Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/83WpaTr_y96or_Hj54sE-tz-NAc.roa
File:                     83WpaTr_y96or_Hj54sE-tz-NAc.roa (raw, json)
Hash identifier:          0U3JAQudZg7WAXPWF5RsJPmCaT9mZ3a5NLdRx+rrOw4=
Subject key identifier:   F3:75:A9:69:3A:FF:CB:DE:A8:AF:F1:E3:E7:8B:04:FA:DC:FE:34:07
Certificate issuer:       /CN=2f3136ed10998580a517d9598abca33d9ba66599
Certificate serial:       018CC8DCD80B7F27D6E002B9917E34B1B5DD
Authority key identifier: 2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/83WpaTr_y96or_Hj54sE-tz-NAc.roa
Signing time:             Tue 02 Jan 2024 06:29:25 +0000
ROA not before:           Tue 02 Jan 2024 06:29:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     14618
IP address blocks:        145.224.192.0/19 maxlen: 24
                          145.224.192.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 28 Mar 2024 18:53:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:dc:d8:0b:7f:27:d6:e0:02:b9:91:7e:34:b1:b5:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f3136ed10998580a517d9598abca33d9ba66599
        Validity
            Not Before: Jan  2 06:29:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f375a9693affcbdea8aff1e3e78b04fadcfe3407
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:d0:d2:74:99:fa:5b:d2:e9:57:b6:00:00:de:
                    af:ae:4b:74:91:df:a9:e0:0e:8b:42:0c:09:cb:7c:
                    73:e2:fe:06:29:a4:52:a4:f8:57:d3:7e:81:93:ad:
                    91:ad:b4:64:9c:5e:c6:1e:5b:e8:52:b4:e0:5f:1e:
                    20:58:7f:97:ff:f8:e0:63:79:1b:83:33:7d:d7:3b:
                    92:62:6e:b6:52:b0:0e:44:e6:c7:d6:c1:4b:e7:3c:
                    05:ad:fe:f1:89:22:d0:42:cd:ae:47:a1:82:3f:6c:
                    6d:96:02:c9:08:fa:ff:24:5a:7d:0d:f3:c5:1f:e2:
                    06:80:65:ea:ea:61:11:b3:7a:22:4f:a2:10:b5:e4:
                    80:5f:3d:19:e3:6b:db:14:b9:3a:c5:bb:29:17:5d:
                    63:97:15:84:20:c8:5c:10:ab:70:31:48:c4:2b:ad:
                    06:d2:7b:95:a5:f3:59:ea:03:bd:9b:67:90:99:53:
                    01:3b:58:5b:06:43:70:ad:d3:e2:c9:e7:31:bf:f1:
                    a9:49:e1:5e:94:b9:0c:57:61:7f:59:53:43:7d:bc:
                    52:f9:6a:a1:03:a3:40:21:bb:6a:f1:4a:f6:38:39:
                    e1:8b:e8:77:70:1e:2b:28:91:0a:e0:fa:e6:3d:59:
                    02:51:65:14:12:f3:cf:97:4a:12:ee:b2:d8:80:db:
                    21:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:75:A9:69:3A:FF:CB:DE:A8:AF:F1:E3:E7:8B:04:FA:DC:FE:34:07
            X509v3 Authority Key Identifier:
                keyid:2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/83WpaTr_y96or_Hj54sE-tz-NAc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  145.224.192.0/19

    Signature Algorithm: sha256WithRSAEncryption
         15:94:ab:37:94:91:7f:da:f4:06:77:d9:44:ae:cc:d6:e7:c6:
         fb:3a:59:b9:34:c3:70:7c:fb:89:28:96:40:49:14:f9:44:be:
         9c:b5:00:51:19:46:d6:3a:c8:74:05:7e:59:3c:7b:b9:29:d9:
         a2:3e:81:3b:68:5d:7a:54:46:3d:56:7c:cc:b8:3f:73:ab:ee:
         93:ef:31:1e:38:c7:86:22:e8:68:5d:7f:9a:fb:1b:7a:96:bf:
         07:2e:c2:9c:4e:7a:b1:cb:01:a2:0e:3d:fe:a8:54:2b:69:53:
         26:f8:be:e2:c1:6e:3c:34:8e:9b:97:87:08:cd:18:9b:17:a1:
         41:0c:34:73:0a:ab:ad:8d:08:a2:eb:4d:f2:45:e5:8f:a4:fc:
         43:37:80:8b:83:b0:fb:49:ba:9f:ec:62:fd:59:18:1c:0e:56:
         d2:6f:fc:21:49:36:42:11:03:18:b6:94:8b:23:0b:23:53:9b:
         80:30:a9:df:57:25:d7:0a:3e:53:08:af:9e:bf:17:80:f6:d8:
         7a:fa:d7:b9:14:29:2c:f1:6d:a5:be:f1:3e:2e:a3:0d:bf:7c:
         8e:b4:4e:da:b3:01:17:7a:09:69:a4:31:79:af:49:51:5a:c3:
         27:bc:08:14:ee:8b:5d:89:65:fe:1c:d8:50:f4:3f:7b:2d:19:
         67:f9:c6:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3NgLfyfW4AK5kX40sbXdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzEzNmVkMTA5OTg1ODBhNTE3ZDk1OThhYmNhMzNkOWJh
NjY1OTkwHhcNMjQwMTAyMDYyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzc1YTk2OTNhZmZjYmRlYThhZmYxZTNlNzhiMDRmYWRjZmUzNDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdDSdJn6W9LpV7YAAN6vrkt0kd+p
4A6LQgwJy3xz4v4GKaRSpPhX036Bk62RrbRknF7GHlvoUrTgXx4gWH+X//jgY3kb
gzN91zuSYm62UrAORObH1sFL5zwFrf7xiSLQQs2uR6GCP2xtlgLJCPr/JFp9DfPF
H+IGgGXq6mERs3oiT6IQteSAXz0Z42vbFLk6xbspF11jlxWEIMhcEKtwMUjEK60G
0nuVpfNZ6gO9m2eQmVMBO1hbBkNwrdPiyecxv/GpSeFelLkMV2F/WVNDfbxS+Wqh
A6NAIbtq8Ur2ODnhi+h3cB4rKJEK4PrmPVkCUWUUEvPPl0oS7rLYgNsh7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPN1qWk6/8veqK/x4+eLBPrc/jQHMB8GA1UdIwQY
MBaAFC8xNu0QmYWApRfZWYq8oz2bpmWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYt
OTI5ZjEwNjYzMGYxLzEvODNXcGFUcl95OTZvcl9IajU0c0UtdHotTkFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYtOTI5ZjEwNjYzMGYx
LzEvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFkeDAMA0G
CSqGSIb3DQEBCwUAA4IBAQAVlKs3lJF/2vQGd9lErszW58b7Olm5NMNwfPuJKJZA
SRT5RL6ctQBRGUbWOsh0BX5ZPHu5KdmiPoE7aF16VEY9VnzMuD9zq+6T7zEeOMeG
IuhoXX+a+xt6lr8HLsKcTnqxywGiDj3+qFQraVMm+L7iwW48NI6bl4cIzRibF6FB
DDRzCqutjQii603yReWPpPxDN4CLg7D7Sbqf7GL9WRgcDlbSb/whSTZCEQMYtpSL
IwsjU5uAMKnfVyXXCj5TCK+evxeA9th6+te5FCks8W2lvvE+LqMNv3yOtE7aswEX
eglppDF5r0lRWsMnvAgU7otdiWX+HNhQ9D97LRln+cYt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:09 2024 by rpki-client on console-fra.rpki-client.org