Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/U1GQ_XjnSl4b5eeZvjNchGyR_bk.roa
File:                     U1GQ_XjnSl4b5eeZvjNchGyR_bk.roa (raw, json)
Hash identifier:          sYnKENI+4RxXIa5d6/X2khgCvHZhCJ+j6elEK8NtgWQ=
Subject key identifier:   53:51:90:FD:78:E7:4A:5E:1B:E5:E7:99:BE:33:5C:84:6C:91:FD:B9
Certificate issuer:       /CN=070483d3d62f19c0835746dcb721c8832c3b7926
Certificate serial:       018CC492FF3A44996EBB07219F8BDE02B3C1
Authority key identifier: 07:04:83:D3:D6:2F:19:C0:83:57:46:DC:B7:21:C8:83:2C:3B:79:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BwSD09YvGcCDV0bctyHIgyw7eSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/U1GQ_XjnSl4b5eeZvjNchGyR_bk.roa
Signing time:             Mon 01 Jan 2024 10:30:17 +0000
ROA not before:           Mon 01 Jan 2024 10:30:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     5650
IP address blocks:        45.85.204.0/22 maxlen: 22
                          45.134.92.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Wed 24 Jan 2024 19:32:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:92:ff:3a:44:99:6e:bb:07:21:9f:8b:de:02:b3:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=070483d3d62f19c0835746dcb721c8832c3b7926
        Validity
            Not Before: Jan  1 10:30:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=535190fd78e74a5e1be5e799be335c846c91fdb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:b5:74:9b:36:eb:ee:d2:eb:ef:c4:7b:4b:99:
                    67:bb:7e:22:75:fe:d6:73:50:82:86:d6:33:aa:88:
                    30:fa:c2:68:03:9c:7f:d0:19:8a:e1:08:c1:44:a4:
                    7c:5c:39:9d:6e:8b:90:1d:5e:66:ee:71:b7:f5:d0:
                    06:fc:e7:b3:34:31:00:74:70:2d:20:ac:4c:0d:55:
                    9b:9c:c2:65:ef:6d:a0:7c:06:ae:14:ed:8b:8d:bd:
                    e6:a6:d1:ed:b9:d7:3c:aa:e3:67:0b:ad:a0:6a:c0:
                    3a:fc:3a:81:17:48:50:10:fc:4b:c0:13:4e:e3:8d:
                    65:85:b9:d8:33:fd:c0:4c:1a:9f:2e:bb:53:3a:bb:
                    b4:85:d2:a4:f7:27:72:1d:7f:60:c1:6f:99:d0:d2:
                    e5:b8:de:52:2a:8d:bd:2f:a4:53:49:0c:2b:10:1b:
                    94:ce:cb:d0:7b:c0:b3:8f:06:a5:79:a4:7a:90:99:
                    db:56:48:73:d7:bb:9b:35:53:3a:77:78:0b:77:9c:
                    c3:a0:fe:f6:9b:e2:fe:23:56:32:73:59:7b:55:be:
                    33:be:a8:aa:35:0d:cd:5c:fd:41:69:07:ed:87:d0:
                    68:62:65:78:ea:fe:82:a0:85:14:23:5d:03:ca:34:
                    ca:d6:f7:1e:5f:94:d9:40:0e:fa:25:8c:3a:4b:2a:
                    bf:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:51:90:FD:78:E7:4A:5E:1B:E5:E7:99:BE:33:5C:84:6C:91:FD:B9
            X509v3 Authority Key Identifier:
                keyid:07:04:83:D3:D6:2F:19:C0:83:57:46:DC:B7:21:C8:83:2C:3B:79:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BwSD09YvGcCDV0bctyHIgyw7eSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/U1GQ_XjnSl4b5eeZvjNchGyR_bk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/BwSD09YvGcCDV0bctyHIgyw7eSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.85.204.0/22
                  45.134.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3b:75:97:bb:46:53:ad:68:39:f2:0a:2f:4a:40:e2:cf:06:98:
         96:f4:1c:90:1f:2d:68:1f:2e:45:07:0b:b6:b0:bf:60:b1:79:
         01:52:88:16:d1:c7:70:a2:8b:54:a6:df:b8:6d:ed:fd:ac:a7:
         5d:69:9c:cc:52:48:01:c7:ea:09:11:48:79:d5:2d:bf:6a:6d:
         7f:df:71:64:d3:b2:8c:4a:ea:d6:f8:4b:3e:b3:8e:0d:f3:e0:
         f3:2f:7f:e7:cb:18:cf:36:dd:74:28:b2:6c:25:aa:d5:fc:2f:
         ad:bb:f5:5f:de:1f:ce:1d:fc:1b:6b:dc:21:f0:15:66:c7:73:
         16:1a:33:b9:48:7b:66:fa:2e:10:06:8d:1b:be:e6:1f:1d:5d:
         fa:78:89:ed:c3:b0:a4:58:1f:c9:39:59:7b:6d:70:3d:2b:57:
         b2:03:ed:a6:ef:f2:58:6a:c1:06:80:84:23:71:00:b5:f2:c9:
         ea:0d:37:a7:c9:5f:74:ee:b9:86:42:24:ed:e1:24:71:33:7b:
         f3:05:31:68:65:05:c2:09:42:d0:ac:5c:df:9b:43:e5:63:81:
         84:87:9d:51:0b:75:6d:98:58:77:0e:1b:e9:cc:1d:1c:19:eb:
         75:56:81:67:4a:dd:1c:16:3f:4b:58:a0:46:5c:3e:51:0c:dc:
         57:fd:d4:e7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEkv86RJluuwchn4veArPBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3MDQ4M2QzZDYyZjE5YzA4MzU3NDZkY2I3MjFjODgzMmMz
Yjc5MjYwHhcNMjQwMTAxMTAzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzUxOTBmZDc4ZTc0YTVlMWJlNWU3OTliZTMzNWM4NDZjOTFmZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLV0mzbr7tLr78R7S5lnu34idf7W
c1CChtYzqogw+sJoA5x/0BmK4QjBRKR8XDmdbouQHV5m7nG39dAG/OezNDEAdHAt
IKxMDVWbnMJl722gfAauFO2Ljb3mptHtudc8quNnC62gasA6/DqBF0hQEPxLwBNO
441lhbnYM/3ATBqfLrtTOru0hdKk9ydyHX9gwW+Z0NLluN5SKo29L6RTSQwrEBuU
zsvQe8CzjwaleaR6kJnbVkhz17ubNVM6d3gLd5zDoP72m+L+I1Yyc1l7Vb4zvqiq
NQ3NXP1BaQfth9BoYmV46v6CoIUUI10DyjTK1vceX5TZQA76JYw6Syq/dwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFNRkP1450peG+Xnmb4zXIRskf25MB8GA1UdIwQY
MBaAFAcEg9PWLxnAg1dG3LchyIMsO3kmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQndTRDA5WXZHY0NEVjBiY3R5SElneXc3ZVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS82NDUxYzEtMmJjZC00NDYzLWE3MDAt
ZDQ0MmM0ZjllOWJkLzEvVTFHUV9Yam5TbDRiNWVlWnZqTmNoR3lSX2JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS82NDUxYzEtMmJjZC00NDYzLWE3MDAtZDQ0MmM0ZjllOWJk
LzEvQndTRDA5WXZHY0NEVjBiY3R5SElneXc3ZVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVXMAwQC
LYZcMA0GCSqGSIb3DQEBCwUAA4IBAQA7dZe7RlOtaDnyCi9KQOLPBpiW9ByQHy1o
Hy5FBwu2sL9gsXkBUogW0cdwootUpt+4be39rKddaZzMUkgBx+oJEUh51S2/am1/
33Fk07KMSurW+Es+s44N8+DzL3/nyxjPNt10KLJsJarV/C+tu/Vf3h/OHfwba9wh
8BVmx3MWGjO5SHtm+i4QBo0bvuYfHV36eIntw7CkWB/JOVl7bXA9K1eyA+2m7/JY
asEGgIQjcQC18snqDTenyV907rmGQiTt4SRxM3vzBTFoZQXCCULQrFzfm0PlY4GE
h51RC3VtmFh3DhvpzB0cGet1VoFnSt0cFj9LWKBGXD5RDNxX/dTn
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:00 2024 by rpki-client on console-ams.rpki-client.org