Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/iSsK18b8phgrBf-LoE2HYV0DH70.roa
File:                     iSsK18b8phgrBf-LoE2HYV0DH70.roa (raw, json)
Hash identifier:          mAlGITqHFy1v/uUjH1CHagaB/NNg3gbYac+KlQ0K3e0=
Subject key identifier:   89:2B:0A:D7:C6:FC:A6:18:2B:05:FF:8B:A0:4D:87:61:5D:03:1F:BD
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       01856CE61C8624FBA0C5E5884FF6456E4114
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/iSsK18b8phgrBf-LoE2HYV0DH70.roa
Signing time:             Sun 01 Jan 2023 10:34:57 +0000
ROA not before:           Sun 01 Jan 2023 10:34:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     53340
IP address blocks:        45.10.22.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e6:1c:86:24:fb:a0:c5:e5:88:4f:f6:45:6e:41:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Jan  1 10:34:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=892b0ad7c6fca6182b05ff8ba04d87615d031fbd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:f2:60:ad:8f:1a:14:40:62:7d:7b:55:0b:d3:
                    62:64:77:8e:96:1c:0c:7e:ab:80:28:ae:69:6e:ec:
                    db:29:17:77:10:17:56:b9:e9:a6:79:7e:c8:95:e1:
                    36:7c:87:4c:45:2a:34:51:16:c6:cb:c8:b9:cd:66:
                    78:21:5f:21:1e:6b:9f:dc:13:50:e1:43:5c:af:c4:
                    49:16:03:f0:eb:61:ff:61:88:a3:45:b4:4d:b3:d1:
                    5c:56:ea:e4:ab:ac:6f:b5:4f:ab:5e:c3:35:6d:a3:
                    1b:a8:b9:e4:c0:a4:0f:43:e4:33:65:10:c0:bd:de:
                    7c:0d:8d:d3:80:ed:ed:67:e3:c2:c9:49:30:6e:3a:
                    e1:be:11:62:37:35:1d:a1:a1:1e:51:c4:64:96:69:
                    82:89:f5:1d:60:51:bb:f8:27:20:29:fc:d6:14:2e:
                    52:53:07:6f:4c:43:56:a6:de:62:da:98:1e:07:ef:
                    d9:5d:f8:8c:b6:d8:28:f6:5d:ce:82:b2:bc:b9:44:
                    1a:48:1f:fb:8b:a7:fb:c2:ae:36:01:40:79:fa:43:
                    ed:9c:0a:d9:85:8c:a9:e0:66:4c:7b:f2:73:02:61:
                    01:75:32:d3:49:e4:16:d6:2c:c6:51:08:0d:46:3d:
                    75:b6:dd:dc:08:da:ef:f0:51:fc:c6:f2:59:54:3b:
                    a6:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:2B:0A:D7:C6:FC:A6:18:2B:05:FF:8B:A0:4D:87:61:5D:03:1F:BD
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/iSsK18b8phgrBf-LoE2HYV0DH70.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.10.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:f6:ae:bb:4b:23:e1:ef:03:db:e3:30:31:78:ef:fc:e2:94:
         05:52:e4:25:1a:c3:47:1c:cb:35:61:ce:65:e1:16:19:27:54:
         fb:02:5e:c2:a0:5d:fd:15:f3:45:7b:03:ae:b4:bd:8f:29:58:
         4e:3b:8a:3a:c7:56:a5:06:94:21:6e:a1:97:f5:57:ae:e9:cb:
         f8:ec:19:b5:9e:44:e8:27:b5:88:d8:00:b8:43:53:1e:37:60:
         f4:5f:d3:0b:a3:c8:75:87:56:2a:ee:a9:33:89:27:21:e0:1c:
         c4:9d:24:af:e4:e1:3e:b1:0b:3c:37:75:9e:cb:26:3e:3f:28:
         46:a7:c4:52:0c:e2:14:92:63:d4:7d:94:4d:e3:f5:8c:66:04:
         be:a3:30:2b:eb:9d:0b:d7:98:38:fd:2c:81:f6:69:3e:37:7a:
         21:47:85:94:00:df:a0:c2:96:46:18:4f:1e:74:b0:78:ad:bd:
         ce:91:47:f9:c7:c4:31:b3:b2:02:be:37:a0:76:03:09:f4:97:
         f9:0e:2e:4b:63:04:61:f6:14:c9:be:e9:d5:95:13:8c:f7:5d:
         a5:87:7b:36:e4:4e:6b:a0:bd:95:e4:fb:93:a3:0c:b6:05:1b:
         d0:f1:8e:67:21:f0:6b:3a:1f:69:5d:09:98:65:22:39:98:7f:
         cb:36:f9:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5hyGJPugxeWIT/ZFbkEUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwMTAxMTAzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTJiMGFkN2M2ZmNhNjE4MmIwNWZmOGJhMDRkODc2MTVkMDMxZmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfJgrY8aFEBifXtVC9NiZHeOlhwM
fquAKK5pbuzbKRd3EBdWuemmeX7IleE2fIdMRSo0URbGy8i5zWZ4IV8hHmuf3BNQ
4UNcr8RJFgPw62H/YYijRbRNs9FcVurkq6xvtU+rXsM1baMbqLnkwKQPQ+QzZRDA
vd58DY3TgO3tZ+PCyUkwbjrhvhFiNzUdoaEeUcRklmmCifUdYFG7+CcgKfzWFC5S
UwdvTENWpt5i2pgeB+/ZXfiMttgo9l3OgrK8uUQaSB/7i6f7wq42AUB5+kPtnArZ
hYyp4GZMe/JzAmEBdTLTSeQW1izGUQgNRj11tt3cCNrv8FH8xvJZVDumXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIkrCtfG/KYYKwX/i6BNh2FdAx+9MB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvaVNzSzE4YjhwaGdyQmYtTG9FMkhZVjBESDcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQoWMA0G
CSqGSIb3DQEBCwUAA4IBAQBm9q67SyPh7wPb4zAxeO/84pQFUuQlGsNHHMs1Yc5l
4RYZJ1T7Al7CoF39FfNFewOutL2PKVhOO4o6x1alBpQhbqGX9Veu6cv47Bm1nkTo
J7WI2AC4Q1MeN2D0X9MLo8h1h1Yq7qkziSch4BzEnSSv5OE+sQs8N3WeyyY+PyhG
p8RSDOIUkmPUfZRN4/WMZgS+ozAr650L15g4/SyB9mk+N3ohR4WUAN+gwpZGGE8e
dLB4rb3OkUf5x8Qxs7ICvjegdgMJ9Jf5Di5LYwRh9hTJvunVlROM912lh3s25E5r
oL2V5PuTowy2BRvQ8Y5nIfBrOh9pXQmYZSI5mH/LNvnU
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:25 2024 by rpki-client on console-ams.rpki-client.org