Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/fa73f8-33e0-4032-84ec-a96ef6f6435c/1/0enUpy7zvUX1Ye35Hj5IHToy_6w.roa
File:                     0enUpy7zvUX1Ye35Hj5IHToy_6w.roa (raw, json)
Hash identifier:          c4jtkhDW4a2UqW3wO9TsqvBH5ZV2xz0eKnybMr6AqXs=
Subject key identifier:   D1:E9:D4:A7:2E:F3:BD:45:F5:61:ED:F9:1E:3E:48:1D:3A:32:FF:AC
Certificate issuer:       /CN=d04265fb11c2a220bc350718673e0704d1edadde
Certificate serial:       0185712760993630DEF95E49368E211214EB
Authority key identifier: D0:42:65:FB:11:C2:A2:20:BC:35:07:18:67:3E:07:04:D1:ED:AD:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0EJl-xHCoiC8NQcYZz4HBNHtrd4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/fa73f8-33e0-4032-84ec-a96ef6f6435c/1/0enUpy7zvUX1Ye35Hj5IHToy_6w.roa
Signing time:             Mon 02 Jan 2023 06:24:44 +0000
ROA not before:           Mon 02 Jan 2023 06:24:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15924
IP address blocks:        149.3.171.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 31 Jan 2023 15:04:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:27:60:99:36:30:de:f9:5e:49:36:8e:21:12:14:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d04265fb11c2a220bc350718673e0704d1edadde
        Validity
            Not Before: Jan  2 06:24:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d1e9d4a72ef3bd45f561edf91e3e481d3a32ffac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:62:77:e1:40:15:8c:ac:44:3a:d1:d2:13:99:
                    86:aa:2b:8f:99:38:60:52:4c:15:52:f2:67:ad:36:
                    0d:55:02:3c:ac:cc:9d:58:59:bf:92:5c:80:15:cf:
                    3f:05:e1:39:92:df:b1:c5:6a:e3:df:0e:26:1f:7c:
                    09:51:31:31:7d:6d:79:fc:ab:fd:81:e1:63:72:66:
                    98:ff:59:9b:39:d2:d6:ca:6c:c3:1e:cd:fe:cb:d6:
                    1a:24:ee:8b:e3:78:ce:d3:cd:81:20:8b:b7:bc:0f:
                    35:2d:bf:3c:68:37:78:f4:bb:72:f6:fa:aa:c3:c2:
                    ac:05:e1:d7:4c:1a:24:fd:6d:37:b1:54:e7:25:64:
                    f3:d8:67:7e:e4:4e:ee:a5:47:85:86:59:a8:9b:58:
                    9f:fa:91:e0:ba:bd:9b:c6:61:9a:ed:1a:4d:1d:d4:
                    06:ee:9d:47:12:79:1d:20:7b:2b:1d:1b:49:09:f8:
                    86:7b:71:52:47:ed:79:2c:a4:40:c7:57:47:f1:d5:
                    6e:e2:20:21:11:24:c5:b0:72:b3:73:6a:94:60:38:
                    92:4b:b3:7e:47:43:19:8d:76:a1:43:f3:85:90:31:
                    33:0d:c4:58:e6:ae:ea:bb:f1:ac:00:b4:b5:21:2c:
                    e3:97:c3:cd:c9:40:de:68:c1:c3:e5:2c:e6:b3:a2:
                    90:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:E9:D4:A7:2E:F3:BD:45:F5:61:ED:F9:1E:3E:48:1D:3A:32:FF:AC
            X509v3 Authority Key Identifier:
                keyid:D0:42:65:FB:11:C2:A2:20:BC:35:07:18:67:3E:07:04:D1:ED:AD:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EJl-xHCoiC8NQcYZz4HBNHtrd4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/fa73f8-33e0-4032-84ec-a96ef6f6435c/1/0enUpy7zvUX1Ye35Hj5IHToy_6w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/fa73f8-33e0-4032-84ec-a96ef6f6435c/1/0EJl-xHCoiC8NQcYZz4HBNHtrd4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  149.3.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:d3:74:b8:9a:e2:2b:1a:3c:9f:16:0e:f6:d2:a9:09:85:fc:
         52:ca:b6:a4:4d:d7:2d:34:f9:4c:cc:7a:f1:c0:90:1d:db:ff:
         91:d1:bd:55:2f:2b:b2:cc:92:6e:48:5d:03:3b:45:d9:ae:be:
         78:dc:46:96:7d:de:35:8a:a4:bc:82:2f:72:6f:ab:13:33:65:
         44:1e:ab:ce:d5:1a:b1:98:04:ea:59:8b:58:44:7a:b7:5d:9e:
         29:2c:ab:12:e0:b1:bc:87:55:6f:06:d1:ec:66:73:18:ec:bb:
         89:8d:61:95:aa:c9:b1:dc:c2:3e:7d:a6:06:39:05:cd:70:28:
         02:ea:08:0c:83:8a:ca:c1:d5:f6:f6:b9:41:2b:43:cd:77:0a:
         fe:9a:d2:3d:01:57:f9:bc:94:66:e2:14:f5:fe:c8:7d:8b:76:
         82:3d:76:b3:a6:9c:cf:96:49:be:26:a7:bb:f7:98:61:6a:7e:
         52:2c:c1:fb:1b:7a:90:84:2c:b6:e7:40:78:b3:ec:39:da:2e:
         cd:09:83:65:16:ad:22:8c:83:3d:0c:7d:c7:46:5e:68:84:e7:
         e4:92:59:3b:58:20:67:d6:34:3b:39:1d:a2:0d:48:e0:88:c6:
         a8:af:1f:73:f9:25:b8:44:4e:e0:14:44:35:7e:b6:75:8d:4b:
         97:81:eb:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxJ2CZNjDe+V5JNo4hEhTrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNDI2NWZiMTFjMmEyMjBiYzM1MDcxODY3M2UwNzA0ZDFl
ZGFkZGUwHhcNMjMwMTAyMDYyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWU5ZDRhNzJlZjNiZDQ1ZjU2MWVkZjkxZTNlNDgxZDNhMzJmZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWJ34UAVjKxEOtHSE5mGqiuPmThg
UkwVUvJnrTYNVQI8rMydWFm/klyAFc8/BeE5kt+xxWrj3w4mH3wJUTExfW15/Kv9
geFjcmaY/1mbOdLWymzDHs3+y9YaJO6L43jO082BIIu3vA81Lb88aDd49Lty9vqq
w8KsBeHXTBok/W03sVTnJWTz2Gd+5E7upUeFhlmom1if+pHgur2bxmGa7RpNHdQG
7p1HEnkdIHsrHRtJCfiGe3FSR+15LKRAx1dH8dVu4iAhESTFsHKzc2qUYDiSS7N+
R0MZjXahQ/OFkDEzDcRY5q7qu/GsALS1ISzjl8PNyUDeaMHD5Szms6KQSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNHp1Kcu871F9WHt+R4+SB06Mv+sMB8GA1UdIwQY
MBaAFNBCZfsRwqIgvDUHGGc+BwTR7a3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEVKbC14SENvaUM4TlFjWVp6NEhCTkh0cmQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9mYTczZjgtMzNlMC00MDMyLTg0ZWMt
YTk2ZWY2ZjY0MzVjLzEvMGVuVXB5N3p2VVgxWWUzNUhqNUlIVG95XzZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9mYTczZjgtMzNlMC00MDMyLTg0ZWMtYTk2ZWY2ZjY0MzVj
LzEvMEVKbC14SENvaUM4TlFjWVp6NEhCTkh0cmQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAlQOrMA0G
CSqGSIb3DQEBCwUAA4IBAQB903S4muIrGjyfFg720qkJhfxSyrakTdctNPlMzHrx
wJAd2/+R0b1VLyuyzJJuSF0DO0XZrr543EaWfd41iqS8gi9yb6sTM2VEHqvO1Rqx
mATqWYtYRHq3XZ4pLKsS4LG8h1VvBtHsZnMY7LuJjWGVqsmx3MI+faYGOQXNcCgC
6ggMg4rKwdX29rlBK0PNdwr+mtI9AVf5vJRm4hT1/sh9i3aCPXazppzPlkm+Jqe7
95hhan5SLMH7G3qQhCy250B4s+w52i7NCYNlFq0ijIM9DH3HRl5ohOfkklk7WCBn
1jQ7OR2iDUjgiMaorx9z+SW4RE7gFEQ1frZ1jUuXgets
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:46 2024 by rpki-client on console-fra.rpki-client.org