Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/aHq2jMpF-cfBnMyCwTCv8cTVRN0.roa
File:                     aHq2jMpF-cfBnMyCwTCv8cTVRN0.roa (raw, json)
Hash identifier:          g+pcs/ua6/9sO2rJB+/5C/ch9KhxMKlbXYC8iHQON9U=
Subject key identifier:   68:7A:B6:8C:CA:45:F9:C7:C1:9C:CC:82:C1:30:AF:F1:C4:D5:44:DD
Certificate issuer:       /CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Certificate serial:       01856E2F9C32636F8A03E8B2DC27C5E7CC89
Authority key identifier: ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/aHq2jMpF-cfBnMyCwTCv8cTVRN0.roa
Signing time:             Sun 01 Jan 2023 16:34:51 +0000
ROA not before:           Sun 01 Jan 2023 16:34:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51788
IP address blocks:        46.143.252.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:2f:9c:32:63:6f:8a:03:e8:b2:dc:27:c5:e7:cc:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed6da9e41686d21c12799c8e84b274aa8241508c
        Validity
            Not Before: Jan  1 16:34:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=687ab68cca45f9c7c19ccc82c130aff1c4d544dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:66:a9:cd:ed:cd:8f:96:e9:90:2d:ee:2a:22:
                    66:28:bf:cd:27:8b:e4:65:f3:b4:85:3c:21:65:24:
                    32:0b:e2:99:f9:8d:a9:f1:23:63:7b:7b:cb:c7:d6:
                    c8:00:9e:61:5e:0a:09:c8:8f:d1:0e:a3:6d:a2:b3:
                    1b:0b:1a:be:af:fa:5d:a9:b4:d6:67:9c:bd:88:62:
                    3a:ec:4f:75:8b:bb:d1:ae:dd:7a:1c:73:4d:98:90:
                    ec:f5:09:a7:f6:f0:cf:f6:c8:05:f4:44:72:b9:cf:
                    7a:a0:e4:fc:a3:0f:25:29:20:bd:f0:8a:6b:c7:7f:
                    73:32:29:91:03:f9:2f:91:55:58:4f:ec:4b:66:d8:
                    a3:1f:2e:f9:a2:a1:85:ad:9f:8c:9b:c8:b6:97:58:
                    92:92:cd:7b:e9:a5:da:34:6f:65:a6:88:fe:18:9b:
                    a8:c1:b3:93:dd:ae:bb:a8:71:20:a2:1d:a7:67:8e:
                    43:41:fd:e9:4c:d9:2d:d2:49:4e:35:25:ce:bb:c7:
                    c3:e3:af:f9:ca:8b:d8:75:08:30:25:1c:0e:be:e7:
                    ea:54:5b:d2:cb:f6:65:88:f5:98:74:7a:36:ba:16:
                    d8:ba:86:80:7a:53:3f:36:99:4a:73:30:b0:65:af:
                    3d:e6:7f:bd:31:ec:99:a8:11:00:d2:8e:2b:a3:bd:
                    44:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:7A:B6:8C:CA:45:F9:C7:C1:9C:CC:82:C1:30:AF:F1:C4:D5:44:DD
            X509v3 Authority Key Identifier:
                keyid:ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/aHq2jMpF-cfBnMyCwTCv8cTVRN0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.143.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9d:ff:d2:01:f1:e2:06:de:c0:c1:99:84:4e:af:a9:ad:69:4f:
         7b:99:33:f5:48:8a:8d:43:4d:1b:3e:99:be:bb:9e:d6:8d:0d:
         26:0d:e3:ba:87:e6:69:00:8a:62:e5:a8:30:12:bd:fa:63:09:
         5f:b3:56:d0:b4:d0:66:aa:53:63:59:88:f5:cf:67:94:e1:f5:
         5b:ae:e1:18:68:7c:17:19:76:4e:bb:48:ea:32:d7:b7:5e:85:
         4e:b3:f1:5f:c6:d7:e8:fc:06:c9:37:e8:0f:84:20:6a:59:31:
         a2:9c:ac:9c:2a:86:15:95:9e:82:81:89:ba:cb:d7:b0:5f:11:
         33:af:06:21:45:3e:27:36:0f:b1:8f:26:7b:3d:45:ed:a2:6f:
         22:c1:40:74:05:fd:f2:9c:22:69:e0:ba:ac:0d:f5:73:32:23:
         47:28:62:e0:fd:1c:2f:46:23:1f:26:59:f4:b2:a8:b5:a6:42:
         fa:b9:88:a5:df:b0:00:5e:c9:e0:8a:c5:9b:bc:8b:92:d6:33:
         74:e3:a4:ef:0c:e2:e2:77:37:25:4d:53:0a:29:d6:3a:e8:27:
         cb:0a:f3:35:05:b3:e7:f5:b1:e9:90:58:28:5f:3f:4c:77:c5:
         3e:07:d5:e8:c1:02:e6:6d:af:3c:7f:18:5d:53:72:66:8f:ba:
         92:30:72:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuL5wyY2+KA+iy3CfF58yJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNmRhOWU0MTY4NmQyMWMxMjc5OWM4ZTg0YjI3NGFhODI0
MTUwOGMwHhcNMjMwMTAxMTYzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODdhYjY4Y2NhNDVmOWM3YzE5Y2NjODJjMTMwYWZmMWM0ZDU0NGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2apze3Nj5bpkC3uKiJmKL/NJ4vk
ZfO0hTwhZSQyC+KZ+Y2p8SNje3vLx9bIAJ5hXgoJyI/RDqNtorMbCxq+r/pdqbTW
Z5y9iGI67E91i7vRrt16HHNNmJDs9Qmn9vDP9sgF9ERyuc96oOT8ow8lKSC98Ipr
x39zMimRA/kvkVVYT+xLZtijHy75oqGFrZ+Mm8i2l1iSks176aXaNG9lpoj+GJuo
wbOT3a67qHEgoh2nZ45DQf3pTNkt0klONSXOu8fD46/5yovYdQgwJRwOvufqVFvS
y/ZliPWYdHo2uhbYuoaAelM/NplKczCwZa895n+9MeyZqBEA0o4ro71E0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGh6tozKRfnHwZzMgsEwr/HE1UTdMB8GA1UdIwQY
MBaAFO1tqeQWhtIcEnmcjoSydKqCQVCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYt
MjlmMWJlYjJmMjgyLzEvYUhxMmpNcEYtY2ZCbk15Q3dUQ3Y4Y1RWUk4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYtMjlmMWJlYjJmMjgy
LzEvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLo/8MA0G
CSqGSIb3DQEBCwUAA4IBAQCd/9IB8eIG3sDBmYROr6mtaU97mTP1SIqNQ00bPpm+
u57WjQ0mDeO6h+ZpAIpi5agwEr36Ywlfs1bQtNBmqlNjWYj1z2eU4fVbruEYaHwX
GXZOu0jqMte3XoVOs/Ffxtfo/AbJN+gPhCBqWTGinKycKoYVlZ6CgYm6y9ewXxEz
rwYhRT4nNg+xjyZ7PUXtom8iwUB0Bf3ynCJp4LqsDfVzMiNHKGLg/RwvRiMfJln0
sqi1pkL6uYil37AAXsngisWbvIuS1jN046TvDOLidzclTVMKKdY66CfLCvM1BbPn
9bHpkFgoXz9Md8U+B9XowQLmba88fxhdU3Jmj7qSMHJC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:37 2024 by rpki-client on console-ams.rpki-client.org