Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lOiV4KXz8oDYudHvPK6TLSeoRAY.roa
File:                     lOiV4KXz8oDYudHvPK6TLSeoRAY.roa (raw, json)
Hash identifier:          uQvp4ci40DAkh9TdO3l0nHKoUoF174tBen9Q4W9ct2o=
Subject key identifier:   94:E8:95:E0:A5:F3:F2:80:D8:B9:D1:EF:3C:AE:93:2D:27:A8:44:06
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       0188330EE92BD6DD37526452E1DF136BB866
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lOiV4KXz8oDYudHvPK6TLSeoRAY.roa
Signing time:             Fri 19 May 2023 08:09:55 +0000
ROA not before:           Fri 19 May 2023 08:09:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     38337
IP address blocks:        45.88.66.0/24 maxlen: 24
                          185.225.75.0/24 maxlen: 24
                          45.128.235.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 14 Jun 2023 18:02:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:33:0e:e9:2b:d6:dd:37:52:64:52:e1:df:13:6b:b8:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: May 19 08:09:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=94e895e0a5f3f280d8b9d1ef3cae932d27a84406
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:81:10:a6:cd:e2:09:a7:b3:a7:84:a4:5b:9b:
                    b7:33:4a:58:43:d2:3c:a0:b2:72:03:6c:d6:c5:13:
                    f2:40:b8:81:ab:dd:e8:dc:dd:12:87:9f:15:2c:06:
                    8c:3f:6d:d3:68:87:09:0d:5a:1b:56:5a:c6:c3:8d:
                    9d:be:fb:e1:00:e7:01:65:e5:d9:b4:2b:43:2f:aa:
                    7f:8b:09:78:c7:d7:64:97:6e:a6:34:c7:6a:97:8c:
                    9a:ed:54:bf:85:60:8e:7b:ed:f7:db:09:8d:08:32:
                    d7:c8:9e:18:63:73:78:48:f6:75:d3:4d:11:00:69:
                    0d:1c:11:4c:64:8f:ae:a5:0b:7c:f3:6e:97:ed:86:
                    4f:e6:01:5f:ed:fd:4f:31:cf:c2:e9:48:c0:1e:42:
                    43:a6:0c:e7:94:99:a9:87:0a:a0:7d:dd:df:f5:10:
                    ce:b2:c9:5c:19:33:86:cd:f0:cf:b1:31:65:46:83:
                    7e:73:67:e5:7d:a5:4c:35:6a:6c:16:98:c3:a3:ea:
                    8f:6a:6c:4b:07:55:69:2a:41:db:77:a7:37:70:cf:
                    f9:ae:ac:a8:1b:b4:ef:76:ec:27:6e:0b:37:a8:fd:
                    8d:75:8c:ce:4c:98:33:2b:07:ad:6c:33:51:f8:59:
                    cf:a8:f4:e1:ee:73:e0:07:8c:52:eb:df:d0:77:d8:
                    da:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:E8:95:E0:A5:F3:F2:80:D8:B9:D1:EF:3C:AE:93:2D:27:A8:44:06
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lOiV4KXz8oDYudHvPK6TLSeoRAY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.88.66.0/24
                  45.128.235.0/24
                  185.225.75.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:57:63:a0:d9:7c:05:f6:2f:ad:fe:eb:cd:c3:ed:e3:f3:d7:
         1f:ad:d1:c8:a2:f9:4b:70:71:c8:44:cd:fd:25:29:ae:c7:b8:
         a3:5e:38:de:a9:d3:ae:eb:1b:06:9c:12:c5:5b:c2:88:fa:a4:
         a8:1e:2d:01:36:ec:df:a0:c2:e9:60:19:e1:02:b6:57:b9:72:
         e1:4e:40:00:87:b4:10:08:b5:42:bd:05:58:9f:0d:23:ec:9f:
         88:6e:93:4e:d7:fa:45:90:11:23:b6:8d:c9:ca:43:da:cc:a2:
         a0:ee:1e:c3:4f:e5:b8:8c:e9:0a:41:54:49:36:85:d7:fa:77:
         ba:0c:05:de:3e:3d:c4:f4:e2:5b:0a:84:39:25:6a:21:31:70:
         2f:9f:72:a3:1b:ed:ab:8e:c0:0b:f1:c8:b5:ff:92:c0:b8:bc:
         72:7d:ca:94:38:8d:84:3b:b6:c7:4f:cb:ef:e6:4a:4f:47:ef:
         f7:24:72:0d:2d:6c:f2:68:9e:f8:fa:a0:ff:e9:1c:34:43:bc:
         d9:bd:15:5a:f1:13:21:5c:31:f7:1a:e2:1e:a1:13:5e:e3:9f:
         00:26:4f:57:86:2c:e1:65:48:d4:47:83:9c:6f:2f:14:1c:b9:
         db:0a:bd:1f:4a:32:f2:3d:b1:b1:d9:10:b6:a9:a0:c0:87:dd:
         52:cf:89:21
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgzDukr1t03UmRS4d8Ta7hmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTE5MDgwOTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGU4OTVlMGE1ZjNmMjgwZDhiOWQxZWYzY2FlOTMyZDI3YTg0NDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4EQps3iCaezp4SkW5u3M0pYQ9I8
oLJyA2zWxRPyQLiBq93o3N0Sh58VLAaMP23TaIcJDVobVlrGw42dvvvhAOcBZeXZ
tCtDL6p/iwl4x9dkl26mNMdql4ya7VS/hWCOe+332wmNCDLXyJ4YY3N4SPZ1000R
AGkNHBFMZI+upQt8826X7YZP5gFf7f1PMc/C6UjAHkJDpgznlJmphwqgfd3f9RDO
sslcGTOGzfDPsTFlRoN+c2flfaVMNWpsFpjDo+qPamxLB1VpKkHbd6c3cM/5rqyo
G7Tvduwnbgs3qP2NdYzOTJgzKwetbDNR+FnPqPTh7nPgB4xS69/Qd9jasQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJToleCl8/KA2LnR7zyuky0nqEQGMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbE9pVjRLWHo4b0RZdWRIdlBLNlRMU2VvUkFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVhCAwQA
LYDrAwQAueFLMA0GCSqGSIb3DQEBCwUAA4IBAQB7V2Og2XwF9i+t/uvNw+3j89cf
rdHIovlLcHHIRM39JSmux7ijXjjeqdOu6xsGnBLFW8KI+qSoHi0BNuzfoMLpYBnh
ArZXuXLhTkAAh7QQCLVCvQVYnw0j7J+IbpNO1/pFkBEjto3JykPazKKg7h7DT+W4
jOkKQVRJNoXX+ne6DAXePj3E9OJbCoQ5JWohMXAvn3KjG+2rjsAL8ci1/5LAuLxy
fcqUOI2EO7bHT8vv5kpPR+/3JHINLWzyaJ74+qD/6Rw0Q7zZvRVa8RMhXDH3GuIe
oRNe458AJk9XhizhZUjUR4Ocby8UHLnbCr0fSjLyPbGx2RC2qaDAh91Sz4kh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:42 2024 by rpki-client on console-ams.rpki-client.org