Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/pvdosQHPc8NO6NIb_JSeS-h3b3A.roa
File:                     pvdosQHPc8NO6NIb_JSeS-h3b3A.roa (raw, json)
Hash identifier:          6vvi2aPGhSpx3KlVmbqd5a7AioruM7x9p553dWcm68M=
Subject key identifier:   A6:F7:68:B1:01:CF:73:C3:4E:E8:D2:1B:FC:94:9E:4B:E8:77:6F:70
Certificate issuer:       /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial:       0185A997527547E6A182BEA5C3BD2375E373
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/pvdosQHPc8NO6NIb_JSeS-h3b3A.roa
Signing time:             Fri 13 Jan 2023 05:25:44 +0000
ROA not before:           Fri 13 Jan 2023 05:25:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44587
IP address blocks:        217.151.228.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:a9:97:52:75:47:e6:a1:82:be:a5:c3:bd:23:75:e3:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
        Validity
            Not Before: Jan 13 05:25:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a6f768b101cf73c34ee8d21bfc949e4be8776f70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:bc:c5:8a:c5:ed:31:62:80:86:74:8a:fa:43:
                    e8:7c:58:f9:08:35:de:0c:df:2c:42:ce:3b:ad:1f:
                    b2:26:cd:1e:d3:82:dd:58:4a:1c:d3:93:a8:53:23:
                    27:b6:9f:a6:66:31:0c:69:de:5d:1d:f8:69:5f:fb:
                    22:f0:e3:cb:88:8c:50:32:b7:79:3a:14:9d:b5:69:
                    30:a2:85:f4:68:36:9e:c7:32:aa:1f:72:a6:59:e5:
                    3c:84:bc:fd:2b:95:68:11:15:ef:36:29:e6:94:6c:
                    97:1f:c2:6c:0d:5d:8d:8c:6e:aa:b3:a4:02:db:17:
                    9c:07:fc:0f:f5:25:13:8a:0b:a9:f1:f2:d5:1b:ec:
                    ba:d9:10:1a:6d:e2:a1:86:ce:79:20:5b:57:27:4b:
                    10:b9:77:02:1d:d2:a0:9e:d8:30:2d:34:fe:b3:45:
                    41:b0:2c:b1:32:cf:4a:d7:06:f8:33:7f:5a:60:75:
                    74:2b:29:fb:c9:a7:7e:50:bc:cc:2a:81:da:58:73:
                    7b:85:25:57:08:e0:a3:3d:bb:26:6c:36:7c:3f:9e:
                    40:ef:72:e0:a7:4d:85:44:63:2f:d8:75:a3:6b:a5:
                    49:91:ca:c6:5d:60:43:62:d2:91:ef:db:50:b1:e0:
                    94:74:d7:17:ab:ce:8c:dd:d9:4c:42:3b:fb:07:dc:
                    06:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:F7:68:B1:01:CF:73:C3:4E:E8:D2:1B:FC:94:9E:4B:E8:77:6F:70
            X509v3 Authority Key Identifier:
                keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/pvdosQHPc8NO6NIb_JSeS-h3b3A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.151.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:47:d6:09:34:68:dc:87:39:7f:a2:b0:a7:ae:f4:ae:b2:c6:
         38:7f:dd:d7:13:96:24:09:ea:fb:11:b0:ec:3f:d6:8d:c8:63:
         c2:37:e2:e7:c3:f2:27:e5:72:a0:87:3b:c8:ba:7f:bd:e3:fc:
         58:96:2d:9a:b2:50:93:de:44:b4:e3:f4:0b:70:15:b3:ef:8e:
         f1:6e:91:77:58:ac:c0:10:1a:57:8c:2c:00:6b:a1:3a:63:34:
         2b:5a:e4:43:52:77:ac:5c:07:57:db:9c:60:e1:1b:04:71:fa:
         85:b5:0c:b6:17:41:3d:3a:12:ca:06:37:71:6a:cd:57:10:c0:
         77:9d:b6:1b:00:99:fe:07:c2:62:9d:49:03:90:80:51:90:cb:
         39:cd:c5:47:2b:e0:26:ab:07:50:e7:01:ab:c4:32:24:b2:99:
         07:20:a5:45:d1:67:2d:c0:1b:68:ff:13:01:54:1c:82:a5:6c:
         2a:0d:a9:8e:24:8a:ee:3f:c4:4b:09:5b:f3:0e:0d:46:8a:cb:
         fe:f7:6a:71:ea:be:90:e4:50:94:e1:77:5c:2a:2a:c4:39:6f:
         6d:f9:b6:ce:1a:9b:48:fb:e1:ec:5d:5c:cc:58:49:88:18:71:
         5b:cb:b4:fc:84:c3:d4:86:cc:0c:44:48:36:f2:48:da:0b:3f:
         3e:eb:30:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWpl1J1R+ahgr6lw70jdeNzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjMwMTEzMDUyNTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmY3NjhiMTAxY2Y3M2MzNGVlOGQyMWJmYzk0OWU0YmU4Nzc2ZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7zFisXtMWKAhnSK+kPofFj5CDXe
DN8sQs47rR+yJs0e04LdWEoc05OoUyMntp+mZjEMad5dHfhpX/si8OPLiIxQMrd5
OhSdtWkwooX0aDaexzKqH3KmWeU8hLz9K5VoERXvNinmlGyXH8JsDV2NjG6qs6QC
2xecB/wP9SUTigup8fLVG+y62RAabeKhhs55IFtXJ0sQuXcCHdKgntgwLTT+s0VB
sCyxMs9K1wb4M39aYHV0Kyn7yad+ULzMKoHaWHN7hSVXCOCjPbsmbDZ8P55A73Lg
p02FRGMv2HWja6VJkcrGXWBDYtKR79tQseCUdNcXq86M3dlMQjv7B9wGpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKb3aLEBz3PDTujSG/yUnkvod29wMB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvcHZkb3NRSFBjOE5PNk5JYl9KU2VTLWgzYjNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZfkMA0G
CSqGSIb3DQEBCwUAA4IBAQCGR9YJNGjchzl/orCnrvSussY4f93XE5YkCer7EbDs
P9aNyGPCN+Lnw/In5XKghzvIun+94/xYli2aslCT3kS04/QLcBWz747xbpF3WKzA
EBpXjCwAa6E6YzQrWuRDUnesXAdX25xg4RsEcfqFtQy2F0E9OhLKBjdxas1XEMB3
nbYbAJn+B8JinUkDkIBRkMs5zcVHK+AmqwdQ5wGrxDIkspkHIKVF0WctwBto/xMB
VByCpWwqDamOJIruP8RLCVvzDg1Gisv+92px6r6Q5FCU4XdcKirEOW9t+bbOGptI
++HsXVzMWEmIGHFby7T8hMPUhswMREg28kjaCz8+6zDk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:38 2024 by rpki-client on console-fra.rpki-client.org