Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/ThLeSTa0kB9OOqIQwc3eS_22VlA.roa
File:                     ThLeSTa0kB9OOqIQwc3eS_22VlA.roa (raw, json)
Hash identifier:          AXujZfBO2jykS8+Zez4ih0Syg9zsaAefjy/lor/FI50=
Subject key identifier:   4E:12:DE:49:36:B4:90:1F:4E:3A:A2:10:C1:CD:DE:4B:FD:B6:56:50
Certificate issuer:       /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial:       01867DA9C464A5EB940E0C879E682BB5022D
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/ThLeSTa0kB9OOqIQwc3eS_22VlA.roa
Signing time:             Thu 23 Feb 2023 09:45:23 +0000
ROA not before:           Thu 23 Feb 2023 09:45:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5089
IP address blocks:        192.145.54.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 24 Jul 2023 08:17:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:7d:a9:c4:64:a5:eb:94:0e:0c:87:9e:68:2b:b5:02:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
        Validity
            Not Before: Feb 23 09:45:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4e12de4936b4901f4e3aa210c1cdde4bfdb65650
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:0e:ef:4a:f9:78:1b:32:38:da:c2:ca:58:34:
                    4c:41:51:7d:cb:78:f2:85:34:23:a9:23:01:8a:03:
                    af:c8:82:ff:dc:c4:41:a2:b2:18:9e:d5:60:85:44:
                    ed:d1:2c:e2:49:79:2f:3a:94:dc:26:27:67:bb:f6:
                    97:dd:0c:39:ec:9a:9c:5e:cc:56:cf:ed:fb:a1:cd:
                    fe:e1:12:ee:08:f6:f2:c5:18:85:ad:a9:b5:b0:db:
                    f2:ff:0a:ab:86:cf:cb:15:86:1f:20:96:0d:4f:d5:
                    61:5b:35:49:37:b5:34:e7:d1:73:56:a2:40:c0:37:
                    ef:e2:f4:65:93:e5:a3:1a:22:4f:12:c6:05:4d:51:
                    de:50:8e:76:26:80:0b:99:75:55:51:a1:f3:20:cf:
                    72:a4:67:06:d8:08:90:28:df:35:f6:74:93:df:0f:
                    98:63:5f:f3:1b:97:b0:74:c2:11:3d:d5:ce:83:f7:
                    97:7c:de:ba:de:a4:b0:9f:5c:67:08:06:b2:fe:01:
                    93:6e:75:e1:78:df:e0:56:43:1d:71:90:fb:e3:18:
                    06:04:0e:f9:90:4e:bd:c5:af:2f:48:bb:6f:c7:2a:
                    da:a1:c3:09:a0:82:bf:66:5c:89:ae:27:2f:ce:fb:
                    1d:f3:26:4a:5c:06:03:fe:3d:2e:8e:b3:cb:23:ff:
                    f4:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:12:DE:49:36:B4:90:1F:4E:3A:A2:10:C1:CD:DE:4B:FD:B6:56:50
            X509v3 Authority Key Identifier:
                keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/ThLeSTa0kB9OOqIQwc3eS_22VlA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.145.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:25:36:de:f2:8a:32:69:50:5a:d9:bf:86:0b:7b:e9:e4:ff:
         ec:2b:6b:47:15:74:83:b1:68:57:f9:6a:82:02:7b:62:dc:74:
         8a:a9:3b:7d:41:01:a5:5a:e4:d0:ee:ac:11:67:9f:20:5e:28:
         b5:61:03:d2:83:72:2c:c9:d6:e7:49:e9:ea:37:2a:9e:47:76:
         d1:d4:87:ab:05:6f:e4:9d:cd:45:b1:8a:2c:38:bc:ec:62:e4:
         c7:03:2d:a1:1a:33:88:bc:c1:52:e1:46:0d:0c:6a:d3:c6:21:
         07:ed:77:72:89:0d:41:9b:64:8e:77:2a:cf:70:be:a8:e3:af:
         b8:64:c1:71:02:9f:1d:4a:38:05:38:1d:25:7d:25:05:e9:a4:
         dc:24:2a:8d:b1:84:2b:68:60:f5:88:77:1b:e8:de:3a:88:df:
         12:c5:3f:f5:6a:9d:69:02:08:61:09:6d:15:06:a7:cb:f3:31:
         31:76:c2:29:15:7b:4f:f5:a5:93:c8:d1:d6:a1:61:1f:d9:d2:
         51:e3:9e:78:48:4e:4e:ca:68:77:d4:a0:33:ad:f7:33:3e:6f:
         fa:53:81:04:61:c3:8b:ae:ab:05:38:c4:e5:56:45:fa:d7:47:
         76:0f:d8:7b:69:71:3b:f3:fb:86:6c:ea:c8:c8:e1:d0:f1:a1:
         1a:e4:d8:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZ9qcRkpeuUDgyHnmgrtQItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjMwMjIzMDk0NTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTEyZGU0OTM2YjQ5MDFmNGUzYWEyMTBjMWNkZGU0YmZkYjY1NjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQ7vSvl4GzI42sLKWDRMQVF9y3jy
hTQjqSMBigOvyIL/3MRBorIYntVghUTt0SziSXkvOpTcJidnu/aX3Qw57JqcXsxW
z+37oc3+4RLuCPbyxRiFram1sNvy/wqrhs/LFYYfIJYNT9VhWzVJN7U059FzVqJA
wDfv4vRlk+WjGiJPEsYFTVHeUI52JoALmXVVUaHzIM9ypGcG2AiQKN819nST3w+Y
Y1/zG5ewdMIRPdXOg/eXfN663qSwn1xnCAay/gGTbnXheN/gVkMdcZD74xgGBA75
kE69xa8vSLtvxyraocMJoIK/ZlyJricvzvsd8yZKXAYD/j0ujrPLI//0ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE4S3kk2tJAfTjqiEMHN3kv9tlZQMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvVGhMZVNUYTBrQjlPT3FJUXdjM2VTXzIyVmxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwJE2MA0G
CSqGSIb3DQEBCwUAA4IBAQAOJTbe8ooyaVBa2b+GC3vp5P/sK2tHFXSDsWhX+WqC
Anti3HSKqTt9QQGlWuTQ7qwRZ58gXii1YQPSg3IsydbnSenqNyqeR3bR1IerBW/k
nc1FsYosOLzsYuTHAy2hGjOIvMFS4UYNDGrTxiEH7XdyiQ1Bm2SOdyrPcL6o46+4
ZMFxAp8dSjgFOB0lfSUF6aTcJCqNsYQraGD1iHcb6N46iN8SxT/1ap1pAghhCW0V
BqfL8zExdsIpFXtP9aWTyNHWoWEf2dJR4554SE5Oymh31KAzrfczPm/6U4EEYcOL
rqsFOMTlVkX610d2D9h7aXE78/uGbOrIyOHQ8aEa5Njc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:08 2024 by rpki-client on console-ams.rpki-client.org