Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/S4-pguCbmvrMkdys1V9671Bwots.roa
File:                     S4-pguCbmvrMkdys1V9671Bwots.roa (raw, json)
Hash identifier:          o8VgOANffSTBNzL7aEXsH3g7x7xd2OA7DdXhDzazXpk=
Subject key identifier:   4B:8F:A9:82:E0:9B:9A:FA:CC:91:DC:AC:D5:5F:7A:EF:50:70:A2:DB
Certificate issuer:       /CN=297364f502534e8771a0c6259794c26e26d4bca4
Certificate serial:       01856D2F29E7AFC64C2647B7242BAEB936E8
Authority key identifier: 29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/S4-pguCbmvrMkdys1V9671Bwots.roa
Signing time:             Sun 01 Jan 2023 11:54:45 +0000
ROA not before:           Sun 01 Jan 2023 11:54:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198504
IP address blocks:        141.105.166.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:2f:29:e7:af:c6:4c:26:47:b7:24:2b:ae:b9:36:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=297364f502534e8771a0c6259794c26e26d4bca4
        Validity
            Not Before: Jan  1 11:54:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4b8fa982e09b9afacc91dcacd55f7aef5070a2db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:b5:9c:39:9f:33:02:18:b4:43:71:c0:84:38:
                    43:95:78:17:5f:62:b2:f4:c3:9e:89:b4:14:5f:04:
                    26:31:25:d6:7b:0e:de:40:6f:d4:64:a4:12:34:b4:
                    54:72:04:59:29:ac:dd:54:30:47:7a:49:9e:2b:f8:
                    56:cd:76:42:35:42:21:d3:e8:ab:53:3b:e6:54:8f:
                    cc:23:16:eb:43:b3:ba:14:19:8b:69:89:40:9f:fa:
                    79:2e:49:bd:ef:2f:9e:85:ae:14:9e:b0:98:70:7f:
                    45:6c:fe:ee:2c:5c:b8:90:c7:49:2e:b7:77:a6:45:
                    ed:a1:1d:20:4d:05:8d:96:0c:ef:b2:11:c3:f9:84:
                    b0:5b:53:2a:8b:9e:c2:e0:86:60:62:0c:f5:9e:bb:
                    12:4c:12:14:ff:24:12:91:37:b9:b0:e8:66:22:de:
                    a5:8b:5c:b2:b5:0c:9c:c2:a4:0f:a4:d6:21:19:91:
                    f4:e4:84:5f:a4:7f:96:55:0a:4f:cb:1d:eb:26:db:
                    a2:3c:af:ab:a3:86:8c:0d:19:d1:b3:f9:58:59:ec:
                    90:f8:c5:46:73:e1:ff:af:05:dd:37:1b:e9:0a:fe:
                    59:4a:b4:11:e4:97:df:d1:78:37:f0:68:7f:43:f6:
                    de:91:f4:1a:7e:a5:b7:61:f1:8d:e0:57:e0:ee:56:
                    bd:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:8F:A9:82:E0:9B:9A:FA:CC:91:DC:AC:D5:5F:7A:EF:50:70:A2:DB
            X509v3 Authority Key Identifier:
                keyid:29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/S4-pguCbmvrMkdys1V9671Bwots.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.105.166.0/23

    Signature Algorithm: sha256WithRSAEncryption
         27:3a:07:85:86:9f:c9:bd:e4:8a:04:fc:13:8b:b8:ee:c8:8d:
         e1:db:e6:fc:c4:b7:68:36:90:d0:8d:7a:c7:17:d9:a4:f7:e3:
         2c:05:4e:3f:67:21:c3:95:4d:29:7e:19:33:f4:40:4b:32:04:
         e3:dc:33:b1:bb:6a:6c:36:ba:1b:07:b3:40:74:06:04:72:b2:
         39:8d:d8:04:be:5e:9a:87:18:46:b7:be:c9:84:b9:e1:56:5d:
         9e:a0:f4:b5:f6:df:1f:2b:ed:1d:c5:ab:6d:27:09:86:d0:1f:
         18:43:5f:54:04:11:5b:29:d1:be:ac:6e:29:02:7f:a2:4d:8f:
         e3:92:67:aa:9c:76:36:bb:94:2a:55:d9:00:ae:0c:fc:c7:5e:
         17:0e:52:17:80:19:23:77:6d:7a:95:e2:c1:56:b4:7c:1f:d2:
         10:a5:ca:44:9d:24:e4:09:ba:d5:bd:25:a1:37:cb:45:55:28:
         2b:0c:df:a7:0f:c8:a3:b3:ff:ce:67:da:75:82:c2:c8:8a:f1:
         5c:0c:71:09:0c:fe:3f:5a:10:da:71:10:79:d9:40:7e:72:ed:
         10:b4:bd:46:c0:04:f5:0d:2c:7f:d5:40:f7:58:46:6f:02:c5:
         cc:85:b8:c2:b7:f2:e7:9d:f4:2c:ee:57:ae:63:49:87:61:71:
         52:ff:d0:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtLynnr8ZMJke3JCuuuTboMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NzM2NGY1MDI1MzRlODc3MWEwYzYyNTk3OTRjMjZlMjZk
NGJjYTQwHhcNMjMwMTAxMTE1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjhmYTk4MmUwOWI5YWZhY2M5MWRjYWNkNTVmN2FlZjUwNzBhMmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+LWcOZ8zAhi0Q3HAhDhDlXgXX2Ky
9MOeibQUXwQmMSXWew7eQG/UZKQSNLRUcgRZKazdVDBHekmeK/hWzXZCNUIh0+ir
UzvmVI/MIxbrQ7O6FBmLaYlAn/p5Lkm97y+eha4UnrCYcH9FbP7uLFy4kMdJLrd3
pkXtoR0gTQWNlgzvshHD+YSwW1Mqi57C4IZgYgz1nrsSTBIU/yQSkTe5sOhmIt6l
i1yytQycwqQPpNYhGZH05IRfpH+WVQpPyx3rJtuiPK+ro4aMDRnRs/lYWeyQ+MVG
c+H/rwXdNxvpCv5ZSrQR5Jff0Xg38Gh/Q/bekfQafqW3YfGN4Ffg7la9twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEuPqYLgm5r6zJHcrNVfeu9QcKLbMB8GA1UdIwQY
MBaAFClzZPUCU06HcaDGJZeUwm4m1LykMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNDU4MjAtMzU0Ni00MDdjLTgzYTUt
MGEwZjNlNzhhNDkzLzEvUzQtcGd1Q2JtdnJNa2R5czFWOTY3MUJ3b3RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wNDU4MjAtMzU0Ni00MDdjLTgzYTUtMGEwZjNlNzhhNDkz
LzEvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBjWmmMA0G
CSqGSIb3DQEBCwUAA4IBAQAnOgeFhp/JveSKBPwTi7juyI3h2+b8xLdoNpDQjXrH
F9mk9+MsBU4/ZyHDlU0pfhkz9EBLMgTj3DOxu2psNrobB7NAdAYEcrI5jdgEvl6a
hxhGt77JhLnhVl2eoPS19t8fK+0dxattJwmG0B8YQ19UBBFbKdG+rG4pAn+iTY/j
kmeqnHY2u5QqVdkArgz8x14XDlIXgBkjd216leLBVrR8H9IQpcpEnSTkCbrVvSWh
N8tFVSgrDN+nD8ijs//OZ9p1gsLIivFcDHEJDP4/WhDacRB52UB+cu0QtL1GwAT1
DSx/1UD3WEZvAsXMhbjCt/LnnfQs7leuY0mHYXFS/9Ce
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:44 2024 by rpki-client on console-fra.rpki-client.org