Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OtAwjZZltP0QzWWD6e3wE6SkZUA.roa
File:                     OtAwjZZltP0QzWWD6e3wE6SkZUA.roa (raw, json)
Hash identifier:          OvOg+f7m1x1oZHY2se20C+oBHa19HcjJ44Nl/6WIra8=
Subject key identifier:   3A:D0:30:8D:96:65:B4:FD:10:CD:65:83:E9:ED:F0:13:A4:A4:65:40
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018CC8DD030FF6B3636C17C84D71D876CFF7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OtAwjZZltP0QzWWD6e3wE6SkZUA.roa
Signing time:             Tue 02 Jan 2024 06:29:36 +0000
ROA not before:           Tue 02 Jan 2024 06:29:36 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     203168
IP address blocks:        45.128.96.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 06 Jan 2024 18:14:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:dd:03:0f:f6:b3:63:6c:17:c8:4d:71:d8:76:cf:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  2 06:29:36 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3ad0308d9665b4fd10cd6583e9edf013a4a46540
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:8c:d5:63:97:e9:b5:6a:c3:28:c3:1f:ec:30:
                    d4:cc:55:d9:18:4c:fe:66:12:fb:5d:0e:ae:e7:9f:
                    23:b3:35:f6:61:4e:e6:59:f3:a7:02:36:46:8a:bf:
                    36:d6:99:45:13:7f:cf:7f:48:63:16:9a:07:5c:5f:
                    4d:08:0c:e2:d1:fe:f5:78:5b:33:d9:39:a3:51:96:
                    b8:23:ad:61:eb:2b:e3:3f:0f:58:2c:cc:53:b3:75:
                    05:17:4c:16:5e:0d:80:da:a2:d3:07:dc:bd:80:bc:
                    61:78:2c:07:b1:c9:0f:c5:5b:d7:5e:20:5f:9e:3b:
                    c7:1a:34:a9:83:bf:2b:c5:b3:ec:2c:ac:a0:82:16:
                    e3:03:3d:af:19:29:e2:10:c3:50:0e:80:19:98:60:
                    d3:a0:77:5e:0f:e4:01:00:4f:47:53:50:99:8e:ba:
                    63:a6:fd:b5:58:b4:6c:16:d8:26:ba:ac:e5:13:d0:
                    bf:46:51:c8:7a:e7:c2:0a:e2:56:96:fc:db:4b:9a:
                    9e:ce:29:96:a6:97:92:8d:7c:f5:c9:1b:40:a0:1a:
                    03:6b:7b:39:a0:bc:be:ea:da:4e:15:a9:9c:b9:94:
                    9f:b8:68:7f:b4:dd:73:5f:06:84:d0:a1:7d:15:c8:
                    b0:0d:a1:3c:14:6a:06:86:15:b9:67:ba:0d:6e:70:
                    7e:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:D0:30:8D:96:65:B4:FD:10:CD:65:83:E9:ED:F0:13:A4:A4:65:40
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OtAwjZZltP0QzWWD6e3wE6SkZUA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.128.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:e4:24:e3:32:db:0c:9e:b0:21:47:1a:a4:d2:af:7d:82:c9:
         78:bc:bc:3d:6e:60:35:c5:a6:4d:94:ad:75:b1:ed:4f:d0:97:
         d5:29:4c:fa:5c:cd:40:1a:dc:26:05:52:5a:23:45:6d:00:b8:
         3f:bc:ba:57:f7:9d:85:62:5f:0e:8c:c2:b8:a0:ca:16:fe:2a:
         9f:40:62:f9:8e:61:82:d7:50:16:d5:76:0c:29:96:90:8f:b2:
         7e:cf:6e:b8:38:c7:15:1c:1a:fc:53:e3:d6:fc:d0:5c:b5:e9:
         e6:bf:a8:5e:39:d8:9d:81:25:5b:3c:2b:73:18:82:81:6d:79:
         bf:7e:17:ae:12:27:fc:ee:df:be:f1:fc:b3:d3:e1:7e:e8:7d:
         1f:0c:e4:4f:18:6e:6c:3b:e6:ad:fe:f1:d2:ce:bb:45:73:36:
         6e:60:b2:10:5b:1d:c0:a8:52:8a:59:1f:3a:07:67:c2:10:0f:
         f0:cc:cd:e9:44:cc:d4:b8:13:5e:56:1b:73:49:63:ed:e2:4b:
         46:2e:da:19:a0:74:5b:34:6b:89:04:29:10:b0:47:89:ca:13:
         b7:18:20:d9:d5:58:8e:72:94:0c:8c:4a:9a:e0:95:05:fe:16:
         45:12:5f:5d:55:61:77:79:01:0e:c1:a1:5b:be:4e:4d:7b:57:
         ce:ab:e3:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3QMP9rNjbBfITXHYds/3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWQwMzA4ZDk2NjViNGZkMTBjZDY1ODNlOWVkZjAxM2E0YTQ2NTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4zVY5fptWrDKMMf7DDUzFXZGEz+
ZhL7XQ6u558jszX2YU7mWfOnAjZGir821plFE3/Pf0hjFpoHXF9NCAzi0f71eFsz
2TmjUZa4I61h6yvjPw9YLMxTs3UFF0wWXg2A2qLTB9y9gLxheCwHsckPxVvXXiBf
njvHGjSpg78rxbPsLKygghbjAz2vGSniEMNQDoAZmGDToHdeD+QBAE9HU1CZjrpj
pv21WLRsFtgmuqzlE9C/RlHIeufCCuJWlvzbS5qezimWppeSjXz1yRtAoBoDa3s5
oLy+6tpOFamcuZSfuGh/tN1zXwaE0KF9FciwDaE8FGoGhhW5Z7oNbnB+qwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDrQMI2WZbT9EM1lg+nt8BOkpGVAMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvT3RBd2paWmx0UDBReldXRDZlM3dFNlNrWlVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYBgMA0G
CSqGSIb3DQEBCwUAA4IBAQCf5CTjMtsMnrAhRxqk0q99gsl4vLw9bmA1xaZNlK11
se1P0JfVKUz6XM1AGtwmBVJaI0VtALg/vLpX952FYl8OjMK4oMoW/iqfQGL5jmGC
11AW1XYMKZaQj7J+z264OMcVHBr8U+PW/NBctenmv6heOdidgSVbPCtzGIKBbXm/
fheuEif87t++8fyz0+F+6H0fDORPGG5sO+at/vHSzrtFczZuYLIQWx3AqFKKWR86
B2fCEA/wzM3pRMzUuBNeVhtzSWPt4ktGLtoZoHRbNGuJBCkQsEeJyhO3GCDZ1ViO
cpQMjEqa4JUF/hZFEl9dVWF3eQEOwaFbvk5Ne1fOq+Pd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:06 2024 by rpki-client on console-fra.rpki-client.org