Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/45XaMUZghqancZsQI9IjJJAH4Gs.roa
File:                     45XaMUZghqancZsQI9IjJJAH4Gs.roa (raw, json)
Hash identifier:          aZVF0B7Fp/8YFP3vzYK1WCLPeh5wdSE7SO3G7lfS5ZI=
Subject key identifier:   E3:95:DA:31:46:60:86:A6:A7:71:9B:10:23:D2:23:24:90:07:E0:6B
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018857416BEFE9C4253D7E22A8BA5D6D273F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/45XaMUZghqancZsQI9IjJJAH4Gs.roa
Signing time:             Fri 26 May 2023 08:51:25 +0000
ROA not before:           Fri 26 May 2023 08:51:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        185.218.84.0/22 maxlen: 24
                          94.156.239.0/24 maxlen: 24
                          178.215.236.0/24 maxlen: 24
                          171.22.72.0/22 maxlen: 24
                          147.78.101.0/24 maxlen: 24
                          147.78.100.0/24 maxlen: 24
                          147.78.102.0/24 maxlen: 24
                          92.119.196.0/23 maxlen: 24
                          185.216.70.0/24 maxlen: 24
                          185.216.84.0/22 maxlen: 24
                          94.103.126.0/24 maxlen: 24
                          185.218.137.0/24 maxlen: 24
                          94.154.162.0/23 maxlen: 24
                          94.154.161.0/24 maxlen: 24
                          185.219.126.0/24 maxlen: 24
                          45.151.89.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:57:41:6b:ef:e9:c4:25:3d:7e:22:a8:ba:5d:6d:27:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: May 26 08:51:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e395da31466086a6a7719b1023d223249007e06b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:cb:2e:cd:68:4f:7e:ca:37:fa:f2:d8:f5:4a:
                    6e:e0:61:fc:35:38:45:09:7e:ae:3c:fd:c0:4f:39:
                    0b:14:47:4c:cc:b1:91:f3:a1:e4:23:29:8b:bf:93:
                    82:27:5a:1b:6e:9d:85:ae:e5:42:65:68:a4:c9:12:
                    58:14:f5:fa:fd:44:9b:fb:64:ff:bd:60:71:3c:97:
                    fb:0e:96:57:20:1b:03:0e:cc:76:0e:e1:a9:1e:77:
                    6e:ad:7d:db:d5:0f:d6:e9:50:2d:f1:37:44:5a:1e:
                    c2:57:d5:92:d4:c8:23:56:2c:0a:b2:e5:87:2d:15:
                    f3:ad:6b:5a:e0:18:9b:c4:56:33:97:9c:80:84:13:
                    6b:4e:cc:d8:ff:92:86:33:d4:4e:cd:be:d0:bd:a2:
                    88:77:19:94:b6:fa:f2:f1:15:fd:03:58:40:bc:c5:
                    61:90:58:fc:66:03:8e:80:64:a9:2f:3d:d5:0b:3c:
                    62:f8:b5:e8:11:59:e7:55:bc:07:63:5c:04:2b:35:
                    8e:38:df:ea:84:51:ee:0c:f1:32:f2:82:e6:80:3c:
                    8b:9b:cb:f4:02:35:4b:cb:16:d7:56:57:bf:cd:0a:
                    45:76:19:b2:06:e7:aa:f3:4c:83:08:98:13:1a:71:
                    6d:98:75:54:4e:54:fe:d8:af:7d:b0:a2:5b:58:5c:
                    0a:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:95:DA:31:46:60:86:A6:A7:71:9B:10:23:D2:23:24:90:07:E0:6B
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/45XaMUZghqancZsQI9IjJJAH4Gs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.151.89.0/24
                  92.119.196.0/23
                  94.103.126.0/24
                  94.154.161.0-94.154.163.255
                  94.156.239.0/24
                  147.78.100.0-147.78.102.255
                  171.22.72.0/22
                  178.215.236.0/24
                  185.216.70.0/24
                  185.216.84.0/22
                  185.218.84.0/22
                  185.218.137.0/24
                  185.219.126.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:ca:8e:9d:e0:11:62:ac:43:53:34:05:12:67:3d:31:18:77:
         ed:52:a8:56:75:0c:00:ee:fb:1a:4e:12:84:52:58:5c:51:1c:
         f5:b3:f9:5c:70:dc:4b:6f:dd:d4:89:60:24:05:2e:95:6a:91:
         92:f9:13:5a:9e:a8:0f:a7:e5:f9:93:d4:de:43:9f:96:a7:1e:
         fc:f9:7b:45:d2:0b:97:1f:d3:3a:a1:77:68:f3:71:0c:17:a0:
         81:06:2e:1a:37:0d:ba:57:f0:96:0b:9e:fe:5b:43:06:d2:61:
         c2:f1:3b:ee:5a:07:9f:fd:ab:96:95:21:05:ce:67:2e:e2:af:
         e2:e4:ed:24:bc:70:a5:1d:aa:72:85:9f:89:be:a1:9a:4f:32:
         ca:1b:9b:b8:a3:f1:21:04:6a:13:20:05:47:4e:82:12:5b:e4:
         b4:8d:75:d7:2a:56:29:54:ca:42:b8:42:e3:25:95:5f:a9:74:
         6d:a3:01:69:cb:b8:dc:12:a3:b8:7d:f2:be:e4:93:1b:64:92:
         cb:b5:ad:0e:67:5d:0c:02:5b:88:ba:cc:d3:8f:b3:d5:d2:9b:
         89:a1:bd:2b:e7:75:6f:b1:64:df:4d:68:7d:cf:5d:8f:2b:27:
         70:ce:b6:46:92:58:57:66:de:a6:75:3e:b9:87:5f:f8:0b:37:
         e5:c1:0a:42
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYhXQWvv6cQlPX4iqLpdbSc/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTI2MDg1MTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzk1ZGEzMTQ2NjA4NmE2YTc3MTliMTAyM2QyMjMyNDkwMDdlMDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMsuzWhPfso3+vLY9Upu4GH8NThF
CX6uPP3ATzkLFEdMzLGR86HkIymLv5OCJ1obbp2FruVCZWikyRJYFPX6/USb+2T/
vWBxPJf7DpZXIBsDDsx2DuGpHndurX3b1Q/W6VAt8TdEWh7CV9WS1MgjViwKsuWH
LRXzrWta4BibxFYzl5yAhBNrTszY/5KGM9ROzb7QvaKIdxmUtvry8RX9A1hAvMVh
kFj8ZgOOgGSpLz3VCzxi+LXoEVnnVbwHY1wEKzWOON/qhFHuDPEy8oLmgDyLm8v0
AjVLyxbXVle/zQpFdhmyBueq80yDCJgTGnFtmHVUTlT+2K99sKJbWFwKjQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFOOV2jFGYIamp3GbECPSIySQB+BrMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNDVYYU1VWmdocWFuY1pzUUk5SWpKSkFINEdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQALZdZAwQB
XHfEAwQAXmd+MAwDBABemqEDBAJemqADBABenO8wDAMEApNOZAMEAJNOZgMEAqsW
SAMEALLX7AMEALnYRgMEArnYVAMEArnaVAMEALnaiQMEALnbfjANBgkqhkiG9w0B
AQsFAAOCAQEAh8qOneARYqxDUzQFEmc9MRh37VKoVnUMAO77Gk4ShFJYXFEc9bP5
XHDcS2/d1IlgJAUulWqRkvkTWp6oD6fl+ZPU3kOflqce/Pl7RdILlx/TOqF3aPNx
DBeggQYuGjcNulfwlgue/ltDBtJhwvE77loHn/2rlpUhBc5nLuKv4uTtJLxwpR2q
coWfib6hmk8yyhubuKPxIQRqEyAFR06CElvktI111ypWKVTKQrhC4yWVX6l0baMB
acu43BKjuH3yvuSTG2SSy7WtDmddDAJbiLrM04+z1dKbiaG9K+d1b7Fk301ofc9d
jysncM62RpJYV2bepnU+uYdf+As35cEKQg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:37 2023 by rpki-client on console-fra.rpki-client.org