Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/xucXRrU65ZxFoHtaDp_Do4krfh0.roa
File:                     xucXRrU65ZxFoHtaDp_Do4krfh0.roa (raw, json)
Hash identifier:          twGqpoV7Dg1EssrkaK1qAk2RkWD9tXkwBvJms11GE6g=
Subject key identifier:   C6:E7:17:46:B5:3A:E5:9C:45:A0:7B:5A:0E:9F:C3:A3:89:2B:7E:1D
Certificate issuer:       /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial:       0188D8DF7AC35891B86C38EA363EA9715667
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/xucXRrU65ZxFoHtaDp_Do4krfh0.roa
Signing time:             Tue 20 Jun 2023 12:55:04 +0000
ROA not before:           Tue 20 Jun 2023 12:55:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56309
IP address blocks:        45.136.236.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:d8:df:7a:c3:58:91:b8:6c:38:ea:36:3e:a9:71:56:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
        Validity
            Not Before: Jun 20 12:55:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c6e71746b53ae59c45a07b5a0e9fc3a3892b7e1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:0c:38:44:32:f3:22:54:d8:f4:fa:9a:6d:a1:
                    6e:76:8e:d0:f8:89:42:ba:48:07:a0:b8:ec:c6:b0:
                    74:5d:01:ea:78:1a:d2:21:5a:32:b7:89:98:db:1a:
                    a9:44:f9:f1:8e:60:e7:d6:14:67:42:ec:95:a6:7e:
                    fc:40:7b:6d:6c:5c:5b:34:a4:5a:f0:3b:ea:10:d6:
                    5d:80:ae:67:78:bb:a6:4f:70:9d:36:02:fe:78:7e:
                    a6:48:78:e5:48:0f:e9:a7:a4:be:23:15:ac:cc:58:
                    b7:35:4f:f5:79:22:59:f4:6b:a4:f0:9f:97:0f:f2:
                    8b:b0:38:9d:84:5e:6f:a8:2f:47:e6:1a:1f:4a:14:
                    2a:7f:50:a9:1e:d0:9a:40:4f:17:bd:e9:ed:df:21:
                    ac:d8:8e:48:d6:46:21:29:84:bb:48:59:bd:97:b7:
                    54:43:75:91:e0:88:c6:59:d5:9e:6e:07:61:c7:bc:
                    8b:e8:06:1f:0a:3a:17:76:20:d8:50:7f:f1:ef:e4:
                    c0:61:f9:01:46:e5:7b:35:77:bf:ee:7a:79:ec:3c:
                    43:0d:f7:97:ff:2e:f5:24:c8:f7:98:61:70:66:50:
                    7a:7b:9e:57:96:41:e9:81:cd:e2:4c:71:f8:19:9c:
                    45:4e:38:9b:44:e5:db:4a:59:d8:3b:99:e8:ec:eb:
                    c5:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:E7:17:46:B5:3A:E5:9C:45:A0:7B:5A:0E:9F:C3:A3:89:2B:7E:1D
            X509v3 Authority Key Identifier:
                keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/xucXRrU65ZxFoHtaDp_Do4krfh0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.136.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8a:03:4e:19:d5:bc:98:45:4d:4b:64:15:db:38:90:9a:5b:af:
         8a:72:15:b8:4c:f1:03:aa:9b:47:71:85:f2:00:16:21:af:a7:
         1c:83:10:65:3d:e0:13:6b:04:4e:23:7b:c6:00:9d:f7:98:04:
         dc:cb:28:cc:ba:e4:73:c4:9b:e8:99:ce:6b:cd:2d:35:9d:43:
         8b:07:b5:06:34:64:cc:e6:86:28:91:13:89:36:d5:ed:fe:a8:
         8b:b8:ef:34:e2:f1:2f:69:82:a3:37:2a:a2:c4:4b:b9:92:65:
         5d:b1:74:55:41:e0:65:ce:24:13:ac:e6:7d:a6:ba:b4:51:20:
         b4:df:66:08:cc:e5:11:27:f6:ed:f1:84:cf:64:e9:16:fc:d1:
         9c:dc:db:30:96:4f:0d:12:a0:0b:4f:28:54:bf:30:20:af:a8:
         2e:3d:52:c8:a9:49:60:14:8c:c6:e5:f0:9f:d9:a0:fa:23:72:
         86:1d:57:78:d8:ea:89:e5:df:2b:8b:85:79:0d:2d:f1:86:f9:
         5a:48:c5:fa:7b:8a:f6:a4:76:8d:44:33:4c:42:f8:3a:b2:17:
         6b:82:5c:79:52:ee:82:85:49:6c:34:2d:a3:f7:9b:7d:b1:fe:
         07:9f:6c:4e:bb:ec:85:c4:18:e7:12:3a:a6:ad:4e:49:ca:e0:
         8c:70:21:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjY33rDWJG4bDjqNj6pcVZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy
NzFlMTAwHhcNMjMwNjIwMTI1NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmU3MTc0NmI1M2FlNTljNDVhMDdiNWEwZTlmYzNhMzg5MmI3ZTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Aw4RDLzIlTY9PqabaFudo7Q+IlC
ukgHoLjsxrB0XQHqeBrSIVoyt4mY2xqpRPnxjmDn1hRnQuyVpn78QHttbFxbNKRa
8DvqENZdgK5neLumT3CdNgL+eH6mSHjlSA/pp6S+IxWszFi3NU/1eSJZ9Guk8J+X
D/KLsDidhF5vqC9H5hofShQqf1CpHtCaQE8Xvent3yGs2I5I1kYhKYS7SFm9l7dU
Q3WR4IjGWdWebgdhx7yL6AYfCjoXdiDYUH/x7+TAYfkBRuV7NXe/7np57DxDDfeX
/y71JMj3mGFwZlB6e55XlkHpgc3iTHH4GZxFTjibROXbSlnYO5no7OvFywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMbnF0a1OuWcRaB7Wg6fw6OJK34dMB8GA1UdIwQY
MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt
NjM0MTEzNjdkOTBhLzEveHVjWFJyVTY1WnhGb0h0YURwX0RvNGtyZmgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh
LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYjsMA0G
CSqGSIb3DQEBCwUAA4IBAQCKA04Z1byYRU1LZBXbOJCaW6+KchW4TPEDqptHcYXy
ABYhr6ccgxBlPeATawROI3vGAJ33mATcyyjMuuRzxJvomc5rzS01nUOLB7UGNGTM
5oYokROJNtXt/qiLuO804vEvaYKjNyqixEu5kmVdsXRVQeBlziQTrOZ9prq0USC0
32YIzOURJ/bt8YTPZOkW/NGc3Nswlk8NEqALTyhUvzAgr6guPVLIqUlgFIzG5fCf
2aD6I3KGHVd42OqJ5d8ri4V5DS3xhvlaSMX6e4r2pHaNRDNMQvg6shdrglx5Uu6C
hUlsNC2j95t9sf4Hn2xOu+yFxBjnEjqmrU5JyuCMcCEJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:19 2024 by rpki-client on console-fra.rpki-client.org