Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/1182cb-5f95-4cd4-b72f-46b46fc0e496/1/W6FoiqfQ2rYUVJMcqi8dSOAbj8U.roa
File:                     W6FoiqfQ2rYUVJMcqi8dSOAbj8U.roa (raw, json)
Hash identifier:          8KBsjxcpF6Q/Yzwa6zSrAWQWFokvFTXnzS4VLrdQNOM=
Subject key identifier:   5B:A1:68:8A:A7:D0:DA:B6:14:54:93:1C:AA:2F:1D:48:E0:1B:8F:C5
Certificate issuer:       /CN=b2ed1d6066f4e4654ef5f3cc70a5d905a9af8290
Certificate serial:       018572DF08F670F5170D022359166DEB4EFE
Authority key identifier: B2:ED:1D:60:66:F4:E4:65:4E:F5:F3:CC:70:A5:D9:05:A9:AF:82:90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/su0dYGb05GVO9fPMcKXZBamvgpA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/1182cb-5f95-4cd4-b72f-46b46fc0e496/1/W6FoiqfQ2rYUVJMcqi8dSOAbj8U.roa
Signing time:             Mon 02 Jan 2023 14:24:57 +0000
ROA not before:           Mon 02 Jan 2023 14:24:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16344
IP address blocks:        217.145.160.0/20 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:df:08:f6:70:f5:17:0d:02:23:59:16:6d:eb:4e:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2ed1d6066f4e4654ef5f3cc70a5d905a9af8290
        Validity
            Not Before: Jan  2 14:24:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5ba1688aa7d0dab61454931caa2f1d48e01b8fc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:dc:74:3c:08:50:47:d7:d7:de:ca:98:ba:7e:
                    ba:78:58:12:55:5c:6c:3f:a9:f7:3d:61:30:9f:8e:
                    af:e9:42:9c:2b:83:e4:46:cd:47:ab:60:24:f6:88:
                    a0:f4:a0:17:4f:f6:bd:05:54:c3:ea:71:f3:a0:45:
                    5f:31:0a:5a:34:49:12:46:ee:d4:29:25:27:92:17:
                    56:1a:10:b7:ff:ad:fd:bf:26:fe:a8:49:bb:9e:c8:
                    89:0e:03:77:2d:eb:b8:a7:a8:0c:4d:46:7d:7f:bb:
                    21:40:32:a5:58:8d:22:a0:a1:57:6f:47:0f:7f:35:
                    d4:2c:2b:71:ad:46:94:9e:53:8c:2d:9b:36:81:55:
                    45:17:a4:04:72:f2:a8:a6:0f:21:fe:4b:6b:75:48:
                    b4:a4:a8:89:52:3a:c2:dd:3e:90:c1:41:4c:fa:5c:
                    9f:f5:ab:c8:88:6c:4c:82:61:eb:43:b4:80:c3:cb:
                    a2:8d:88:b7:99:1a:fd:35:f0:83:18:cd:35:32:fc:
                    b4:84:f7:db:8c:23:02:11:48:ac:b8:dc:1a:8d:80:
                    9e:02:b2:f7:cf:89:86:bb:06:af:d3:88:2b:32:68:
                    fc:53:18:41:7b:03:ee:e9:16:55:19:a6:79:8c:b7:
                    57:b8:00:e6:91:3d:f3:e8:23:78:5f:5a:7d:3d:fe:
                    a7:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:A1:68:8A:A7:D0:DA:B6:14:54:93:1C:AA:2F:1D:48:E0:1B:8F:C5
            X509v3 Authority Key Identifier:
                keyid:B2:ED:1D:60:66:F4:E4:65:4E:F5:F3:CC:70:A5:D9:05:A9:AF:82:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/su0dYGb05GVO9fPMcKXZBamvgpA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1182cb-5f95-4cd4-b72f-46b46fc0e496/1/W6FoiqfQ2rYUVJMcqi8dSOAbj8U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1182cb-5f95-4cd4-b72f-46b46fc0e496/1/su0dYGb05GVO9fPMcKXZBamvgpA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.145.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         22:de:b0:ae:93:5f:7a:3e:ed:73:1e:43:78:e5:2d:c8:cf:a9:
         e6:73:37:71:82:9f:a4:ec:55:64:37:64:6c:36:0d:9c:17:ae:
         e5:dc:b1:6c:e0:02:81:24:a8:cd:75:70:06:0c:9d:8e:c9:38:
         6d:2d:2e:7c:30:5a:2f:5f:f3:bc:15:b2:16:13:70:8a:69:52:
         34:98:cb:6e:1f:03:38:e2:19:63:1c:86:81:24:82:0b:7b:d7:
         69:bb:0f:45:87:76:e0:4d:33:6d:52:7e:44:9b:29:c0:60:93:
         cc:e4:c9:46:b3:eb:52:3f:94:6b:3a:31:a8:55:2b:7b:00:96:
         29:0b:58:a9:c8:be:b0:8c:e5:c8:7d:74:78:ed:c3:ee:a5:dc:
         4a:c2:e7:a3:88:ca:b4:30:2d:7a:06:c7:ff:b7:2e:4e:a6:a5:
         4c:18:30:af:e1:be:0e:06:9f:37:71:bd:01:dc:90:61:98:9b:
         89:a5:ac:7b:0e:b7:90:9c:c7:8d:23:f1:d3:0a:0d:d6:00:82:
         72:00:a8:b9:df:69:e2:b8:cf:99:0c:db:03:92:f2:76:f6:b7:
         79:b8:d7:cd:33:19:3f:d8:37:58:44:a5:98:dd:70:d6:46:c4:
         c8:18:f3:75:47:83:27:67:68:5e:8e:fc:b1:d2:02:d6:b3:b4:
         a1:25:13:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy3wj2cPUXDQIjWRZt607+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZWQxZDYwNjZmNGU0NjU0ZWY1ZjNjYzcwYTVkOTA1YTlh
ZjgyOTAwHhcNMjMwMTAyMTQyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmExNjg4YWE3ZDBkYWI2MTQ1NDkzMWNhYTJmMWQ0OGUwMWI4ZmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNx0PAhQR9fX3sqYun66eFgSVVxs
P6n3PWEwn46v6UKcK4PkRs1Hq2Ak9oig9KAXT/a9BVTD6nHzoEVfMQpaNEkSRu7U
KSUnkhdWGhC3/639vyb+qEm7nsiJDgN3Leu4p6gMTUZ9f7shQDKlWI0ioKFXb0cP
fzXULCtxrUaUnlOMLZs2gVVFF6QEcvKopg8h/ktrdUi0pKiJUjrC3T6QwUFM+lyf
9avIiGxMgmHrQ7SAw8uijYi3mRr9NfCDGM01Mvy0hPfbjCMCEUisuNwajYCeArL3
z4mGuwav04grMmj8UxhBewPu6RZVGaZ5jLdXuADmkT3z6CN4X1p9Pf6nxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFuhaIqn0Nq2FFSTHKovHUjgG4/FMB8GA1UdIwQY
MBaAFLLtHWBm9ORlTvXzzHCl2QWpr4KQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3UwZFlHYjA1R1ZPOWZQTWNLWFpCYW12Z3BBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8xMTgyY2ItNWY5NS00Y2Q0LWI3MmYt
NDZiNDZmYzBlNDk2LzEvVzZGb2lxZlEycllVVkpNY3FpOGRTT0FiajhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8xMTgyY2ItNWY5NS00Y2Q0LWI3MmYtNDZiNDZmYzBlNDk2
LzEvc3UwZFlHYjA1R1ZPOWZQTWNLWFpCYW12Z3BBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2ZGgMA0G
CSqGSIb3DQEBCwUAA4IBAQAi3rCuk196Pu1zHkN45S3Iz6nmczdxgp+k7FVkN2Rs
Ng2cF67l3LFs4AKBJKjNdXAGDJ2OyThtLS58MFovX/O8FbIWE3CKaVI0mMtuHwM4
4hljHIaBJIILe9dpuw9Fh3bgTTNtUn5EmynAYJPM5MlGs+tSP5RrOjGoVSt7AJYp
C1ipyL6wjOXIfXR47cPupdxKwuejiMq0MC16Bsf/ty5OpqVMGDCv4b4OBp83cb0B
3JBhmJuJpax7DreQnMeNI/HTCg3WAIJyAKi532niuM+ZDNsDkvJ29rd5uNfNMxk/
2DdYRKWY3XDWRsTIGPN1R4MnZ2hejvyx0gLWs7ShJRNQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:09 2024 by rpki-client on console-fra.rpki-client.org