Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/6JkVZYc0Sib2u4ykJEwCTV2AmI4.roa
File:                     6JkVZYc0Sib2u4ykJEwCTV2AmI4.roa (raw, json)
Hash identifier:          /004zCAskmXmJNOa2UZ2yTfZqhg2PWFFPhKJNhi12D4=
Subject key identifier:   E8:99:15:65:87:34:4A:26:F6:BB:8C:A4:24:4C:02:4D:5D:80:98:8E
Certificate issuer:       /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial:       018571955D8F302C0109E0C19F50F222F26B
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/6JkVZYc0Sib2u4ykJEwCTV2AmI4.roa
Signing time:             Mon 02 Jan 2023 08:24:52 +0000
ROA not before:           Mon 02 Jan 2023 08:24:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1133
IP address blocks:        145.90.8.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:95:5d:8f:30:2c:01:09:e0:c1:9f:50:f2:22:f2:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
        Validity
            Not Before: Jan  2 08:24:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e899156587344a26f6bb8ca4244c024d5d80988e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:99:31:3d:ab:ce:1e:69:48:66:5e:0a:0d:76:
                    a9:41:c5:df:c7:87:44:82:cb:1f:a5:92:13:4d:01:
                    f4:1a:94:bb:07:9c:7c:57:55:28:3f:69:cc:53:7a:
                    ba:ff:ab:bf:90:f2:3f:94:c6:a3:02:de:9c:3c:9e:
                    17:b3:0a:cb:cf:18:12:19:24:b6:0e:55:d4:21:fe:
                    22:9b:ad:45:7a:fb:c4:15:b6:d8:5f:42:23:4b:f8:
                    13:46:21:92:3d:61:d6:d0:7c:57:27:25:48:92:ae:
                    5b:f5:75:a4:43:e9:b4:66:9b:c2:0d:bb:e2:c0:77:
                    4f:aa:83:b0:23:13:50:af:3e:21:c9:8a:af:d3:2d:
                    dc:d5:ad:4e:5e:fa:b4:41:79:e7:a8:1d:ba:ff:c6:
                    d5:41:f8:62:56:d5:dc:07:69:37:b0:e9:8e:78:38:
                    a4:45:21:fd:8f:9b:73:a9:a0:4b:92:d1:67:be:be:
                    ff:32:5d:f2:ca:a9:5f:ad:2f:27:71:bc:9e:8a:98:
                    23:f4:77:5b:e5:ff:d9:82:24:7f:63:01:57:d7:4a:
                    cc:de:09:e5:07:14:ee:1d:7c:5f:81:43:20:42:82:
                    65:4a:2e:ae:b2:19:96:66:55:52:41:d2:62:0f:5b:
                    23:39:87:1f:51:e1:b8:fd:ef:12:d5:8f:47:36:e4:
                    d9:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:99:15:65:87:34:4A:26:F6:BB:8C:A4:24:4C:02:4D:5D:80:98:8E
            X509v3 Authority Key Identifier:
                keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/6JkVZYc0Sib2u4ykJEwCTV2AmI4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  145.90.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:4f:ec:82:02:9a:cc:2c:4f:85:e2:ce:e2:3c:e3:e6:b9:c3:
         ce:12:ec:6c:2d:78:52:55:9f:03:27:36:f1:ae:9b:7a:f3:ef:
         10:1e:e0:bb:93:5c:8a:ed:3b:92:01:4f:16:8e:44:e8:75:fb:
         dd:3a:c4:d6:f7:b0:8e:ca:bb:22:be:63:8e:a5:e4:f9:2f:d6:
         01:04:3c:2a:7e:d5:5f:54:f6:17:0d:45:54:98:c6:43:b5:6d:
         31:b6:c4:87:7a:06:3a:11:ee:af:7e:77:7a:1f:4a:ed:be:b7:
         80:e3:2f:e0:23:52:bf:f3:01:d8:83:e2:25:0c:f0:35:bb:0a:
         c5:37:65:6a:13:7f:ca:c7:15:02:ae:f2:0d:cc:a4:05:90:0c:
         ab:12:f0:57:38:1e:59:27:05:8e:b8:fd:9d:cd:be:63:4a:ea:
         ac:da:6a:df:82:aa:31:f2:7d:52:e1:62:c5:a6:81:95:35:ae:
         45:2e:b3:69:a0:41:c2:a5:18:52:30:32:35:e6:0c:ba:06:c1:
         65:27:62:e5:aa:60:06:2a:0d:fc:e4:e3:5f:a0:eb:5d:7e:5d:
         ef:ef:6d:d2:9b:7b:89:5a:93:96:68:6f:89:c7:b1:12:dc:93:
         39:b0:f0:3a:0d:84:dc:b7:16:be:96:b1:4f:29:f3:98:79:6c:
         b5:78:ed:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxlV2PMCwBCeDBn1DyIvJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjMwMTAyMDgyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODk5MTU2NTg3MzQ0YTI2ZjZiYjhjYTQyNDRjMDI0ZDVkODA5ODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipkxPavOHmlIZl4KDXapQcXfx4dE
gssfpZITTQH0GpS7B5x8V1UoP2nMU3q6/6u/kPI/lMajAt6cPJ4XswrLzxgSGSS2
DlXUIf4im61FevvEFbbYX0IjS/gTRiGSPWHW0HxXJyVIkq5b9XWkQ+m0ZpvCDbvi
wHdPqoOwIxNQrz4hyYqv0y3c1a1OXvq0QXnnqB26/8bVQfhiVtXcB2k3sOmOeDik
RSH9j5tzqaBLktFnvr7/Ml3yyqlfrS8ncbyeipgj9Hdb5f/ZgiR/YwFX10rM3gnl
BxTuHXxfgUMgQoJlSi6ushmWZlVSQdJiD1sjOYcfUeG4/e8S1Y9HNuTZbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOiZFWWHNEom9ruMpCRMAk1dgJiOMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvNkprVlpZYzBTaWIydTR5a0pFd0NUVjJBbUk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkVoIMA0G
CSqGSIb3DQEBCwUAA4IBAQA5T+yCAprMLE+F4s7iPOPmucPOEuxsLXhSVZ8DJzbx
rpt68+8QHuC7k1yK7TuSAU8WjkTodfvdOsTW97COyrsivmOOpeT5L9YBBDwqftVf
VPYXDUVUmMZDtW0xtsSHegY6Ee6vfnd6H0rtvreA4y/gI1K/8wHYg+IlDPA1uwrF
N2VqE3/KxxUCrvINzKQFkAyrEvBXOB5ZJwWOuP2dzb5jSuqs2mrfgqox8n1S4WLF
poGVNa5FLrNpoEHCpRhSMDI15gy6BsFlJ2LlqmAGKg385ONfoOtdfl3v723Sm3uJ
WpOWaG+Jx7ES3JM5sPA6DYTctxa+lrFPKfOYeWy1eO0G
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:09 2024 by rpki-client on console-fra.rpki-client.org