Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/216802-e8f9-4cbc-9d65-b9252cf2cc47/1/xFnKqoOj-45EWe-HgC-u3XD3g5o.roa
File:                     xFnKqoOj-45EWe-HgC-u3XD3g5o.roa (raw, json)
Hash identifier:          0tUTHONQW6yWd0JEGG647GVWzxl1hrhpEUgcYfpFw7s=
Subject key identifier:   C4:59:CA:AA:83:A3:FB:8E:44:59:EF:87:80:2F:AE:DD:70:F7:83:9A
Certificate issuer:       /CN=e46e9ab47ca91fa132565860bcdd9a107ba032e4
Certificate serial:       0185A4F393E18971C80F1782281755CA123B
Authority key identifier: E4:6E:9A:B4:7C:A9:1F:A1:32:56:58:60:BC:DD:9A:10:7B:A0:32:E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5G6atHypH6EyVlhgvN2aEHugMuQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/216802-e8f9-4cbc-9d65-b9252cf2cc47/1/xFnKqoOj-45EWe-HgC-u3XD3g5o.roa
Signing time:             Thu 12 Jan 2023 07:48:24 +0000
ROA not before:           Thu 12 Jan 2023 07:48:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6830
IP address blocks:        194.145.157.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:a4:f3:93:e1:89:71:c8:0f:17:82:28:17:55:ca:12:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e46e9ab47ca91fa132565860bcdd9a107ba032e4
        Validity
            Not Before: Jan 12 07:48:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c459caaa83a3fb8e4459ef87802faedd70f7839a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:1c:4b:cb:cd:68:51:a9:b6:25:d0:70:c9:f9:
                    6b:84:29:5a:f0:d9:23:4a:dc:c7:13:c0:19:af:0d:
                    c7:48:fd:b8:7a:f3:c8:51:82:90:7d:4f:cd:e9:85:
                    0d:c3:32:bc:15:a8:7a:61:94:94:60:80:dd:7a:4b:
                    20:19:cf:31:4f:c9:61:a9:2b:aa:bf:68:ba:78:39:
                    ae:3a:11:da:fa:19:3c:e4:65:0f:e8:3c:1c:7d:04:
                    e1:f8:57:87:52:8a:a0:87:03:53:74:9c:f3:52:72:
                    52:cb:99:56:a4:af:c8:bd:1d:01:16:5c:a9:21:a8:
                    25:12:c8:8d:93:bd:6e:14:a5:f0:0e:f7:02:29:a9:
                    01:8a:7a:32:7c:34:37:93:fc:8f:46:80:0c:03:21:
                    a9:14:7b:d8:59:85:af:ed:78:6a:f2:08:6f:21:f8:
                    57:51:68:61:02:4c:67:a6:e4:29:1e:07:ab:89:bc:
                    7c:04:b1:5d:3f:69:b3:2d:be:94:00:d1:bb:fe:64:
                    9a:be:f7:4d:41:ee:1b:e0:52:60:45:a1:7e:38:2e:
                    7d:1c:40:c4:bd:9d:35:4e:88:f1:eb:0f:d9:2d:3f:
                    04:71:2f:72:c9:60:c8:4a:c5:8d:79:b2:49:91:c5:
                    bb:89:ff:d8:f4:d3:28:c5:5f:79:66:01:58:d9:28:
                    79:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:59:CA:AA:83:A3:FB:8E:44:59:EF:87:80:2F:AE:DD:70:F7:83:9A
            X509v3 Authority Key Identifier:
                keyid:E4:6E:9A:B4:7C:A9:1F:A1:32:56:58:60:BC:DD:9A:10:7B:A0:32:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5G6atHypH6EyVlhgvN2aEHugMuQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/216802-e8f9-4cbc-9d65-b9252cf2cc47/1/xFnKqoOj-45EWe-HgC-u3XD3g5o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/216802-e8f9-4cbc-9d65-b9252cf2cc47/1/5G6atHypH6EyVlhgvN2aEHugMuQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.145.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:6c:4b:57:ac:bf:39:5a:7c:74:d4:ce:4b:15:9c:5b:dc:57:
         8f:dd:aa:bb:9d:ab:ff:7a:3e:61:0d:9f:86:3f:84:07:18:67:
         bf:93:a3:57:3d:1a:2a:ef:4e:9a:ea:77:8b:2f:f0:79:29:60:
         5e:5a:d2:f6:9a:cf:62:e6:5d:44:9e:c6:3b:fe:49:c7:9d:f8:
         01:bc:64:ed:db:46:d0:0d:a7:3e:ca:16:26:bf:f8:49:3f:93:
         ab:4e:e8:3d:4a:0e:e3:94:09:fc:ba:60:13:d2:f6:ef:ef:b8:
         c6:c9:d3:45:1b:ef:c0:9f:9c:60:73:03:0b:d8:8a:e5:b7:51:
         f4:82:5c:f2:4f:4d:9d:5e:39:e7:95:f7:df:16:2a:1c:48:f5:
         ec:cc:dd:0f:bf:b9:b9:ef:55:3b:0b:c5:66:b1:1c:45:b0:97:
         e8:36:6f:c6:9c:cb:73:56:b9:07:69:f6:f1:95:a5:e9:49:f0:
         30:3d:17:ed:bd:d7:12:92:aa:10:ae:1f:55:7f:8c:77:77:c2:
         a7:54:ef:36:dd:07:93:15:d4:2e:51:81:5e:c6:78:9d:fb:4c:
         c0:47:21:fc:80:cb:9b:ef:ef:99:c2:05:91:43:58:94:5d:7b:
         e0:e3:a5:18:a2:64:39:96:ef:9c:b2:25:d1:00:de:8b:85:89:
         52:98:a6:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWk85PhiXHIDxeCKBdVyhI7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NmU5YWI0N2NhOTFmYTEzMjU2NTg2MGJjZGQ5YTEwN2Jh
MDMyZTQwHhcNMjMwMTEyMDc0ODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDU5Y2FhYTgzYTNmYjhlNDQ1OWVmODc4MDJmYWVkZDcwZjc4MzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxxLy81oUam2JdBwyflrhCla8Nkj
StzHE8AZrw3HSP24evPIUYKQfU/N6YUNwzK8Fah6YZSUYIDdeksgGc8xT8lhqSuq
v2i6eDmuOhHa+hk85GUP6DwcfQTh+FeHUoqghwNTdJzzUnJSy5lWpK/IvR0BFlyp
IaglEsiNk71uFKXwDvcCKakBinoyfDQ3k/yPRoAMAyGpFHvYWYWv7Xhq8ghvIfhX
UWhhAkxnpuQpHgeribx8BLFdP2mzLb6UANG7/mSavvdNQe4b4FJgRaF+OC59HEDE
vZ01Tojx6w/ZLT8EcS9yyWDISsWNebJJkcW7if/Y9NMoxV95ZgFY2Sh5KQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMRZyqqDo/uORFnvh4Avrt1w94OaMB8GA1UdIwQY
MBaAFORumrR8qR+hMlZYYLzdmhB7oDLkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUc2YXRIeXBINkV5VmxoZ3ZOMmFFSHVnTXVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8yMTY4MDItZThmOS00Y2JjLTlkNjUt
YjkyNTJjZjJjYzQ3LzEveEZuS3FvT2otNDVFV2UtSGdDLXUzWEQzZzVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8yMTY4MDItZThmOS00Y2JjLTlkNjUtYjkyNTJjZjJjYzQ3
LzEvNUc2YXRIeXBINkV5VmxoZ3ZOMmFFSHVnTXVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpGdMA0G
CSqGSIb3DQEBCwUAA4IBAQBEbEtXrL85Wnx01M5LFZxb3FeP3aq7nav/ej5hDZ+G
P4QHGGe/k6NXPRoq706a6neLL/B5KWBeWtL2ms9i5l1EnsY7/knHnfgBvGTt20bQ
Dac+yhYmv/hJP5OrTug9Sg7jlAn8umAT0vbv77jGydNFG+/An5xgcwML2Irlt1H0
glzyT02dXjnnlfffFiocSPXszN0Pv7m571U7C8VmsRxFsJfoNm/GnMtzVrkHafbx
laXpSfAwPRftvdcSkqoQrh9Vf4x3d8KnVO823QeTFdQuUYFexnid+0zARyH8gMub
7++ZwgWRQ1iUXXvg46UYomQ5lu+csiXRAN6LhYlSmKal
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:35 2024 by rpki-client on console-fra.rpki-client.org