Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/tD47bRTrn8CyRCuqF5Hu9xMV_wo.roa
File:                     tD47bRTrn8CyRCuqF5Hu9xMV_wo.roa (raw, json)
Hash identifier:          9gHXXY1iCKj8Hsm5kJuICnyuKVgDH6sXHPXgdsaGetY=
Subject key identifier:   B4:3E:3B:6D:14:EB:9F:C0:B2:44:2B:AA:17:91:EE:F7:13:15:FF:0A
Certificate issuer:       /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial:       0185729ECDA35521B4C088C336082CC4ABD7
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/tD47bRTrn8CyRCuqF5Hu9xMV_wo.roa
Signing time:             Mon 02 Jan 2023 13:14:47 +0000
ROA not before:           Mon 02 Jan 2023 13:14:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213157
IP address blocks:        45.143.96.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:9e:cd:a3:55:21:b4:c0:88:c3:36:08:2c:c4:ab:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
        Validity
            Not Before: Jan  2 13:14:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b43e3b6d14eb9fc0b2442baa1791eef71315ff0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:88:b9:8a:9a:03:fd:d1:e4:e2:3d:21:c6:4d:
                    3c:a8:86:16:94:a4:77:68:d4:17:d8:7f:4c:c4:78:
                    af:92:c1:16:61:43:4c:5a:75:89:64:f3:ba:1e:0c:
                    5c:6d:c5:ea:e3:53:f3:67:30:9c:d2:0d:5b:a1:25:
                    5e:67:e9:ad:88:91:6e:dd:7d:80:e4:37:62:7b:c9:
                    2c:2b:c2:a9:3b:9b:a2:ec:64:36:55:b9:1c:d6:5d:
                    35:8d:b7:4b:91:bf:00:3b:33:dd:51:f2:78:cb:3d:
                    8b:ed:42:ab:7e:80:ee:8a:f4:18:96:5d:9b:7b:cd:
                    34:61:74:16:c3:ad:ac:f0:8f:22:d5:cc:b5:be:2b:
                    86:cb:9b:d8:86:0e:14:7c:dc:4e:e9:76:1e:03:9b:
                    0b:9e:0e:ca:c0:18:13:4d:c4:4e:04:08:36:13:5b:
                    70:93:37:62:f2:8f:35:6d:45:58:a4:fb:60:5c:68:
                    96:4c:45:48:cd:45:0b:4a:29:d7:68:58:3f:2e:3f:
                    f4:3e:ee:c5:e0:84:87:d0:62:5c:c3:50:ff:a6:c0:
                    fe:1c:fc:4a:f0:74:08:e9:18:9d:30:2d:3f:ec:d5:
                    2b:40:45:fa:d3:de:3a:0a:7c:4b:9d:1e:70:91:16:
                    f2:21:87:9f:62:48:bd:c5:c7:8a:1c:4a:3c:9e:e1:
                    10:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:3E:3B:6D:14:EB:9F:C0:B2:44:2B:AA:17:91:EE:F7:13:15:FF:0A
            X509v3 Authority Key Identifier:
                keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/tD47bRTrn8CyRCuqF5Hu9xMV_wo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.143.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:29:7f:a8:5b:7e:ae:54:bf:14:65:fa:64:b3:03:7b:b1:a9:
         56:0b:57:e6:a7:d2:9d:fb:c1:d1:88:b0:1f:ef:7a:eb:78:42:
         ab:f6:60:25:b9:c0:22:ac:e8:ba:89:e3:7b:e2:3d:a8:a4:29:
         a9:25:29:f8:05:fd:c5:ad:5b:59:50:89:11:d0:3a:cc:be:36:
         1b:22:86:16:24:da:e2:35:83:ab:82:a8:fc:3a:6b:51:b6:67:
         13:1b:9e:ae:db:8a:ae:d4:8f:a9:f9:12:92:99:39:0d:08:ee:
         89:97:d1:e6:da:0e:cb:dd:d8:e0:9e:12:d3:62:92:76:31:04:
         85:9d:79:0b:b2:d6:26:fa:01:16:97:f2:2b:58:a8:87:2e:dd:
         3e:ee:74:b5:d1:65:ac:a2:90:4b:e0:eb:6d:d1:f3:07:26:ed:
         52:51:d5:d4:a6:27:bc:ba:a9:91:72:fd:22:cc:17:3a:10:23:
         af:eb:bb:fa:6c:55:6b:7e:41:9f:c6:af:be:36:bf:c3:29:0a:
         81:7f:0f:ae:59:18:35:f8:89:23:a6:d6:f0:98:6f:2d:b0:54:
         68:61:34:8b:6e:d0:64:26:eb:c1:7c:e7:c9:a5:29:89:00:ca:
         cc:83:0b:b4:6c:17:b6:a2:80:6a:f6:0e:79:3e:f6:c2:9a:f3:
         b6:a1:f5:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyns2jVSG0wIjDNggsxKvXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjMwMTAyMTMxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDNlM2I2ZDE0ZWI5ZmMwYjI0NDJiYWExNzkxZWVmNzEzMTVmZjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoi5ipoD/dHk4j0hxk08qIYWlKR3
aNQX2H9MxHivksEWYUNMWnWJZPO6HgxcbcXq41PzZzCc0g1boSVeZ+mtiJFu3X2A
5Ddie8ksK8KpO5ui7GQ2Vbkc1l01jbdLkb8AOzPdUfJ4yz2L7UKrfoDuivQYll2b
e800YXQWw62s8I8i1cy1viuGy5vYhg4UfNxO6XYeA5sLng7KwBgTTcROBAg2E1tw
kzdi8o81bUVYpPtgXGiWTEVIzUULSinXaFg/Lj/0Pu7F4ISH0GJcw1D/psD+HPxK
8HQI6RidMC0/7NUrQEX60946CnxLnR5wkRbyIYefYki9xceKHEo8nuEQAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLQ+O20U65/AskQrqheR7vcTFf8KMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvdEQ0N2JSVHJuOEN5UkN1cUY1SHU5eE1WX3dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY9gMA0G
CSqGSIb3DQEBCwUAA4IBAQBpKX+oW36uVL8UZfpkswN7salWC1fmp9Kd+8HRiLAf
73rreEKr9mAlucAirOi6ieN74j2opCmpJSn4Bf3FrVtZUIkR0DrMvjYbIoYWJNri
NYOrgqj8OmtRtmcTG56u24qu1I+p+RKSmTkNCO6Jl9Hm2g7L3djgnhLTYpJ2MQSF
nXkLstYm+gEWl/IrWKiHLt0+7nS10WWsopBL4Ott0fMHJu1SUdXUpie8uqmRcv0i
zBc6ECOv67v6bFVrfkGfxq++Nr/DKQqBfw+uWRg1+IkjptbwmG8tsFRoYTSLbtBk
JuvBfOfJpSmJAMrMgwu0bBe2ooBq9g55PvbCmvO2ofXZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:45 2024 by rpki-client on console-ams.rpki-client.org