Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/IT4uGgrMDJrTSxD4MKv17M_dTHQ.roa
File:                     IT4uGgrMDJrTSxD4MKv17M_dTHQ.roa (raw, json)
Hash identifier:          hCRx79R00XKmdto4qwUspdkNhyWA2MueU1NXM45+VJg=
Subject key identifier:   21:3E:2E:1A:0A:CC:0C:9A:D3:4B:10:F8:30:AB:F5:EC:CF:DD:4C:74
Certificate issuer:       /CN=c89c2cc489ebe48f490584ac866fe362c4117e75
Certificate serial:       018A184BBB43FDB58D56BEBD5C13033816B0
Authority key identifier: C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/IT4uGgrMDJrTSxD4MKv17M_dTHQ.roa
Signing time:             Mon 21 Aug 2023 13:32:10 +0000
ROA not before:           Mon 21 Aug 2023 13:32:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15828
IP address blocks:        46.148.40.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:18:4b:bb:43:fd:b5:8d:56:be:bd:5c:13:03:38:16:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c89c2cc489ebe48f490584ac866fe362c4117e75
        Validity
            Not Before: Aug 21 13:32:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=213e2e1a0acc0c9ad34b10f830abf5eccfdd4c74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:16:80:b6:09:1e:bf:4f:49:53:2a:88:b0:8a:
                    c6:50:cd:eb:38:8f:cf:a8:60:b5:3c:f2:3c:69:2c:
                    30:5a:70:0c:48:49:92:cb:3b:e8:18:eb:86:ec:12:
                    ea:4e:31:5d:49:82:b0:c5:26:65:be:9c:57:3f:fc:
                    fa:ef:86:33:44:3e:b3:bc:ec:30:e8:91:9c:f4:44:
                    55:52:ea:2f:96:9f:fc:a6:8c:72:21:7e:5a:6b:ac:
                    2b:08:a8:b6:b9:12:56:6e:e7:27:51:8e:58:ac:00:
                    c9:cb:fd:b1:5a:c8:71:fe:fe:cf:8b:59:80:19:18:
                    57:53:fb:60:fa:0c:bf:a2:ab:49:c2:ee:3f:5b:96:
                    c3:dd:1d:17:5a:09:d3:ff:de:0a:49:2e:3c:4c:80:
                    59:83:d9:dd:59:08:ac:16:a4:d2:6c:5e:79:a7:25:
                    ac:fb:9e:6d:f2:1f:b1:99:29:dc:ed:06:3b:d0:4d:
                    ab:f7:83:75:eb:ca:61:3b:80:76:1c:bc:68:0d:77:
                    dd:37:cf:0f:97:66:93:35:aa:9f:87:e2:b4:88:87:
                    d4:62:ae:95:1e:7f:ec:a3:be:50:c8:e4:85:13:85:
                    b8:f7:10:a1:90:98:46:5f:6e:46:b6:05:4c:ca:f3:
                    e8:5c:8a:e7:74:a8:ef:82:ca:50:61:7e:ff:bf:ec:
                    ab:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:3E:2E:1A:0A:CC:0C:9A:D3:4B:10:F8:30:AB:F5:EC:CF:DD:4C:74
            X509v3 Authority Key Identifier:
                keyid:C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/IT4uGgrMDJrTSxD4MKv17M_dTHQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/yJwsxInr5I9JBYSshm_jYsQRfnU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.148.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:94:f8:6e:fb:57:80:96:81:9e:91:d0:12:1c:5d:7d:1d:53:
         a8:1c:99:61:a4:17:46:a2:b2:8d:a0:27:48:ee:a4:ff:06:37:
         d7:67:de:38:a3:6e:c6:63:fd:70:ca:46:54:18:ba:60:69:77:
         6f:c3:be:1b:1d:f7:c2:dd:f1:f2:e7:44:eb:21:59:e3:d9:62:
         b4:9b:74:1d:98:47:ca:02:dc:b9:74:39:46:08:86:ec:2c:bc:
         2f:2e:4b:cc:0f:ef:41:02:6c:22:62:75:5c:ac:74:c1:0a:ee:
         57:bf:d1:86:31:d0:f0:71:9f:c3:04:a2:a7:e8:24:bb:da:2c:
         ef:95:d6:a9:48:7f:6e:37:29:11:d3:ca:e3:0d:80:1b:ae:ad:
         3c:8c:f7:10:1d:48:a9:53:b9:a2:bd:b7:37:d2:65:ec:51:62:
         6c:6d:e1:24:be:f1:d5:49:0f:e6:3e:8a:40:4c:5a:a6:76:75:
         69:52:3c:fd:90:67:ad:dd:7e:37:a6:95:27:39:8a:fc:51:9e:
         68:eb:73:31:90:b5:fd:24:be:5e:d2:cd:7e:7d:4f:5b:15:5f:
         38:f6:5d:6a:57:93:94:a7:19:83:da:07:dd:95:3e:88:74:00:
         53:d8:37:17:79:25:5e:18:b7:64:7b:38:08:58:cf:e7:72:43:
         a8:49:8f:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoYS7tD/bWNVr69XBMDOBawMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4OWMyY2M0ODllYmU0OGY0OTA1ODRhYzg2NmZlMzYyYzQx
MTdlNzUwHhcNMjMwODIxMTMzMjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTNlMmUxYTBhY2MwYzlhZDM0YjEwZjgzMGFiZjVlY2NmZGQ0Yzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxaAtgkev09JUyqIsIrGUM3rOI/P
qGC1PPI8aSwwWnAMSEmSyzvoGOuG7BLqTjFdSYKwxSZlvpxXP/z674YzRD6zvOww
6JGc9ERVUuovlp/8poxyIX5aa6wrCKi2uRJWbucnUY5YrADJy/2xWshx/v7Pi1mA
GRhXU/tg+gy/oqtJwu4/W5bD3R0XWgnT/94KSS48TIBZg9ndWQisFqTSbF55pyWs
+55t8h+xmSnc7QY70E2r94N168phO4B2HLxoDXfdN88Pl2aTNaqfh+K0iIfUYq6V
Hn/so75QyOSFE4W49xChkJhGX25GtgVMyvPoXIrndKjvgspQYX7/v+yrkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCE+LhoKzAya00sQ+DCr9ezP3Ux0MB8GA1UdIwQY
MBaAFMicLMSJ6+SPSQWErIZv42LEEX51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEt
YWYyY2ZhNjIyZDE4LzEvSVQ0dUdnck1ESnJUU3hENE1LdjE3TV9kVEhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEtYWYyY2ZhNjIyZDE4
LzEveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALpQoMA0G
CSqGSIb3DQEBCwUAA4IBAQABlPhu+1eAloGekdASHF19HVOoHJlhpBdGorKNoCdI
7qT/BjfXZ944o27GY/1wykZUGLpgaXdvw74bHffC3fHy50TrIVnj2WK0m3QdmEfK
Aty5dDlGCIbsLLwvLkvMD+9BAmwiYnVcrHTBCu5Xv9GGMdDwcZ/DBKKn6CS72izv
ldapSH9uNykR08rjDYAbrq08jPcQHUipU7mivbc30mXsUWJsbeEkvvHVSQ/mPopA
TFqmdnVpUjz9kGet3X43ppUnOYr8UZ5o63MxkLX9JL5e0s1+fU9bFV849l1qV5OU
pxmD2gfdlT6IdABT2DcXeSVeGLdkezgIWM/nckOoSY9j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:21 2024 by rpki-client on console-fra.rpki-client.org