Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/6419af-a23c-4219-9a2b-0463b252bd1a/1/pcijCQIPb8hcd6b3cuJvKYzhBV4.roa
File:                     pcijCQIPb8hcd6b3cuJvKYzhBV4.roa (raw, json)
Hash identifier:          PaMG5jVJq4mMzrTIXSGwb6NAPr34dRZMKeX0jEMNvo0=
Subject key identifier:   A5:C8:A3:09:02:0F:6F:C8:5C:77:A6:F7:72:E2:6F:29:8C:E1:05:5E
Certificate issuer:       /CN=a4b002e0cd28ca1051e02c9d21dbaa38fe4dee07
Certificate serial:       01856C0A68707717A480C0D996CF9EF38119
Authority key identifier: A4:B0:02:E0:CD:28:CA:10:51:E0:2C:9D:21:DB:AA:38:FE:4D:EE:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pLAC4M0oyhBR4CydIduqOP5N7gc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/6419af-a23c-4219-9a2b-0463b252bd1a/1/pcijCQIPb8hcd6b3cuJvKYzhBV4.roa
Signing time:             Sun 01 Jan 2023 06:34:59 +0000
ROA not before:           Sun 01 Jan 2023 06:34:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     23470
IP address blocks:        45.143.145.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:0a:68:70:77:17:a4:80:c0:d9:96:cf:9e:f3:81:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4b002e0cd28ca1051e02c9d21dbaa38fe4dee07
        Validity
            Not Before: Jan  1 06:34:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a5c8a309020f6fc85c77a6f772e26f298ce1055e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:ea:ec:25:0c:36:60:93:96:39:ec:2c:8c:db:
                    4c:76:17:b4:a7:5a:95:eb:32:c1:ee:81:7c:e5:5c:
                    af:f9:68:d2:26:d4:dc:ad:c4:dd:f3:8e:63:0a:d7:
                    6b:1d:61:55:f7:1b:cf:28:56:22:58:35:78:d7:bb:
                    33:fd:86:a1:98:cc:c5:6f:d0:bf:d5:66:bc:8a:b8:
                    c2:60:80:ca:46:4d:47:e3:88:a9:40:c5:f7:b6:ef:
                    b6:62:83:e3:9a:90:1f:92:b6:5b:d5:68:fe:e9:51:
                    5e:cf:21:d1:43:3e:a4:7e:b3:ad:0e:43:96:ef:dd:
                    7f:31:01:9a:70:94:3d:ca:01:e2:12:93:22:51:d9:
                    66:d2:59:90:89:72:fd:f5:51:5f:92:39:98:0c:f2:
                    f7:b0:c0:ed:bb:e0:4e:ab:44:a1:44:8c:46:bd:68:
                    32:47:8c:52:ff:52:26:4b:72:4b:31:86:8c:3f:8a:
                    25:66:1f:e3:04:3d:fd:b8:fd:8c:7d:b6:30:8f:ec:
                    40:d7:c0:ab:39:47:49:a7:93:13:1f:c5:f0:c4:51:
                    61:26:d7:e4:80:d3:ae:68:8f:f4:4a:85:08:d2:82:
                    be:25:a1:72:74:7a:38:21:3f:15:a4:88:5a:eb:72:
                    6d:3a:ed:98:c7:1b:5b:52:2e:81:b5:87:ae:4a:f3:
                    7b:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:C8:A3:09:02:0F:6F:C8:5C:77:A6:F7:72:E2:6F:29:8C:E1:05:5E
            X509v3 Authority Key Identifier:
                keyid:A4:B0:02:E0:CD:28:CA:10:51:E0:2C:9D:21:DB:AA:38:FE:4D:EE:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pLAC4M0oyhBR4CydIduqOP5N7gc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/6419af-a23c-4219-9a2b-0463b252bd1a/1/pcijCQIPb8hcd6b3cuJvKYzhBV4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/6419af-a23c-4219-9a2b-0463b252bd1a/1/pLAC4M0oyhBR4CydIduqOP5N7gc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.143.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:b3:35:2b:68:07:3d:02:05:c0:67:63:68:9a:ed:7a:00:fa:
         cc:d8:4d:53:52:d3:e0:e1:e1:f1:a2:46:bc:70:78:e5:86:5b:
         07:d8:52:0c:e8:c8:fe:26:41:e7:92:8b:c5:03:ad:59:14:1b:
         0e:9d:90:f2:74:11:ed:07:3d:2f:19:8c:3c:99:14:ee:6e:5f:
         76:80:34:ec:f2:93:59:92:cc:ca:6d:b7:68:56:86:9f:72:d1:
         24:9e:2e:55:da:e6:a6:da:92:62:f7:6e:f9:a5:87:6f:a8:b2:
         4a:e5:ad:58:6e:9a:65:3a:56:82:ca:ce:cd:50:d6:91:36:70:
         0a:8d:6f:59:ed:2a:9c:6d:f7:a3:f9:04:a6:eb:2c:a9:50:01:
         b1:da:df:6b:17:68:fc:ea:93:6c:e9:ce:fd:23:d6:7e:a5:5d:
         c9:5c:44:52:0d:a6:e2:44:00:f4:3c:20:8e:84:1e:44:e8:21:
         d6:7b:6d:73:a1:2d:1b:80:4b:0e:03:e9:34:33:b2:90:39:30:
         30:c7:44:ed:83:a4:d8:13:a8:99:b4:52:be:8b:b0:35:a3:0f:
         e3:74:1a:87:f4:18:3b:16:fa:18:28:88:9e:4e:8a:16:1b:3b:
         c7:63:fe:cb:dc:76:9b:a2:a3:a0:19:3c:e8:f4:c2:1d:4f:d9:
         56:a5:92:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsCmhwdxekgMDZls+e84EZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YjAwMmUwY2QyOGNhMTA1MWUwMmM5ZDIxZGJhYTM4ZmU0
ZGVlMDcwHhcNMjMwMTAxMDYzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWM4YTMwOTAyMGY2ZmM4NWM3N2E2Zjc3MmUyNmYyOThjZTEwNTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApursJQw2YJOWOewsjNtMdhe0p1qV
6zLB7oF85Vyv+WjSJtTcrcTd845jCtdrHWFV9xvPKFYiWDV417sz/YahmMzFb9C/
1Wa8irjCYIDKRk1H44ipQMX3tu+2YoPjmpAfkrZb1Wj+6VFezyHRQz6kfrOtDkOW
791/MQGacJQ9ygHiEpMiUdlm0lmQiXL99VFfkjmYDPL3sMDtu+BOq0ShRIxGvWgy
R4xS/1ImS3JLMYaMP4olZh/jBD39uP2MfbYwj+xA18CrOUdJp5MTH8XwxFFhJtfk
gNOuaI/0SoUI0oK+JaFydHo4IT8VpIha63JtOu2YxxtbUi6BtYeuSvN7kQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKXIowkCD2/IXHem93LibymM4QVeMB8GA1UdIwQY
MBaAFKSwAuDNKMoQUeAsnSHbqjj+Te4HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcExBQzRNMG95aEJSNEN5ZElkdXFPUDVON2djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS82NDE5YWYtYTIzYy00MjE5LTlhMmIt
MDQ2M2IyNTJiZDFhLzEvcGNpakNRSVBiOGhjZDZiM2N1SnZLWXpoQlY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS82NDE5YWYtYTIzYy00MjE5LTlhMmItMDQ2M2IyNTJiZDFh
LzEvcExBQzRNMG95aEJSNEN5ZElkdXFPUDVON2djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY+RMA0G
CSqGSIb3DQEBCwUAA4IBAQAYszUraAc9AgXAZ2Nomu16APrM2E1TUtPg4eHxoka8
cHjlhlsH2FIM6Mj+JkHnkovFA61ZFBsOnZDydBHtBz0vGYw8mRTubl92gDTs8pNZ
kszKbbdoVoafctEkni5V2uam2pJi9275pYdvqLJK5a1YbpplOlaCys7NUNaRNnAK
jW9Z7Sqcbfej+QSm6yypUAGx2t9rF2j86pNs6c79I9Z+pV3JXERSDabiRAD0PCCO
hB5E6CHWe21zoS0bgEsOA+k0M7KQOTAwx0Ttg6TYE6iZtFK+i7A1ow/jdBqH9Bg7
FvoYKIieTooWGzvHY/7L3HaboqOgGTzo9MIdT9lWpZJs
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:39 2024 by rpki-client on console-fra.rpki-client.org