Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/af-0WBEu5EwFIwfa5chxW7RbPG0.roa
File:                     af-0WBEu5EwFIwfa5chxW7RbPG0.roa (raw, json)
Hash identifier:          c5/wt6qXZJKiroNkG+FqekJayKgzCSyvc+VxM5iE/a8=
Subject key identifier:   69:FF:B4:58:11:2E:E4:4C:05:23:07:DA:E5:C8:71:5B:B4:5B:3C:6D
Certificate issuer:       /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial:       018F1BB0DEE2E0BD8C40970D471D88D581AC
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/af-0WBEu5EwFIwfa5chxW7RbPG0.roa
Signing time:             Fri 26 Apr 2024 18:35:27 +0000
ROA not before:           Fri 26 Apr 2024 18:35:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215062
IP address blocks:        146.19.93.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 04 Jun 2024 17:32:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:1b:b0:de:e2:e0:bd:8c:40:97:0d:47:1d:88:d5:81:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
        Validity
            Not Before: Apr 26 18:35:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=69ffb458112ee44c052307dae5c8715bb45b3c6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:38:1e:25:bc:17:b0:63:3f:bd:b5:e1:b9:e9:
                    8e:19:3c:15:45:56:ce:85:19:6f:ae:bd:ab:bc:ea:
                    2a:14:07:fa:2d:6c:60:55:bf:e3:1d:a1:51:af:65:
                    4f:ed:1f:50:8b:a5:6a:ac:22:d2:58:d8:7f:e3:6e:
                    b4:77:b0:b1:5d:d0:70:6e:77:49:25:32:7d:9d:39:
                    37:24:a3:7a:19:7d:47:9c:63:71:d1:87:8e:dc:ff:
                    1d:61:df:f8:5b:73:93:bd:e5:ad:f7:8e:db:39:ad:
                    0a:7a:ab:c4:a2:f9:2d:b2:3f:8c:dc:f8:bc:ee:dd:
                    55:cd:75:2d:ea:5f:88:b9:da:81:12:cf:93:18:6b:
                    a5:42:48:93:e9:09:e1:9f:4e:cc:e8:37:0b:18:59:
                    ec:a7:c2:85:37:ea:b1:44:7b:cf:25:d8:da:10:24:
                    f6:23:44:42:43:be:c6:5d:ed:4e:86:b1:59:0f:d2:
                    1a:a6:6f:9e:be:fe:96:fe:a6:1e:bf:e5:1e:f0:58:
                    2c:c3:8b:0c:8a:16:43:17:9b:c6:95:47:31:fd:4f:
                    43:60:6d:6c:98:94:65:88:f2:a5:b2:ab:5d:08:c6:
                    dd:74:5d:a5:c8:34:a3:09:88:56:b3:88:82:e1:98:
                    c0:fb:df:df:7c:1c:19:d9:d3:1a:26:f4:87:e4:92:
                    c4:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:FF:B4:58:11:2E:E4:4C:05:23:07:DA:E5:C8:71:5B:B4:5B:3C:6D
            X509v3 Authority Key Identifier:
                keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/af-0WBEu5EwFIwfa5chxW7RbPG0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:91:0d:72:e8:ff:2b:8f:3f:10:e4:58:b9:e3:fc:f8:85:72:
         61:c4:9e:1d:35:15:42:c6:8c:59:45:10:4d:49:0b:ce:17:09:
         a2:65:7c:db:82:d0:88:3e:ee:c1:04:52:a5:08:7e:f2:57:87:
         79:de:28:b9:3c:7a:37:28:af:16:5f:ec:b7:43:67:79:bc:68:
         59:7a:23:03:b6:55:c5:64:05:23:41:f4:cb:33:d8:28:73:fb:
         1c:bb:31:e3:c5:23:59:87:3b:b0:ee:69:0b:0a:fb:72:75:ea:
         03:25:a7:0d:14:a7:d8:e9:2a:5a:71:cf:c4:e5:98:e4:99:5e:
         f2:af:e0:54:5d:61:05:20:37:4c:7d:b4:88:58:60:c5:14:8f:
         47:5c:9d:1b:a7:41:7b:2f:f1:fb:76:de:9e:c6:e4:53:0a:d9:
         a6:db:b8:de:e0:56:bd:55:81:25:a4:9b:dd:85:04:51:91:5b:
         67:c9:3e:04:70:ec:ed:68:c2:12:b9:52:02:2c:2d:0a:ba:e0:
         11:61:4d:88:83:7c:8c:a9:4b:d5:70:7d:76:64:b6:ee:e3:b5:
         66:12:72:a5:74:a7:3d:31:8e:79:23:4d:b9:ee:66:8c:9e:e6:
         e3:7c:28:d1:3e:de:81:ea:16:2e:71:b9:0d:af:09:45:61:5f:
         ff:c6:44:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8bsN7i4L2MQJcNRx2I1YGsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwNDI2MTgzNTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWZmYjQ1ODExMmVlNDRjMDUyMzA3ZGFlNWM4NzE1YmI0NWIzYzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDgeJbwXsGM/vbXhuemOGTwVRVbO
hRlvrr2rvOoqFAf6LWxgVb/jHaFRr2VP7R9Qi6VqrCLSWNh/4260d7CxXdBwbndJ
JTJ9nTk3JKN6GX1HnGNx0YeO3P8dYd/4W3OTveWt947bOa0KeqvEovktsj+M3Pi8
7t1VzXUt6l+IudqBEs+TGGulQkiT6Qnhn07M6DcLGFnsp8KFN+qxRHvPJdjaECT2
I0RCQ77GXe1OhrFZD9Iapm+evv6W/qYev+Ue8Fgsw4sMihZDF5vGlUcx/U9DYG1s
mJRliPKlsqtdCMbddF2lyDSjCYhWs4iC4ZjA+9/ffBwZ2dMaJvSH5JLEowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGn/tFgRLuRMBSMH2uXIcVu0WzxtMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvYWYtMFdCRXU1RXdGSXdmYTVjaHhXN1JiUEcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhNdMA0G
CSqGSIb3DQEBCwUAA4IBAQB3kQ1y6P8rjz8Q5Fi54/z4hXJhxJ4dNRVCxoxZRRBN
SQvOFwmiZXzbgtCIPu7BBFKlCH7yV4d53ii5PHo3KK8WX+y3Q2d5vGhZeiMDtlXF
ZAUjQfTLM9goc/scuzHjxSNZhzuw7mkLCvtydeoDJacNFKfY6Spacc/E5ZjkmV7y
r+BUXWEFIDdMfbSIWGDFFI9HXJ0bp0F7L/H7dt6exuRTCtmm27je4Fa9VYElpJvd
hQRRkVtnyT4EcOztaMISuVICLC0KuuARYU2Ig3yMqUvVcH12ZLbu47VmEnKldKc9
MY55I0257maMnubjfCjRPt6B6hYucbkNrwlFYV//xkQl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:45 2024 by rpki-client on console-fra.rpki-client.org