Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/6C_RqzqUsUjC9iaL80EC4Y-EQnE.roa
File:                     6C_RqzqUsUjC9iaL80EC4Y-EQnE.roa (raw, json)
Hash identifier:          2arOrWawXyPwO/Dyt0tSvCy8mo1RPW/xyMM9gDvG96M=
Subject key identifier:   E8:2F:D1:AB:3A:94:B1:48:C2:F6:26:8B:F3:41:02:E1:8F:84:42:71
Certificate issuer:       /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial:       0185719557F49C3207BB188ACD3631615301
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/6C_RqzqUsUjC9iaL80EC4Y-EQnE.roa
Signing time:             Mon 02 Jan 2023 08:24:50 +0000
ROA not before:           Mon 02 Jan 2023 08:24:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     702
IP address blocks:        145.4.0.0/16 maxlen: 16

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:95:57:f4:9c:32:07:bb:18:8a:cd:36:31:61:53:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
        Validity
            Not Before: Jan  2 08:24:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e82fd1ab3a94b148c2f6268bf34102e18f844271
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:9f:1d:03:ca:b1:33:5c:e2:61:92:cb:dc:a9:
                    27:22:89:7f:82:5e:55:5f:fa:2e:4c:97:17:f7:ea:
                    ff:a6:14:34:18:97:17:62:7e:dd:b4:e8:2c:37:79:
                    d6:ad:2a:de:a4:1b:e1:14:45:c3:e6:f6:f5:9b:e9:
                    09:9a:62:98:41:5e:d2:f1:1d:46:e7:b5:0e:e6:b2:
                    ce:74:34:95:b2:01:e6:41:45:15:8e:ea:b1:05:f4:
                    0f:32:45:93:e6:0f:47:bb:95:e7:b0:51:9e:0f:c1:
                    30:53:3d:60:23:5e:33:06:76:1b:ca:3f:7d:13:77:
                    13:51:2c:d5:41:7f:a0:9a:98:b0:8a:a4:44:ff:3e:
                    93:bd:96:b0:13:82:97:33:cc:21:a5:a9:2f:a4:f8:
                    66:03:b5:78:07:65:d7:d3:9a:c8:c1:5a:3a:ce:79:
                    1c:bb:76:e2:14:f9:13:a3:cc:16:02:40:77:bc:78:
                    aa:4e:6d:d9:94:e6:50:62:91:5f:2d:b9:68:01:95:
                    62:06:18:4d:23:28:39:b1:56:1e:68:a7:3c:e8:cc:
                    1c:61:eb:88:7f:c1:da:ba:5f:8c:64:07:1b:dc:55:
                    1f:ec:55:71:0a:08:15:6d:09:6c:0c:14:5d:a3:eb:
                    63:2d:25:2a:a7:8e:3e:a9:77:4c:ac:61:e6:31:a6:
                    7b:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:2F:D1:AB:3A:94:B1:48:C2:F6:26:8B:F3:41:02:E1:8F:84:42:71
            X509v3 Authority Key Identifier:
                keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/6C_RqzqUsUjC9iaL80EC4Y-EQnE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  145.4.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         08:2c:dc:1c:6d:f2:74:ac:3b:39:ab:26:15:7c:5b:c3:7f:b6:
         db:79:84:0f:53:cc:a7:67:3f:66:51:d6:0d:a9:6c:d1:d7:0b:
         0b:e8:58:f4:aa:1e:0a:7f:00:44:07:81:81:26:52:f5:be:26:
         52:17:c0:b4:30:b1:cb:4a:7c:7a:ea:d8:25:d3:d2:1b:16:83:
         c5:0b:9c:92:e2:2c:b4:3b:73:47:e3:22:97:a5:b7:39:87:da:
         db:eb:5a:2f:3e:92:0a:60:8d:32:a2:f9:15:0d:f4:15:b9:f2:
         00:d2:99:18:a2:14:4c:18:42:9a:84:93:75:8a:ab:8b:67:fc:
         46:54:02:88:74:96:c2:6e:5d:a9:6c:01:df:79:a0:ee:ee:ca:
         27:00:a1:3c:c7:58:16:ed:5b:24:16:e5:2a:aa:5c:fd:4e:43:
         1c:ca:4a:5f:23:4a:ca:ba:1e:0e:da:3f:eb:0a:f0:72:e8:ba:
         83:4d:b9:89:2b:cc:35:80:f2:ec:56:9a:aa:d3:5c:26:64:be:
         47:a6:66:2f:4f:5f:35:b2:2c:e4:bd:65:32:e5:e8:49:b3:9d:
         df:cf:6d:48:83:48:12:17:3f:aa:c6:c1:fc:df:58:2d:9a:6c:
         f8:ef:99:2d:4c:aa:97:74:a4:f2:50:b0:bb:b0:01:87:60:e3:
         6e:78:33:4a
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVxlVf0nDIHuxiKzTYxYVMBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjMwMTAyMDgyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODJmZDFhYjNhOTRiMTQ4YzJmNjI2OGJmMzQxMDJlMThmODQ0MjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl58dA8qxM1ziYZLL3KknIol/gl5V
X/ouTJcX9+r/phQ0GJcXYn7dtOgsN3nWrSrepBvhFEXD5vb1m+kJmmKYQV7S8R1G
57UO5rLOdDSVsgHmQUUVjuqxBfQPMkWT5g9Hu5XnsFGeD8EwUz1gI14zBnYbyj99
E3cTUSzVQX+gmpiwiqRE/z6TvZawE4KXM8whpakvpPhmA7V4B2XX05rIwVo6znkc
u3biFPkTo8wWAkB3vHiqTm3ZlOZQYpFfLbloAZViBhhNIyg5sVYeaKc86MwcYeuI
f8Haul+MZAcb3FUf7FVxCggVbQlsDBRdo+tjLSUqp44+qXdMrGHmMaZ7vQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFOgv0as6lLFIwvYmi/NBAuGPhEJxMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvNkNfUnF6cVVzVWpDOWlhTDgwRUM0WS1FUW5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAkQQwDQYJ
KoZIhvcNAQELBQADggEBAAgs3Bxt8nSsOzmrJhV8W8N/ttt5hA9TzKdnP2ZR1g2p
bNHXCwvoWPSqHgp/AEQHgYEmUvW+JlIXwLQwsctKfHrq2CXT0hsWg8ULnJLiLLQ7
c0fjIpeltzmH2tvrWi8+kgpgjTKi+RUN9BW58gDSmRiiFEwYQpqEk3WKq4tn/EZU
Aoh0lsJuXalsAd95oO7uyicAoTzHWBbtWyQW5SqqXP1OQxzKSl8jSsq6Hg7aP+sK
8HLouoNNuYkrzDWA8uxWmqrTXCZkvkemZi9PXzWyLOS9ZTLl6Emznd/PbUiDSBIX
P6rGwfzfWC2abPjvmS1Mqpd0pPJQsLuwAYdg4254M0o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:09 2024 by rpki-client on console-fra.rpki-client.org