Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/G3Q4k9T2E8F3DYCxErFKvzudlRI.roa
File:                     G3Q4k9T2E8F3DYCxErFKvzudlRI.roa (raw, json)
Hash identifier:          uF4tzoiB9Ak7GP6zEnyBtO99/fjmZkRUl/76atksAPw=
Subject key identifier:   1B:74:38:93:D4:F6:13:C1:77:0D:80:B1:12:B1:4A:BF:3B:9D:95:12
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018E1A0ECC6D00A1F92C6594D1E05094A4E3
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/G3Q4k9T2E8F3DYCxErFKvzudlRI.roa
Signing time:             Thu 07 Mar 2024 17:56:01 +0000
ROA not before:           Thu 07 Mar 2024 17:56:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     47757
IP address blocks:        45.94.170.0/24 maxlen: 24
                          45.132.180.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 15 Mar 2024 14:12:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:1a:0e:cc:6d:00:a1:f9:2c:65:94:d1:e0:50:94:a4:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Mar  7 17:56:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1b743893d4f613c1770d80b112b14abf3b9d9512
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:5b:16:c5:d0:cd:fc:bf:91:24:f9:ac:83:4d:
                    01:6e:7a:5b:18:5c:db:60:f3:c2:81:73:99:41:ce:
                    d2:a5:aa:93:69:e9:dc:08:c6:31:d4:84:21:98:97:
                    da:16:77:d3:bf:b4:8a:4c:f4:fb:45:37:f7:0d:c3:
                    a5:80:be:4b:1b:87:01:07:c7:fa:da:19:ea:d6:f3:
                    6d:17:68:2e:75:89:3d:cd:c2:a1:6c:7f:63:eb:1d:
                    ee:b0:e1:ee:45:07:0b:b4:05:04:20:70:d2:dc:ea:
                    70:86:32:fe:e7:70:b5:c7:08:30:9f:ef:6e:89:1b:
                    bc:81:fa:7d:46:ab:b7:aa:70:c8:ae:f5:8d:90:7d:
                    e9:86:ce:e5:27:4d:a7:2c:d9:b1:26:0b:37:d6:d6:
                    d4:f5:a5:3c:9b:4b:7f:74:99:d9:8d:80:04:34:26:
                    3e:a3:d6:ec:ea:e7:1d:66:eb:ee:d4:ba:ab:a5:f8:
                    24:3b:67:81:6a:77:f5:95:60:9e:05:82:1f:3b:33:
                    28:eb:11:ed:83:3e:90:59:0a:54:51:32:56:0b:5f:
                    05:56:d9:02:53:a9:9c:15:bc:b1:17:2f:5a:81:20:
                    a7:12:17:9d:34:c3:66:59:4f:52:be:03:c4:19:f7:
                    a7:c1:9d:11:24:74:5b:06:76:29:d8:a7:3d:9b:93:
                    1d:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:74:38:93:D4:F6:13:C1:77:0D:80:B1:12:B1:4A:BF:3B:9D:95:12
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/G3Q4k9T2E8F3DYCxErFKvzudlRI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.94.170.0/24
                  45.132.180.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:1c:0a:92:45:75:db:86:9b:85:81:c5:6d:f2:9a:94:7b:14:
         5a:c5:1c:01:a1:ca:97:3c:cc:b5:f7:44:ca:12:91:01:a9:dc:
         3e:50:55:4a:46:ee:ae:b0:a2:0a:71:82:0a:8f:1f:8f:1b:fe:
         e9:5e:e1:ea:65:bd:8d:7c:bf:93:0b:35:57:ac:5d:60:02:f5:
         d3:91:84:fe:cf:73:8c:7e:4a:d6:1e:ab:43:a4:c1:42:e9:fd:
         76:73:ea:36:cf:79:4f:8b:37:ef:6f:2b:06:d6:3c:f9:a2:9e:
         03:92:e0:c0:ef:97:c5:62:b9:61:e3:a6:5a:c5:63:59:ab:d8:
         a8:70:b7:58:4e:3d:5f:3c:dc:27:9f:11:96:e7:9c:7b:59:54:
         84:b0:fb:9f:bd:f3:f9:de:f5:09:9d:40:68:76:e7:52:14:92:
         23:b2:43:d8:71:26:09:34:48:ad:94:f7:f2:ad:e4:10:89:fe:
         56:a6:53:85:9c:96:a7:b3:9f:92:29:5b:5e:75:17:22:cd:cf:
         ae:b2:93:61:ee:24:1c:ac:28:04:f4:d0:9d:3f:06:2f:40:9c:
         96:bf:34:1b:33:3f:15:71:91:84:61:d2:82:ed:b5:4d:f4:e2:
         9a:c8:ed:7b:57:d5:7a:00:9a:c6:06:1c:98:40:01:2f:9e:24:
         9e:5e:ec:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4aDsxtAKH5LGWU0eBQlKTjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMzA3MTc1NjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjc0Mzg5M2Q0ZjYxM2MxNzcwZDgwYjExMmIxNGFiZjNiOWQ5NTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilsWxdDN/L+RJPmsg00BbnpbGFzb
YPPCgXOZQc7SpaqTaencCMYx1IQhmJfaFnfTv7SKTPT7RTf3DcOlgL5LG4cBB8f6
2hnq1vNtF2gudYk9zcKhbH9j6x3usOHuRQcLtAUEIHDS3OpwhjL+53C1xwgwn+9u
iRu8gfp9Rqu3qnDIrvWNkH3phs7lJ02nLNmxJgs31tbU9aU8m0t/dJnZjYAENCY+
o9bs6ucdZuvu1LqrpfgkO2eBanf1lWCeBYIfOzMo6xHtgz6QWQpUUTJWC18FVtkC
U6mcFbyxFy9agSCnEhedNMNmWU9SvgPEGfenwZ0RJHRbBnYp2Kc9m5Md2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBt0OJPU9hPBdw2AsRKxSr87nZUSMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvRzNRNGs5VDJFOEYzRFlDeEVyRkt2enVkbFJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALV6qAwQA
LYS0MA0GCSqGSIb3DQEBCwUAA4IBAQCtHAqSRXXbhpuFgcVt8pqUexRaxRwBocqX
PMy190TKEpEBqdw+UFVKRu6usKIKcYIKjx+PG/7pXuHqZb2NfL+TCzVXrF1gAvXT
kYT+z3OMfkrWHqtDpMFC6f12c+o2z3lPizfvbysG1jz5op4DkuDA75fFYrlh46Za
xWNZq9iocLdYTj1fPNwnnxGW55x7WVSEsPufvfP53vUJnUBodudSFJIjskPYcSYJ
NEitlPfyreQQif5WplOFnJans5+SKVtedRcizc+uspNh7iQcrCgE9NCdPwYvQJyW
vzQbMz8VcZGEYdKC7bVN9OKayO17V9V6AJrGBhyYQAEvniSeXuxr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org