Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WBhdcq3Kx7ilrUhUV7-6c0mTwxw.roa
File:                     WBhdcq3Kx7ilrUhUV7-6c0mTwxw.roa (raw, json)
Hash identifier:          NE3zdeQIjIEQ4o3awkyKmebDHA6dEuxk/gveQYznsNk=
Subject key identifier:   58:18:5D:72:AD:CA:C7:B8:A5:AD:48:54:57:BF:BA:73:49:93:C3:1C
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       01892EEA71D28FA3F85317252C243BE3FBFF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WBhdcq3Kx7ilrUhUV7-6c0mTwxw.roa
Signing time:             Fri 07 Jul 2023 05:54:23 +0000
ROA not before:           Fri 07 Jul 2023 05:54:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203217
IP address blocks:        45.8.72.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:2e:ea:71:d2:8f:a3:f8:53:17:25:2c:24:3b:e3:fb:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jul  7 05:54:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=58185d72adcac7b8a5ad485457bfba734993c31c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:18:88:66:3c:12:c3:7a:5c:05:da:37:9a:6d:
                    7e:4f:b3:50:57:24:6c:51:bd:bd:91:43:d1:56:23:
                    c2:0b:14:78:69:37:df:10:9f:fa:e1:ad:9f:e1:0d:
                    48:c7:ff:50:df:c5:00:c0:ba:61:bb:78:3a:99:cc:
                    1f:85:53:e4:f2:34:4e:3b:67:42:eb:fd:29:38:7d:
                    5e:d7:6c:e4:d9:26:8d:89:8a:63:2b:e9:62:aa:9d:
                    fa:b4:46:1d:46:09:8a:8d:de:3b:c9:5b:95:90:ee:
                    2a:42:3e:b5:bb:f5:34:35:27:9e:70:cd:74:33:bc:
                    f0:3c:78:9b:71:5b:99:04:d8:2e:6f:3d:1a:b4:51:
                    fa:ac:86:db:15:92:18:c9:d7:f1:81:79:3d:f3:b6:
                    da:74:e8:3d:c9:0b:dc:f9:d7:38:45:b9:8d:ad:de:
                    c3:47:39:4e:53:b8:83:b5:67:48:06:2b:bd:fd:f0:
                    bc:bd:fd:62:33:54:9a:0a:da:05:7b:f6:0f:49:f4:
                    47:ba:db:45:96:ef:d8:86:aa:9b:29:b7:02:92:57:
                    02:8e:36:3d:74:21:a9:ea:4f:c5:96:2b:11:3d:27:
                    db:02:ba:b6:11:4f:3a:38:6e:39:9a:3c:e7:67:86:
                    73:b6:a3:7d:23:0b:62:5c:fe:a7:12:5b:d5:5c:a8:
                    74:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:18:5D:72:AD:CA:C7:B8:A5:AD:48:54:57:BF:BA:73:49:93:C3:1C
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WBhdcq3Kx7ilrUhUV7-6c0mTwxw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.72.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0e:30:70:67:a8:58:99:3c:6f:35:c1:4d:cd:e4:be:24:b8:7e:
         e3:41:bf:9c:45:e2:0d:bb:eb:7c:6c:51:44:0c:d7:3c:a6:17:
         bc:97:f1:9a:af:78:cb:bc:b9:16:46:89:05:88:06:4e:c4:2b:
         32:d5:ee:e9:93:16:77:27:e2:2e:7f:5e:87:97:a0:37:09:31:
         b4:7e:a5:a0:0f:ef:30:bf:43:c2:ee:ba:93:3f:c3:50:e4:f5:
         fc:95:93:e3:0e:90:60:f2:f5:2e:b3:f5:a9:3d:b7:6b:a4:c4:
         b0:64:ed:c3:13:6a:89:2f:00:bd:7f:71:72:2e:83:4a:f0:15:
         e8:65:2a:e2:9f:a8:2d:3b:6a:8a:77:31:6a:a5:af:d9:7c:16:
         93:91:3c:53:87:3a:39:17:23:bf:70:58:f9:60:c1:b5:0e:a2:
         5e:60:78:4e:a7:1c:65:df:65:b3:8b:c8:16:f4:b5:97:82:21:
         08:48:23:8c:f9:8d:e1:20:9d:09:79:82:d1:d5:c0:66:74:8b:
         bb:48:b9:0b:2a:80:0a:1e:5f:df:cc:3e:0f:4d:13:9d:a6:09:
         ef:c8:34:f2:1a:c5:07:ff:cb:36:ec:d9:fb:25:e1:12:93:99:
         62:5f:10:82:03:49:47:59:22:7c:26:d4:a9:8f:31:5f:a0:95:
         e1:f7:5d:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYku6nHSj6P4UxclLCQ74/v/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzA3MDU1NDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODE4NWQ3MmFkY2FjN2I4YTVhZDQ4NTQ1N2JmYmE3MzQ5OTNjMzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRiIZjwSw3pcBdo3mm1+T7NQVyRs
Ub29kUPRViPCCxR4aTffEJ/64a2f4Q1Ix/9Q38UAwLphu3g6mcwfhVPk8jROO2dC
6/0pOH1e12zk2SaNiYpjK+liqp36tEYdRgmKjd47yVuVkO4qQj61u/U0NSeecM10
M7zwPHibcVuZBNgubz0atFH6rIbbFZIYydfxgXk987badOg9yQvc+dc4RbmNrd7D
RzlOU7iDtWdIBiu9/fC8vf1iM1SaCtoFe/YPSfRHuttFlu/YhqqbKbcCklcCjjY9
dCGp6k/FlisRPSfbArq2EU86OG45mjznZ4ZztqN9IwtiXP6nElvVXKh0rwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFgYXXKtyse4pa1IVFe/unNJk8McMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvV0JoZGNxM0t4N2lsclVoVVY3LTZjMG1Ud3h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLQhIMA0G
CSqGSIb3DQEBCwUAA4IBAQAOMHBnqFiZPG81wU3N5L4kuH7jQb+cReINu+t8bFFE
DNc8phe8l/Gar3jLvLkWRokFiAZOxCsy1e7pkxZ3J+Iuf16Hl6A3CTG0fqWgD+8w
v0PC7rqTP8NQ5PX8lZPjDpBg8vUus/WpPbdrpMSwZO3DE2qJLwC9f3FyLoNK8BXo
ZSrin6gtO2qKdzFqpa/ZfBaTkTxThzo5FyO/cFj5YMG1DqJeYHhOpxxl32Wzi8gW
9LWXgiEISCOM+Y3hIJ0JeYLR1cBmdIu7SLkLKoAKHl/fzD4PTROdpgnvyDTyGsUH
/8s27Nn7JeESk5liXxCCA0lHWSJ8JtSpjzFfoJXh9111
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:12 2024 by rpki-client on console-fra.rpki-client.org