Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rLeUxipm6W6X0wUwaZd83bptNkY.roa
File:                     rLeUxipm6W6X0wUwaZd83bptNkY.roa (raw, json)
Hash identifier:          O+fzZzcqd9X0lLZiYHmSIyN6JOKWg5jArfaoD8GAM4c=
Subject key identifier:   AC:B7:94:C6:2A:66:E9:6E:97:D3:05:30:69:97:7C:DD:BA:6D:36:46
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018E86649F1D6B02867031F380F31390769A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rLeUxipm6W6X0wUwaZd83bptNkY.roa
Signing time:             Thu 28 Mar 2024 18:48:45 +0000
ROA not before:           Thu 28 Mar 2024 18:48:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     174
IP address blocks:        217.145.72.0/21 maxlen: 22

Validation:               Failed, certificate revoked on Mon 08 Apr 2024 13:46:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:86:64:9f:1d:6b:02:86:70:31:f3:80:f3:13:90:76:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 28 18:48:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=acb794c62a66e96e97d3053069977cddba6d3646
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:06:1e:11:35:f3:c9:87:22:d0:73:82:93:01:
                    46:f2:b4:48:5f:74:8e:e2:e8:71:16:d1:63:38:07:
                    70:03:2e:d7:b7:b1:62:a2:43:9d:ae:fa:ff:bc:39:
                    1c:22:72:44:69:32:c4:f4:4f:96:ed:6f:6b:f1:88:
                    a6:ca:12:ad:7b:c0:c1:a6:15:f5:b8:eb:b6:3c:5d:
                    1b:21:d1:88:34:83:f8:a2:13:53:01:6b:cf:35:8f:
                    0c:b4:22:21:f9:0b:6b:7b:b4:f3:95:09:c9:2a:05:
                    5f:d0:c4:c5:c1:de:ab:6e:76:48:95:ca:51:16:d5:
                    b5:5e:29:0e:4c:ae:1a:31:ee:c9:21:67:06:51:23:
                    e4:18:c5:a3:e2:10:a1:fb:31:b8:18:5b:7f:de:5c:
                    ce:67:12:2c:f1:8a:07:ef:36:06:e4:a4:e2:c1:f3:
                    aa:db:db:01:d4:97:01:9e:6f:8a:05:e5:5f:ee:ab:
                    9e:9e:98:25:24:23:b7:34:b8:84:b8:5b:5a:0e:f1:
                    5a:88:13:c5:73:f7:a7:07:15:ec:1b:3b:01:11:05:
                    0f:5a:6d:a6:2d:65:c9:fe:3b:38:02:79:08:9f:17:
                    27:0e:a6:d6:9b:b0:4b:9d:c7:6b:55:57:f5:d2:46:
                    75:b6:17:a1:d0:36:78:09:51:cf:74:b0:7f:a7:88:
                    e8:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:B7:94:C6:2A:66:E9:6E:97:D3:05:30:69:97:7C:DD:BA:6D:36:46
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rLeUxipm6W6X0wUwaZd83bptNkY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.145.72.0/21

    Signature Algorithm: sha256WithRSAEncryption
         7f:0c:f0:bc:53:4d:08:91:50:e6:d8:a2:27:0c:db:89:0c:16:
         fb:96:b0:80:5a:a6:fd:64:17:35:73:16:5a:7e:20:72:58:b4:
         cc:17:2d:9e:87:1a:6a:93:25:37:e0:62:fd:cb:da:14:91:79:
         b0:84:08:b5:58:54:64:a6:ec:e3:8f:dc:7f:15:b3:8f:9d:2a:
         b4:92:0f:9e:f0:27:06:ca:8a:a4:6a:33:38:d1:9b:02:55:52:
         57:33:82:18:0c:e2:da:3b:cc:6f:ea:e3:8f:cb:e6:f4:2c:20:
         73:12:1f:1a:de:c6:69:30:8e:9a:79:f2:39:60:5b:59:2f:ae:
         21:ff:93:5c:63:26:ef:6f:4e:31:38:0a:99:8e:48:6f:87:fe:
         95:10:ad:43:51:62:a1:1a:91:c1:d4:c1:61:ec:c3:4a:98:4a:
         9c:5a:2e:01:d0:21:5a:8d:20:3a:ab:d2:7e:02:a3:3b:96:da:
         f4:df:90:64:15:35:31:6f:c5:30:b6:4e:45:33:d3:2b:6a:3e:
         c8:bd:20:8c:99:8d:93:03:fb:7a:04:2e:ec:b5:7b:9f:8d:b3:
         3d:8c:0f:9d:be:f7:b7:56:cc:77:4e:39:1c:cd:2f:cd:ea:9c:
         06:5f:7b:6c:a5:02:b9:dd:02:8f:35:0c:ce:59:24:9e:41:3c:
         d8:b0:78:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6GZJ8dawKGcDHzgPMTkHaaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzI4MTg0ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2I3OTRjNjJhNjZlOTZlOTdkMzA1MzA2OTk3N2NkZGJhNmQzNjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwYeETXzyYci0HOCkwFG8rRIX3SO
4uhxFtFjOAdwAy7Xt7FiokOdrvr/vDkcInJEaTLE9E+W7W9r8YimyhKte8DBphX1
uOu2PF0bIdGINIP4ohNTAWvPNY8MtCIh+Qtre7TzlQnJKgVf0MTFwd6rbnZIlcpR
FtW1XikOTK4aMe7JIWcGUSPkGMWj4hCh+zG4GFt/3lzOZxIs8YoH7zYG5KTiwfOq
29sB1JcBnm+KBeVf7quenpglJCO3NLiEuFtaDvFaiBPFc/enBxXsGzsBEQUPWm2m
LWXJ/js4AnkInxcnDqbWm7BLncdrVVf10kZ1theh0DZ4CVHPdLB/p4jouQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKy3lMYqZulul9MFMGmXfN26bTZGMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvckxlVXhpcG02VzZYMHdVd2FaZDgzYnB0TmtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD2ZFIMA0G
CSqGSIb3DQEBCwUAA4IBAQB/DPC8U00IkVDm2KInDNuJDBb7lrCAWqb9ZBc1cxZa
fiByWLTMFy2ehxpqkyU34GL9y9oUkXmwhAi1WFRkpuzjj9x/FbOPnSq0kg+e8CcG
yoqkajM40ZsCVVJXM4IYDOLaO8xv6uOPy+b0LCBzEh8a3sZpMI6aefI5YFtZL64h
/5NcYybvb04xOAqZjkhvh/6VEK1DUWKhGpHB1MFh7MNKmEqcWi4B0CFajSA6q9J+
AqM7ltr035BkFTUxb8Uwtk5FM9Mraj7IvSCMmY2TA/t6BC7stXufjbM9jA+dvve3
Vsx3TjkczS/N6pwGX3tspQK53QKPNQzOWSSeQTzYsHgu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org