Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qbIO1u6fdlujsqhw24BBZHcW4qo.roa
File:                     qbIO1u6fdlujsqhw24BBZHcW4qo.roa (raw, json)
Hash identifier:          VSeZXZQFtMLvUDWrXofCC/djKwyNS3hOKdEnuDCok7s=
Subject key identifier:   A9:B2:0E:D6:EE:9F:76:5B:A3:B2:A8:70:DB:80:41:64:77:16:E2:AA
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018CC8DD0CC248821B80B5833BD86B88B6A6
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qbIO1u6fdlujsqhw24BBZHcW4qo.roa
Signing time:             Tue 02 Jan 2024 06:29:39 +0000
ROA not before:           Tue 02 Jan 2024 06:29:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210907
IP address blocks:        45.81.240.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 28 Mar 2024 12:34:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:dd:0c:c2:48:82:1b:80:b5:83:3b:d8:6b:88:b6:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  2 06:29:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a9b20ed6ee9f765ba3b2a870db8041647716e2aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:a2:87:41:89:c6:28:61:23:a7:88:65:20:d5:
                    e1:3a:7f:47:80:d5:df:9e:fd:f0:52:7f:2f:59:ef:
                    d9:11:50:37:00:61:f5:23:a5:f0:1e:a8:47:d2:cd:
                    69:b4:8b:aa:41:96:37:17:54:45:54:38:c3:c6:c0:
                    ef:72:20:73:f0:15:37:6d:07:98:aa:38:2d:d8:13:
                    bd:21:22:04:52:02:24:c1:30:74:94:31:9b:ca:a1:
                    49:ea:e7:bc:04:83:7b:8e:82:3d:6c:f6:77:00:15:
                    0e:63:62:bd:9b:37:02:02:de:c0:50:03:34:5c:fc:
                    d1:11:90:9c:4b:70:48:78:9e:dc:00:13:88:84:96:
                    0b:df:25:62:8d:e9:36:14:6f:64:63:f8:19:46:04:
                    5e:de:60:3f:f9:4a:27:6e:7d:31:17:3d:cb:e9:f7:
                    10:77:28:e0:85:2b:16:dd:7e:f9:24:ad:84:b9:43:
                    f9:50:3a:b3:52:7c:d6:35:00:7b:0c:13:42:fd:15:
                    f4:62:4f:3b:3a:33:f8:1a:c9:4c:4e:2d:4f:4c:ee:
                    68:51:cc:0f:6b:6f:f9:f0:06:7a:dc:93:72:06:7f:
                    35:d1:00:aa:ab:ab:7f:f9:a6:d5:48:ff:c2:2f:d6:
                    71:ee:95:c8:12:eb:09:5b:8b:e1:c9:5a:ca:6d:f5:
                    38:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:B2:0E:D6:EE:9F:76:5B:A3:B2:A8:70:DB:80:41:64:77:16:E2:AA
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qbIO1u6fdlujsqhw24BBZHcW4qo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.81.240.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:d8:c1:36:df:59:eb:d9:e3:b9:43:f6:2c:44:ef:14:27:7e:
         a0:76:6c:d0:5d:0c:62:2c:a5:0c:4d:d9:31:f7:b3:96:d9:f3:
         aa:a0:e5:2a:e0:ff:d1:c8:66:7f:15:7a:b4:c5:65:70:68:26:
         8e:8a:ad:bb:20:3a:2a:d3:55:5f:ae:bc:00:cb:72:03:5a:5a:
         f4:4d:05:0e:c1:47:db:88:d1:0a:30:98:e3:13:72:77:75:4a:
         37:b1:a9:53:34:3a:24:77:ce:c3:55:56:ce:e0:a8:ab:ae:67:
         b4:4d:e6:62:58:b7:95:a8:82:e3:c0:7e:4b:2e:05:3e:9a:51:
         67:72:fa:34:8b:ce:23:56:44:b1:ae:92:b1:a9:28:ea:85:77:
         ef:f8:a4:85:93:3b:3c:cc:7e:4c:82:71:7b:e0:4c:5b:02:24:
         61:a4:c4:95:e0:f6:dc:6f:62:72:22:6d:13:b8:ac:98:3e:89:
         26:2a:54:e4:42:a6:77:2c:6e:27:e6:9e:82:61:df:c8:36:e3:
         8d:cb:de:73:b5:69:80:72:5b:bb:76:c2:55:2a:d7:00:5b:f8:
         e5:43:54:5b:90:10:5a:e0:f5:33:e0:fa:b3:51:15:48:2e:45:
         2a:d4:11:46:91:5e:12:f8:e7:93:a8:fc:40:74:0b:44:67:28:
         a1:9a:c0:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3QzCSIIbgLWDO9hriLamMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWIyMGVkNmVlOWY3NjViYTNiMmE4NzBkYjgwNDE2NDc3MTZlMmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKKHQYnGKGEjp4hlINXhOn9HgNXf
nv3wUn8vWe/ZEVA3AGH1I6XwHqhH0s1ptIuqQZY3F1RFVDjDxsDvciBz8BU3bQeY
qjgt2BO9ISIEUgIkwTB0lDGbyqFJ6ue8BIN7joI9bPZ3ABUOY2K9mzcCAt7AUAM0
XPzREZCcS3BIeJ7cABOIhJYL3yVijek2FG9kY/gZRgRe3mA/+Uonbn0xFz3L6fcQ
dyjghSsW3X75JK2EuUP5UDqzUnzWNQB7DBNC/RX0Yk87OjP4GslMTi1PTO5oUcwP
a2/58AZ63JNyBn810QCqq6t/+abVSP/CL9Zx7pXIEusJW4vhyVrKbfU4dQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKmyDtbun3Zbo7KocNuAQWR3FuKqMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcWJJTzF1NmZkbHVqc3FodzI0QkJaSGNXNHFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVHwMA0G
CSqGSIb3DQEBCwUAA4IBAQCZ2ME231nr2eO5Q/YsRO8UJ36gdmzQXQxiLKUMTdkx
97OW2fOqoOUq4P/RyGZ/FXq0xWVwaCaOiq27IDoq01VfrrwAy3IDWlr0TQUOwUfb
iNEKMJjjE3J3dUo3salTNDokd87DVVbO4Kirrme0TeZiWLeVqILjwH5LLgU+mlFn
cvo0i84jVkSxrpKxqSjqhXfv+KSFkzs8zH5MgnF74ExbAiRhpMSV4Pbcb2JyIm0T
uKyYPokmKlTkQqZ3LG4n5p6CYd/INuONy95ztWmAclu7dsJVKtcAW/jlQ1RbkBBa
4PUz4PqzURVILkUq1BFGkV4S+OeTqPxAdAtEZyihmsDC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:44 2024 by rpki-client on console-ams.rpki-client.org