Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rWrgAZNKSIVZ_pcJ7_wU90y1kEc.roa
File:                     rWrgAZNKSIVZ_pcJ7_wU90y1kEc.roa (raw, json)
Hash identifier:          EMnFGbYghen0swwK3EASfZIyO1i6i6zyo+ZSiDmVZsg=
Subject key identifier:   AD:6A:E0:01:93:4A:48:85:59:FE:97:09:EF:FC:14:F7:4C:B5:90:47
Certificate issuer:       /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial:       018F9A5C80F6E7234740CEED8E6EA09822C2
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rWrgAZNKSIVZ_pcJ7_wU90y1kEc.roa
Signing time:             Tue 21 May 2024 08:55:04 +0000
ROA not before:           Tue 21 May 2024 08:55:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     200296
IP address blocks:        217.60.238.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Sun 26 May 2024 10:23:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:9a:5c:80:f6:e7:23:47:40:ce:ed:8e:6e:a0:98:22:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
        Validity
            Not Before: May 21 08:55:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ad6ae001934a488559fe9709effc14f74cb59047
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:5e:8c:ce:63:09:49:3f:46:c5:0e:d1:4a:5d:
                    f7:89:5f:2e:c9:8d:d7:e5:6d:f0:04:14:48:3c:3c:
                    38:6f:fd:cc:ef:0f:cc:b6:d5:f4:90:ad:d0:15:d5:
                    60:ea:75:2e:76:12:c3:a6:73:ea:15:d7:ec:4e:4d:
                    1d:52:7b:af:86:a8:7a:9e:3c:78:71:23:89:6e:99:
                    57:7c:f9:4f:13:7e:15:93:9f:d1:fd:9f:ea:33:3a:
                    dd:83:66:82:d5:50:f1:66:bf:14:d9:6f:7c:80:5a:
                    83:f4:71:94:5e:fb:25:a8:08:c1:bc:6d:77:90:e4:
                    06:66:ba:ed:ec:13:d5:1e:60:c2:67:f0:a3:a8:57:
                    a2:08:d9:e2:20:76:ba:4d:db:90:58:2d:9a:d0:f7:
                    7b:0a:ce:2b:c5:89:92:8f:5e:67:15:fa:a5:58:24:
                    7c:f1:c3:38:c1:83:a2:50:53:24:fa:4f:1a:5c:eb:
                    da:76:20:99:9f:ea:06:ed:1d:dd:94:58:d9:e5:ad:
                    0a:c5:1a:a5:9f:8f:5e:3a:43:78:d4:dc:99:83:56:
                    e9:87:fd:0c:fe:af:a3:6b:3d:af:6e:83:6b:ef:b4:
                    da:ec:f7:12:1e:63:f3:7c:e0:5f:a7:05:cc:6a:94:
                    af:26:49:a8:05:4d:18:6d:d8:ae:8a:b4:27:ea:9e:
                    95:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:6A:E0:01:93:4A:48:85:59:FE:97:09:EF:FC:14:F7:4C:B5:90:47
            X509v3 Authority Key Identifier:
                keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rWrgAZNKSIVZ_pcJ7_wU90y1kEc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.60.238.0/23

    Signature Algorithm: sha256WithRSAEncryption
         47:15:e6:36:d1:1b:5a:fc:d0:84:21:df:9b:d4:55:d4:32:f9:
         52:fa:88:f4:35:b5:31:07:a6:ad:5b:1f:3f:99:60:3a:97:7b:
         cd:1e:58:76:67:dc:4d:5d:86:6b:b6:12:2d:7c:36:81:40:9e:
         02:4a:40:2a:aa:f4:f9:29:d7:a7:4d:51:87:51:5d:1e:c7:87:
         31:7a:54:3f:48:17:0f:47:1d:41:56:70:27:57:04:a4:fa:5f:
         43:e3:bc:56:74:55:60:e1:22:15:c1:37:d7:3b:14:66:fb:46:
         33:9a:7b:94:2f:b7:3d:37:7d:75:a1:48:d8:7c:7f:6b:8e:00:
         16:01:4a:ff:eb:54:fa:21:19:34:dc:ca:84:2d:01:87:25:63:
         a8:29:e9:04:af:93:af:fc:95:68:08:1a:76:9b:08:c3:7a:77:
         b4:dd:ef:5c:de:8c:81:86:6c:7a:42:a7:69:50:bb:29:73:9e:
         dc:7f:aa:0e:1d:0c:a1:99:c6:5f:96:ae:38:fb:88:68:23:ad:
         e9:a3:1b:a2:34:f4:d1:05:88:9f:94:bb:a8:21:be:ee:08:99:
         62:c7:4d:13:eb:9a:20:1a:07:e4:1d:a3:27:27:f4:95:a9:11:
         96:b7:01:06:bf:f8:5e:73:54:81:cb:18:e0:5d:47:b0:de:ca:
         0f:28:d7:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+aXID25yNHQM7tjm6gmCLCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwNTIxMDg1NTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDZhZTAwMTkzNGE0ODg1NTlmZTk3MDllZmZjMTRmNzRjYjU5MDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArV6MzmMJST9GxQ7RSl33iV8uyY3X
5W3wBBRIPDw4b/3M7w/MttX0kK3QFdVg6nUudhLDpnPqFdfsTk0dUnuvhqh6njx4
cSOJbplXfPlPE34Vk5/R/Z/qMzrdg2aC1VDxZr8U2W98gFqD9HGUXvslqAjBvG13
kOQGZrrt7BPVHmDCZ/CjqFeiCNniIHa6TduQWC2a0Pd7Cs4rxYmSj15nFfqlWCR8
8cM4wYOiUFMk+k8aXOvadiCZn+oG7R3dlFjZ5a0KxRqln49eOkN41NyZg1bph/0M
/q+jaz2vboNr77Ta7PcSHmPzfOBfpwXMapSvJkmoBU0YbdiuirQn6p6VwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK1q4AGTSkiFWf6XCe/8FPdMtZBHMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvcldyZ0FaTktTSVZaX3BjSjdfd1U5MHkxa0VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2TzuMA0G
CSqGSIb3DQEBCwUAA4IBAQBHFeY20Rta/NCEId+b1FXUMvlS+oj0NbUxB6atWx8/
mWA6l3vNHlh2Z9xNXYZrthItfDaBQJ4CSkAqqvT5KdenTVGHUV0ex4cxelQ/SBcP
Rx1BVnAnVwSk+l9D47xWdFVg4SIVwTfXOxRm+0YzmnuUL7c9N311oUjYfH9rjgAW
AUr/61T6IRk03MqELQGHJWOoKekEr5Ov/JVoCBp2mwjDene03e9c3oyBhmx6Qqdp
ULspc57cf6oOHQyhmcZflq44+4hoI63poxuiNPTRBYiflLuoIb7uCJlix00T65og
GgfkHaMnJ/SVqRGWtwEGv/hec1SByxjgXUew3soPKNfl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:52 2024 by rpki-client on console-fra.rpki-client.org