Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/pNYErir50P06IHgtKExG9pPqFZA.roa
File:                     pNYErir50P06IHgtKExG9pPqFZA.roa (raw, json)
Hash identifier:          bbtXZaIvN/vx1l6WnEvD7fRmrhqR6Jm6KblRiGdvg/Q=
Subject key identifier:   A4:D6:04:AE:2A:F9:D0:FD:3A:20:78:2D:28:4C:46:F6:93:EA:15:90
Certificate issuer:       /CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
Certificate serial:       018572B43C516E37EED3707EC04097791942
Authority key identifier: 05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/pNYErir50P06IHgtKExG9pPqFZA.roa
Signing time:             Mon 02 Jan 2023 13:38:12 +0000
ROA not before:           Mon 02 Jan 2023 13:38:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6663
IP address blocks:        195.146.0.0/20 maxlen: 20
                          195.146.16.0/20 maxlen: 20

Validation:               Failed, certificate revoked on Sun 22 Jan 2023 08:18:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:b4:3c:51:6e:37:ee:d3:70:7e:c0:40:97:79:19:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
        Validity
            Not Before: Jan  2 13:38:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a4d604ae2af9d0fd3a20782d284c46f693ea1590
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:88:9c:d5:1b:ab:c7:c8:3c:5b:8e:d4:41:ad:
                    25:a5:c8:9a:cb:9a:bb:21:f1:b1:0f:00:26:be:b2:
                    85:5a:b8:60:eb:0a:82:47:8d:6b:67:3e:27:5d:2f:
                    cb:00:36:38:2b:31:50:73:ca:e4:9f:cd:59:31:bb:
                    bd:dd:c4:bb:3a:37:a1:9d:f3:d3:22:bf:ae:d9:d8:
                    9c:9b:bd:93:da:ce:34:be:f2:ce:d6:f9:1a:40:21:
                    ec:f6:b0:6c:b6:40:cb:16:c4:25:d5:35:06:8c:9e:
                    31:36:7f:3d:f7:57:6e:5d:16:98:68:07:f6:98:2a:
                    b8:a1:a3:d6:2c:8b:dc:c5:d8:f4:2d:5f:a1:9f:29:
                    d4:c6:29:fd:45:b1:bf:e6:d1:0e:d9:b1:5d:ce:05:
                    b0:b4:e1:38:b0:5a:24:38:b9:95:0d:6f:c3:64:03:
                    1e:c1:9a:c2:02:92:47:81:cc:cd:cc:63:87:b3:28:
                    2f:ed:6e:3c:ef:14:ce:53:bc:5d:52:65:48:b9:ca:
                    05:74:d7:57:70:65:03:72:74:88:e7:e6:78:e9:ff:
                    e3:79:97:ef:c0:d6:c6:ed:61:d5:8c:d7:e4:aa:26:
                    dc:e9:2c:8b:34:2f:da:30:f6:b8:db:f7:7a:ef:8f:
                    bc:b2:9a:eb:12:ae:49:bd:80:2c:8d:11:38:47:f3:
                    b1:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:D6:04:AE:2A:F9:D0:FD:3A:20:78:2D:28:4C:46:F6:93:EA:15:90
            X509v3 Authority Key Identifier:
                keyid:05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/pNYErir50P06IHgtKExG9pPqFZA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.146.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         17:84:4d:ce:f5:47:30:f7:92:b1:f3:38:4c:13:c8:34:cc:a5:
         91:cc:df:eb:db:31:3c:4f:e6:c9:68:3e:a6:18:22:49:61:aa:
         c3:b0:85:76:44:c0:c7:7e:77:69:c2:74:6c:24:2e:78:76:7a:
         8a:71:e2:6c:bc:cb:b7:25:b7:19:cc:db:05:a0:10:3b:78:c7:
         62:8f:67:0d:c6:97:1a:fd:57:d5:15:da:e2:f3:09:48:9a:23:
         b1:fa:de:eb:f2:6a:44:c6:b7:d1:69:10:33:23:3f:cf:75:d5:
         8b:1f:10:f4:22:47:57:70:b7:69:6a:4a:0b:23:e3:93:5c:03:
         56:09:34:2b:9f:77:ca:1d:5a:5a:2e:68:d3:93:03:2c:b3:30:
         4a:ba:d1:28:ca:8f:5b:4d:16:48:f3:91:a9:90:08:c1:fb:7c:
         5d:d9:2f:8c:fa:b5:c6:e4:36:c9:65:ad:6c:db:78:63:2b:49:
         b1:06:6b:91:56:5b:9a:62:3a:e9:8e:5a:8c:da:22:8d:bc:5f:
         4a:1f:ec:c8:e9:22:4a:64:43:33:33:b8:6c:fd:02:2e:77:0b:
         22:69:0d:b7:57:ec:df:ed:a4:03:5d:1c:1a:f0:33:e4:cf:ab:
         d9:ba:96:bb:fd:61:20:07:5a:e4:78:1b:1a:93:fe:d6:36:14:
         0e:82:3f:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVytDxRbjfu03B+wECXeRlCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjJkNWE2N2I3YTIwZjg2NWU3NTMxNjNhNmVkMGU1ZjM0
N2U4MzkwHhcNMjMwMTAyMTMzODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGQ2MDRhZTJhZjlkMGZkM2EyMDc4MmQyODRjNDZmNjkzZWExNTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA44ic1Rurx8g8W47UQa0lpciay5q7
IfGxDwAmvrKFWrhg6wqCR41rZz4nXS/LADY4KzFQc8rkn81ZMbu93cS7OjehnfPT
Ir+u2dicm72T2s40vvLO1vkaQCHs9rBstkDLFsQl1TUGjJ4xNn8991duXRaYaAf2
mCq4oaPWLIvcxdj0LV+hnynUxin9RbG/5tEO2bFdzgWwtOE4sFokOLmVDW/DZAMe
wZrCApJHgczNzGOHsygv7W487xTOU7xdUmVIucoFdNdXcGUDcnSI5+Z46f/jeZfv
wNbG7WHVjNfkqibc6SyLNC/aMPa42/d674+8sprrEq5JvYAsjRE4R/Ox4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKTWBK4q+dD9OiB4LShMRvaT6hWQMB8GA1UdIwQY
MBaAFAVi1aZ7eiD4ZedTFjpu0OXzR+g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzct
NTA0YzhmYzIyMGVhLzEvcE5ZRXJpcjUwUDA2SUhndEtFeEc5cFBxRlpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzctNTA0YzhmYzIyMGVh
LzEvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFw5IAMA0G
CSqGSIb3DQEBCwUAA4IBAQAXhE3O9Ucw95Kx8zhME8g0zKWRzN/r2zE8T+bJaD6m
GCJJYarDsIV2RMDHfndpwnRsJC54dnqKceJsvMu3JbcZzNsFoBA7eMdij2cNxpca
/VfVFdri8wlImiOx+t7r8mpExrfRaRAzIz/PddWLHxD0IkdXcLdpakoLI+OTXANW
CTQrn3fKHVpaLmjTkwMsszBKutEoyo9bTRZI85GpkAjB+3xd2S+M+rXG5DbJZa1s
23hjK0mxBmuRVluaYjrpjlqM2iKNvF9KH+zI6SJKZEMzM7hs/QIudwsiaQ23V+zf
7aQDXRwa8DPkz6vZupa7/WEgB1rkeBsak/7WNhQOgj9T
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:54 2024 by rpki-client on console-ams.rpki-client.org