Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/SWIQ1LCMY4p47W-9gR-yY53XAKA.roa
File:                     SWIQ1LCMY4p47W-9gR-yY53XAKA.roa (raw, json)
Hash identifier:          KdvLl/kJgZFvOKi0EKxRWFCN6Mc9UNGf3iSsBvB2viA=
Subject key identifier:   49:62:10:D4:B0:8C:63:8A:78:ED:6F:BD:81:1F:B2:63:9D:D7:00:A0
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       0186552944E4916FDF659EFBC86E70E75A4C
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/SWIQ1LCMY4p47W-9gR-yY53XAKA.roa
Signing time:             Wed 15 Feb 2023 13:00:13 +0000
ROA not before:           Wed 15 Feb 2023 13:00:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8285
IP address blocks:        45.13.189.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 16 Feb 2023 18:28:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:55:29:44:e4:91:6f:df:65:9e:fb:c8:6e:70:e7:5a:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Feb 15 13:00:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=496210d4b08c638a78ed6fbd811fb2639dd700a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:98:c7:0a:47:d6:b6:a6:b6:ee:97:1c:16:0f:
                    6b:18:48:ff:ef:34:84:18:35:f5:f5:23:46:ca:47:
                    7d:be:97:e0:f6:aa:2f:6e:34:38:69:1c:d1:73:eb:
                    5a:2b:28:c7:e4:1d:54:e5:4b:b7:c2:e2:40:02:b5:
                    b4:21:43:79:f2:0a:2b:06:8a:29:96:21:2a:13:4e:
                    39:96:a4:bc:9e:f6:4a:7a:71:ef:e6:3c:58:b3:c7:
                    7b:d2:40:49:32:91:96:d7:42:d3:8c:58:e4:1b:db:
                    7c:07:9c:88:f8:cd:ad:d3:bd:bd:11:a9:17:82:bf:
                    cf:d0:25:91:9c:c7:c1:6b:bd:30:0d:7f:f9:e3:18:
                    18:f2:da:b6:91:e9:4e:65:f9:86:8d:89:89:8a:07:
                    e8:77:2a:fe:7a:9a:39:8f:24:47:20:05:54:93:50:
                    85:0b:e2:8f:a0:b7:c0:a0:a0:8f:c3:36:49:73:34:
                    8c:49:ec:a9:68:b6:9c:ba:38:8b:b5:0b:3a:76:2e:
                    ee:50:43:a5:b5:a1:e1:c4:0b:64:58:bb:5f:f6:8f:
                    2e:6a:ae:77:01:7b:8f:93:58:4c:b0:44:3d:f5:ab:
                    11:99:57:bd:ff:81:0f:a2:c2:42:1c:08:e3:a3:28:
                    96:41:d8:ae:92:e0:cc:da:77:1c:d1:e8:2a:55:08:
                    37:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:62:10:D4:B0:8C:63:8A:78:ED:6F:BD:81:1F:B2:63:9D:D7:00:A0
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/SWIQ1LCMY4p47W-9gR-yY53XAKA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.13.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:34:e9:18:29:d2:02:3c:4f:c3:31:14:66:c0:8e:d0:9c:84:
         f0:23:4d:91:9a:db:54:c9:aa:8f:63:63:21:fc:26:ee:53:ff:
         67:74:a8:ce:ac:7c:7f:8e:2c:f4:e1:46:4f:f3:ce:fe:7e:09:
         b1:7e:e9:ba:e4:8e:16:54:34:f1:9e:52:a9:53:41:b4:98:d9:
         14:1b:d6:bb:19:ee:7c:6e:b2:14:6f:23:d6:61:a7:67:a3:f2:
         58:41:fb:54:37:25:ba:df:e1:7c:5b:d4:dd:91:6f:71:73:a9:
         e7:15:bd:e4:b5:e7:3a:ef:fa:96:9d:8c:a7:51:e6:66:45:99:
         da:1a:10:2d:25:e3:97:ca:ee:4a:05:04:43:13:04:65:c1:15:
         5d:19:33:0c:89:86:6e:91:8b:36:bd:7e:a1:0c:52:cd:c7:69:
         7d:0b:99:37:b6:20:86:8a:c6:00:36:e7:5d:fb:65:6a:de:e6:
         62:e6:af:7f:01:17:ba:ec:b5:85:04:a8:87:7a:20:a4:c0:0b:
         14:1c:9f:ae:67:55:19:0b:9f:05:11:ba:ea:06:2b:a9:45:1f:
         b6:7e:a8:f6:b6:f4:d3:e6:7d:52:28:67:d3:ac:89:2a:75:a3:
         20:6b:7a:88:69:7c:a2:9b:c4:4e:43:7b:eb:c9:4e:a8:93:f6:
         60:cf:54:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZVKUTkkW/fZZ77yG5w51pMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMjE1MTMwMDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTYyMTBkNGIwOGM2MzhhNzhlZDZmYmQ4MTFmYjI2MzlkZDcwMGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJjHCkfWtqa27pccFg9rGEj/7zSE
GDX19SNGykd9vpfg9qovbjQ4aRzRc+taKyjH5B1U5Uu3wuJAArW0IUN58gorBoop
liEqE045lqS8nvZKenHv5jxYs8d70kBJMpGW10LTjFjkG9t8B5yI+M2t0729EakX
gr/P0CWRnMfBa70wDX/54xgY8tq2kelOZfmGjYmJigfodyr+epo5jyRHIAVUk1CF
C+KPoLfAoKCPwzZJczSMSeypaLacujiLtQs6di7uUEOltaHhxAtkWLtf9o8uaq53
AXuPk1hMsEQ99asRmVe9/4EPosJCHAjjoyiWQdiukuDM2ncc0egqVQg3UwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEliENSwjGOKeO1vvYEfsmOd1wCgMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvU1dJUTFMQ01ZNHA0N1ctOWdSLXlZNTNYQUtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQ29MA0G
CSqGSIb3DQEBCwUAA4IBAQCgNOkYKdICPE/DMRRmwI7QnITwI02RmttUyaqPY2Mh
/CbuU/9ndKjOrHx/jiz04UZP887+fgmxfum65I4WVDTxnlKpU0G0mNkUG9a7Ge58
brIUbyPWYadno/JYQftUNyW63+F8W9TdkW9xc6nnFb3ktec67/qWnYynUeZmRZna
GhAtJeOXyu5KBQRDEwRlwRVdGTMMiYZukYs2vX6hDFLNx2l9C5k3tiCGisYANudd
+2Vq3uZi5q9/ARe67LWFBKiHeiCkwAsUHJ+uZ1UZC58FEbrqBiupRR+2fqj2tvTT
5n1SKGfTrIkqdaMga3qIaXyim8ROQ3vryU6ok/Zgz1QY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org