Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/Pgr0IMg0Qb_5lPwuIcQQOBKm1og.roa
File:                     Pgr0IMg0Qb_5lPwuIcQQOBKm1og.roa (raw, json)
Hash identifier:          0aNfzxFJ4O0dyn5x7nl1kZ06LDgYk6sRhXFTdK+Yjc4=
Subject key identifier:   3E:0A:F4:20:C8:34:41:BF:F9:94:FC:2E:21:C4:10:38:12:A6:D6:88
Certificate issuer:       /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial:       0185708CD0EAECB1EC25AA1A56DD31396795
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/Pgr0IMg0Qb_5lPwuIcQQOBKm1og.roa
Signing time:             Mon 02 Jan 2023 03:35:54 +0000
ROA not before:           Mon 02 Jan 2023 03:35:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        45.85.130.0/23 maxlen: 23

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:8c:d0:ea:ec:b1:ec:25:aa:1a:56:dd:31:39:67:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
        Validity
            Not Before: Jan  2 03:35:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3e0af420c83441bff994fc2e21c4103812a6d688
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:2a:8c:02:94:4f:3d:5c:0f:c7:8f:64:6b:6b:
                    87:6e:7e:40:8a:45:9c:c8:5d:2a:4b:4b:1e:78:b9:
                    6f:3b:a3:49:e5:99:d6:7c:47:1b:f6:9d:1f:23:59:
                    e0:61:f5:8f:84:e7:56:c2:ab:61:7b:21:fe:a0:d3:
                    64:45:8e:29:9e:78:39:68:7b:91:e2:c8:fe:99:d1:
                    6d:44:cd:ae:44:c2:22:eb:cd:9f:ce:a0:1b:ab:2b:
                    b9:f4:eb:9b:29:ad:bc:f0:4f:4f:cb:73:6f:07:17:
                    ed:d3:e5:ac:08:4b:72:34:f4:51:4b:86:93:51:0a:
                    47:98:0f:75:d7:dd:54:fe:cc:05:50:a9:3d:fb:ed:
                    14:6d:52:e0:59:b9:e2:c6:53:06:15:b3:25:40:b5:
                    82:36:fc:73:dc:76:ea:1b:78:58:7d:0e:4e:41:10:
                    2d:94:d3:fa:19:8e:ba:85:d8:7f:4b:36:b5:57:41:
                    d8:2d:9b:7d:9e:ae:2d:fc:6e:62:6c:ed:05:18:74:
                    16:14:de:c6:8d:e0:76:59:95:71:81:6e:97:7f:b4:
                    95:54:e1:e8:7b:da:0b:eb:3d:64:b4:c9:09:ea:24:
                    9d:a4:4a:76:d0:8c:3d:58:03:47:6f:6d:a3:2e:76:
                    93:fe:8a:c6:d2:4e:dc:94:f5:78:ea:20:ac:85:57:
                    e2:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:0A:F4:20:C8:34:41:BF:F9:94:FC:2E:21:C4:10:38:12:A6:D6:88
            X509v3 Authority Key Identifier:
                keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/Pgr0IMg0Qb_5lPwuIcQQOBKm1og.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.85.130.0/23

    Signature Algorithm: sha256WithRSAEncryption
         33:de:e1:97:27:ee:ba:5c:97:e5:b3:c6:7d:6a:d4:1c:06:9c:
         69:d9:92:b1:6a:68:06:6a:c9:da:9b:8a:c5:37:88:33:08:8b:
         d5:3b:1f:bf:27:8a:c8:c8:1f:64:72:d4:b1:0d:44:2d:ff:9b:
         24:d7:d3:92:0e:24:35:d7:f9:84:f2:45:89:10:9e:01:0f:b2:
         6a:35:c2:5a:5d:f7:2b:69:51:08:3e:69:dd:6e:e4:0a:53:4b:
         be:56:48:d0:8c:3c:4c:d4:12:df:f9:d5:ac:10:01:f0:f0:7f:
         03:60:89:1a:98:07:03:10:e4:02:54:6f:7f:89:64:be:34:4f:
         39:82:d3:2f:a5:17:c7:f9:e4:80:89:33:88:39:35:03:e1:f6:
         d8:02:d1:48:c1:6e:1f:5c:d2:25:2d:00:a0:5c:0d:d4:97:21:
         e4:22:c3:c2:97:14:2d:4c:1d:c2:40:f9:d1:83:0d:8d:38:ff:
         59:65:34:0f:dd:00:22:56:f4:2b:22:fd:9e:b4:53:16:46:b1:
         06:e2:83:f0:60:84:25:44:12:77:47:e4:04:3b:28:a4:4f:42:
         67:6c:ab:a8:89:56:1d:fb:36:2f:02:e0:00:0f:04:be:a1:5a:
         d7:d0:1f:6e:77:df:5f:b2:fe:b6:e9:48:f1:14:24:36:8e:04:
         bd:32:d8:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjNDq7LHsJaoaVt0xOWeVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjMwMTAyMDMzNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTBhZjQyMGM4MzQ0MWJmZjk5NGZjMmUyMWM0MTAzODEyYTZkNjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSqMApRPPVwPx49ka2uHbn5AikWc
yF0qS0seeLlvO6NJ5ZnWfEcb9p0fI1ngYfWPhOdWwqtheyH+oNNkRY4pnng5aHuR
4sj+mdFtRM2uRMIi682fzqAbqyu59OubKa288E9Py3NvBxft0+WsCEtyNPRRS4aT
UQpHmA91191U/swFUKk9++0UbVLgWbnixlMGFbMlQLWCNvxz3HbqG3hYfQ5OQRAt
lNP6GY66hdh/Sza1V0HYLZt9nq4t/G5ibO0FGHQWFN7GjeB2WZVxgW6Xf7SVVOHo
e9oL6z1ktMkJ6iSdpEp20Iw9WANHb22jLnaT/orG0k7clPV46iCshVfiEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD4K9CDINEG/+ZT8LiHEEDgSptaIMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvUGdyMElNZzBRYl81bFB3dUljUVFPQkttMW9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVWCMA0G
CSqGSIb3DQEBCwUAA4IBAQAz3uGXJ+66XJfls8Z9atQcBpxp2ZKxamgGasnam4rF
N4gzCIvVOx+/J4rIyB9kctSxDUQt/5sk19OSDiQ11/mE8kWJEJ4BD7JqNcJaXfcr
aVEIPmndbuQKU0u+VkjQjDxM1BLf+dWsEAHw8H8DYIkamAcDEOQCVG9/iWS+NE85
gtMvpRfH+eSAiTOIOTUD4fbYAtFIwW4fXNIlLQCgXA3UlyHkIsPClxQtTB3CQPnR
gw2NOP9ZZTQP3QAiVvQrIv2etFMWRrEG4oPwYIQlRBJ3R+QEOyikT0JnbKuoiVYd
+zYvAuAADwS+oVrX0B9ud99fsv626UjxFCQ2jgS9Mtha
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:10 2024 by rpki-client on console-ams.rpki-client.org