Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/pToxji8ya4xtiV4RtLDPCBN59c8.roa
File:                     pToxji8ya4xtiV4RtLDPCBN59c8.roa (raw, json)
Hash identifier:          a+he0IBVhT+ghZNfgIu6E9gdgqxg0N1ndJaF+lvuxic=
Subject key identifier:   A5:3A:31:8E:2F:32:6B:8C:6D:89:5E:11:B4:B0:CF:08:13:79:F5:CF
Certificate issuer:       /CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Certificate serial:       0186A23B21A75404366CF17608CB29ED93E2
Authority key identifier: 6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/pToxji8ya4xtiV4RtLDPCBN59c8.roa
Signing time:             Thu 02 Mar 2023 12:10:29 +0000
ROA not before:           Thu 02 Mar 2023 12:10:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43431
IP address blocks:        46.233.38.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:a2:3b:21:a7:54:04:36:6c:f1:76:08:cb:29:ed:93:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
        Validity
            Not Before: Mar  2 12:10:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a53a318e2f326b8c6d895e11b4b0cf081379f5cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:68:6e:2e:f2:a4:4f:50:a3:77:14:2e:a1:28:
                    ac:e4:08:09:64:70:da:a6:21:eb:b0:ed:6e:d1:6e:
                    e3:72:5a:76:da:c0:df:8a:7c:24:3c:45:ea:28:fa:
                    69:5c:8e:8f:03:52:dd:de:bb:63:66:0e:5c:d2:e7:
                    23:43:38:07:6d:b8:79:0e:16:91:96:68:60:db:b5:
                    01:83:ef:43:ed:9d:01:15:1c:81:26:26:64:b9:2a:
                    6a:81:eb:39:5f:7e:84:39:db:4b:84:34:c2:44:65:
                    e8:38:bb:ef:37:21:05:7b:57:4a:6d:36:34:3b:c0:
                    6d:a5:7c:37:85:e0:4c:d9:8e:24:83:e3:17:98:c6:
                    68:b1:a1:b3:b0:32:72:1b:09:31:2e:ec:32:01:aa:
                    3d:ee:ec:6c:a3:08:a7:22:cb:39:ce:1e:0d:29:bf:
                    5f:d1:fe:98:d7:09:4d:92:ca:47:9d:24:b7:9a:62:
                    3b:b3:4e:70:f5:cb:5e:f6:8b:60:a3:3b:f9:4a:49:
                    a8:1b:65:24:f5:0b:85:6d:c4:4a:f3:6a:80:9c:b1:
                    6a:18:81:9e:b4:bd:eb:2a:12:f2:c8:a7:c1:e2:20:
                    ed:30:6a:10:cb:f6:5e:49:eb:bd:20:43:9f:52:16:
                    f0:fa:ac:42:88:e3:03:23:3b:9a:d7:10:8c:8e:81:
                    5d:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:3A:31:8E:2F:32:6B:8C:6D:89:5E:11:B4:B0:CF:08:13:79:F5:CF
            X509v3 Authority Key Identifier:
                keyid:6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/pToxji8ya4xtiV4RtLDPCBN59c8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.233.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:52:9d:52:67:34:07:a4:7d:40:8c:f1:ab:98:0d:eb:62:ab:
         4b:82:d1:4d:cf:93:69:06:7a:7e:6c:a6:e1:d7:57:01:1f:13:
         5c:42:6f:5b:65:65:cd:b5:16:56:63:36:17:56:7b:a8:ca:f3:
         c5:00:19:92:91:6b:56:5d:d7:32:c4:53:2f:ec:2e:af:77:71:
         dc:da:63:9f:ac:55:cf:72:78:24:58:06:c8:43:86:ad:d5:8c:
         6c:49:d0:c3:b0:42:9c:e4:89:61:e5:1f:5c:75:b6:c7:46:0f:
         01:ed:ba:09:9f:8a:4d:24:64:99:33:53:89:f7:c7:02:05:43:
         08:da:47:37:01:a6:30:d2:29:95:86:0f:dd:6a:9e:66:e5:21:
         7c:93:f6:56:4d:71:dd:a1:13:2e:99:39:85:39:5a:75:1f:be:
         d1:3e:a6:3c:8a:05:fa:a6:4e:2e:21:85:47:b5:30:16:e1:25:
         58:dc:d3:90:2e:7e:be:38:b7:9d:84:ed:65:18:f5:6c:a0:d5:
         14:1c:a1:c5:1b:59:6f:8f:75:38:b5:68:7d:a0:8c:c8:f2:1c:
         c2:d5:7b:c8:10:6d:87:60:ad:54:f5:1c:25:2d:f6:df:6e:e0:
         bf:97:f3:c0:1f:7f:54:17:47:80:5c:05:84:93:45:ce:bc:20:
         f9:6d:32:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaiOyGnVAQ2bPF2CMsp7ZPiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYzUwZDBkNDIwNjdiNzZhYjFhMmU4ZTUzM2ZmODQ5YjY1
ZDU2ZjUwHhcNMjMwMzAyMTIxMDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTNhMzE4ZTJmMzI2YjhjNmQ4OTVlMTFiNGIwY2YwODEzNzlmNWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32huLvKkT1CjdxQuoSis5AgJZHDa
piHrsO1u0W7jclp22sDfinwkPEXqKPppXI6PA1Ld3rtjZg5c0ucjQzgHbbh5DhaR
lmhg27UBg+9D7Z0BFRyBJiZkuSpqges5X36EOdtLhDTCRGXoOLvvNyEFe1dKbTY0
O8BtpXw3heBM2Y4kg+MXmMZosaGzsDJyGwkxLuwyAao97uxsowinIss5zh4NKb9f
0f6Y1wlNkspHnSS3mmI7s05w9cte9otgozv5SkmoG2Uk9QuFbcRK82qAnLFqGIGe
tL3rKhLyyKfB4iDtMGoQy/ZeSeu9IEOfUhbw+qxCiOMDIzua1xCMjoFdVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKU6MY4vMmuMbYleEbSwzwgTefXPMB8GA1UdIwQY
MBaAFG/FDQ1CBnt2qxoujlM/+Em2XVb1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDkt
M2MxNmZmODQxYWIyLzEvcFRveGppOHlhNHh0aVY0UnRMRFBDQk41OWM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDktM2MxNmZmODQxYWIy
LzEvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALukmMA0G
CSqGSIb3DQEBCwUAA4IBAQATUp1SZzQHpH1AjPGrmA3rYqtLgtFNz5NpBnp+bKbh
11cBHxNcQm9bZWXNtRZWYzYXVnuoyvPFABmSkWtWXdcyxFMv7C6vd3Hc2mOfrFXP
cngkWAbIQ4at1YxsSdDDsEKc5Ilh5R9cdbbHRg8B7boJn4pNJGSZM1OJ98cCBUMI
2kc3AaYw0imVhg/dap5m5SF8k/ZWTXHdoRMumTmFOVp1H77RPqY8igX6pk4uIYVH
tTAW4SVY3NOQLn6+OLedhO1lGPVsoNUUHKHFG1lvj3U4tWh9oIzI8hzC1XvIEG2H
YK1U9RwlLfbfbuC/l/PAH39UF0eAXAWEk0XOvCD5bTJR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:37 2024 by rpki-client on console-fra.rpki-client.org