Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/vJhsyxEIuGf_IO4LIn4LzgQOJ0U.roa
File:                     vJhsyxEIuGf_IO4LIn4LzgQOJ0U.roa (raw, json)
Hash identifier:          j3Pw4vgUsYFhsfrhuSGvjC47MN47Nuj6LDL3ye0+vvI=
Subject key identifier:   BC:98:6C:CB:11:08:B8:67:FF:20:EE:0B:22:7E:0B:CE:04:0E:27:45
Certificate issuer:       /CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
Certificate serial:       01856F54A5F5512B045C98CFB1C91E6FE189
Authority key identifier: 87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/vJhsyxEIuGf_IO4LIn4LzgQOJ0U.roa
Signing time:             Sun 01 Jan 2023 21:54:56 +0000
ROA not before:           Sun 01 Jan 2023 21:54:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34549
IP address blocks:        45.158.226.0/24 maxlen: 24
                          45.158.225.0/24 maxlen: 24
                          45.158.224.0/22 maxlen: 22
                          45.158.224.0/24 maxlen: 24
                          45.158.227.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 23 Mar 2023 11:52:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:54:a5:f5:51:2b:04:5c:98:cf:b1:c9:1e:6f:e1:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
        Validity
            Not Before: Jan  1 21:54:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bc986ccb1108b867ff20ee0b227e0bce040e2745
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:c7:f3:f5:c8:fd:44:dd:d5:cb:28:cc:a5:78:
                    e7:31:b7:84:22:92:5b:73:8c:d3:5b:ab:69:61:27:
                    74:3d:eb:55:82:f6:47:63:e4:a3:3c:49:9f:b0:84:
                    2b:fc:b1:3f:a6:fa:99:7e:60:93:27:71:da:1d:db:
                    71:8a:de:70:6a:9a:f5:ef:cf:cb:e5:73:d7:64:02:
                    bd:ad:08:f3:e9:c6:b3:69:e5:b7:1f:04:cd:36:a2:
                    f0:70:d2:06:00:95:c1:85:c6:a9:fd:81:a2:34:81:
                    3d:f4:5e:7c:a6:a6:82:ba:de:2f:71:d7:a1:3e:16:
                    91:3c:39:2b:bd:71:78:8b:13:9c:1d:44:2a:cb:15:
                    b3:09:e7:2d:8b:5d:ff:c0:8c:ca:4b:cd:f7:6d:fb:
                    4f:a5:6f:29:5a:b7:89:74:82:fc:50:36:dd:bb:a9:
                    81:f3:07:4a:9c:57:78:48:42:2c:32:35:3b:4d:f8:
                    15:18:67:3a:f4:5c:4e:dd:87:d2:d5:79:8b:2e:87:
                    6a:40:97:e3:43:56:ba:41:38:01:e5:81:de:75:35:
                    d8:1e:5e:e2:eb:d5:06:17:a4:ae:14:38:90:b9:2f:
                    5e:d9:1a:bf:a1:44:a7:45:8a:75:cd:8a:fc:dd:f7:
                    c3:a2:a1:dc:01:cb:a4:84:0c:ce:42:8c:2f:9c:de:
                    93:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:98:6C:CB:11:08:B8:67:FF:20:EE:0B:22:7E:0B:CE:04:0E:27:45
            X509v3 Authority Key Identifier:
                keyid:87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/vJhsyxEIuGf_IO4LIn4LzgQOJ0U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.158.224.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2a:ad:1c:2c:6e:68:0c:8d:2a:97:58:ab:6e:27:73:fc:43:b0:
         cc:39:65:75:4d:b0:81:b5:6f:e7:9a:9f:32:d2:83:b5:53:21:
         60:be:37:a5:b5:64:cb:0c:60:ec:99:45:1e:fd:4c:62:21:71:
         6b:95:3d:e2:77:27:ea:94:7c:61:7e:09:ae:5a:c5:1c:ba:39:
         75:71:0a:e8:c2:f8:57:b8:73:48:04:16:e5:fa:17:fb:09:ac:
         bb:b3:ad:0f:ac:a7:b0:b0:1c:f1:77:37:57:6b:e3:d6:c6:7f:
         0c:64:d2:b4:71:ea:65:65:b9:e7:cb:57:6b:48:40:d2:f3:04:
         92:7c:a5:a7:57:b4:57:a5:d4:0e:6b:78:e9:4d:6e:b2:a6:0b:
         7c:fc:95:27:e3:17:bb:61:1e:e3:b3:c1:e4:5b:3d:3a:ef:43:
         e4:a2:b0:2d:f1:c7:91:41:0f:7e:3f:d8:62:96:04:b8:82:35:
         cc:62:da:f9:35:19:e2:22:3a:b0:8b:78:6b:1e:07:a5:eb:9e:
         61:49:3f:53:ef:c6:ee:45:b7:a0:e4:be:93:b1:b1:3d:75:10:
         fd:1b:6d:1e:08:60:94:44:1e:55:6e:2c:2c:0f:51:e4:31:53:
         70:3b:09:79:18:15:2e:30:7f:d7:3e:c5:8c:90:59:43:1b:4f:
         ed:6e:35:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvVKX1USsEXJjPsckeb+GJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGI1OTFiNWQ4ZjA3NmVhZjQ3MmUzZWE0NWQzYjVjOGUx
MzUwYTEwHhcNMjMwMTAxMjE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzk4NmNjYjExMDhiODY3ZmYyMGVlMGIyMjdlMGJjZTA0MGUyNzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcfz9cj9RN3VyyjMpXjnMbeEIpJb
c4zTW6tpYSd0PetVgvZHY+SjPEmfsIQr/LE/pvqZfmCTJ3HaHdtxit5wapr178/L
5XPXZAK9rQjz6cazaeW3HwTNNqLwcNIGAJXBhcap/YGiNIE99F58pqaCut4vcdeh
PhaRPDkrvXF4ixOcHUQqyxWzCecti13/wIzKS833bftPpW8pWreJdIL8UDbdu6mB
8wdKnFd4SEIsMjU7TfgVGGc69FxO3YfS1XmLLodqQJfjQ1a6QTgB5YHedTXYHl7i
69UGF6SuFDiQuS9e2Rq/oUSnRYp1zYr83ffDoqHcAcukhAzOQowvnN6TawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLyYbMsRCLhn/yDuCyJ+C84EDidFMB8GA1UdIwQY
MBaAFIdLWRtdjwdur0cuPqRdO1yOE1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQt
MGM2YTY3ODIwYTU4LzEvdkpoc3l4RUl1R2ZfSU80TEluNEx6Z1FPSjBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQtMGM2YTY3ODIwYTU4
LzEvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ7gMA0G
CSqGSIb3DQEBCwUAA4IBAQAqrRwsbmgMjSqXWKtuJ3P8Q7DMOWV1TbCBtW/nmp8y
0oO1UyFgvjeltWTLDGDsmUUe/UxiIXFrlT3idyfqlHxhfgmuWsUcujl1cQrowvhX
uHNIBBbl+hf7Cay7s60PrKewsBzxdzdXa+PWxn8MZNK0ceplZbnny1drSEDS8wSS
fKWnV7RXpdQOa3jpTW6ypgt8/JUn4xe7YR7js8HkWz0670PkorAt8ceRQQ9+P9hi
lgS4gjXMYtr5NRniIjqwi3hrHgel655hST9T78buRbeg5L6TsbE9dRD9G20eCGCU
RB5VbiwsD1HkMVNwOwl5GBUuMH/XPsWMkFlDG0/tbjVk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:59 2024 by rpki-client on console-fra.rpki-client.org