Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/iRcl3uwot3egEAUwPv_XULXu83w.roa
File:                     iRcl3uwot3egEAUwPv_XULXu83w.roa (raw, json)
Hash identifier:          NCC/IbrfGp/XNxPnyDYg/7iMggzDD2lS0ZwSm+3EuBQ=
Subject key identifier:   89:17:25:DE:EC:28:B7:77:A0:10:05:30:3E:FF:D7:50:B5:EE:F3:7C
Certificate issuer:       /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial:       018A0444FC8A73E9EA31BBE0E8D348360151
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/iRcl3uwot3egEAUwPv_XULXu83w.roa
Signing time:             Thu 17 Aug 2023 16:12:24 +0000
ROA not before:           Thu 17 Aug 2023 16:12:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56980
IP address blocks:        45.133.38.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:04:44:fc:8a:73:e9:ea:31:bb:e0:e8:d3:48:36:01:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
        Validity
            Not Before: Aug 17 16:12:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=891725deec28b777a01005303effd750b5eef37c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:77:66:99:d5:49:e8:a6:f4:f4:91:84:3f:12:
                    7b:cd:80:66:92:b1:79:80:c5:5b:63:e5:de:7e:cd:
                    d9:4a:37:b1:1b:73:ce:20:3f:26:a2:11:b3:1e:95:
                    81:e2:c1:9a:48:41:42:38:06:a6:96:8b:b3:ec:ce:
                    95:23:90:16:ab:e7:3b:7d:f1:0b:51:c5:dd:8a:a2:
                    dc:98:b8:72:33:aa:a8:59:18:cf:45:5e:ad:77:a9:
                    b2:c5:3c:31:12:4e:d5:89:62:63:5c:18:38:30:e5:
                    11:e0:27:6d:42:4b:2e:05:69:bb:17:71:08:57:75:
                    27:a7:9f:b6:a0:16:7d:ea:7b:ee:dc:0b:c7:49:9c:
                    e1:a3:88:03:b9:82:bb:fc:f1:a6:38:3d:65:07:73:
                    3f:cf:5d:65:c9:04:2b:7b:ec:51:6e:da:62:1a:97:
                    23:0a:49:7f:09:26:9c:9d:d3:dd:e4:02:ec:84:ee:
                    99:b2:90:92:26:1c:45:36:94:38:64:4c:51:b2:30:
                    dc:c8:75:2f:b9:32:18:be:50:fa:f8:b9:fe:c4:a3:
                    d9:4b:24:0a:61:78:da:ac:88:be:53:4d:fc:ba:0f:
                    02:40:0c:22:0e:02:e0:eb:80:dc:28:b5:e6:cc:6c:
                    e2:60:e8:53:b0:f1:3e:5c:08:1a:4f:db:60:ab:4f:
                    46:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:17:25:DE:EC:28:B7:77:A0:10:05:30:3E:FF:D7:50:B5:EE:F3:7C
            X509v3 Authority Key Identifier:
                keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/iRcl3uwot3egEAUwPv_XULXu83w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.133.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:5c:8e:a0:d2:4d:e0:d9:e4:84:ba:d4:25:33:ac:b2:d5:90:
         13:56:d0:7b:e1:8a:17:8f:2d:78:93:1a:51:7c:8d:0c:8e:ff:
         e4:3d:20:e3:df:19:fe:45:60:b7:c2:60:5e:58:e1:d6:81:14:
         74:61:8c:94:3c:c9:31:20:34:2d:b7:6a:89:fa:75:9d:fa:94:
         f3:0c:43:58:86:c0:05:57:25:81:3c:ca:3c:24:eb:75:80:65:
         a0:ed:1e:a8:fd:9c:6a:cd:de:2f:9d:f5:a2:58:8c:6f:76:c7:
         cf:2c:55:56:45:9f:15:50:f4:c7:5c:7b:c9:4c:ea:0e:38:3c:
         45:b5:25:66:96:af:85:24:8a:81:67:c4:29:00:0e:34:57:66:
         bb:ba:ba:f4:ee:a3:7d:9a:85:dd:f6:3f:d1:32:a3:98:b4:84:
         1d:71:0c:a9:4a:0d:0c:47:66:03:36:ed:58:4c:b9:75:14:63:
         61:3c:18:a5:e7:9c:0e:15:d3:df:80:00:fe:63:4f:3e:d3:1b:
         ab:a1:6a:ef:a4:62:db:b2:f5:61:81:11:a3:5a:fb:a7:23:7f:
         57:f0:f3:09:4f:47:41:94:f7:97:68:de:f8:6f:cb:f4:c8:62:
         4c:35:f5:16:a2:cd:b0:fc:52:b0:0c:d9:d4:ec:42:6d:ca:42:
         6b:ff:a3:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoERPyKc+nqMbvg6NNINgFRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjMwODE3MTYxMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTE3MjVkZWVjMjhiNzc3YTAxMDA1MzAzZWZmZDc1MGI1ZWVmMzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3dmmdVJ6Kb09JGEPxJ7zYBmkrF5
gMVbY+Xefs3ZSjexG3POID8mohGzHpWB4sGaSEFCOAamlouz7M6VI5AWq+c7ffEL
UcXdiqLcmLhyM6qoWRjPRV6td6myxTwxEk7ViWJjXBg4MOUR4CdtQksuBWm7F3EI
V3Unp5+2oBZ96nvu3AvHSZzho4gDuYK7/PGmOD1lB3M/z11lyQQre+xRbtpiGpcj
Ckl/CSacndPd5ALshO6ZspCSJhxFNpQ4ZExRsjDcyHUvuTIYvlD6+Ln+xKPZSyQK
YXjarIi+U038ug8CQAwiDgLg64DcKLXmzGziYOhTsPE+XAgaT9tgq09GKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIkXJd7sKLd3oBAFMD7/11C17vN8MB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvaVJjbDN1d290M2VnRUFVd1B2X1hVTFh1ODN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYUmMA0G
CSqGSIb3DQEBCwUAA4IBAQAIXI6g0k3g2eSEutQlM6yy1ZATVtB74YoXjy14kxpR
fI0Mjv/kPSDj3xn+RWC3wmBeWOHWgRR0YYyUPMkxIDQtt2qJ+nWd+pTzDENYhsAF
VyWBPMo8JOt1gGWg7R6o/Zxqzd4vnfWiWIxvdsfPLFVWRZ8VUPTHXHvJTOoOODxF
tSVmlq+FJIqBZ8QpAA40V2a7urr07qN9moXd9j/RMqOYtIQdcQypSg0MR2YDNu1Y
TLl1FGNhPBil55wOFdPfgAD+Y08+0xuroWrvpGLbsvVhgRGjWvunI39X8PMJT0dB
lPeXaN74b8v0yGJMNfUWos2w/FKwDNnU7EJtykJr/6MI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:49 2024 by rpki-client on console-fra.rpki-client.org