Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/d4835b-7323-4671-ad59-7fb05920e228/1/AK5a5IFt1ApU_1y10UreKzerODQ.roa
File:                     AK5a5IFt1ApU_1y10UreKzerODQ.roa (raw, json)
Hash identifier:          NHtrbBiegOE/zTBjDYqa0JL0U4th/iJwfVbQmnQ2eJE=
Subject key identifier:   00:AE:5A:E4:81:6D:D4:0A:54:FF:5C:B5:D1:4A:DE:2B:37:AB:38:34
Certificate issuer:       /CN=7482b017717ca83a05e4cbc3f266f12a5359d5e5
Certificate serial:       01857343993DAE47AB5F55DF0C2EA9BF44C7
Authority key identifier: 74:82:B0:17:71:7C:A8:3A:05:E4:CB:C3:F2:66:F1:2A:53:59:D5:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dIKwF3F8qDoF5MvD8mbxKlNZ1eU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/d4835b-7323-4671-ad59-7fb05920e228/1/AK5a5IFt1ApU_1y10UreKzerODQ.roa
Signing time:             Mon 02 Jan 2023 16:14:48 +0000
ROA not before:           Mon 02 Jan 2023 16:14:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2200
IP address blocks:        192.44.66.0/24 maxlen: 24
                          134.246.0.0/16 maxlen: 16

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:43:99:3d:ae:47:ab:5f:55:df:0c:2e:a9:bf:44:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7482b017717ca83a05e4cbc3f266f12a5359d5e5
        Validity
            Not Before: Jan  2 16:14:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=00ae5ae4816dd40a54ff5cb5d14ade2b37ab3834
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:4e:0f:d2:d5:3b:c3:f4:92:e8:d3:0f:70:b1:
                    10:fa:12:c6:21:c5:63:f6:c6:1b:62:7e:e2:ed:6b:
                    8a:3a:6d:89:c9:6d:a4:d8:c8:c9:66:c4:c6:b1:e9:
                    60:21:59:4c:f6:7d:33:09:34:58:2d:6f:38:dd:c5:
                    d9:8e:c3:60:a9:d4:9b:d7:cc:ad:b3:2e:cc:bf:49:
                    73:dc:2a:66:db:02:dd:74:ca:5c:b4:f9:18:e3:95:
                    9a:ab:4a:24:0a:37:49:f5:96:79:37:75:ea:b9:51:
                    db:9a:1f:99:4e:e6:99:6a:bd:58:3a:19:48:3c:3f:
                    65:09:67:df:15:e1:78:62:59:c0:0b:dc:4f:c9:d0:
                    4c:f6:83:03:d3:19:c5:b5:fe:a9:fc:4f:56:8f:a3:
                    bb:05:4c:82:42:5e:f2:a7:87:08:60:f8:a4:65:84:
                    33:19:1d:ec:98:6d:36:1b:07:bd:1f:4f:8d:9e:61:
                    be:b2:32:f9:64:e3:fc:88:60:30:16:a5:53:8f:85:
                    ac:a4:a0:e3:cc:73:90:0f:62:36:f7:40:dc:32:3e:
                    99:4c:c3:1a:24:89:84:5c:6c:32:c8:93:be:8c:88:
                    77:c8:15:24:90:9c:eb:2f:90:a8:7f:5a:74:40:f7:
                    27:e8:7a:86:48:b1:00:d6:c7:7e:35:c1:8c:8d:82:
                    97:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:AE:5A:E4:81:6D:D4:0A:54:FF:5C:B5:D1:4A:DE:2B:37:AB:38:34
            X509v3 Authority Key Identifier:
                keyid:74:82:B0:17:71:7C:A8:3A:05:E4:CB:C3:F2:66:F1:2A:53:59:D5:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dIKwF3F8qDoF5MvD8mbxKlNZ1eU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/d4835b-7323-4671-ad59-7fb05920e228/1/AK5a5IFt1ApU_1y10UreKzerODQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/d4835b-7323-4671-ad59-7fb05920e228/1/dIKwF3F8qDoF5MvD8mbxKlNZ1eU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  134.246.0.0/16
                  192.44.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:0e:19:b9:9b:70:e6:ab:b0:c7:22:6b:61:72:98:af:0e:e2:
         dd:62:50:23:22:e9:bc:d4:2b:b5:43:50:17:a3:1e:af:b0:19:
         ad:dc:c2:b3:88:0b:63:1f:8c:b1:54:ba:6a:fc:56:09:7c:3f:
         6e:b0:4f:58:ed:a1:38:6f:c8:9e:f1:ed:da:f6:34:0a:61:3d:
         51:98:60:10:dc:f1:37:74:be:12:ba:56:36:aa:92:22:9c:47:
         6f:b5:04:2e:3b:19:81:ea:fc:ef:6e:a6:21:0e:cf:f6:48:d8:
         63:22:24:7a:91:4f:85:43:3b:12:38:56:46:7d:08:9c:00:b1:
         e9:6f:09:c1:72:d1:38:6c:fe:6c:08:08:25:88:03:c8:66:01:
         97:5f:f0:6f:e8:3f:14:bf:47:e3:87:f6:0d:60:7a:c9:0f:7c:
         16:43:c2:0d:84:e1:6f:10:5c:a4:b8:05:c2:4a:dc:23:1a:53:
         4e:78:1b:20:e0:16:b0:32:8d:1f:87:29:fc:6d:d6:14:90:96:
         4f:e7:6e:eb:b4:25:8b:70:09:57:65:ad:bd:89:e1:5a:c6:ab:
         a7:cd:51:56:d6:98:9c:54:4e:4d:48:88:3f:6d:a8:2c:e6:cc:
         c7:e0:53:d8:11:61:9a:6f:34:2d:5a:34:96:f8:23:01:42:38:
         2b:dd:25:11
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYVzQ5k9rkerX1XfDC6pv0THMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ODJiMDE3NzE3Y2E4M2EwNWU0Y2JjM2YyNjZmMTJhNTM1
OWQ1ZTUwHhcNMjMwMTAyMTYxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGFlNWFlNDgxNmRkNDBhNTRmZjVjYjVkMTRhZGUyYjM3YWIzODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwU4P0tU7w/SS6NMPcLEQ+hLGIcVj
9sYbYn7i7WuKOm2JyW2k2MjJZsTGselgIVlM9n0zCTRYLW843cXZjsNgqdSb18yt
sy7Mv0lz3Cpm2wLddMpctPkY45Waq0okCjdJ9ZZ5N3XquVHbmh+ZTuaZar1YOhlI
PD9lCWffFeF4YlnAC9xPydBM9oMD0xnFtf6p/E9Wj6O7BUyCQl7yp4cIYPikZYQz
GR3smG02Gwe9H0+NnmG+sjL5ZOP8iGAwFqVTj4WspKDjzHOQD2I290DcMj6ZTMMa
JImEXGwyyJO+jIh3yBUkkJzrL5Cof1p0QPcn6HqGSLEA1sd+NcGMjYKXLwIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFACuWuSBbdQKVP9ctdFK3is3qzg0MB8GA1UdIwQY
MBaAFHSCsBdxfKg6BeTLw/Jm8SpTWdXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZElLd0YzRjhxRG9GNU12RDhtYnhLbE5aMWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9kNDgzNWItNzMyMy00NjcxLWFkNTkt
N2ZiMDU5MjBlMjI4LzEvQUs1YTVJRnQxQXBVXzF5MTBVcmVLemVyT0RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9kNDgzNWItNzMyMy00NjcxLWFkNTktN2ZiMDU5MjBlMjI4
LzEvZElLd0YzRjhxRG9GNU12RDhtYnhLbE5aMWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAhvYDBADA
LEIwDQYJKoZIhvcNAQELBQADggEBABgOGbmbcOarsMcia2FymK8O4t1iUCMi6bzU
K7VDUBejHq+wGa3cwrOIC2MfjLFUumr8Vgl8P26wT1jtoThvyJ7x7dr2NAphPVGY
YBDc8Td0vhK6VjaqkiKcR2+1BC47GYHq/O9upiEOz/ZI2GMiJHqRT4VDOxI4VkZ9
CJwAselvCcFy0Ths/mwICCWIA8hmAZdf8G/oPxS/R+OH9g1geskPfBZDwg2E4W8Q
XKS4BcJK3CMaU054GyDgFrAyjR+HKfxt1hSQlk/nbuu0JYtwCVdlrb2J4VrGq6fN
UVbWmJxUTk1IiD9tqCzmzMfgU9gRYZpvNC1aNJb4IwFCOCvdJRE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:56 2024 by rpki-client on console-fra.rpki-client.org