Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/JZ3gDMm66EAzV9YNRUSZtFLHVbw.roa
File:                     JZ3gDMm66EAzV9YNRUSZtFLHVbw.roa (raw, json)
Hash identifier:          fnx9KsbOa7XrXqU5NBXdeW56eEFkpeGNrrZ+uO1vapA=
Subject key identifier:   25:9D:E0:0C:C9:BA:E8:40:33:57:D6:0D:45:44:99:B4:52:C7:55:BC
Certificate issuer:       /CN=c89c2cc489ebe48f490584ac866fe362c4117e75
Certificate serial:       018A184BBC76E25A3B404B2C5A0FD526961B
Authority key identifier: C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/JZ3gDMm66EAzV9YNRUSZtFLHVbw.roa
Signing time:             Mon 21 Aug 2023 13:32:11 +0000
ROA not before:           Mon 21 Aug 2023 13:32:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204105
IP address blocks:        46.148.38.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:18:4b:bc:76:e2:5a:3b:40:4b:2c:5a:0f:d5:26:96:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c89c2cc489ebe48f490584ac866fe362c4117e75
        Validity
            Not Before: Aug 21 13:32:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=259de00cc9bae8403357d60d454499b452c755bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:e2:94:0d:cd:81:74:d6:6f:0f:fe:5c:92:aa:
                    30:b9:6f:f6:6f:3f:cd:f2:af:49:77:1f:30:fb:ce:
                    7b:ed:d9:39:63:27:f6:9c:eb:f9:54:89:62:39:e4:
                    c6:94:23:2a:3b:80:5b:7a:fb:d5:c6:ac:e3:4c:e4:
                    d0:e0:87:86:6b:c6:c6:06:6f:47:cf:c9:8e:54:c7:
                    d1:3f:f8:6f:a1:21:d6:bb:5e:06:1a:34:78:36:6f:
                    1c:c1:36:42:26:54:58:4c:fa:35:bd:39:24:f2:9e:
                    9e:3d:6d:ae:e5:ca:8c:a1:c6:99:1e:85:b9:7e:b3:
                    08:cc:ca:d1:69:05:ff:ad:df:b2:55:1a:67:55:af:
                    6f:a8:61:fb:de:75:32:8c:01:92:75:0e:95:62:53:
                    b7:66:b1:e8:9c:e7:4b:85:a1:cb:ad:ca:9e:ae:e6:
                    75:16:65:51:c6:93:77:a0:dc:3d:a5:d8:2a:b1:91:
                    00:61:5a:68:08:6e:3c:44:aa:22:d3:ec:79:05:c6:
                    67:67:c1:71:13:54:f5:07:fa:bd:a7:79:43:e1:e4:
                    50:c0:4c:52:e6:8d:2d:26:bc:1b:8c:fc:f5:a2:47:
                    91:56:e5:e0:75:d7:0a:4a:f7:8b:35:94:9b:67:11:
                    e7:d2:7c:fc:6c:94:ae:82:c4:8a:7f:30:82:1b:b8:
                    de:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:9D:E0:0C:C9:BA:E8:40:33:57:D6:0D:45:44:99:B4:52:C7:55:BC
            X509v3 Authority Key Identifier:
                keyid:C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/JZ3gDMm66EAzV9YNRUSZtFLHVbw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/yJwsxInr5I9JBYSshm_jYsQRfnU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.148.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:16:12:cc:81:11:be:0b:90:c5:47:54:20:6e:b6:7e:bc:30:
         bc:b7:77:e2:72:e6:d0:e6:a2:ff:d8:ed:9d:ac:f9:a2:7e:48:
         58:5e:18:bc:37:88:8e:52:da:15:29:3c:4e:17:ab:44:31:3b:
         9c:a5:c4:6a:e2:5c:6c:86:7d:49:5c:b8:2c:a1:95:4c:7d:3e:
         65:2f:8d:6f:40:49:a3:8b:da:18:2e:87:74:ed:e8:5a:58:89:
         98:76:ff:4d:0e:33:f7:04:ca:51:86:51:ad:a1:86:4e:5a:67:
         31:48:02:d9:2d:75:4d:16:a0:84:99:d0:3f:f9:32:6d:80:b7:
         bf:d7:48:23:ab:b4:58:a7:7f:8f:6d:1d:72:21:c2:1e:53:f8:
         bc:10:cf:e7:7f:e2:90:b4:30:95:e4:9b:27:a5:69:94:49:2f:
         af:64:31:e2:a8:a0:66:1d:ee:6d:e8:48:e6:fb:65:02:db:ce:
         ac:88:61:48:d8:29:b2:91:86:a7:56:2f:72:72:39:3d:d5:bd:
         33:a7:44:e2:a5:28:58:f6:dc:13:ae:df:b3:20:2f:f1:51:73:
         46:5b:fc:70:b2:8d:c1:33:ea:9d:ef:22:27:b8:74:20:46:26:
         35:12:75:2f:11:55:0c:7e:b7:28:6c:57:58:d2:dd:0f:51:c0:
         70:70:73:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoYS7x24lo7QEssWg/VJpYbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4OWMyY2M0ODllYmU0OGY0OTA1ODRhYzg2NmZlMzYyYzQx
MTdlNzUwHhcNMjMwODIxMTMzMjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTlkZTAwY2M5YmFlODQwMzM1N2Q2MGQ0NTQ0OTliNDUyYzc1NWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOKUDc2BdNZvD/5ckqowuW/2bz/N
8q9Jdx8w+8577dk5Yyf2nOv5VIliOeTGlCMqO4BbevvVxqzjTOTQ4IeGa8bGBm9H
z8mOVMfRP/hvoSHWu14GGjR4Nm8cwTZCJlRYTPo1vTkk8p6ePW2u5cqMocaZHoW5
frMIzMrRaQX/rd+yVRpnVa9vqGH73nUyjAGSdQ6VYlO3ZrHonOdLhaHLrcqeruZ1
FmVRxpN3oNw9pdgqsZEAYVpoCG48RKoi0+x5BcZnZ8FxE1T1B/q9p3lD4eRQwExS
5o0tJrwbjPz1okeRVuXgddcKSveLNZSbZxHn0nz8bJSugsSKfzCCG7jeHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCWd4AzJuuhAM1fWDUVEmbRSx1W8MB8GA1UdIwQY
MBaAFMicLMSJ6+SPSQWErIZv42LEEX51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEt
YWYyY2ZhNjIyZDE4LzEvSlozZ0RNbTY2RUF6VjlZTlJVU1p0RkxIVmJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEtYWYyY2ZhNjIyZDE4
LzEveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALpQmMA0G
CSqGSIb3DQEBCwUAA4IBAQAwFhLMgRG+C5DFR1QgbrZ+vDC8t3ficubQ5qL/2O2d
rPmifkhYXhi8N4iOUtoVKTxOF6tEMTucpcRq4lxshn1JXLgsoZVMfT5lL41vQEmj
i9oYLod07ehaWImYdv9NDjP3BMpRhlGtoYZOWmcxSALZLXVNFqCEmdA/+TJtgLe/
10gjq7RYp3+PbR1yIcIeU/i8EM/nf+KQtDCV5JsnpWmUSS+vZDHiqKBmHe5t6Ejm
+2UC286siGFI2CmykYanVi9ycjk91b0zp0TipShY9twTrt+zIC/xUXNGW/xwso3B
M+qd7yInuHQgRiY1EnUvEVUMfrcobFdY0t0PUcBwcHOc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:21 2024 by rpki-client on console-fra.rpki-client.org