Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/17JKyQz02jXIVqSKb7DGbW1kN5A.roa
File:                     17JKyQz02jXIVqSKb7DGbW1kN5A.roa (raw, json)
Hash identifier:          yR8YNSZK82AImbQqh6fmAC+sRVp6ftd+KDCugPR1dz8=
Subject key identifier:   D7:B2:4A:C9:0C:F4:DA:35:C8:56:A4:8A:6F:B0:C6:6D:6D:64:37:90
Certificate issuer:       /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial:       0185719563725FD36F685C6DD92EA2DDCEB6
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/17JKyQz02jXIVqSKb7DGbW1kN5A.roa
Signing time:             Mon 02 Jan 2023 08:24:53 +0000
ROA not before:           Mon 02 Jan 2023 08:24:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1199
IP address blocks:        145.111.0.0/16 maxlen: 16

Validation:               Failed, certificate revoked on Thu 28 Sep 2023 13:05:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:95:63:72:5f:d3:6f:68:5c:6d:d9:2e:a2:dd:ce:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
        Validity
            Not Before: Jan  2 08:24:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d7b24ac90cf4da35c856a48a6fb0c66d6d643790
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:d1:10:0a:94:4d:b4:d7:f4:03:6f:3a:9a:52:
                    e5:24:ac:d2:5f:05:2c:b4:0f:3b:8b:2d:09:12:b5:
                    35:d2:78:58:d7:ec:67:f7:be:9d:6e:26:bf:ab:54:
                    5c:d2:e3:ae:9f:e5:65:55:82:5f:74:f4:ae:3a:64:
                    c9:dd:14:8f:b8:ac:3e:7a:42:9d:7e:9e:3f:9a:c1:
                    fe:d1:3d:43:a9:a8:0d:4b:23:78:34:db:00:f7:3b:
                    85:f8:5e:4e:00:80:1f:45:e2:a7:52:44:f7:bf:a7:
                    99:e8:73:ce:e2:cc:f8:5e:86:38:71:f6:a0:eb:a8:
                    e8:6f:e7:34:6b:55:10:cc:d6:52:e4:f6:60:db:45:
                    c6:7c:39:87:48:78:cc:42:b3:38:9f:bd:d2:54:79:
                    39:e3:9d:e1:3d:db:43:39:ce:15:27:ef:3d:7e:3f:
                    2f:16:bb:b8:2e:40:9d:15:80:81:5c:cd:a1:96:86:
                    ba:6e:d9:84:7c:e8:7e:13:67:e5:11:e1:a6:bc:e7:
                    a6:54:d8:3f:d5:28:c6:7a:59:80:cf:9c:72:ad:20:
                    3b:05:84:d9:72:b8:b0:75:80:0e:36:14:3c:0e:96:
                    33:2f:4e:21:03:97:68:b3:eb:fd:dc:64:ff:63:8f:
                    58:68:71:b4:82:77:b8:9d:8a:24:d7:a9:04:bb:1e:
                    b0:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:B2:4A:C9:0C:F4:DA:35:C8:56:A4:8A:6F:B0:C6:6D:6D:64:37:90
            X509v3 Authority Key Identifier:
                keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/17JKyQz02jXIVqSKb7DGbW1kN5A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  145.111.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         0c:ad:28:4c:d7:49:68:85:fa:7a:6f:d4:fd:c4:1d:52:2c:1a:
         f2:1e:eb:77:e8:45:02:3b:92:5e:5e:b3:99:1f:a5:c4:d8:f2:
         c6:56:1e:99:7e:09:a9:a6:0b:30:08:e0:3d:9f:90:c1:d3:f2:
         53:f9:58:85:52:59:36:bc:46:cb:87:ab:2f:5a:76:80:ec:fb:
         e6:ba:cd:0d:9e:b2:39:75:ef:d3:20:7d:a2:5c:35:9d:94:14:
         cf:70:a6:bd:aa:1a:1e:94:be:7a:1b:d5:f0:72:12:db:41:0e:
         38:be:d2:aa:46:b2:76:a2:f5:0a:77:ed:48:25:c2:d4:dd:f9:
         1f:b8:de:f0:44:cc:95:d6:f7:12:10:cc:07:1b:3a:75:90:03:
         75:0c:6c:34:02:a7:bf:3d:3d:08:44:f0:56:96:c3:3c:a5:e2:
         14:89:09:d5:bd:30:7b:f8:f4:b6:b2:12:ac:42:b6:e6:9a:7e:
         7f:3d:91:0b:c4:74:32:23:3c:e2:55:04:31:64:b6:b7:03:17:
         50:7c:5e:00:2c:94:02:1a:2b:be:ff:08:10:ae:08:7f:d8:dc:
         67:80:89:53:c1:05:30:b1:4e:6c:13:74:85:b9:cf:9d:ba:82:
         66:c4:00:db:8c:3b:50:06:cf:13:de:76:7a:3a:98:0c:92:aa:
         ae:71:6c:6e
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVxlWNyX9NvaFxt2S6i3c62MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjMwMTAyMDgyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2IyNGFjOTBjZjRkYTM1Yzg1NmE0OGE2ZmIwYzY2ZDZkNjQzNzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dEQCpRNtNf0A286mlLlJKzSXwUs
tA87iy0JErU10nhY1+xn976dbia/q1Rc0uOun+VlVYJfdPSuOmTJ3RSPuKw+ekKd
fp4/msH+0T1DqagNSyN4NNsA9zuF+F5OAIAfReKnUkT3v6eZ6HPO4sz4XoY4cfag
66job+c0a1UQzNZS5PZg20XGfDmHSHjMQrM4n73SVHk5453hPdtDOc4VJ+89fj8v
Fru4LkCdFYCBXM2hloa6btmEfOh+E2flEeGmvOemVNg/1SjGelmAz5xyrSA7BYTZ
criwdYAONhQ8DpYzL04hA5dos+v93GT/Y49YaHG0gne4nYok16kEux6wGQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFNeySskM9No1yFakim+wxm1tZDeQMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvMTdKS3lRejAyalhJVnFTS2I3REdiVzFrTjVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAkW8wDQYJ
KoZIhvcNAQELBQADggEBAAytKEzXSWiF+npv1P3EHVIsGvIe63foRQI7kl5es5kf
pcTY8sZWHpl+CammCzAI4D2fkMHT8lP5WIVSWTa8RsuHqy9adoDs++a6zQ2esjl1
79MgfaJcNZ2UFM9wpr2qGh6Uvnob1fByEttBDji+0qpGsnai9Qp37UglwtTd+R+4
3vBEzJXW9xIQzAcbOnWQA3UMbDQCp789PQhE8FaWwzyl4hSJCdW9MHv49LayEqxC
tuaafn89kQvEdDIjPOJVBDFktrcDF1B8XgAslAIaK77/CBCuCH/Y3GeAiVPBBTCx
TmwTdIW5z526gmbEANuMO1AGzxPedno6mAySqq5xbG4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:09 2024 by rpki-client on console-fra.rpki-client.org