Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/_dnm5fp0FfIeb4gpbaFwDBz7OLE.roa
File:                     _dnm5fp0FfIeb4gpbaFwDBz7OLE.roa (raw, json)
Hash identifier:          qsR39Xh1Zv7JuRyK3WASZY0Cfnq5Fv3BCe+f5Ags6e8=
Subject key identifier:   FD:D9:E6:E5:FA:74:15:F2:1E:6F:88:29:6D:A1:70:0C:1C:FB:38:B1
Certificate issuer:       /CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Certificate serial:       0187BEC7406C72EB4F1B36B5A6F4115571C0
Authority key identifier: EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/_dnm5fp0FfIeb4gpbaFwDBz7OLE.roa
Signing time:             Wed 26 Apr 2023 18:15:41 +0000
ROA not before:           Wed 26 Apr 2023 18:15:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44989
IP address blocks:        212.163.144.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:be:c7:40:6c:72:eb:4f:1b:36:b5:a6:f4:11:55:71:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
        Validity
            Not Before: Apr 26 18:15:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fdd9e6e5fa7415f21e6f88296da1700c1cfb38b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:d5:54:fb:78:06:38:87:5a:91:43:f9:80:2a:
                    ff:7b:16:47:09:e7:6a:9b:40:48:dc:32:79:f0:c8:
                    b7:9e:35:4a:9c:68:2f:4e:db:0e:0f:50:88:db:f0:
                    08:fc:a4:1f:4f:57:c0:e3:2e:14:25:9e:e2:ae:5d:
                    a8:66:b7:45:4b:18:d0:ac:95:7f:ed:6e:e0:0a:2e:
                    22:10:04:04:e9:40:a0:77:40:02:41:99:8a:46:aa:
                    d4:33:e7:71:67:3e:26:54:61:1e:c4:f0:66:20:33:
                    07:a7:f5:da:70:67:9c:85:d1:7e:91:e7:c0:3d:db:
                    8e:83:bc:0b:e4:5c:ff:85:8e:be:6d:b2:2b:a7:9e:
                    af:34:2d:ed:64:04:53:74:e3:6c:be:d4:6c:3a:3f:
                    3d:6b:0c:a1:8a:b8:9d:e1:45:b1:b3:83:bc:7b:ad:
                    5a:57:6c:f3:a4:96:6a:9e:d1:99:58:b2:f0:39:9c:
                    6f:31:ca:62:c5:91:2b:ec:be:fd:bb:57:76:12:e1:
                    83:15:5b:a7:b7:b9:a0:20:9b:1b:91:ec:df:f1:59:
                    40:c4:55:19:b9:de:d7:8b:cf:fb:de:2b:b0:a4:6a:
                    bc:d2:bb:8f:02:43:61:7b:c8:8c:91:20:52:22:02:
                    71:b5:37:ed:15:52:bd:fc:51:7c:43:74:57:75:e5:
                    ab:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:D9:E6:E5:FA:74:15:F2:1E:6F:88:29:6D:A1:70:0C:1C:FB:38:B1
            X509v3 Authority Key Identifier:
                keyid:EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/_dnm5fp0FfIeb4gpbaFwDBz7OLE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.163.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:1b:d7:da:0e:ed:ac:58:b2:d7:e1:e0:22:a3:65:12:93:84:
         d7:e7:4e:ce:9b:60:ff:7e:18:60:b5:d2:7c:a1:7d:bb:70:eb:
         5e:03:6c:18:13:3e:32:0d:8a:52:70:d0:8d:92:8e:c8:f7:6d:
         2b:37:57:c1:4e:43:9c:c9:42:d1:9b:00:07:a3:99:ce:62:d4:
         8e:c3:42:aa:fa:73:32:2d:f0:6b:1e:5e:68:1c:a7:2b:99:13:
         da:fd:1b:58:eb:b7:63:a4:f7:0c:94:bd:02:24:b9:13:b6:e1:
         11:7a:4e:0f:43:b7:d9:11:d6:87:77:fd:5b:f1:7c:10:95:50:
         22:eb:39:25:f2:86:d7:cf:7b:d7:68:27:27:f7:96:b0:5d:7a:
         98:f8:93:66:ac:f0:a9:c6:52:c1:c1:61:e5:2a:0c:5e:77:f7:
         5a:68:b3:0e:b4:e2:20:6a:30:93:d9:aa:07:fd:c6:ed:ab:4b:
         f4:2c:1b:bf:be:b7:b6:8f:db:36:24:11:71:e8:ac:44:db:25:
         20:5e:18:3b:ca:ea:0b:68:aa:76:75:25:25:a0:d6:e7:59:5b:
         f7:6a:9d:57:6d:2b:12:0c:68:6a:d5:09:5e:20:b0:70:6c:fa:
         f3:15:12:d2:c7:7e:66:50:ce:e4:8f:05:93:60:cb:85:92:9e:
         4e:d2:07:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe+x0BscutPGza1pvQRVXHAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2U3MWI5Njk5MmRhM2Q5MWM4OGRkNzRlZjQxZjliOTVi
OTQ4NWIwHhcNMjMwNDI2MTgxNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGQ5ZTZlNWZhNzQxNWYyMWU2Zjg4Mjk2ZGExNzAwYzFjZmIzOGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9VU+3gGOIdakUP5gCr/exZHCedq
m0BI3DJ58Mi3njVKnGgvTtsOD1CI2/AI/KQfT1fA4y4UJZ7irl2oZrdFSxjQrJV/
7W7gCi4iEAQE6UCgd0ACQZmKRqrUM+dxZz4mVGEexPBmIDMHp/XacGechdF+kefA
PduOg7wL5Fz/hY6+bbIrp56vNC3tZARTdONsvtRsOj89awyhirid4UWxs4O8e61a
V2zzpJZqntGZWLLwOZxvMcpixZEr7L79u1d2EuGDFVunt7mgIJsbkezf8VlAxFUZ
ud7Xi8/73iuwpGq80ruPAkNhe8iMkSBSIgJxtTftFVK9/FF8Q3RXdeWrpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP3Z5uX6dBXyHm+IKW2hcAwc+zixMB8GA1UdIwQY
MBaAFO8+cblpkto9kciN1070H5uVuUhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDIt
OTE5NmNlNDQ2NTI3LzEvX2RubTVmcDBGZkllYjRncGJhRndEQno3T0xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDItOTE5NmNlNDQ2NTI3
LzEvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1KOQMA0G
CSqGSIb3DQEBCwUAA4IBAQAXG9faDu2sWLLX4eAio2USk4TX507Om2D/fhhgtdJ8
oX27cOteA2wYEz4yDYpScNCNko7I920rN1fBTkOcyULRmwAHo5nOYtSOw0Kq+nMy
LfBrHl5oHKcrmRPa/RtY67djpPcMlL0CJLkTtuERek4PQ7fZEdaHd/1b8XwQlVAi
6zkl8obXz3vXaCcn95awXXqY+JNmrPCpxlLBwWHlKgxed/daaLMOtOIgajCT2aoH
/cbtq0v0LBu/vre2j9s2JBFx6KxE2yUgXhg7yuoLaKp2dSUloNbnWVv3ap1XbSsS
DGhq1QleILBwbPrzFRLSx35mUM7kjwWTYMuFkp5O0gfI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:03 2024 by rpki-client on console-fra.rpki-client.org