Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AtLAYgYCJql1QSjKrfDBCaZDERc.roa
File:                     AtLAYgYCJql1QSjKrfDBCaZDERc.roa (raw, json)
Hash identifier:          qdWdFALjZ0BhDUGtbqp3tzsSHD1HcnazWFNHVcwTf+s=
Subject key identifier:   02:D2:C0:62:06:02:26:A9:75:41:28:CA:AD:F0:C1:09:A6:43:11:17
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018571FA2A4D27BC3460A75E9972E576BB29
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AtLAYgYCJql1QSjKrfDBCaZDERc.roa
Signing time:             Mon 02 Jan 2023 10:14:58 +0000
ROA not before:           Mon 02 Jan 2023 10:14:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206483
IP address blocks:        217.144.145.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:fa:2a:4d:27:bc:34:60:a7:5e:99:72:e5:76:bb:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan  2 10:14:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=02d2c062060226a9754128caadf0c109a6431117
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:d7:40:a5:00:47:12:31:22:b5:e8:7d:e6:d9:
                    b8:e0:db:85:c6:5c:68:38:a2:a5:88:fb:19:08:60:
                    b3:0c:3b:3a:75:d7:75:c8:de:1b:cc:19:12:13:10:
                    5a:b7:0b:1f:dd:2f:ca:15:12:8b:93:eb:c7:4d:e0:
                    bf:4a:01:b8:9c:df:40:12:5b:d0:8d:9b:20:78:dc:
                    3c:db:5c:a5:d1:01:fd:f9:20:20:af:b6:8e:a8:db:
                    55:24:66:ab:1d:a5:b4:9c:22:c8:60:bb:ac:10:57:
                    48:1f:4d:af:01:78:09:ce:00:9e:39:bc:8f:80:13:
                    63:91:e0:f2:5c:e6:be:56:fa:35:45:ba:46:7d:61:
                    3a:50:64:97:9c:1b:84:45:8e:cc:73:04:4c:a6:64:
                    08:81:c8:58:71:5b:e9:10:ae:53:37:6c:bd:6f:fa:
                    44:d8:07:1d:f7:23:d7:e1:c6:05:51:2e:80:7c:9c:
                    ee:94:f0:64:82:e6:01:77:2c:41:51:aa:a3:b4:5b:
                    c6:e2:8d:d8:9e:18:8f:08:de:5d:df:9d:94:92:3e:
                    6a:51:93:e7:d5:6e:48:f3:ad:d2:fd:c0:4b:4a:ae:
                    98:86:17:fc:84:ed:7f:17:7d:ce:ca:db:df:12:7b:
                    05:79:e7:e5:81:4e:fe:6f:ad:44:f1:2e:f7:74:8a:
                    03:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:D2:C0:62:06:02:26:A9:75:41:28:CA:AD:F0:C1:09:A6:43:11:17
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AtLAYgYCJql1QSjKrfDBCaZDERc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.144.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:ab:06:5b:a4:13:7d:27:16:57:fd:d9:86:36:3b:4a:15:bf:
         8c:9d:2f:52:0e:c9:57:e7:1f:d7:5e:5a:b0:6c:e9:4a:a6:27:
         47:15:e9:58:12:27:42:06:64:a8:c7:42:08:d2:43:37:23:64:
         5e:db:a1:30:de:75:f5:f3:67:74:a6:51:33:d9:ce:17:57:ab:
         95:4c:e9:03:a6:cb:67:6d:97:11:e5:d9:14:7f:7d:d1:4f:2b:
         56:1c:fd:5b:5e:3d:d4:3e:72:91:17:13:00:41:37:09:d5:87:
         30:82:b8:38:da:45:dc:b0:c7:f3:dc:31:17:1b:13:29:b8:ee:
         d5:c6:e0:91:20:a8:92:c0:3e:55:ac:71:9f:a9:f3:ae:b1:79:
         4d:27:55:67:b8:99:70:3c:bb:ec:a9:0a:60:41:9d:5e:b4:84:
         78:b2:8a:38:51:9d:6b:59:e7:a4:ae:ac:8c:19:da:bf:08:3d:
         19:51:a1:b8:fb:fe:d2:77:13:10:e9:36:dd:d9:eb:f0:d0:d3:
         54:a4:b7:56:14:1c:d7:00:41:79:2a:a0:62:a9:7f:bc:55:a8:
         88:f2:c2:d8:97:00:8f:da:b8:fd:7e:ea:4f:24:60:88:29:2e:
         be:94:46:c1:9f:6f:4e:79:0a:d4:06:11:f3:93:45:ff:dd:02:
         14:4b:11:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+ipNJ7w0YKdemXLldrspMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTAyMTAxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmQyYzA2MjA2MDIyNmE5NzU0MTI4Y2FhZGYwYzEwOWE2NDMxMTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNdApQBHEjEiteh95tm44NuFxlxo
OKKliPsZCGCzDDs6ddd1yN4bzBkSExBatwsf3S/KFRKLk+vHTeC/SgG4nN9AElvQ
jZsgeNw821yl0QH9+SAgr7aOqNtVJGarHaW0nCLIYLusEFdIH02vAXgJzgCeObyP
gBNjkeDyXOa+Vvo1RbpGfWE6UGSXnBuERY7McwRMpmQIgchYcVvpEK5TN2y9b/pE
2Acd9yPX4cYFUS6AfJzulPBkguYBdyxBUaqjtFvG4o3YnhiPCN5d352Ukj5qUZPn
1W5I863S/cBLSq6Yhhf8hO1/F33OytvfEnsFeeflgU7+b61E8S73dIoDlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFALSwGIGAiapdUEoyq3wwQmmQxEXMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQXRMQVlnWUNKcWwxUVNqS3JmREJDYVpERVJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZCRMA0G
CSqGSIb3DQEBCwUAA4IBAQCOqwZbpBN9JxZX/dmGNjtKFb+MnS9SDslX5x/XXlqw
bOlKpidHFelYEidCBmSox0II0kM3I2Re26Ew3nX182d0plEz2c4XV6uVTOkDpstn
bZcR5dkUf33RTytWHP1bXj3UPnKRFxMAQTcJ1Ycwgrg42kXcsMfz3DEXGxMpuO7V
xuCRIKiSwD5VrHGfqfOusXlNJ1VnuJlwPLvsqQpgQZ1etIR4soo4UZ1rWeekrqyM
Gdq/CD0ZUaG4+/7SdxMQ6Tbd2evw0NNUpLdWFBzXAEF5KqBiqX+8VaiI8sLYlwCP
2rj9fupPJGCIKS6+lEbBn29OeQrUBhHzk0X/3QIUSxE8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:20 2024 by rpki-client on console-ams.rpki-client.org