Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/23d_buXQCjfeDNK3C3X9rsal1FU.roa
File:                     23d_buXQCjfeDNK3C3X9rsal1FU.roa (raw, json)
Hash identifier:          DrZvuIaQxhAlaMRm53JQ2+Co4ffWw5TxK+szfAXu+eU=
Subject key identifier:   DB:77:7F:6E:E5:D0:0A:37:DE:0C:D2:B7:0B:75:FD:AE:C6:A5:D4:55
Certificate issuer:       /CN=b011022187e3395a1524fa1a7541ea793285afc2
Certificate serial:       01857C2D01B5C53DFC35443FCDD65E8B4748
Authority key identifier: B0:11:02:21:87:E3:39:5A:15:24:FA:1A:75:41:EA:79:32:85:AF:C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sBECIYfjOVoVJPoadUHqeTKFr8I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/23d_buXQCjfeDNK3C3X9rsal1FU.roa
Signing time:             Wed 04 Jan 2023 09:46:42 +0000
ROA not before:           Wed 04 Jan 2023 09:46:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34636
IP address blocks:        46.21.90.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:7c:2d:01:b5:c5:3d:fc:35:44:3f:cd:d6:5e:8b:47:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b011022187e3395a1524fa1a7541ea793285afc2
        Validity
            Not Before: Jan  4 09:46:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=db777f6ee5d00a37de0cd2b70b75fdaec6a5d455
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:cb:a9:cd:cc:40:07:db:36:97:b8:76:b9:82:
                    05:20:52:d8:96:74:e3:c1:23:4a:f4:47:74:1e:5f:
                    83:d6:63:1f:c6:13:d0:bf:8c:8b:60:ea:4e:a1:ad:
                    9e:3b:6b:45:6d:aa:7f:54:98:0a:76:2e:c1:10:f7:
                    6a:be:6f:fd:1a:3c:e0:a5:ea:c6:12:eb:4b:7d:35:
                    fd:9d:53:96:97:b2:11:0f:e3:1d:0d:ca:a0:6b:e6:
                    dc:66:9a:46:b4:70:45:33:e7:c2:d4:94:f5:17:25:
                    06:23:b0:0f:51:68:c4:c7:0b:fc:66:ae:1a:a7:1d:
                    2a:b7:50:df:fe:3c:91:3b:75:21:35:47:49:d7:f7:
                    d1:1c:ac:55:5d:c8:1f:35:ea:27:0a:2f:6e:3e:a3:
                    0f:2d:00:fd:69:69:0c:0b:ec:1d:64:6b:05:e2:9b:
                    9c:11:c1:e9:3c:b8:1c:2f:33:8b:d6:b2:74:30:99:
                    f2:13:73:ff:15:a5:8d:8e:ce:0c:e7:bd:a2:f0:be:
                    d2:86:0b:55:e9:0a:c5:70:43:25:f7:cb:9c:8c:de:
                    0a:df:42:12:dc:18:ab:28:b0:ca:63:72:2d:9e:ff:
                    25:7f:9a:9a:e5:f9:5c:2e:f7:d9:f7:4f:00:fb:84:
                    fc:3d:b7:53:f8:4d:fd:ae:1f:b0:e5:67:91:af:5c:
                    f0:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:77:7F:6E:E5:D0:0A:37:DE:0C:D2:B7:0B:75:FD:AE:C6:A5:D4:55
            X509v3 Authority Key Identifier:
                keyid:B0:11:02:21:87:E3:39:5A:15:24:FA:1A:75:41:EA:79:32:85:AF:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBECIYfjOVoVJPoadUHqeTKFr8I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/23d_buXQCjfeDNK3C3X9rsal1FU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/sBECIYfjOVoVJPoadUHqeTKFr8I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.21.90.0/23

    Signature Algorithm: sha256WithRSAEncryption
         87:00:5a:b8:17:bc:cc:7f:64:f4:44:67:a6:fe:a2:2b:56:bb:
         fa:dc:75:1d:c9:8f:2c:8b:4e:c2:f7:7d:4b:e3:f3:f3:bf:15:
         45:48:f8:37:d7:5e:8d:f1:00:21:02:88:83:d6:dd:f6:cb:6d:
         93:ac:9b:14:c8:0a:4a:92:d2:5c:b8:1d:ea:0f:19:1f:84:a3:
         85:f3:74:5b:27:38:dc:1c:e1:fc:c5:bc:81:7f:80:0a:82:7c:
         d0:52:66:38:7f:4d:80:bb:bc:34:0a:70:46:19:90:20:30:ac:
         0f:1a:9d:0c:56:f9:0e:15:cd:71:68:8d:21:21:66:81:6e:1d:
         02:7c:38:90:eb:5a:97:b3:d5:52:08:34:91:15:f4:18:bc:a4:
         75:24:0c:bd:9d:ad:f9:23:e6:11:8a:1a:66:35:c2:5c:ad:6d:
         9c:ff:68:1f:de:2c:b5:e1:e0:bf:d3:0c:14:38:a6:ce:3f:de:
         7b:5a:8c:46:f8:c7:71:82:53:20:e0:61:fc:d7:48:59:c7:54:
         22:70:ff:87:49:80:27:a0:6a:76:be:ba:68:39:bc:73:59:b4:
         bd:b1:1d:78:c2:c5:5e:e2:ea:59:8e:a3:b6:9c:b4:4d:08:98:
         5b:fb:6f:13:7d:69:e6:ac:60:f6:ec:7e:35:1d:71:19:0a:d0:
         c6:ba:66:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYV8LQG1xT38NUQ/zdZei0dIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMTEwMjIxODdlMzM5NWExNTI0ZmExYTc1NDFlYTc5MzI4
NWFmYzIwHhcNMjMwMTA0MDk0NjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjc3N2Y2ZWU1ZDAwYTM3ZGUwY2QyYjcwYjc1ZmRhZWM2YTVkNDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcupzcxAB9s2l7h2uYIFIFLYlnTj
wSNK9Ed0Hl+D1mMfxhPQv4yLYOpOoa2eO2tFbap/VJgKdi7BEPdqvm/9GjzgperG
EutLfTX9nVOWl7IRD+MdDcqga+bcZppGtHBFM+fC1JT1FyUGI7APUWjExwv8Zq4a
px0qt1Df/jyRO3UhNUdJ1/fRHKxVXcgfNeonCi9uPqMPLQD9aWkMC+wdZGsF4puc
EcHpPLgcLzOL1rJ0MJnyE3P/FaWNjs4M572i8L7ShgtV6QrFcEMl98ucjN4K30IS
3BirKLDKY3Itnv8lf5qa5flcLvfZ908A+4T8PbdT+E39rh+w5WeRr1zw5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNt3f27l0Ao33gzStwt1/a7GpdRVMB8GA1UdIwQY
MBaAFLARAiGH4zlaFST6GnVB6nkyha/CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0JFQ0lZZmpPVm9WSlBvYWRVSHFlVEtGcjhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9lOGJiZDItMTM2MS00MWEzLTkwZjAt
NTMzNGU2YjhjNWZlLzEvMjNkX2J1WFFDamZlRE5LM0MzWDlyc2FsMUZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9lOGJiZDItMTM2MS00MWEzLTkwZjAtNTMzNGU2YjhjNWZl
LzEvc0JFQ0lZZmpPVm9WSlBvYWRVSHFlVEtGcjhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLhVaMA0G
CSqGSIb3DQEBCwUAA4IBAQCHAFq4F7zMf2T0RGem/qIrVrv63HUdyY8si07C931L
4/PzvxVFSPg3116N8QAhAoiD1t32y22TrJsUyApKktJcuB3qDxkfhKOF83RbJzjc
HOH8xbyBf4AKgnzQUmY4f02Au7w0CnBGGZAgMKwPGp0MVvkOFc1xaI0hIWaBbh0C
fDiQ61qXs9VSCDSRFfQYvKR1JAy9na35I+YRihpmNcJcrW2c/2gf3iy14eC/0wwU
OKbOP957WoxG+MdxglMg4GH810hZx1QicP+HSYAnoGp2vrpoObxzWbS9sR14wsVe
4upZjqO2nLRNCJhb+28TfWnmrGD27H41HXEZCtDGumbY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:07 2024 by rpki-client on console-fra.rpki-client.org