Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/1j3p-U-3nMnXrY1xtfLs_tauEbs.roa
File:                     1j3p-U-3nMnXrY1xtfLs_tauEbs.roa (raw, json)
Hash identifier:          9TzA5JE3W5qMFbz2i03x6DmFvVwbc97MSe/pQJDKU0o=
Subject key identifier:   D6:3D:E9:F9:4F:B7:9C:C9:D7:AD:8D:71:B5:F2:EC:FE:D6:AE:11:BB
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018E41E58719899D16AC492AD7CBE2CD4217
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/1j3p-U-3nMnXrY1xtfLs_tauEbs.roa
Signing time:             Fri 15 Mar 2024 11:35:45 +0000
ROA not before:           Fri 15 Mar 2024 11:35:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215498
IP address blocks:        45.147.3.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 18 Mar 2024 13:32:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:41:e5:87:19:89:9d:16:ac:49:2a:d7:cb:e2:cd:42:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Mar 15 11:35:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d63de9f94fb79cc9d7ad8d71b5f2ecfed6ae11bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:fa:a7:4d:70:96:4e:3b:ad:87:c4:cb:01:eb:
                    bb:c9:2a:8d:12:30:cc:71:ce:cd:ae:5f:a4:b3:a7:
                    d3:72:54:da:5b:ae:ea:09:8c:df:23:3f:15:a3:72:
                    9d:68:c6:dc:4d:5b:cc:61:f6:2c:80:d4:11:b2:c4:
                    93:05:ae:2e:da:39:3e:a3:ef:bf:ea:b6:40:76:62:
                    34:d8:be:c5:66:e5:06:0d:2b:bc:d8:5c:07:8d:0c:
                    83:06:03:d6:e3:b4:ec:de:91:14:28:60:f3:e4:58:
                    a3:71:ee:a3:1d:05:23:57:85:7b:c1:d6:53:78:36:
                    be:df:83:8a:8d:54:c1:a0:fd:6b:cc:c6:c1:ac:d3:
                    57:07:67:82:f0:db:41:6e:36:f0:e2:06:57:8a:3f:
                    cf:2b:b7:d1:7d:03:c0:7a:a4:e1:87:8a:07:f1:cb:
                    74:56:e0:c6:eb:04:fb:84:89:ef:4f:30:94:c1:bf:
                    75:13:dd:9b:b1:0a:12:97:ec:c8:88:0b:10:ad:9e:
                    7f:48:29:6f:d9:df:d9:83:13:75:11:cd:1b:4f:fa:
                    b6:85:74:7e:ab:d1:61:89:18:28:0c:03:f2:09:e5:
                    0f:f9:4c:7c:27:06:a6:84:6e:a8:57:72:86:b4:34:
                    d1:f9:ec:f5:8e:88:56:13:d7:a4:d3:85:07:59:a9:
                    d6:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:3D:E9:F9:4F:B7:9C:C9:D7:AD:8D:71:B5:F2:EC:FE:D6:AE:11:BB
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/1j3p-U-3nMnXrY1xtfLs_tauEbs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.147.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:49:4e:38:09:45:ba:df:08:3d:75:41:78:88:14:69:0f:d0:
         dc:c9:58:21:7b:cb:eb:31:8a:2d:be:ff:d8:2d:23:b1:5d:b8:
         ff:31:48:13:77:c3:0f:b8:0d:60:2a:97:e0:f3:c8:91:7c:26:
         b4:c5:49:f0:d6:ae:44:e0:af:ff:f2:90:70:cf:42:06:24:3d:
         80:d9:12:e3:e3:37:9a:94:06:97:e4:9c:a7:ef:21:ad:8c:16:
         3a:f1:5b:fa:69:a1:de:f5:bf:30:7c:b6:17:a9:27:c8:26:6a:
         4e:99:2f:0f:f7:97:fc:81:49:a9:40:88:22:ff:e8:39:f8:e6:
         66:37:a8:33:22:db:cd:51:5d:26:ef:81:c9:7b:9f:07:3a:ed:
         ee:cc:4e:f0:8b:d3:3e:de:a6:74:02:ad:15:b8:5a:9b:e1:59:
         d9:51:30:21:a9:f8:b6:bc:8b:18:6b:2e:5f:e0:91:3b:f9:97:
         29:ca:16:eb:38:a9:01:08:6d:8d:b5:2e:26:9a:6e:99:76:05:
         15:07:c9:32:63:8d:ce:74:4c:e3:3b:71:41:9c:55:97:6a:0b:
         df:ed:8e:8f:5b:d9:60:8c:e9:90:f2:e1:59:6d:cd:dd:dd:07:
         31:eb:54:6f:d3:20:3c:08:de:4a:1f:5b:f5:ce:cf:f6:3c:33:
         ea:a1:64:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5B5YcZiZ0WrEkq18vizUIXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwMzE1MTEzNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjNkZTlmOTRmYjc5Y2M5ZDdhZDhkNzFiNWYyZWNmZWQ2YWUxMWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5PqnTXCWTjuth8TLAeu7ySqNEjDM
cc7Nrl+ks6fTclTaW67qCYzfIz8Vo3KdaMbcTVvMYfYsgNQRssSTBa4u2jk+o++/
6rZAdmI02L7FZuUGDSu82FwHjQyDBgPW47Ts3pEUKGDz5Fijce6jHQUjV4V7wdZT
eDa+34OKjVTBoP1rzMbBrNNXB2eC8NtBbjbw4gZXij/PK7fRfQPAeqThh4oH8ct0
VuDG6wT7hInvTzCUwb91E92bsQoSl+zIiAsQrZ5/SClv2d/ZgxN1Ec0bT/q2hXR+
q9FhiRgoDAPyCeUP+Ux8JwamhG6oV3KGtDTR+ez1johWE9ek04UHWanWMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNY96flPt5zJ162NcbXy7P7WrhG7MB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvMWozcC1VLTNuTW5YclkxeHRmTHNfdGF1RWJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZMDMA0G
CSqGSIb3DQEBCwUAA4IBAQBRSU44CUW63wg9dUF4iBRpD9DcyVghe8vrMYotvv/Y
LSOxXbj/MUgTd8MPuA1gKpfg88iRfCa0xUnw1q5E4K//8pBwz0IGJD2A2RLj4zea
lAaX5Jyn7yGtjBY68Vv6aaHe9b8wfLYXqSfIJmpOmS8P95f8gUmpQIgi/+g5+OZm
N6gzItvNUV0m74HJe58HOu3uzE7wi9M+3qZ0Aq0VuFqb4VnZUTAhqfi2vIsYay5f
4JE7+ZcpyhbrOKkBCG2NtS4mmm6ZdgUVB8kyY43OdEzjO3FBnFWXagvf7Y6PW9lg
jOmQ8uFZbc3d3Qcx61Rv0yA8CN5KH1v1zs/2PDPqoWSd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org