Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/0wRv8dN_FJ8rwK_JEo9yZrAYJT8.roa
File:                     0wRv8dN_FJ8rwK_JEo9yZrAYJT8.roa (raw, json)
Hash identifier:          P/SXjLWWh0BAm8WfomdMqFMoJ1BoPjl/I3LJTrJ7sz4=
Subject key identifier:   D3:04:6F:F1:D3:7F:14:9F:2B:C0:AF:C9:12:8F:72:66:B0:18:25:3F
Certificate issuer:       /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial:       0185708CD4BC30A1D205277ECCDB08DACD51
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/0wRv8dN_FJ8rwK_JEo9yZrAYJT8.roa
Signing time:             Mon 02 Jan 2023 03:35:55 +0000
ROA not before:           Mon 02 Jan 2023 03:35:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197328
IP address blocks:        45.14.82.0/23 maxlen: 23

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:8c:d4:bc:30:a1:d2:05:27:7e:cc:db:08:da:cd:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
        Validity
            Not Before: Jan  2 03:35:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d3046ff1d37f149f2bc0afc9128f7266b018253f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:0e:4a:e8:43:cc:7f:ae:51:34:e8:a2:90:c8:
                    1f:e1:0f:68:25:8f:39:96:23:56:8e:14:a1:c1:11:
                    b7:15:eb:97:ae:8e:e2:7d:d0:ea:94:09:70:e5:8c:
                    07:ac:d3:3c:87:20:d9:fa:e5:a9:09:8f:b4:2d:f3:
                    23:64:2a:33:7a:81:ca:e0:ed:a6:9b:50:83:78:70:
                    54:76:60:fe:c8:89:d4:45:df:2a:0a:26:4c:a1:df:
                    33:5b:de:e0:c4:0a:18:f5:c1:9f:89:07:0a:5c:e9:
                    3c:d9:95:a7:47:68:41:65:85:05:67:b4:d9:bf:d7:
                    eb:a6:b7:db:15:7d:b2:69:ea:bb:22:67:37:71:9f:
                    d2:f6:54:6e:a0:1e:e2:c3:c8:06:89:45:2d:50:58:
                    df:50:07:a6:66:b4:de:ba:64:9b:d2:da:b7:f3:4f:
                    7e:3e:17:89:ef:a8:83:b8:55:49:e8:48:67:81:59:
                    28:5e:ab:75:0f:6f:32:84:38:ec:0f:fb:f1:10:09:
                    10:65:3b:35:19:20:c6:6d:b5:ee:ea:02:d7:af:2d:
                    05:b9:32:62:2c:5e:fe:a6:49:58:99:e0:81:63:86:
                    6d:82:29:38:fc:fe:6d:97:87:83:80:17:cd:aa:14:
                    ad:d8:2e:72:20:7b:ca:b8:f3:2f:50:00:9d:8c:f7:
                    cb:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:04:6F:F1:D3:7F:14:9F:2B:C0:AF:C9:12:8F:72:66:B0:18:25:3F
            X509v3 Authority Key Identifier:
                keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/0wRv8dN_FJ8rwK_JEo9yZrAYJT8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.14.82.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7f:0a:1a:03:60:32:ba:08:f4:e1:92:c8:67:b1:b0:aa:52:39:
         71:3b:46:45:44:87:68:67:30:f3:3a:01:a1:61:2d:3c:43:1d:
         46:a0:1e:64:44:57:e8:29:95:9d:e0:6f:3f:e7:e6:92:8f:f8:
         56:f5:7e:aa:c9:cb:ef:a2:27:51:12:38:eb:96:5c:05:76:5b:
         5b:e4:46:2b:b9:db:bc:91:5c:80:4c:e4:a6:34:7b:7a:45:62:
         87:b0:ba:15:b4:fa:3a:3d:1e:94:81:a1:8e:07:e7:e6:c7:1d:
         7d:cb:26:d1:5e:04:f5:c1:f6:87:c5:ba:2c:6a:f2:96:ca:f3:
         c7:46:fd:5a:86:f7:e1:7d:76:4c:ac:45:a7:5b:76:5e:87:9e:
         e8:85:72:8b:20:fa:a7:8d:48:10:76:e9:4c:68:c4:e1:d0:8a:
         58:9b:90:00:d5:da:3b:97:d1:b3:bc:a0:8e:0f:3a:77:d5:80:
         bb:39:85:ed:5f:0e:6a:e6:22:76:ca:fd:ea:ef:ac:20:42:3a:
         7c:92:80:be:84:05:d3:b9:fe:e8:24:ad:19:e3:2b:15:9a:ad:
         e6:60:74:0f:7a:4b:6c:e0:5f:c9:a7:d1:b9:64:54:96:25:69:
         bd:73:e7:0c:2d:e8:4d:4e:c6:92:1b:1a:bf:53:f7:fc:26:03:
         4c:37:a3:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjNS8MKHSBSd+zNsI2s1RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjMwMTAyMDMzNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzA0NmZmMWQzN2YxNDlmMmJjMGFmYzkxMjhmNzI2NmIwMTgyNTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtg5K6EPMf65RNOiikMgf4Q9oJY85
liNWjhShwRG3FeuXro7ifdDqlAlw5YwHrNM8hyDZ+uWpCY+0LfMjZCozeoHK4O2m
m1CDeHBUdmD+yInURd8qCiZMod8zW97gxAoY9cGfiQcKXOk82ZWnR2hBZYUFZ7TZ
v9frprfbFX2yaeq7Imc3cZ/S9lRuoB7iw8gGiUUtUFjfUAemZrTeumSb0tq3809+
PheJ76iDuFVJ6EhngVkoXqt1D28yhDjsD/vxEAkQZTs1GSDGbbXu6gLXry0FuTJi
LF7+pklYmeCBY4Ztgik4/P5tl4eDgBfNqhSt2C5yIHvKuPMvUACdjPfLOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNMEb/HTfxSfK8CvyRKPcmawGCU/MB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvMHdSdjhkTl9GSjhyd0tfSkVvOXlackFZSlQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLQ5SMA0G
CSqGSIb3DQEBCwUAA4IBAQB/ChoDYDK6CPThkshnsbCqUjlxO0ZFRIdoZzDzOgGh
YS08Qx1GoB5kRFfoKZWd4G8/5+aSj/hW9X6qycvvoidREjjrllwFdltb5EYrudu8
kVyATOSmNHt6RWKHsLoVtPo6PR6UgaGOB+fmxx19yybRXgT1wfaHxbosavKWyvPH
Rv1ahvfhfXZMrEWnW3Zeh57ohXKLIPqnjUgQdulMaMTh0IpYm5AA1do7l9GzvKCO
Dzp31YC7OYXtXw5q5iJ2yv3q76wgQjp8koC+hAXTuf7oJK0Z4ysVmq3mYHQPekts
4F/Jp9G5ZFSWJWm9c+cMLehNTsaSGxq/U/f8JgNMN6MI
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:10 2024 by rpki-client on console-ams.rpki-client.org