Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/IwhqPwoS82_srPZ5xlWSTpWGCY8.roa
File:                     IwhqPwoS82_srPZ5xlWSTpWGCY8.roa (raw, json)
Hash identifier:          oe5u6yz8vBQ+A292hEreMXBZ8rpwBVAPPeInio4iK8I=
Subject key identifier:   23:08:6A:3F:0A:12:F3:6F:EC:AC:F6:79:C6:55:92:4E:95:86:09:8F
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       01856CE616B3B3B2D75D5A5303A0EF4BDEB5
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/IwhqPwoS82_srPZ5xlWSTpWGCY8.roa
Signing time:             Sun 01 Jan 2023 10:34:56 +0000
ROA not before:           Sun 01 Jan 2023 10:34:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     40676
IP address blocks:        45.134.37.0/24 maxlen: 24
                          45.134.38.0/24 maxlen: 24
                          45.80.192.0/24 maxlen: 24
                          45.10.20.0/24 maxlen: 24
                          45.135.150.0/24 maxlen: 24
                          45.147.4.0/24 maxlen: 24
                          45.91.249.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e6:16:b3:b3:b2:d7:5d:5a:53:03:a0:ef:4b:de:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Jan  1 10:34:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=23086a3f0a12f36fecacf679c655924e9586098f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:4b:c0:0e:53:39:6f:93:f1:f4:d9:6f:b7:65:
                    bd:45:c4:9a:b6:ad:e7:98:60:bd:67:05:a5:6f:65:
                    00:5f:66:ab:ea:77:77:64:3c:73:9d:3a:f2:a7:2f:
                    11:43:b7:d6:00:75:dd:08:8d:3d:fc:92:7d:fb:38:
                    a9:c1:e7:b8:bd:3e:72:fc:d6:ce:22:4b:06:31:76:
                    4e:98:ca:d7:b5:a8:67:07:09:af:d7:c7:57:5b:4b:
                    19:53:c3:af:0f:bd:f5:dc:87:f8:b0:f3:37:57:0d:
                    50:3f:56:7a:2f:9d:16:23:95:74:99:cb:3f:7c:5d:
                    40:a4:1e:02:85:86:c3:47:19:28:ee:70:57:af:53:
                    bf:f3:06:8e:6f:a1:0f:d6:d8:56:33:4a:73:73:0a:
                    2d:ab:99:00:fb:96:53:86:89:f9:4e:30:33:8c:86:
                    96:9a:5b:66:6b:98:88:e4:30:9e:3e:84:1f:cb:10:
                    6d:67:30:fa:5a:f2:e4:90:ef:c1:e3:df:fb:ac:f9:
                    31:e3:ed:05:a2:ed:9b:2e:17:00:4b:c3:58:bf:80:
                    e8:10:a2:7b:c6:f5:73:4c:0c:6c:9e:2d:9d:67:82:
                    e9:1f:7b:e7:1c:ca:dd:9e:9a:c2:7b:05:89:6b:72:
                    e0:93:0e:6e:16:4f:c6:c1:14:7e:15:5f:a6:81:46:
                    34:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:08:6A:3F:0A:12:F3:6F:EC:AC:F6:79:C6:55:92:4E:95:86:09:8F
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/IwhqPwoS82_srPZ5xlWSTpWGCY8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.10.20.0/24
                  45.80.192.0/24
                  45.91.249.0/24
                  45.134.37.0-45.134.38.255
                  45.135.150.0/24
                  45.147.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:84:5d:e1:1b:ee:33:9b:b3:d9:94:af:cc:ae:f5:aa:cd:b4:
         c4:b0:7e:e4:ed:f2:2c:2e:8b:ad:29:f5:59:12:57:d1:be:ff:
         0a:9b:4c:cd:98:6d:62:de:73:57:1c:42:af:d7:22:4c:39:d3:
         57:0f:f7:48:3d:0c:9d:60:f9:47:09:ec:77:57:59:ae:c0:57:
         00:d5:0c:b2:35:a0:35:fc:14:df:df:c9:1c:2a:49:92:4b:5c:
         54:46:1e:b7:14:9a:89:5b:8d:c8:3c:54:6f:7a:aa:49:99:f9:
         b0:2f:31:9a:d8:85:49:4d:b7:f0:83:e0:fa:41:8f:9b:b4:67:
         f6:4f:94:d4:86:11:e9:fb:1e:d8:60:44:d5:4d:5a:35:65:2d:
         88:03:70:98:39:93:ff:6b:d3:aa:68:7b:d2:80:e3:91:3b:b2:
         f8:a9:84:7c:9d:5f:c4:14:17:93:73:1a:32:a3:62:86:cc:d3:
         b1:3b:72:e7:21:31:29:55:f8:5b:80:97:1a:93:70:da:48:da:
         83:40:98:7e:cb:da:8c:9a:3e:bf:a7:26:56:99:bf:3c:47:9c:
         46:45:a1:47:b6:0e:42:32:b1:cc:1b:a3:eb:75:b9:0e:e0:ae:
         22:42:a3:33:9c:b7:69:55:aa:5a:53:7f:5e:bd:2a:e3:a6:c9:
         2e:93:fe:9e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVs5hazs7LXXVpTA6DvS961MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwMTAxMTAzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzA4NmEzZjBhMTJmMzZmZWNhY2Y2NzljNjU1OTI0ZTk1ODYwOThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUvADlM5b5Px9Nlvt2W9RcSatq3n
mGC9ZwWlb2UAX2ar6nd3ZDxznTrypy8RQ7fWAHXdCI09/JJ9+zipwee4vT5y/NbO
IksGMXZOmMrXtahnBwmv18dXW0sZU8OvD7313If4sPM3Vw1QP1Z6L50WI5V0mcs/
fF1ApB4ChYbDRxko7nBXr1O/8waOb6EP1thWM0pzcwotq5kA+5ZThon5TjAzjIaW
mltma5iI5DCePoQfyxBtZzD6WvLkkO/B49/7rPkx4+0Fou2bLhcAS8NYv4DoEKJ7
xvVzTAxsni2dZ4LpH3vnHMrdnprCewWJa3Lgkw5uFk/GwRR+FV+mgUY0swIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCMIaj8KEvNv7Kz2ecZVkk6VhgmPMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvSXdocVB3b1M4Ml9zclBaNXhsV1NUcFdHQ1k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQALQoUAwQA
LVDAAwQALVv5MAwDBAAthiUDBAAthiYDBAAth5YDBAAtkwQwDQYJKoZIhvcNAQEL
BQADggEBAHeEXeEb7jObs9mUr8yu9arNtMSwfuTt8iwui60p9VkSV9G+/wqbTM2Y
bWLec1ccQq/XIkw501cP90g9DJ1g+UcJ7HdXWa7AVwDVDLI1oDX8FN/fyRwqSZJL
XFRGHrcUmolbjcg8VG96qkmZ+bAvMZrYhUlNt/CD4PpBj5u0Z/ZPlNSGEen7Hthg
RNVNWjVlLYgDcJg5k/9r06poe9KA45E7sviphHydX8QUF5NzGjKjYobM07E7cuch
MSlV+FuAlxqTcNpI2oNAmH7L2oyaPr+nJlaZvzxHnEZFoUe2DkIyscwbo+t1uQ7g
riJCozOct2lVqlpTf169KuOmyS6T/p4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org