Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/ef9221-c354-4e67-a32f-84e596a3c121/1/cm0vHFtnltPICOjpvuovLEA4BIM.roa
File:                     cm0vHFtnltPICOjpvuovLEA4BIM.roa (raw, json)
Hash identifier:          oKgCt9gQYY3pQ0QTYYMiVuu5TICuX186j37nM/ufky0=
Subject key identifier:   72:6D:2F:1C:5B:67:96:D3:C8:08:E8:E9:BE:EA:2F:2C:40:38:04:83
Certificate issuer:       /CN=39e4059e519e7cad0536bd54d91bc97875644cdb
Certificate serial:       018572E835B701AC3F2915ACFA0D6147BFE4
Authority key identifier: 39:E4:05:9E:51:9E:7C:AD:05:36:BD:54:D9:1B:C9:78:75:64:4C:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OeQFnlGefK0FNr1U2RvJeHVkTNs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/ef9221-c354-4e67-a32f-84e596a3c121/1/cm0vHFtnltPICOjpvuovLEA4BIM.roa
Signing time:             Mon 02 Jan 2023 14:34:58 +0000
ROA not before:           Mon 02 Jan 2023 14:34:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2200
IP address blocks:        145.238.0.0/16 maxlen: 16

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:e8:35:b7:01:ac:3f:29:15:ac:fa:0d:61:47:bf:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39e4059e519e7cad0536bd54d91bc97875644cdb
        Validity
            Not Before: Jan  2 14:34:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=726d2f1c5b6796d3c808e8e9beea2f2c40380483
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:74:03:98:31:c9:1d:aa:74:95:38:08:dc:55:
                    83:aa:f4:d6:79:61:c8:78:a6:8a:e4:b4:aa:9a:30:
                    82:69:20:ca:0a:d5:91:41:af:8b:df:51:66:95:1a:
                    da:7a:e1:e6:34:9b:d1:f7:86:1c:8e:e0:68:e5:42:
                    3b:3d:e3:c9:1b:e9:cc:7e:9f:8d:d3:71:04:c3:42:
                    5e:9d:df:67:79:a1:bc:13:ff:3f:2d:1c:f7:2b:1a:
                    b1:e9:1a:8c:11:e5:2b:f8:3f:06:f4:5d:ac:97:0c:
                    c0:91:ba:0a:ca:78:78:0a:94:46:80:a0:63:f6:94:
                    9a:37:bb:ba:0a:d9:ad:52:52:6a:25:57:88:a3:7b:
                    ce:b8:f6:87:44:e9:83:28:9f:09:ac:ce:62:2e:69:
                    83:bc:c3:5e:e6:ad:4e:32:b6:bc:50:47:0d:54:1a:
                    fc:e8:8f:67:8b:c0:bf:41:41:db:c6:cf:9e:92:31:
                    73:2e:1e:96:6a:cf:b6:67:be:c5:98:9d:69:c3:ea:
                    90:f2:83:bd:1a:5a:7a:83:5e:fc:97:87:ff:68:f2:
                    54:cf:d1:9c:f7:d2:83:e8:9d:ed:6a:0c:41:9f:14:
                    0f:36:98:9c:97:ad:0d:5b:b2:24:5e:c8:e5:83:93:
                    d3:70:bf:4f:dd:35:e9:6d:d8:b3:44:da:65:7b:77:
                    bf:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:6D:2F:1C:5B:67:96:D3:C8:08:E8:E9:BE:EA:2F:2C:40:38:04:83
            X509v3 Authority Key Identifier:
                keyid:39:E4:05:9E:51:9E:7C:AD:05:36:BD:54:D9:1B:C9:78:75:64:4C:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OeQFnlGefK0FNr1U2RvJeHVkTNs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/ef9221-c354-4e67-a32f-84e596a3c121/1/cm0vHFtnltPICOjpvuovLEA4BIM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/ef9221-c354-4e67-a32f-84e596a3c121/1/OeQFnlGefK0FNr1U2RvJeHVkTNs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  145.238.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         08:2e:4d:82:14:be:74:a9:24:4b:ef:a1:b9:1a:d8:d1:56:a5:
         a5:fd:54:be:04:97:53:a0:bd:d5:cf:d2:8f:22:d2:ea:d7:65:
         8e:4f:85:b2:10:48:07:08:c7:c0:e9:21:3d:36:a3:e8:c0:dc:
         b5:0e:d9:51:ac:1d:d5:a3:dc:a1:2d:0d:05:c7:69:65:18:6d:
         ec:b6:cf:a7:aa:10:8f:68:23:9b:a0:3f:67:ef:df:6a:e5:ab:
         78:08:e8:83:29:b1:65:96:96:60:10:06:16:ed:5a:58:7a:52:
         59:04:31:e1:56:a4:e5:70:9e:5f:1b:10:2f:c8:f6:d9:7e:77:
         5c:68:44:66:22:2c:87:dc:cc:26:3f:f0:fb:32:02:22:6e:f7:
         00:67:69:0c:8b:8e:fb:d3:7e:cf:43:a5:0d:c8:84:1a:f1:74:
         0d:d0:eb:f5:d2:15:14:32:1b:eb:e4:50:70:89:01:43:a5:8d:
         f1:35:5c:ad:0e:23:bd:51:ba:57:71:0d:ec:4c:e6:d4:80:6c:
         f2:59:5c:90:e2:bd:c4:d1:db:bf:40:e2:14:c5:c7:eb:71:f4:
         6f:49:44:52:12:66:b2:77:3e:94:20:89:d4:cc:4b:75:38:05:
         93:d3:6b:ce:e1:42:f2:a7:9b:c7:04:c6:28:f0:5c:6e:e3:c4:
         38:99:e9:6f
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVy6DW3Aaw/KRWs+g1hR7/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ZTQwNTllNTE5ZTdjYWQwNTM2YmQ1NGQ5MWJjOTc4NzU2
NDRjZGIwHhcNMjMwMTAyMTQzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjZkMmYxYzViNjc5NmQzYzgwOGU4ZTliZWVhMmYyYzQwMzgwNDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXQDmDHJHap0lTgI3FWDqvTWeWHI
eKaK5LSqmjCCaSDKCtWRQa+L31FmlRraeuHmNJvR94YcjuBo5UI7PePJG+nMfp+N
03EEw0Jend9neaG8E/8/LRz3Kxqx6RqMEeUr+D8G9F2slwzAkboKynh4CpRGgKBj
9pSaN7u6CtmtUlJqJVeIo3vOuPaHROmDKJ8JrM5iLmmDvMNe5q1OMra8UEcNVBr8
6I9ni8C/QUHbxs+ekjFzLh6Was+2Z77FmJ1pw+qQ8oO9Glp6g178l4f/aPJUz9Gc
99KD6J3tagxBnxQPNpicl60NW7IkXsjlg5PTcL9P3TXpbdizRNple3e/1QIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFHJtLxxbZ5bTyAjo6b7qLyxAOASDMB8GA1UdIwQY
MBaAFDnkBZ5RnnytBTa9VNkbyXh1ZEzbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2VRRm5sR2VmSzBGTnIxVTJSdkplSFZrVE5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9lZjkyMjEtYzM1NC00ZTY3LWEzMmYt
ODRlNTk2YTNjMTIxLzEvY20wdkhGdG5sdFBJQ09qcHZ1b3ZMRUE0QklNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9lZjkyMjEtYzM1NC00ZTY3LWEzMmYtODRlNTk2YTNjMTIx
LzEvT2VRRm5sR2VmSzBGTnIxVTJSdkplSFZrVE5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAke4wDQYJ
KoZIhvcNAQELBQADggEBAAguTYIUvnSpJEvvobka2NFWpaX9VL4El1OgvdXP0o8i
0urXZY5PhbIQSAcIx8DpIT02o+jA3LUO2VGsHdWj3KEtDQXHaWUYbey2z6eqEI9o
I5ugP2fv32rlq3gI6IMpsWWWlmAQBhbtWlh6UlkEMeFWpOVwnl8bEC/I9tl+d1xo
RGYiLIfczCY/8PsyAiJu9wBnaQyLjvvTfs9DpQ3IhBrxdA3Q6/XSFRQyG+vkUHCJ
AUOljfE1XK0OI71RuldxDexM5tSAbPJZXJDivcTR279A4hTFx+tx9G9JRFISZrJ3
PpQgidTMS3U4BZPTa87hQvKnm8cExijwXG7jxDiZ6W8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:51 2024 by rpki-client on console-fra.rpki-client.org