Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/fe6870-0990-4c21-9e4d-8c52e666a8a2/1/iJOSe5m7_Wmp8nU5d5lG604Ep44.roa
File:                     iJOSe5m7_Wmp8nU5d5lG604Ep44.roa (raw, json)
Hash identifier:          UosA23yvjfM35HTfF49/F2E+cAIgfPoNAeX62q6eci4=
Subject key identifier:   88:93:92:7B:99:BB:FD:69:A9:F2:75:39:77:99:46:EB:4E:04:A7:8E
Certificate issuer:       /CN=411a2a9405bda1671c10776f4426273c904e4ad0
Certificate serial:       01857139D84E5E32E78C87D2AC0C237C2BB5
Authority key identifier: 41:1A:2A:94:05:BD:A1:67:1C:10:77:6F:44:26:27:3C:90:4E:4A:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QRoqlAW9oWccEHdvRCYnPJBOStA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/fe6870-0990-4c21-9e4d-8c52e666a8a2/1/iJOSe5m7_Wmp8nU5d5lG604Ep44.roa
Signing time:             Mon 02 Jan 2023 06:44:54 +0000
ROA not before:           Mon 02 Jan 2023 06:44:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        45.11.252.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:39:d8:4e:5e:32:e7:8c:87:d2:ac:0c:23:7c:2b:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=411a2a9405bda1671c10776f4426273c904e4ad0
        Validity
            Not Before: Jan  2 06:44:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8893927b99bbfd69a9f27539779946eb4e04a78e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:e1:61:86:7e:fc:8a:83:9c:77:92:84:f9:42:
                    f9:3a:b9:c7:c0:14:26:1b:6d:ba:cc:d3:4c:f0:a0:
                    8d:69:5f:f3:db:62:4e:73:74:ac:56:35:d7:4d:5c:
                    3d:8b:a4:00:2d:7e:6f:56:38:78:9e:a0:1e:96:07:
                    51:48:23:9a:e6:b6:f8:6f:45:71:cc:00:ea:e2:25:
                    65:44:e9:4b:57:54:73:11:f8:28:80:ef:c1:0a:4d:
                    a8:95:38:f3:d9:77:53:17:9a:a9:8f:2a:9c:cf:04:
                    df:0e:85:a2:ae:e5:23:2b:33:7d:5e:32:65:35:b1:
                    01:cd:2e:48:93:fa:09:05:c7:42:c0:05:8b:09:8f:
                    1f:fb:8a:c2:4e:06:75:43:f8:46:3f:0d:28:93:b3:
                    68:c3:4c:e6:0e:71:0f:4f:37:9d:db:a3:6b:df:72:
                    80:7e:e1:14:a1:b1:71:3a:56:cf:04:92:9b:54:8c:
                    95:75:19:36:f7:57:aa:10:dc:e4:8c:e5:97:4c:ab:
                    0b:36:47:d3:d5:c6:61:7a:be:37:f8:4c:b4:10:47:
                    c2:47:2b:59:70:8f:51:1b:78:4d:86:81:e2:c7:09:
                    67:ba:9d:b9:8c:5e:e6:8e:2f:e9:c1:bd:64:22:08:
                    a5:12:12:69:4d:73:e7:7d:f9:f2:54:9c:88:fb:2f:
                    ef:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:93:92:7B:99:BB:FD:69:A9:F2:75:39:77:99:46:EB:4E:04:A7:8E
            X509v3 Authority Key Identifier:
                keyid:41:1A:2A:94:05:BD:A1:67:1C:10:77:6F:44:26:27:3C:90:4E:4A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QRoqlAW9oWccEHdvRCYnPJBOStA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/fe6870-0990-4c21-9e4d-8c52e666a8a2/1/iJOSe5m7_Wmp8nU5d5lG604Ep44.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/fe6870-0990-4c21-9e4d-8c52e666a8a2/1/QRoqlAW9oWccEHdvRCYnPJBOStA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.11.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         98:4f:1c:4f:21:17:2c:e3:60:3f:f2:b5:68:8f:50:64:8a:2a:
         7c:ea:00:6c:b4:b1:16:26:fa:a0:2c:15:26:dd:a5:64:9e:13:
         78:d9:d7:97:18:3b:16:db:f9:f6:ba:1d:a1:5a:13:1d:7d:6c:
         de:6c:19:f5:49:0d:8b:0e:bf:c1:6c:69:6a:43:fa:e6:d6:6a:
         19:87:a3:07:b3:66:88:5f:80:ad:a4:4b:0f:fa:5b:a1:d7:66:
         8e:dd:16:b8:00:74:3d:cd:72:2e:f9:7f:af:2e:a5:07:c9:6a:
         ce:55:e4:c4:05:d1:3d:47:1b:75:db:af:f3:b2:3a:d9:d0:cb:
         4f:7b:84:60:fa:8b:a5:05:a3:75:39:21:a3:a8:e9:a1:0f:01:
         6c:c4:41:53:1a:0d:9d:10:b1:d8:8e:4c:b1:56:f7:71:da:65:
         93:2f:2b:d7:0e:0c:a3:2f:5c:58:62:67:ab:be:76:cb:24:51:
         bd:b2:73:58:f4:a3:e4:a3:dc:c4:26:04:9b:9f:c0:13:61:ca:
         64:69:17:18:8b:48:1b:67:fb:c9:15:77:f9:75:3a:e5:50:d2:
         2e:f2:ce:38:f3:9c:6f:96:a6:e3:87:55:2b:c7:04:29:25:d4:
         ce:f5:34:49:80:f0:5c:fa:43:c5:db:63:ea:1f:a7:c9:a0:3c:
         41:87:77:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxOdhOXjLnjIfSrAwjfCu1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWEyYTk0MDViZGExNjcxYzEwNzc2ZjQ0MjYyNzNjOTA0
ZTRhZDAwHhcNMjMwMTAyMDY0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODkzOTI3Yjk5YmJmZDY5YTlmMjc1Mzk3Nzk5NDZlYjRlMDRhNzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6uFhhn78ioOcd5KE+UL5OrnHwBQm
G226zNNM8KCNaV/z22JOc3SsVjXXTVw9i6QALX5vVjh4nqAelgdRSCOa5rb4b0Vx
zADq4iVlROlLV1RzEfgogO/BCk2olTjz2XdTF5qpjyqczwTfDoWiruUjKzN9XjJl
NbEBzS5Ik/oJBcdCwAWLCY8f+4rCTgZ1Q/hGPw0ok7Now0zmDnEPTzed26Nr33KA
fuEUobFxOlbPBJKbVIyVdRk291eqENzkjOWXTKsLNkfT1cZher43+Ey0EEfCRytZ
cI9RG3hNhoHixwlnup25jF7mji/pwb1kIgilEhJpTXPnffnyVJyI+y/vUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIiTknuZu/1pqfJ1OXeZRutOBKeOMB8GA1UdIwQY
MBaAFEEaKpQFvaFnHBB3b0QmJzyQTkrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVJvcWxBVzlvV2NjRUhkdlJDWW5QSkJPU3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9mZTY4NzAtMDk5MC00YzIxLTllNGQt
OGM1MmU2NjZhOGEyLzEvaUpPU2U1bTdfV21wOG5VNWQ1bEc2MDRFcDQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9mZTY4NzAtMDk5MC00YzIxLTllNGQtOGM1MmU2NjZhOGEy
LzEvUVJvcWxBVzlvV2NjRUhkdlJDWW5QSkJPU3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQv8MA0G
CSqGSIb3DQEBCwUAA4IBAQCYTxxPIRcs42A/8rVoj1Bkiip86gBstLEWJvqgLBUm
3aVknhN42deXGDsW2/n2uh2hWhMdfWzebBn1SQ2LDr/BbGlqQ/rm1moZh6MHs2aI
X4CtpEsP+luh12aO3Ra4AHQ9zXIu+X+vLqUHyWrOVeTEBdE9Rxt126/zsjrZ0MtP
e4Rg+oulBaN1OSGjqOmhDwFsxEFTGg2dELHYjkyxVvdx2mWTLyvXDgyjL1xYYmer
vnbLJFG9snNY9KPko9zEJgSbn8ATYcpkaRcYi0gbZ/vJFXf5dTrlUNIu8s4485xv
lqbjh1UrxwQpJdTO9TRJgPBc+kPF22PqH6fJoDxBh3cv
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:23 2024 by rpki-client on console-ams.rpki-client.org