Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/pLMzn8NOdIxu4VTiZY7Z-TlA9so.roa
File:                     pLMzn8NOdIxu4VTiZY7Z-TlA9so.roa (raw, json)
Hash identifier:          OFXhJSI4rspEVUg2xs2sUEaALID6+GG8nGSgdsqqrcw=
Subject key identifier:   A4:B3:33:9F:C3:4E:74:8C:6E:E1:54:E2:65:8E:D9:F9:39:40:F6:CA
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018FA19009D4FD4C1FD67F635FAF1DDA6D22
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/pLMzn8NOdIxu4VTiZY7Z-TlA9so.roa
Signing time:             Wed 22 May 2024 18:28:42 +0000
ROA not before:           Wed 22 May 2024 18:28:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     196695
IP address blocks:        45.147.3.0/24 maxlen: 24
                          193.135.135.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 24 May 2024 16:09:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:a1:90:09:d4:fd:4c:1f:d6:7f:63:5f:af:1d:da:6d:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: May 22 18:28:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a4b3339fc34e748c6ee154e2658ed9f93940f6ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:f0:ac:99:cc:ec:7c:06:32:d3:20:06:19:d7:
                    26:57:de:40:6a:f8:0e:bc:92:55:22:40:90:a6:ed:
                    51:76:44:09:77:8c:f4:87:c3:f9:17:7b:03:fd:dd:
                    75:ed:60:4b:6f:2b:5d:08:41:89:02:9f:d6:ea:e3:
                    d1:4d:a5:75:b4:1f:64:bd:96:35:3a:31:49:cc:62:
                    5e:9b:83:63:8d:57:85:31:6c:58:74:67:64:c5:b5:
                    97:80:91:18:ce:88:94:8f:32:4b:28:c4:f2:65:e5:
                    33:1d:6b:51:e5:9a:4b:b2:d9:63:08:90:1f:95:f3:
                    fc:96:27:8c:3a:51:98:f7:b3:fc:ac:eb:32:2f:e9:
                    6f:87:37:1f:d8:c0:ef:9c:5b:41:21:5d:e4:4d:38:
                    0e:33:53:15:1a:20:ef:48:f1:97:58:42:bb:03:08:
                    d4:f2:0a:6c:19:69:b9:32:40:82:db:81:63:f2:88:
                    cf:40:ef:ec:45:ed:bc:44:46:6d:83:79:dc:14:77:
                    72:3a:ff:01:05:10:99:36:99:37:8d:b1:c6:09:15:
                    b4:24:ee:49:67:b6:0e:fe:d5:fc:17:6b:72:c3:a1:
                    81:16:5e:47:78:7d:dd:64:6b:f1:ef:d8:9c:e9:65:
                    c7:60:79:98:e3:aa:04:23:4a:8f:0f:89:73:f4:93:
                    86:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:B3:33:9F:C3:4E:74:8C:6E:E1:54:E2:65:8E:D9:F9:39:40:F6:CA
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/pLMzn8NOdIxu4VTiZY7Z-TlA9so.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.147.3.0/24
                  193.135.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:a0:d6:14:2b:f8:d0:ae:67:67:f3:bc:8c:6a:89:5a:99:aa:
         04:8e:39:7e:6e:9c:e8:e5:df:56:45:22:a0:53:0b:3a:8d:10:
         e4:43:95:90:fa:f4:85:ae:ec:ea:ae:59:84:d3:d3:46:e6:d6:
         6f:9f:fa:fa:b2:2a:74:3a:bb:ac:0c:cb:e6:4b:44:7b:db:5c:
         c7:19:06:6f:86:eb:79:a6:e9:b7:57:d1:8a:ba:ad:cd:51:ac:
         59:04:7c:23:b6:d1:03:c0:82:fb:46:e8:c1:37:51:86:73:b2:
         7c:f7:42:f8:90:92:e6:24:e1:e0:a8:c1:e0:ab:de:a1:e6:6f:
         29:f8:1e:ad:a9:a2:82:34:15:66:2a:e2:02:f6:60:5a:c5:04:
         6b:a1:02:12:55:72:ed:87:7f:c6:a2:16:97:04:2c:37:74:1c:
         9d:eb:21:b6:cc:33:a5:99:da:24:ed:ce:4b:8b:ae:71:fa:21:
         85:d9:e5:1e:8a:14:3a:e9:b7:80:b6:66:59:5d:8c:c8:62:83:
         e9:9f:9d:67:0a:5c:2f:21:29:30:19:ac:5b:3b:d6:91:0c:fe:
         45:d0:7d:85:c1:69:a1:45:b6:b6:bf:98:ed:7b:bd:00:52:57:
         12:42:ce:04:31:ee:89:b8:8b:e2:5e:04:e4:37:1a:8e:75:de:
         25:74:44:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+hkAnU/Uwf1n9jX68d2m0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwNTIyMTgyODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGIzMzM5ZmMzNGU3NDhjNmVlMTU0ZTI2NThlZDlmOTM5NDBmNmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPCsmczsfAYy0yAGGdcmV95AavgO
vJJVIkCQpu1RdkQJd4z0h8P5F3sD/d117WBLbytdCEGJAp/W6uPRTaV1tB9kvZY1
OjFJzGJem4NjjVeFMWxYdGdkxbWXgJEYzoiUjzJLKMTyZeUzHWtR5ZpLstljCJAf
lfP8lieMOlGY97P8rOsyL+lvhzcf2MDvnFtBIV3kTTgOM1MVGiDvSPGXWEK7AwjU
8gpsGWm5MkCC24Fj8ojPQO/sRe28REZtg3ncFHdyOv8BBRCZNpk3jbHGCRW0JO5J
Z7YO/tX8F2tyw6GBFl5HeH3dZGvx79ic6WXHYHmY46oEI0qPD4lz9JOGewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKSzM5/DTnSMbuFU4mWO2fk5QPbKMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvcExNem44Tk9kSXh1NFZUaVpZN1otVGxBOXNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZMDAwQA
wYeHMA0GCSqGSIb3DQEBCwUAA4IBAQBVoNYUK/jQrmdn87yMaolamaoEjjl+bpzo
5d9WRSKgUws6jRDkQ5WQ+vSFruzqrlmE09NG5tZvn/r6sip0OrusDMvmS0R721zH
GQZvhut5pum3V9GKuq3NUaxZBHwjttEDwIL7RujBN1GGc7J890L4kJLmJOHgqMHg
q96h5m8p+B6tqaKCNBVmKuIC9mBaxQRroQISVXLth3/GohaXBCw3dByd6yG2zDOl
mdok7c5Li65x+iGF2eUeihQ66beAtmZZXYzIYoPpn51nClwvISkwGaxbO9aRDP5F
0H2FwWmhRba2v5jte70AUlcSQs4EMe6JuIviXgTkNxqOdd4ldERM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org