Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/Ww5yYkewLEuEkETXrIlfjS8ZikQ.roa
File:                     Ww5yYkewLEuEkETXrIlfjS8ZikQ.roa (raw, json)
Hash identifier:          T74fdoSTrs9UfwBczssEKNVvn8fwlMTQGtF6mEB2ch8=
Subject key identifier:   5B:0E:72:62:47:B0:2C:4B:84:90:44:D7:AC:89:5F:8D:2F:19:8A:44
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018E51C3B8D00AF2212FAAE76B0A9D903EC7
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/Ww5yYkewLEuEkETXrIlfjS8ZikQ.roa
Signing time:             Mon 18 Mar 2024 13:32:45 +0000
ROA not before:           Mon 18 Mar 2024 13:32:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     201138
IP address blocks:        45.147.3.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 09 Apr 2024 19:32:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:51:c3:b8:d0:0a:f2:21:2f:aa:e7:6b:0a:9d:90:3e:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Mar 18 13:32:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5b0e726247b02c4b849044d7ac895f8d2f198a44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:24:da:34:51:a0:e4:73:a2:b6:e6:f1:b6:42:
                    c2:52:e4:20:a1:74:b8:ec:7c:48:8a:e3:fd:07:dd:
                    f3:47:af:55:12:96:64:d1:38:c6:5c:de:cc:83:1e:
                    50:47:37:f3:81:b9:17:b1:38:d5:57:62:5a:d0:bf:
                    04:dc:91:99:f3:8f:2f:a1:4a:69:ca:1d:ce:cd:5c:
                    17:e9:cf:d3:d6:6c:fa:2c:ce:c1:b0:53:44:fe:f3:
                    cd:bb:f8:60:8f:23:b8:fe:9e:dd:39:f2:20:0c:0d:
                    a7:a9:66:eb:8d:a5:72:8e:c0:c8:dd:9f:51:ea:11:
                    2d:2f:c0:1a:db:aa:47:33:e0:3f:35:df:c6:7e:b9:
                    c3:99:85:37:88:48:50:49:ea:b8:83:e4:f9:62:b9:
                    4f:8a:e4:2b:18:1c:81:cc:c3:d2:4c:ef:75:57:1e:
                    60:2e:0a:7d:2c:ac:9c:06:e1:57:e9:a8:15:7b:61:
                    59:bd:e8:7d:97:69:d6:8f:6d:c5:1f:9d:5f:4e:f5:
                    27:47:b3:86:d3:29:2d:1f:07:7e:a4:7b:d6:b0:1a:
                    0a:9b:d6:46:5c:f2:9f:b1:97:8e:7a:65:b0:62:14:
                    61:8e:b7:39:09:ab:e5:1c:e4:cf:dc:c6:dd:27:d2:
                    a5:34:fe:76:72:79:ac:40:75:14:d2:33:42:c4:80:
                    50:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:0E:72:62:47:B0:2C:4B:84:90:44:D7:AC:89:5F:8D:2F:19:8A:44
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/Ww5yYkewLEuEkETXrIlfjS8ZikQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.147.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:69:7d:cd:ce:36:74:eb:35:38:b2:24:90:44:a8:aa:53:eb:
         a1:6b:66:3d:90:50:45:ef:b9:06:37:0f:b8:50:aa:e8:d9:32:
         5c:95:04:3f:c1:6a:0f:7f:64:c3:aa:f3:56:72:e8:b9:3f:e3:
         78:53:84:91:0a:da:ca:01:56:b3:72:70:73:fd:a9:f7:c2:34:
         0d:c5:e8:32:2c:58:48:f1:9e:b0:8b:1b:51:e6:33:fd:e0:20:
         a1:e9:c8:59:8d:63:a8:70:ca:cd:eb:50:bc:b4:57:3d:30:8e:
         2b:23:c2:78:43:5e:fd:0b:ec:1c:8f:fc:7e:93:5b:6b:ed:59:
         cf:1e:41:ef:84:fd:63:b0:3f:a4:8f:d7:f7:9b:bc:36:29:38:
         74:71:e5:f9:1f:d1:ec:32:4c:a9:36:ea:5c:fa:5b:e4:d9:58:
         05:9c:0e:4e:9e:b9:a3:91:a1:51:2e:b0:b4:9b:21:a6:87:79:
         5b:16:5f:e7:1c:f6:54:72:a5:97:88:0d:4d:4e:d9:a0:19:fe:
         dd:87:b9:aa:46:52:75:5a:c1:06:c8:4a:23:2d:12:59:81:32:
         dd:40:fe:22:a6:71:20:3d:d7:ff:a8:5c:61:ca:4b:12:b7:12:
         50:38:8b:5f:a3:c0:5e:f5:89:4c:fb:0f:c6:a3:d6:bd:12:4b:
         c4:47:fb:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5Rw7jQCvIhL6rnawqdkD7HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwMzE4MTMzMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjBlNzI2MjQ3YjAyYzRiODQ5MDQ0ZDdhYzg5NWY4ZDJmMTk4YTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiTaNFGg5HOitubxtkLCUuQgoXS4
7HxIiuP9B93zR69VEpZk0TjGXN7Mgx5QRzfzgbkXsTjVV2Ja0L8E3JGZ848voUpp
yh3OzVwX6c/T1mz6LM7BsFNE/vPNu/hgjyO4/p7dOfIgDA2nqWbrjaVyjsDI3Z9R
6hEtL8Aa26pHM+A/Nd/GfrnDmYU3iEhQSeq4g+T5YrlPiuQrGByBzMPSTO91Vx5g
Lgp9LKycBuFX6agVe2FZveh9l2nWj23FH51fTvUnR7OG0yktHwd+pHvWsBoKm9ZG
XPKfsZeOemWwYhRhjrc5CavlHOTP3MbdJ9KlNP52cnmsQHUU0jNCxIBQZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFsOcmJHsCxLhJBE16yJX40vGYpEMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvV3c1eVlrZXdMRXVFa0VUWHJJbGZqUzhaaWtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZMDMA0G
CSqGSIb3DQEBCwUAA4IBAQAfaX3NzjZ06zU4siSQRKiqU+uha2Y9kFBF77kGNw+4
UKro2TJclQQ/wWoPf2TDqvNWcui5P+N4U4SRCtrKAVazcnBz/an3wjQNxegyLFhI
8Z6wixtR5jP94CCh6chZjWOocMrN61C8tFc9MI4rI8J4Q179C+wcj/x+k1tr7VnP
HkHvhP1jsD+kj9f3m7w2KTh0ceX5H9HsMkypNupc+lvk2VgFnA5OnrmjkaFRLrC0
myGmh3lbFl/nHPZUcqWXiA1NTtmgGf7dh7mqRlJ1WsEGyEojLRJZgTLdQP4ipnEg
Pdf/qFxhyksStxJQOItfo8Be9YlM+w/Go9a9EkvER/sH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org