Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/kvR9dDBK_T3UNzOv4RVecl5NCaM.roa
File:                     kvR9dDBK_T3UNzOv4RVecl5NCaM.roa (raw, json)
Hash identifier:          XCBH4Jt5xc4D4AY/tk5yTtOugiM1KSoWDm8BOr6TwrQ=
Subject key identifier:   92:F4:7D:74:30:4A:FD:3D:D4:37:33:AF:E1:15:5E:72:5E:4D:09:A3
Certificate issuer:       /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial:       018C3F4E722E371451BFCF7D7E3811531B16
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/kvR9dDBK_T3UNzOv4RVecl5NCaM.roa
Signing time:             Wed 06 Dec 2023 13:25:54 +0000
ROA not before:           Wed 06 Dec 2023 13:25:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5650
IP address blocks:        45.85.130.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:3f:4e:72:2e:37:14:51:bf:cf:7d:7e:38:11:53:1b:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
        Validity
            Not Before: Dec  6 13:25:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=92f47d74304afd3dd43733afe1155e725e4d09a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:67:eb:ec:11:1a:e0:b2:9f:b4:63:f1:54:b4:
                    16:6d:be:89:89:65:5a:fe:d0:d5:42:67:f6:52:5e:
                    31:b9:df:ce:d1:0f:fa:5e:cd:87:8d:b5:e6:74:1b:
                    11:1e:68:b7:3d:8f:53:f7:98:38:ed:cd:a8:a0:b4:
                    c4:c0:14:d5:19:fb:30:50:28:6e:48:7d:1f:bd:6a:
                    e5:69:48:86:78:1f:71:36:f5:83:77:10:c2:b0:be:
                    72:c0:45:42:9a:d9:f6:c5:f9:91:b1:29:0c:c4:cd:
                    58:a9:d8:f2:f1:57:22:86:4c:f9:a7:bf:06:60:d7:
                    87:39:c5:1e:65:2a:24:07:51:62:c5:fd:40:fa:63:
                    82:bf:0e:aa:d1:4a:15:96:d5:51:04:86:6b:3e:c4:
                    8c:4d:2b:78:a5:2a:3c:bc:e7:69:38:56:c0:36:3b:
                    8d:06:20:ec:66:30:28:23:5d:f7:e6:14:db:ce:8a:
                    c6:79:2c:3f:c0:5b:9b:64:f7:f5:61:f6:4c:d4:60:
                    cd:46:ef:93:92:39:47:60:8d:8e:8f:22:93:7c:e6:
                    9b:8a:ea:e6:ff:2d:31:95:15:35:dc:96:a6:b3:bb:
                    a6:db:a3:a1:a4:b8:83:6e:d1:ad:43:d4:69:ce:76:
                    34:33:39:3e:bd:35:8c:31:88:f1:ae:ea:fc:1e:19:
                    a5:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:F4:7D:74:30:4A:FD:3D:D4:37:33:AF:E1:15:5E:72:5E:4D:09:A3
            X509v3 Authority Key Identifier:
                keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/kvR9dDBK_T3UNzOv4RVecl5NCaM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.85.130.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9b:22:36:2f:72:ba:81:44:7d:b4:cc:14:f7:3e:33:b0:f6:da:
         1e:22:ad:c3:1f:f0:60:19:91:7f:b6:95:10:f8:d6:63:96:3b:
         c5:f6:d4:b3:f9:7c:0a:16:eb:be:76:a6:65:5f:7b:e5:fb:e5:
         ef:80:cd:ec:8b:f0:d0:70:e3:36:41:ab:b0:01:96:c3:ce:67:
         49:43:74:78:72:86:93:4f:7f:12:d9:72:c4:48:6c:8b:02:41:
         94:14:b8:cc:f7:41:bd:2f:ac:53:a1:36:26:22:d0:b9:1a:a2:
         ab:b7:d2:84:32:27:72:6e:97:3d:7e:c4:fc:99:6f:f3:0f:39:
         c4:6c:a4:31:76:e7:7e:92:6b:9b:7a:f9:a2:20:5e:0a:91:cd:
         21:5b:d7:eb:68:d8:0a:a4:9a:b9:a5:76:94:66:ad:71:43:93:
         17:98:a0:ab:ea:f4:15:8c:7b:48:e3:13:88:2d:46:cf:c3:75:
         90:8a:46:a8:42:17:ba:f3:b4:17:57:29:4c:eb:a3:d8:20:5f:
         73:34:d0:6b:25:3b:ed:9b:e7:e8:80:85:e6:8b:6f:ba:33:d2:
         d6:8c:2c:ae:6b:5e:f2:20:22:68:30:87:08:04:b7:ff:40:bf:
         5a:49:31:4b:f3:e7:a6:3e:30:75:f0:46:5e:6e:03:73:07:05:
         0f:7d:a7:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw/TnIuNxRRv899fjgRUxsWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjMxMjA2MTMyNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmY0N2Q3NDMwNGFmZDNkZDQzNzMzYWZlMTE1NWU3MjVlNGQwOWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2fr7BEa4LKftGPxVLQWbb6JiWVa
/tDVQmf2Ul4xud/O0Q/6Xs2HjbXmdBsRHmi3PY9T95g47c2ooLTEwBTVGfswUChu
SH0fvWrlaUiGeB9xNvWDdxDCsL5ywEVCmtn2xfmRsSkMxM1Yqdjy8Vcihkz5p78G
YNeHOcUeZSokB1Fixf1A+mOCvw6q0UoVltVRBIZrPsSMTSt4pSo8vOdpOFbANjuN
BiDsZjAoI1335hTbzorGeSw/wFubZPf1YfZM1GDNRu+TkjlHYI2OjyKTfOabiurm
/y0xlRU13Jams7um26OhpLiDbtGtQ9RpznY0Mzk+vTWMMYjxrur8HhmlBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJL0fXQwSv091Dczr+EVXnJeTQmjMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEva3ZSOWREQktfVDNVTnpPdjRSVmVjbDVOQ2FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVWCMA0G
CSqGSIb3DQEBCwUAA4IBAQCbIjYvcrqBRH20zBT3PjOw9toeIq3DH/BgGZF/tpUQ
+NZjljvF9tSz+XwKFuu+dqZlX3vl++XvgM3si/DQcOM2QauwAZbDzmdJQ3R4coaT
T38S2XLESGyLAkGUFLjM90G9L6xToTYmItC5GqKrt9KEMidybpc9fsT8mW/zDznE
bKQxdud+kmubevmiIF4Kkc0hW9fraNgKpJq5pXaUZq1xQ5MXmKCr6vQVjHtI4xOI
LUbPw3WQikaoQhe687QXVylM66PYIF9zNNBrJTvtm+fogIXmi2+6M9LWjCyua17y
ICJoMIcIBLf/QL9aSTFL8+emPjB18EZebgNzBwUPfadI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:50 2024 by rpki-client on console-ams.rpki-client.org