Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/AEpNUccEtRvQ7wSxtvslcs0ZKgI.roa
File:                     AEpNUccEtRvQ7wSxtvslcs0ZKgI.roa (raw, json)
Hash identifier:          4wXUMuZTHClRzuoVhZsmGkK3zvbMe2Nz5vwKRMhSOFM=
Subject key identifier:   00:4A:4D:51:C7:04:B5:1B:D0:EF:04:B1:B6:FB:25:72:CD:19:2A:02
Certificate issuer:       /CN=02a962c1fe8e2e12a35576fd62987a0cbba463d4
Certificate serial:       018CC94CBF00012463376CB52E6BEDC42DB6
Authority key identifier: 02:A9:62:C1:FE:8E:2E:12:A3:55:76:FD:62:98:7A:0C:BB:A4:63:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Aqliwf6OLhKjVXb9Yph6DLukY9Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/AEpNUccEtRvQ7wSxtvslcs0ZKgI.roa
Signing time:             Tue 02 Jan 2024 08:31:39 +0000
ROA not before:           Tue 02 Jan 2024 08:31:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211619
IP address blocks:        45.95.168.0/22 maxlen: 22
                          2a0e:bfc0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Thu 02 May 2024 11:31:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4c:bf:00:01:24:63:37:6c:b5:2e:6b:ed:c4:2d:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02a962c1fe8e2e12a35576fd62987a0cbba463d4
        Validity
            Not Before: Jan  2 08:31:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=004a4d51c704b51bd0ef04b1b6fb2572cd192a02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:0e:ea:51:e8:08:6b:92:96:f1:d4:1a:92:53:
                    28:e9:30:93:f3:df:79:6e:b7:09:03:7a:ce:3a:c8:
                    0d:ba:1e:ed:49:db:e9:e2:ec:c7:5e:d2:88:e6:f4:
                    6e:d4:51:aa:f2:05:9b:15:bc:4d:e5:13:02:81:42:
                    39:70:c0:4d:ff:aa:bc:7c:80:b2:92:86:86:ad:18:
                    95:a6:52:25:f2:39:d5:3b:3d:81:d4:71:6c:92:c9:
                    db:b2:c4:bb:4b:21:34:3f:3d:24:29:84:d6:78:7b:
                    01:90:17:90:da:93:63:61:3c:6e:bf:83:c0:9c:4d:
                    35:36:0f:1c:ee:9e:15:2f:ee:d2:9c:f0:bf:0f:f1:
                    cb:eb:37:e5:72:87:14:0a:61:95:68:4a:58:89:42:
                    7f:c6:b1:95:4a:83:3c:b9:36:72:c3:9e:3b:43:d6:
                    a1:a9:56:01:f6:b8:c1:07:fc:8a:23:e5:2b:f8:70:
                    63:a0:0b:10:bc:ff:bc:eb:28:64:30:06:72:7e:0c:
                    73:78:bf:bd:2f:07:50:cd:56:33:a1:51:42:76:fb:
                    7d:f6:54:80:a0:cc:d5:8c:d4:64:f6:59:48:68:f6:
                    97:d7:6f:2e:48:6b:7b:06:90:7f:88:62:69:54:e5:
                    d3:d6:b2:e2:d8:5e:21:dc:1e:cb:d5:71:8b:03:e1:
                    08:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:4A:4D:51:C7:04:B5:1B:D0:EF:04:B1:B6:FB:25:72:CD:19:2A:02
            X509v3 Authority Key Identifier:
                keyid:02:A9:62:C1:FE:8E:2E:12:A3:55:76:FD:62:98:7A:0C:BB:A4:63:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Aqliwf6OLhKjVXb9Yph6DLukY9Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/AEpNUccEtRvQ7wSxtvslcs0ZKgI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/Aqliwf6OLhKjVXb9Yph6DLukY9Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.95.168.0/22
                IPv6:
                  2a0e:bfc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         0e:31:10:78:04:bd:6d:65:3b:bf:36:51:a2:f6:e1:32:df:91:
         0c:a6:63:38:87:97:31:8d:cf:42:75:ed:62:86:ff:c3:07:31:
         df:5e:24:d6:0d:db:f3:fd:07:98:a7:a3:8e:7d:c4:da:b3:b3:
         2b:92:27:b2:4b:71:e8:2e:c4:d6:d5:a1:1b:b6:dd:53:88:89:
         c5:8a:22:42:fe:09:12:66:b4:06:10:2e:95:e6:4f:8b:9e:b2:
         9d:5c:b3:2b:77:9f:38:82:c9:15:dc:d7:54:76:9c:e7:27:05:
         cb:82:be:03:60:d5:92:74:f5:9e:65:39:bb:de:9c:32:b7:65:
         7a:9c:29:2d:dd:8e:9a:34:d9:e7:42:82:91:f5:d7:7a:1f:a8:
         18:4e:c9:28:fc:e9:b1:53:cd:88:7d:fe:3a:77:6c:d8:fc:d5:
         11:7a:78:d2:ce:8d:2c:0b:36:44:d6:fb:33:14:c6:0b:fc:1a:
         f9:bf:5f:50:2d:20:ff:53:10:97:a8:cc:f5:2f:a0:44:80:82:
         30:87:0d:13:f3:82:3a:a4:7c:3b:93:24:5e:f7:86:73:93:fd:
         98:d6:b0:00:3f:c1:3c:7f:0c:c5:ac:11:a7:76:05:18:61:b8:
         c4:30:82:49:9e:af:65:b4:55:ad:4b:31:4f:13:d6:d2:5d:cd:
         0c:c5:4c:ac
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTL8AASRjN2y1LmvtxC22MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYTk2MmMxZmU4ZTJlMTJhMzU1NzZmZDYyOTg3YTBjYmJh
NDYzZDQwHhcNMjQwMTAyMDgzMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDRhNGQ1MWM3MDRiNTFiZDBlZjA0YjFiNmZiMjU3MmNkMTkyYTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQ7qUegIa5KW8dQaklMo6TCT8995
brcJA3rOOsgNuh7tSdvp4uzHXtKI5vRu1FGq8gWbFbxN5RMCgUI5cMBN/6q8fICy
koaGrRiVplIl8jnVOz2B1HFsksnbssS7SyE0Pz0kKYTWeHsBkBeQ2pNjYTxuv4PA
nE01Ng8c7p4VL+7SnPC/D/HL6zflcocUCmGVaEpYiUJ/xrGVSoM8uTZyw547Q9ah
qVYB9rjBB/yKI+Ur+HBjoAsQvP+86yhkMAZyfgxzeL+9LwdQzVYzoVFCdvt99lSA
oMzVjNRk9llIaPaX128uSGt7BpB/iGJpVOXT1rLi2F4h3B7L1XGLA+EIxwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFABKTVHHBLUb0O8Esbb7JXLNGSoCMB8GA1UdIwQY
MBaAFAKpYsH+ji4So1V2/WKYegy7pGPUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXFsaXdmNk9MaEtqVlhiOVlwaDZETHVrWTlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jNjE3OWEtMTYwZC00MGUyLWFlODYt
N2QxMzQ5ODBjNWJlLzEvQUVwTlVjY0V0UnZRN3dTeHR2c2xjczBaS2dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jNjE3OWEtMTYwZC00MGUyLWFlODYtN2QxMzQ5ODBjNWJl
LzEvQXFsaXdmNk9MaEtqVlhiOVlwaDZETHVrWTlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLV+oMA0E
AgACMAcDBQMqDr/AMA0GCSqGSIb3DQEBCwUAA4IBAQAOMRB4BL1tZTu/NlGi9uEy
35EMpmM4h5cxjc9Cde1ihv/DBzHfXiTWDdvz/QeYp6OOfcTas7MrkieyS3HoLsTW
1aEbtt1TiInFiiJC/gkSZrQGEC6V5k+LnrKdXLMrd584gskV3NdUdpznJwXLgr4D
YNWSdPWeZTm73pwyt2V6nCkt3Y6aNNnnQoKR9dd6H6gYTsko/OmxU82Iff46d2zY
/NURenjSzo0sCzZE1vszFMYL/Br5v19QLSD/UxCXqMz1L6BEgIIwhw0T84I6pHw7
kyRe94Zzk/2Y1rAAP8E8fwzFrBGndgUYYbjEMIJJnq9ltFWtSzFPE9bSXc0MxUys
-----END CERTIFICATE-----
Generated at Thu May 2 13:56:33 2024 by rpki-client on console-ams.rpki-client.org