Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/wFEtDrXaXXvjCvXosFYKZBU9FQ8.roa
File:                     wFEtDrXaXXvjCvXosFYKZBU9FQ8.roa (raw, json)
Hash identifier:          aREF6UAQxtMtUEuCrkb5GU+qeOHjLSEluXzcys47MrI=
Subject key identifier:   C0:51:2D:0E:B5:DA:5D:7B:E3:0A:F5:E8:B0:56:0A:64:15:3D:15:0F
Certificate issuer:       /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial:       01857195600738BBBFE6A2322095FE53AF4C
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/wFEtDrXaXXvjCvXosFYKZBU9FQ8.roa
Signing time:             Mon 02 Jan 2023 08:24:52 +0000
ROA not before:           Mon 02 Jan 2023 08:24:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1146
IP address blocks:        145.100.101.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:95:60:07:38:bb:bf:e6:a2:32:20:95:fe:53:af:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
        Validity
            Not Before: Jan  2 08:24:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c0512d0eb5da5d7be30af5e8b0560a64153d150f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:9d:45:ec:33:9e:f0:a4:69:78:55:5d:ef:8c:
                    84:e4:79:0a:86:22:fd:53:bf:85:3a:d5:a5:28:a1:
                    7f:e0:86:a5:18:d9:6f:12:55:bb:f5:31:a4:dc:f6:
                    f6:0f:68:c8:d4:cb:f9:08:83:cb:c6:ee:d5:5d:a4:
                    fe:ab:16:bc:27:e5:cc:ca:00:90:c4:d2:9c:3d:2d:
                    41:64:f7:98:d0:fd:46:18:fd:16:dc:81:10:38:d7:
                    d0:72:f4:de:39:35:5f:9c:aa:78:e7:5e:18:42:f3:
                    52:6b:70:1e:c2:9b:a3:89:61:10:4e:0e:1f:b8:3a:
                    e8:9b:7e:84:5b:83:06:93:5f:cb:90:1a:bb:41:99:
                    69:06:aa:47:55:76:e4:9b:78:22:df:07:b0:c4:f1:
                    70:ff:8b:4b:5f:bd:61:2c:1a:56:18:c5:f4:4a:d2:
                    cb:f9:db:65:fb:7c:ed:e9:14:34:2b:7f:32:e3:0d:
                    41:00:ca:58:7c:4b:fe:8a:4e:6a:36:d2:55:0c:48:
                    1a:bc:b2:6a:45:c1:a8:04:9b:66:1e:75:73:95:e1:
                    e2:ea:ba:da:82:98:57:77:3d:e2:07:6d:3a:74:3d:
                    c7:6a:0b:93:6c:43:1b:05:29:44:be:9e:77:ec:ce:
                    d2:4d:16:91:79:4b:9a:76:45:d3:ec:dc:b2:7a:65:
                    b4:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:51:2D:0E:B5:DA:5D:7B:E3:0A:F5:E8:B0:56:0A:64:15:3D:15:0F
            X509v3 Authority Key Identifier:
                keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/wFEtDrXaXXvjCvXosFYKZBU9FQ8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  145.100.101.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:b4:b5:8b:c9:59:33:b6:e9:a7:94:e9:3f:be:23:cc:fb:5c:
         9a:24:e7:00:df:3a:4f:f3:df:2b:cc:e3:ca:39:4e:92:65:05:
         14:ba:51:a4:b9:c4:50:86:88:a6:47:1c:4d:7f:4d:c9:fc:bc:
         41:37:67:9d:b7:03:b5:aa:8c:66:c8:00:37:0d:ed:dc:bc:cd:
         8e:be:2f:eb:09:3e:a8:44:37:f5:81:06:72:9c:fb:1c:4c:b3:
         3d:c1:3c:3c:97:f4:84:5d:81:ec:be:81:4a:2d:9d:2e:69:49:
         47:d2:42:71:0e:c9:96:03:eb:e5:9e:81:64:c7:35:8e:83:7e:
         13:9d:e4:0d:b3:97:a2:a3:a3:bc:7f:48:b0:24:ae:48:2c:f1:
         2b:2c:be:2b:71:c4:97:51:11:d2:fc:97:64:5f:39:03:64:cd:
         af:e0:9b:a6:54:b7:55:22:35:8e:3a:d7:49:11:55:88:21:14:
         8f:ce:f1:67:4b:28:8e:09:31:b5:c5:47:fa:49:f7:03:5c:2a:
         bb:af:ad:19:83:d6:94:08:47:b0:b0:ca:b4:7f:af:0e:64:0f:
         8a:43:ab:c4:2d:1f:22:d8:56:6b:61:15:12:cf:3b:f5:83:38:
         0e:65:d0:38:8f:23:0b:16:7e:e4:5a:fb:6b:35:89:d4:e8:64:
         fd:dc:16:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxlWAHOLu/5qIyIJX+U69MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjMwMTAyMDgyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDUxMmQwZWI1ZGE1ZDdiZTMwYWY1ZThiMDU2MGE2NDE1M2QxNTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZ1F7DOe8KRpeFVd74yE5HkKhiL9
U7+FOtWlKKF/4IalGNlvElW79TGk3Pb2D2jI1Mv5CIPLxu7VXaT+qxa8J+XMygCQ
xNKcPS1BZPeY0P1GGP0W3IEQONfQcvTeOTVfnKp4514YQvNSa3AewpujiWEQTg4f
uDrom36EW4MGk1/LkBq7QZlpBqpHVXbkm3gi3wewxPFw/4tLX71hLBpWGMX0StLL
+dtl+3zt6RQ0K38y4w1BAMpYfEv+ik5qNtJVDEgavLJqRcGoBJtmHnVzleHi6rra
gphXdz3iB206dD3HaguTbEMbBSlEvp537M7STRaReUuadkXT7NyyemW07QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMBRLQ612l174wr16LBWCmQVPRUPMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvd0ZFdERyWGFYWHZqQ3ZYb3NGWUtaQlU5RlE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkWRlMA0G
CSqGSIb3DQEBCwUAA4IBAQAatLWLyVkztumnlOk/viPM+1yaJOcA3zpP898rzOPK
OU6SZQUUulGkucRQhoimRxxNf03J/LxBN2edtwO1qoxmyAA3De3cvM2Ovi/rCT6o
RDf1gQZynPscTLM9wTw8l/SEXYHsvoFKLZ0uaUlH0kJxDsmWA+vlnoFkxzWOg34T
neQNs5eio6O8f0iwJK5ILPErLL4rccSXURHS/JdkXzkDZM2v4JumVLdVIjWOOtdJ
EVWIIRSPzvFnSyiOCTG1xUf6SfcDXCq7r60Zg9aUCEewsMq0f68OZA+KQ6vELR8i
2FZrYRUSzzv1gzgOZdA4jyMLFn7kWvtrNYnU6GT93BZ8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:44 2024 by rpki-client on console-ams.rpki-client.org