Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/kw4c1p_hgtYodMGvoSvf2QKGpqA.roa
File:                     kw4c1p_hgtYodMGvoSvf2QKGpqA.roa (raw, json)
Hash identifier:          N21cREt+hAPfxLMUmojuuK+C1iDuEHSA8ulT/OzPUAk=
Subject key identifier:   93:0E:1C:D6:9F:E1:82:D6:28:74:C1:AF:A1:2B:DF:D9:02:86:A6:A0
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       018A23D4239023C4D0492CC000CBD9CFBC0A
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/kw4c1p_hgtYodMGvoSvf2QKGpqA.roa
Signing time:             Wed 23 Aug 2023 19:16:59 +0000
ROA not before:           Wed 23 Aug 2023 19:16:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48314
IP address blocks:        45.90.98.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:23:d4:23:90:23:c4:d0:49:2c:c0:00:cb:d9:cf:bc:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Aug 23 19:16:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=930e1cd69fe182d62874c1afa12bdfd90286a6a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:13:7f:67:d1:f3:fd:97:3f:d5:e6:9b:45:d0:
                    18:bf:a2:3a:f6:84:8d:d8:42:b5:da:ad:94:37:b8:
                    ba:d4:7d:d6:6d:86:08:b7:6a:05:b4:43:3e:5a:78:
                    06:fd:14:9f:ad:b8:4a:96:e7:f3:df:db:8e:f3:f9:
                    8e:16:40:fb:c6:48:9f:67:1f:dc:dd:38:4e:4f:3d:
                    f9:d8:46:67:ad:27:27:5c:e8:6b:0c:83:2e:30:02:
                    a2:93:2b:52:11:79:1a:09:55:e9:8b:eb:0d:a6:4e:
                    e9:d4:6b:0f:57:dd:0b:11:ad:97:51:74:d0:d5:50:
                    8b:4a:b3:6b:fb:9d:c6:1e:52:d5:21:d8:d4:85:1e:
                    e5:67:a5:a9:33:cd:6b:05:ee:17:c9:1d:34:7d:f8:
                    c3:51:c2:c2:de:57:53:ce:58:9d:70:e1:0b:cc:52:
                    a7:71:c6:df:68:cb:f4:ab:fd:e7:80:26:fb:20:89:
                    d4:18:2e:ea:60:43:54:4c:77:5e:26:62:1b:bc:e1:
                    29:09:a3:65:11:32:0b:cb:e3:e3:89:b0:78:bf:79:
                    ca:04:ce:d1:fd:be:c6:27:65:b6:8b:a5:9e:2d:54:
                    35:55:ee:14:37:91:4c:00:46:70:48:1d:24:6e:e2:
                    0c:8e:81:4b:2b:4e:db:f0:a4:32:1e:39:8b:9a:8c:
                    02:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:0E:1C:D6:9F:E1:82:D6:28:74:C1:AF:A1:2B:DF:D9:02:86:A6:A0
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/kw4c1p_hgtYodMGvoSvf2QKGpqA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.90.98.0/23

    Signature Algorithm: sha256WithRSAEncryption
         14:15:df:d5:2d:62:a7:c9:69:6d:e1:5b:11:f8:79:20:56:c4:
         4b:44:ef:50:0d:37:22:47:c3:67:dc:e3:82:e6:c8:dd:17:76:
         3f:ae:7d:cb:88:9d:c5:49:75:15:f5:59:27:35:0a:dc:2a:03:
         35:8a:99:f1:79:53:84:c6:a4:69:f6:c2:f7:29:60:dd:d4:2f:
         c3:81:43:85:60:78:6d:76:df:f9:9d:88:a4:96:f1:8c:4c:5c:
         7f:63:9c:c3:d9:07:b7:eb:7e:91:ed:81:34:11:8e:55:25:76:
         53:94:79:93:13:17:9e:65:08:c8:ad:16:c6:cb:58:03:7a:9f:
         0d:03:92:31:2f:70:a1:00:94:1a:fa:61:ea:10:93:86:d8:eb:
         63:07:8d:a2:87:11:7e:be:e6:35:9c:9a:90:1e:5c:2f:1b:db:
         2a:af:15:a2:4d:3d:be:ca:13:8c:93:59:0e:e5:08:94:96:1a:
         8e:7c:d0:8b:7d:48:58:f5:a6:73:80:be:18:a6:3e:34:a0:d9:
         a4:68:d5:ab:dc:5a:b0:ec:75:e9:f1:b3:ff:d9:99:44:52:f9:
         bb:36:c2:ea:af:d8:56:d6:6f:93:22:fe:3f:43:46:c3:19:75:
         b4:dd:ce:42:b9:8f:a7:0a:74:5e:bd:98:75:50:cc:b0:2a:db:
         61:92:01:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoj1COQI8TQSSzAAMvZz7wKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwODIzMTkxNjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzBlMWNkNjlmZTE4MmQ2Mjg3NGMxYWZhMTJiZGZkOTAyODZhNmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghN/Z9Hz/Zc/1eabRdAYv6I69oSN
2EK12q2UN7i61H3WbYYIt2oFtEM+WngG/RSfrbhKlufz39uO8/mOFkD7xkifZx/c
3ThOTz352EZnrScnXOhrDIMuMAKikytSEXkaCVXpi+sNpk7p1GsPV90LEa2XUXTQ
1VCLSrNr+53GHlLVIdjUhR7lZ6WpM81rBe4XyR00ffjDUcLC3ldTzlidcOELzFKn
ccbfaMv0q/3ngCb7IInUGC7qYENUTHdeJmIbvOEpCaNlETILy+PjibB4v3nKBM7R
/b7GJ2W2i6WeLVQ1Ve4UN5FMAEZwSB0kbuIMjoFLK07b8KQyHjmLmowCDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJMOHNaf4YLWKHTBr6Er39kChqagMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEva3c0YzFwX2hndFlvZE1Hdm9TdmYyUUtHcHFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVpiMA0G
CSqGSIb3DQEBCwUAA4IBAQAUFd/VLWKnyWlt4VsR+HkgVsRLRO9QDTciR8Nn3OOC
5sjdF3Y/rn3LiJ3FSXUV9VknNQrcKgM1ipnxeVOExqRp9sL3KWDd1C/DgUOFYHht
dt/5nYiklvGMTFx/Y5zD2Qe3636R7YE0EY5VJXZTlHmTExeeZQjIrRbGy1gDep8N
A5IxL3ChAJQa+mHqEJOG2OtjB42ihxF+vuY1nJqQHlwvG9sqrxWiTT2+yhOMk1kO
5QiUlhqOfNCLfUhY9aZzgL4Ypj40oNmkaNWr3Fqw7HXp8bP/2ZlEUvm7NsLqr9hW
1m+TIv4/Q0bDGXW03c5CuY+nCnRevZh1UMywKtthkgHq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org