Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dj3hSY8i8_9wlrnRMVjdCSKz9a4.roa
File:                     dj3hSY8i8_9wlrnRMVjdCSKz9a4.roa (raw, json)
Hash identifier:          r7q0jRW8hJgD9pRvptiGGKm86CQ1NLu/eCQNU94XfgU=
Subject key identifier:   76:3D:E1:49:8F:22:F3:FF:70:96:B9:D1:31:58:DD:09:22:B3:F5:AE
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018AEFE078FF7B86078D425D3B2D03750D46
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dj3hSY8i8_9wlrnRMVjdCSKz9a4.roa
Signing time:             Mon 02 Oct 2023 10:13:00 +0000
ROA not before:           Mon 02 Oct 2023 10:13:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216289
IP address blocks:        45.128.96.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Dec 2023 13:38:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:ef:e0:78:ff:7b:86:07:8d:42:5d:3b:2d:03:75:0d:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Oct  2 10:13:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=763de1498f22f3ff7096b9d13158dd0922b3f5ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:93:5f:89:77:22:59:34:4d:92:b6:4c:84:5d:
                    ee:d0:33:d4:a8:6b:dc:e6:38:e4:d0:8f:76:39:90:
                    18:ae:78:ba:5a:d9:d4:59:8b:06:28:53:38:89:cc:
                    27:d8:dc:11:e5:90:1b:f0:b7:30:b9:40:7d:bd:42:
                    e4:3c:13:1f:f2:23:b0:40:57:81:84:cb:c5:73:fc:
                    b9:60:8e:53:6c:85:b1:80:d1:a2:7b:87:90:43:a8:
                    2f:93:d8:b9:2d:32:2b:b8:1f:5f:68:cb:78:ed:5c:
                    2d:50:bd:44:8c:93:7f:14:a3:dc:5b:71:0f:37:32:
                    27:9b:a5:22:ee:11:0d:0a:69:5f:27:db:9e:60:7c:
                    e1:39:d1:81:e4:0e:0b:35:80:9c:62:45:f9:f9:ec:
                    ad:de:35:f4:63:05:99:da:68:5c:e6:16:ad:8e:c1:
                    2f:d6:3d:3c:e6:63:9b:e1:c5:88:7b:20:7e:e4:20:
                    7f:77:72:7b:96:6a:29:02:9a:a6:63:5b:a8:83:34:
                    ef:ad:e9:57:de:b1:b4:ba:e6:7a:78:84:cb:b9:6f:
                    ea:46:e1:64:e5:ff:b9:41:42:50:db:0a:fd:79:95:
                    b7:57:ed:55:12:78:71:6c:ac:01:12:f2:75:59:b4:
                    fd:d6:4f:8e:14:27:0d:71:a6:14:ee:25:c9:90:87:
                    33:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:3D:E1:49:8F:22:F3:FF:70:96:B9:D1:31:58:DD:09:22:B3:F5:AE
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dj3hSY8i8_9wlrnRMVjdCSKz9a4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.128.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:66:4b:6b:a4:83:0f:c3:a1:7b:25:6f:1f:2c:25:b8:b8:ec:
         db:74:9c:56:17:73:43:cb:fc:dd:37:d6:03:e5:9a:2b:a1:91:
         b4:ab:88:06:a2:8e:83:a4:1f:91:bb:3a:1b:b2:d9:b5:2a:d3:
         ed:18:63:da:d9:42:5f:20:d4:02:8c:df:e7:24:57:53:2f:2a:
         a5:da:cc:11:a6:34:88:e5:9f:b4:cb:91:a1:64:f5:b5:2a:42:
         db:83:97:9e:db:2b:4c:85:01:68:44:68:a3:c5:dd:fc:ff:41:
         ee:a3:75:7d:41:c8:c3:39:1d:c0:cd:fb:fb:c8:e8:9e:d7:c6:
         c9:33:f8:48:a5:f3:b0:52:94:15:bd:1e:c3:2d:9f:47:9b:cb:
         d3:46:b7:3c:74:06:d7:f9:c2:b8:de:52:2e:88:95:da:f9:db:
         8f:50:05:bd:45:2a:30:e1:10:70:49:1f:11:9d:34:26:13:9a:
         4a:61:e2:12:a0:d1:7c:2f:47:15:01:ae:8b:21:d8:5f:ac:90:
         fb:5b:80:55:5d:89:bf:34:95:76:f0:d9:c1:94:4a:d5:f9:4a:
         78:2f:d7:c1:f7:e1:95:bf:16:6f:39:dd:79:a7:02:0d:e7:b2:
         fd:78:83:13:41:e2:d2:4a:03:d6:5d:34:42:15:7a:a0:db:c6:
         49:f3:d0:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrv4Hj/e4YHjUJdOy0DdQ1GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDAyMTAxMzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjNkZTE0OThmMjJmM2ZmNzA5NmI5ZDEzMTU4ZGQwOTIyYjNmNWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5NfiXciWTRNkrZMhF3u0DPUqGvc
5jjk0I92OZAYrni6WtnUWYsGKFM4icwn2NwR5ZAb8LcwuUB9vULkPBMf8iOwQFeB
hMvFc/y5YI5TbIWxgNGie4eQQ6gvk9i5LTIruB9faMt47VwtUL1EjJN/FKPcW3EP
NzInm6Ui7hENCmlfJ9ueYHzhOdGB5A4LNYCcYkX5+eyt3jX0YwWZ2mhc5hatjsEv
1j085mOb4cWIeyB+5CB/d3J7lmopApqmY1uogzTvrelX3rG0uuZ6eITLuW/qRuFk
5f+5QUJQ2wr9eZW3V+1VEnhxbKwBEvJ1WbT91k+OFCcNcaYU7iXJkIczPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHY94UmPIvP/cJa50TFY3Qkis/WuMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZGozaFNZOGk4Xzl3bHJuUk1WamRDU0t6OWE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYBgMA0G
CSqGSIb3DQEBCwUAA4IBAQAzZktrpIMPw6F7JW8fLCW4uOzbdJxWF3NDy/zdN9YD
5ZoroZG0q4gGoo6DpB+Ruzobstm1KtPtGGPa2UJfINQCjN/nJFdTLyql2swRpjSI
5Z+0y5GhZPW1KkLbg5ee2ytMhQFoRGijxd38/0Huo3V9QcjDOR3Azfv7yOie18bJ
M/hIpfOwUpQVvR7DLZ9Hm8vTRrc8dAbX+cK43lIuiJXa+duPUAW9RSow4RBwSR8R
nTQmE5pKYeISoNF8L0cVAa6LIdhfrJD7W4BVXYm/NJV28NnBlErV+Up4L9fB9+GV
vxZvOd15pwIN57L9eIMTQeLSSgPWXTRCFXqg28ZJ89Dq
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:38 2024 by rpki-client on console-ams.rpki-client.org