Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/72ScvwT2OXidwD1WUIj5e3cJwwE.roa
File:                     72ScvwT2OXidwD1WUIj5e3cJwwE.roa (raw, json)
Hash identifier:          Br0GMrEOizPpYICf6OfnMJGHwhYNWP9UxI3M1mQut+k=
Subject key identifier:   EF:64:9C:BF:04:F6:39:78:9D:C0:3D:56:50:88:F9:7B:77:09:C3:01
Certificate issuer:       /CN=7d149f62447853689c12fb288afeb6b681cfebc1
Certificate serial:       0185BE2FDAEEBE2C45A0FBCE016FF9EF5374
Authority key identifier: 7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/72ScvwT2OXidwD1WUIj5e3cJwwE.roa
Signing time:             Tue 17 Jan 2023 05:24:45 +0000
ROA not before:           Tue 17 Jan 2023 05:24:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     13171
IP address blocks:        217.21.43.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:be:2f:da:ee:be:2c:45:a0:fb:ce:01:6f:f9:ef:53:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d149f62447853689c12fb288afeb6b681cfebc1
        Validity
            Not Before: Jan 17 05:24:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ef649cbf04f639789dc03d565088f97b7709c301
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:bf:da:f9:46:90:96:92:95:82:22:80:cb:7e:
                    11:1d:95:4b:00:64:e2:6e:dd:c3:3e:a3:2c:d7:29:
                    f4:df:e7:5a:83:91:77:01:3e:e9:90:5c:19:ec:c2:
                    bc:2e:ca:16:d3:09:81:85:48:6c:60:a1:bf:b2:2c:
                    47:01:c0:fc:39:31:0a:da:e7:19:6c:79:f1:cf:ea:
                    93:e9:14:d1:44:05:77:5c:bd:46:cb:f2:fc:e0:6e:
                    bd:2e:8f:8c:0a:8c:03:dc:b7:3c:61:f3:e0:39:73:
                    09:77:64:35:ce:20:70:eb:7c:64:ef:d2:f8:0a:75:
                    bb:a1:c7:03:de:b4:b2:7a:10:8c:b7:ce:9a:60:c6:
                    15:42:8e:55:e6:75:56:75:01:0d:fd:99:88:33:c6:
                    87:e0:29:2b:72:2a:39:b1:f1:d3:00:1d:3f:04:7b:
                    e2:b8:62:f6:d6:a5:74:35:ae:42:e3:e0:fc:78:84:
                    62:23:a8:09:b1:ea:a3:3a:b6:4e:ae:56:69:61:3b:
                    b7:d3:04:97:3d:b5:0a:d8:64:5d:1d:d5:b3:2e:a4:
                    97:3d:c8:8d:c3:6a:4b:60:b7:b7:e1:26:d4:52:3d:
                    83:c5:ac:d2:57:9b:e4:d0:86:8a:f8:29:91:cb:72:
                    54:8f:98:1a:9e:5a:d0:b8:a8:0b:28:df:25:53:c4:
                    0e:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:64:9C:BF:04:F6:39:78:9D:C0:3D:56:50:88:F9:7B:77:09:C3:01
            X509v3 Authority Key Identifier:
                keyid:7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/72ScvwT2OXidwD1WUIj5e3cJwwE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.21.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:0d:d8:23:68:96:67:f7:9d:33:c8:be:de:54:e4:aa:7c:0e:
         79:23:2f:65:32:04:6b:29:bb:46:85:50:68:bc:8a:8f:af:dd:
         cf:73:28:c8:1a:b7:d0:40:2d:b1:2f:9b:1f:71:9a:31:5f:9f:
         5b:57:ef:66:aa:68:5a:6b:fd:35:15:f7:8c:14:c0:d6:2b:31:
         c2:73:c2:86:b7:10:ca:da:be:dd:59:04:ae:47:d7:5f:df:4d:
         33:ab:48:13:9c:76:a4:7c:d0:4a:25:9c:17:8e:17:7e:69:51:
         59:e3:0e:34:d1:c3:15:d5:a0:01:0a:d6:9f:d5:8b:37:a2:62:
         a6:50:20:cc:a8:df:fb:d6:9f:a9:2f:2a:70:5f:ac:df:f1:88:
         78:85:64:61:b5:32:e3:f1:cc:ea:33:b9:bf:93:b7:2b:97:01:
         76:44:cb:a8:a4:b8:3a:5f:ec:8c:44:91:fe:0b:3b:46:c8:50:
         8f:ac:eb:42:6e:8f:65:da:5b:d7:ec:9e:70:35:89:1f:f1:ab:
         eb:e7:e8:a8:1d:37:6f:24:d2:50:6d:0e:2a:7b:fc:f7:e1:49:
         e7:7f:e8:5c:09:f4:b5:b8:51:9b:0a:b4:72:2b:7b:1a:ff:95:
         2c:d3:73:3a:e7:82:6e:4f:1d:4b:7b:cc:3f:97:7f:e9:0c:05:
         df:5e:f1:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYW+L9ruvixFoPvOAW/571N0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMTQ5ZjYyNDQ3ODUzNjg5YzEyZmIyODhhZmViNmI2ODFj
ZmViYzEwHhcNMjMwMTE3MDUyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjY0OWNiZjA0ZjYzOTc4OWRjMDNkNTY1MDg4Zjk3Yjc3MDljMzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkr/a+UaQlpKVgiKAy34RHZVLAGTi
bt3DPqMs1yn03+dag5F3AT7pkFwZ7MK8LsoW0wmBhUhsYKG/sixHAcD8OTEK2ucZ
bHnxz+qT6RTRRAV3XL1Gy/L84G69Lo+MCowD3Lc8YfPgOXMJd2Q1ziBw63xk79L4
CnW7occD3rSyehCMt86aYMYVQo5V5nVWdQEN/ZmIM8aH4Ckrcio5sfHTAB0/BHvi
uGL21qV0Na5C4+D8eIRiI6gJseqjOrZOrlZpYTu30wSXPbUK2GRdHdWzLqSXPciN
w2pLYLe34SbUUj2DxazSV5vk0IaK+CmRy3JUj5ganlrQuKgLKN8lU8QOewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO9knL8E9jl4ncA9VlCI+Xt3CcMBMB8GA1UdIwQY
MBaAFH0Un2JEeFNonBL7KIr+traBz+vBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTct
YWFiMGU0MTRjYzYzLzEvNzJTY3Z3VDJPWGlkd0QxV1VJajVlM2NKd3dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTctYWFiMGU0MTRjYzYz
LzEvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RUrMA0G
CSqGSIb3DQEBCwUAA4IBAQBIDdgjaJZn950zyL7eVOSqfA55Iy9lMgRrKbtGhVBo
vIqPr93PcyjIGrfQQC2xL5sfcZoxX59bV+9mqmhaa/01FfeMFMDWKzHCc8KGtxDK
2r7dWQSuR9df300zq0gTnHakfNBKJZwXjhd+aVFZ4w400cMV1aABCtaf1Ys3omKm
UCDMqN/71p+pLypwX6zf8Yh4hWRhtTLj8czqM7m/k7crlwF2RMuopLg6X+yMRJH+
CztGyFCPrOtCbo9l2lvX7J5wNYkf8avr5+ioHTdvJNJQbQ4qe/z34Unnf+hcCfS1
uFGbCrRyK3sa/5Us03M654JuTx1Le8w/l3/pDAXfXvGa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:50 2024 by rpki-client on console-ams.rpki-client.org