Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/h124x1BMGPAyDgzFjaB1xjUP85Q.roa
File:                     h124x1BMGPAyDgzFjaB1xjUP85Q.roa (raw, json)
Hash identifier:          Awr57509iZAK+KzXhzbPbVJ5+a/IJSOpJG9s1qaj/eE=
Subject key identifier:   87:5D:B8:C7:50:4C:18:F0:32:0E:0C:C5:8D:A0:75:C6:35:0F:F3:94
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018CC8DCEBCE38F396413B43F9637A00A317
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/h124x1BMGPAyDgzFjaB1xjUP85Q.roa
Signing time:             Tue 02 Jan 2024 06:29:30 +0000
ROA not before:           Tue 02 Jan 2024 06:29:30 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49716
IP address blocks:        45.88.88.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 04 Apr 2024 13:04:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:dc:eb:ce:38:f3:96:41:3b:43:f9:63:7a:00:a3:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  2 06:29:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=875db8c7504c18f0320e0cc58da075c6350ff394
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:ba:4c:80:de:8e:e5:9b:47:4a:93:1b:e6:b3:
                    0e:cf:0e:a1:26:be:e9:d0:94:34:f4:45:ae:9d:93:
                    6c:c8:c0:0a:af:13:1e:b6:bd:79:4b:97:2b:c2:83:
                    96:86:98:9c:01:bd:18:a2:db:75:fa:20:b1:c0:f7:
                    dc:73:bf:69:db:6e:c7:93:a3:c1:04:57:83:5d:33:
                    76:0b:0e:88:c8:4d:da:63:d9:60:90:39:45:f6:9c:
                    d3:28:fb:4e:ef:b6:1a:05:c4:57:6c:bb:e8:85:a0:
                    f3:24:41:a9:8a:d7:bb:ec:30:45:bd:cc:5c:d7:c0:
                    14:0a:18:93:58:52:d2:4f:b1:5b:f2:a4:d1:2d:39:
                    f9:32:b2:f8:71:c5:67:db:ce:3e:ba:cf:f8:f8:19:
                    f6:b6:8c:45:19:96:8e:a0:18:a1:79:94:b4:4f:1e:
                    6e:af:d3:f0:58:17:93:40:7d:e0:0a:b3:81:40:53:
                    7e:f4:70:68:5d:3d:dd:d6:33:64:68:47:d5:6d:cb:
                    ba:06:da:0a:74:49:bd:c2:41:5c:17:5d:7e:fb:cb:
                    83:08:ae:41:f2:97:16:5e:80:cb:88:63:aa:43:da:
                    9c:72:9f:0c:52:39:19:41:a7:c4:4d:94:20:c5:84:
                    0b:c7:55:89:5b:df:0f:c4:8e:ac:d7:b7:6f:b3:36:
                    a6:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:5D:B8:C7:50:4C:18:F0:32:0E:0C:C5:8D:A0:75:C6:35:0F:F3:94
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/h124x1BMGPAyDgzFjaB1xjUP85Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.88.88.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:22:16:da:92:83:49:13:26:52:1e:33:d5:1d:e1:b4:d0:a1:
         cf:24:ab:45:9c:fe:d5:f3:d5:44:18:ed:e6:06:63:67:46:91:
         06:f7:b3:37:38:ed:8e:89:5b:a3:18:e3:9a:11:87:cd:46:83:
         f9:27:51:bd:42:57:49:78:00:71:d4:d6:1e:3b:36:aa:b5:42:
         d5:4c:f4:d1:26:11:97:46:8c:e6:9a:72:80:b0:2b:df:21:b1:
         d2:60:0f:6a:b6:f1:d6:e5:c7:d7:7a:de:5a:4f:e5:da:4d:e7:
         67:72:34:82:04:27:49:03:93:b9:b5:9f:c5:b3:39:5f:fb:ef:
         55:89:ad:7a:16:e2:37:bb:50:cc:7a:a1:76:d2:70:54:dd:1c:
         e7:0f:28:9a:31:d8:4b:bd:ef:c2:fd:60:58:22:6b:a6:fd:1e:
         2a:c3:70:31:2f:38:c0:1e:56:df:6d:a2:8e:9d:2d:d6:aa:60:
         9b:0b:1b:91:41:3d:e2:91:e5:b9:c2:02:44:6d:af:32:10:d2:
         b9:1a:67:1e:f6:5a:dd:d5:9d:62:56:a5:9d:d2:7e:ef:81:df:
         95:9e:72:a3:ef:db:40:19:09:94:b9:de:3c:d5:e0:05:f7:40:
         c2:67:d6:f6:8f:c2:c9:0d:11:ea:c7:49:e6:07:3b:f3:82:75:
         ca:42:cd:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3OvOOPOWQTtD+WN6AKMXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzVkYjhjNzUwNGMxOGYwMzIwZTBjYzU4ZGEwNzVjNjM1MGZmMzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbpMgN6O5ZtHSpMb5rMOzw6hJr7p
0JQ09EWunZNsyMAKrxMetr15S5crwoOWhpicAb0Yott1+iCxwPfcc79p227Hk6PB
BFeDXTN2Cw6IyE3aY9lgkDlF9pzTKPtO77YaBcRXbLvohaDzJEGpite77DBFvcxc
18AUChiTWFLST7Fb8qTRLTn5MrL4ccVn284+us/4+Bn2toxFGZaOoBiheZS0Tx5u
r9PwWBeTQH3gCrOBQFN+9HBoXT3d1jNkaEfVbcu6BtoKdEm9wkFcF11++8uDCK5B
8pcWXoDLiGOqQ9qccp8MUjkZQafETZQgxYQLx1WJW98PxI6s17dvszamMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIdduMdQTBjwMg4MxY2gdcY1D/OUMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaDEyNHgxQk1HUEF5RGd6RmphQjF4alVQODVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVhYMA0G
CSqGSIb3DQEBCwUAA4IBAQBeIhbakoNJEyZSHjPVHeG00KHPJKtFnP7V89VEGO3m
BmNnRpEG97M3OO2OiVujGOOaEYfNRoP5J1G9QldJeABx1NYeOzaqtULVTPTRJhGX
RozmmnKAsCvfIbHSYA9qtvHW5cfXet5aT+XaTedncjSCBCdJA5O5tZ/Fszlf++9V
ia16FuI3u1DMeqF20nBU3RznDyiaMdhLve/C/WBYImum/R4qw3AxLzjAHlbfbaKO
nS3WqmCbCxuRQT3ikeW5wgJEba8yENK5Gmce9lrd1Z1iVqWd0n7vgd+VnnKj79tA
GQmUud481eAF90DCZ9b2j8LJDRHqx0nmBzvzgnXKQs1G
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:40 2024 by rpki-client on console-ams.rpki-client.org