Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/35A6YG5rHd3VHlTevkp9M-YFpyY.roa
File:                     35A6YG5rHd3VHlTevkp9M-YFpyY.roa (raw, json)
Hash identifier:          p1yQ0B5U2IPOdoLF6NWwWyI3beLAe6Y7mQaKgUY1Uo8=
Subject key identifier:   DF:90:3A:60:6E:6B:1D:DD:D5:1E:54:DE:BE:4A:7D:33:E6:05:A7:26
Certificate issuer:       /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial:       018B8072E84F96A2D5457A814CF4F16D5055
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/35A6YG5rHd3VHlTevkp9M-YFpyY.roa
Signing time:             Mon 30 Oct 2023 11:58:16 +0000
ROA not before:           Mon 30 Oct 2023 11:58:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198154
IP address blocks:        45.146.241.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:80:72:e8:4f:96:a2:d5:45:7a:81:4c:f4:f1:6d:50:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
        Validity
            Not Before: Oct 30 11:58:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=df903a606e6b1dddd51e54debe4a7d33e605a726
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:6c:c6:ad:0a:b6:8f:81:39:b6:1a:08:6f:d1:
                    df:38:1a:f3:c6:22:02:a2:2f:e2:1a:ef:ee:32:e6:
                    24:86:22:b1:2f:5c:2d:42:d0:bf:bd:a2:5f:c8:55:
                    88:02:aa:e2:58:00:5c:0c:34:a6:18:44:6c:6e:f5:
                    7f:d6:d4:15:7f:c7:58:8d:3f:a9:72:e1:96:d2:94:
                    93:e0:a6:7f:3e:e8:9b:fd:f6:f3:ca:72:1c:56:ce:
                    93:7a:a0:a4:dc:93:ab:60:0a:1e:ce:a8:96:cc:1c:
                    a1:8b:1c:55:92:d5:f1:89:c7:39:d7:cb:7e:ba:cc:
                    90:cb:7f:1e:63:fc:33:cf:24:0d:9b:33:38:e0:d3:
                    de:fd:e7:77:4c:01:35:89:76:8c:22:3b:b5:a9:ef:
                    06:71:e8:68:fa:11:dd:64:11:ff:fe:fa:f5:47:75:
                    f5:6b:35:cb:e0:9d:2c:f5:fa:e0:48:08:98:28:fd:
                    57:3a:e3:6c:98:52:a7:07:38:70:f9:a6:e2:40:37:
                    da:89:5a:4f:ca:93:fe:c9:0a:1e:bd:07:2c:86:54:
                    d4:e0:d6:86:c5:99:2f:fc:82:2d:17:be:c3:db:54:
                    e1:0d:ba:93:70:ec:66:6e:19:23:c4:0a:d3:79:5a:
                    71:7d:ef:73:3b:96:52:73:21:b1:90:08:f4:36:fe:
                    6f:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:90:3A:60:6E:6B:1D:DD:D5:1E:54:DE:BE:4A:7D:33:E6:05:A7:26
            X509v3 Authority Key Identifier:
                keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/35A6YG5rHd3VHlTevkp9M-YFpyY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.146.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:34:96:57:94:88:50:01:38:2a:61:cf:bd:a7:8c:92:8c:28:
         94:f0:fd:52:f0:d7:f6:01:fb:72:dc:52:9c:54:29:c2:9c:d3:
         8d:07:ad:7a:03:04:f3:a3:1f:3f:18:40:44:96:86:46:3e:59:
         50:6a:5f:c6:38:db:2a:b5:e6:9e:03:34:d9:d1:ce:4e:12:85:
         46:03:6d:0e:a2:c4:70:03:63:82:bc:f8:ec:6d:d4:64:ce:fc:
         b3:14:2d:dc:24:60:90:c4:a2:a9:6f:95:e7:bd:5d:69:30:2f:
         f7:e2:13:27:c7:7a:c7:f7:9c:07:51:f8:f6:e6:82:54:e7:39:
         be:19:be:ce:b8:62:53:74:f9:7f:2e:1e:b4:4a:95:94:e5:e1:
         50:d6:09:ba:2e:96:b2:d6:1b:01:02:5a:31:e5:e5:00:de:2b:
         2f:15:4b:60:4f:cc:4b:d7:02:3a:a8:e3:3b:8b:e6:b7:f4:64:
         28:21:4f:ec:26:75:b8:0c:98:47:5e:24:d6:fb:6d:98:ff:6e:
         b9:61:37:a5:b9:df:8b:bf:db:4e:fd:35:3e:d3:5e:f3:50:4b:
         65:ce:37:df:6f:d6:46:51:42:5c:70:2c:29:32:09:e8:3e:b7:
         c3:87:a3:ea:2b:0c:5e:6a:7c:4d:0d:14:64:77:fb:b2:42:cc:
         4e:85:89:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuAcuhPlqLVRXqBTPTxbVBVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMDMwMTE1ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjkwM2E2MDZlNmIxZGRkZDUxZTU0ZGViZTRhN2QzM2U2MDVhNzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2zGrQq2j4E5thoIb9HfOBrzxiIC
oi/iGu/uMuYkhiKxL1wtQtC/vaJfyFWIAqriWABcDDSmGERsbvV/1tQVf8dYjT+p
cuGW0pST4KZ/Puib/fbzynIcVs6TeqCk3JOrYAoezqiWzByhixxVktXxicc518t+
usyQy38eY/wzzyQNmzM44NPe/ed3TAE1iXaMIju1qe8Gceho+hHdZBH//vr1R3X1
azXL4J0s9frgSAiYKP1XOuNsmFKnBzhw+abiQDfaiVpPypP+yQoevQcshlTU4NaG
xZkv/IItF77D21ThDbqTcOxmbhkjxArTeVpxfe9zO5ZScyGxkAj0Nv5vVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN+QOmBuax3d1R5U3r5KfTPmBacmMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvMzVBNllHNXJIZDNWSGxUZXZrcDlNLVlGcHlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZLxMA0G
CSqGSIb3DQEBCwUAA4IBAQCXNJZXlIhQATgqYc+9p4ySjCiU8P1S8Nf2Afty3FKc
VCnCnNONB616AwTzox8/GEBEloZGPllQal/GONsqteaeAzTZ0c5OEoVGA20OosRw
A2OCvPjsbdRkzvyzFC3cJGCQxKKpb5XnvV1pMC/34hMnx3rH95wHUfj25oJU5zm+
Gb7OuGJTdPl/Lh60SpWU5eFQ1gm6Lpay1hsBAlox5eUA3isvFUtgT8xL1wI6qOM7
i+a39GQoIU/sJnW4DJhHXiTW+22Y/265YTelud+Lv9tO/TU+017zUEtlzjffb9ZG
UUJccCwpMgnoPrfDh6PqKwxeanxNDRRkd/uyQsxOhYn4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:15 2024 by rpki-client on console-ams.rpki-client.org