:
         87:f4:73:62:42:d9:9e:ca:18:e2:1a:02:86:5e:5a:4e:0d:80:
         4d:96:d5:44:57:b5:51:ff:90:82:c4:1a:a0:c9:62:16:cd:22:
         e4:df:98:18:a4:30:63:4b:27:f2:0e:b3:15:c0:38:09:cb:c2:
         43:3f:7c:45:ce:45:dc:c2:fc:cf:9e:8e:6c:d3:8a:84:c1:b5:
         03:44:7b:ad:86:96:f3:c6:65:cc:9e:1e:47:73:07:e9:84:ba:
         1f:cc:25:d6:a1:f6:10:f6:3e:50:55:d1:f2:bd:db:7a:54:fd:
         f8:3c:03:75:d5:2e:08:65:ad:81:3d:46:6c:83:93:a9:0b:f0:
         13:f6:52:9c:7c:d7:a0:df:fd:39:92:c7:4b:ac:61:bc:df:4a:
         20:68:c1:88:75:b5:8d:4d:27:42:79:e2:e7:0a:73:4f:0a:93:
         f1:3e:4d:df:5c:6b:9d:11:77:c9:b2:f1:61:65:cb:da:41:1a:
         d9:76:79:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6jLp5W0tK0HN0n/4hpFWZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjQwNDAzMDg1ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDNjZjMyMzI2ZjY2ODhiNjYzNTNmMjgzYjIxNTJhZTBlMmM5MzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hvPcGa9P85vyazAOVx/9EveGPUP
3iiO7KrBeORRzUDNIIaK/eEi5XGDechnm0d41nJzLrIQXS4E/Eg0rCNCkqe40WPV
v2V0b1op2skxRpVog8DWjpIiqXnzL7hiYlahKCh0dHBCEpDjmp3g9oURu0QtiuF8
hIoJ1zUyjYDdW3eFdWxcxQCh5WTJWYttW2oLhV+tm3jE4Jyc9SOJDLFkf84y5/bN
4tuodibDw9p5i1o7ts922/JLJUIbL0Qnk7S5hU5ldhKgpPFk2ZHfcGL5aqR+ycTs
Z42F8fxohTupKC88V260jDnLsy/IgEGcS+PG/HgrfX01oXJLD/hCjrIj3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBQ88yMm9miLZjU/KDshUq4OLJMTMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvRkR6ekl5YjJhSXRtTlQ4b095RlNyZzRza3hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXpouMA0G
CSqGSIb3DQEBCwUAA4IBAQBf/aLjokjvPnmAmuOhmon3D1YmVOm3s3ILiFZ7S9Hn
Z4tl98QbD+LFvI1M0DpjYaVx0Sj33VLK+voShn0uuu8pjOTyRzKWIGOH9HNiQtme
yhjiGgKGXlpODYBNltVEV7VR/5CCxBqgyWIWzSLk35gYpDBjSyfyDrMVwDgJy8JD
P3xFzkXcwvzPno5s04qEwbUDRHuthpbzxmXMnh5HcwfphLofzCXWofYQ9j5QVdHy
vdt6VP34PAN11S4IZa2BPUZsg5OpC/AT9lKcfNeg3/05ksdLrGG830ogaMGIdbWN
TSdCeeLnCnNPCpPxPk3fXGudEXfJsvFhZcvaQRrZdnkn
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:55 2024 by rpki-client on console-ams.rpki-client.org