Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/StOf4vr397ZrNdlfHnbL8CNFexU.roa
File:                     StOf4vr397ZrNdlfHnbL8CNFexU.roa (raw, json)
Hash identifier:          90ozyMM50pSpOn0fAi5HpvGRVTNhNTM4DmI7+JsG1bI=
Subject key identifier:   4A:D3:9F:E2:FA:F7:F7:B6:6B:35:D9:5F:1E:76:CB:F0:23:45:7B:15
Certificate issuer:       /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial:       018DA74DAC85F12BECF0147A982D179B8214
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/StOf4vr397ZrNdlfHnbL8CNFexU.roa
Signing time:             Wed 14 Feb 2024 11:08:21 +0000
ROA not before:           Wed 14 Feb 2024 11:08:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     134450
IP address blocks:        45.94.138.0/23 maxlen: 23
                          45.130.33.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 19 Feb 2024 12:49:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:a7:4d:ac:85:f1:2b:ec:f0:14:7a:98:2d:17:9b:82:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
        Validity
            Not Before: Feb 14 11:08:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4ad39fe2faf7f7b66b35d95f1e76cbf023457b15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:d8:46:58:ef:9b:7f:03:e0:0e:f2:14:d7:7e:
                    ea:ab:95:ff:54:37:5a:fb:04:34:14:8e:1a:b8:f3:
                    9e:aa:bd:d7:69:27:d9:3d:7e:33:9f:aa:58:aa:f3:
                    75:47:2b:37:92:0a:94:03:d0:fa:4a:4a:50:b1:9e:
                    13:5a:a0:38:73:71:f3:4d:06:23:7e:2c:cc:ad:24:
                    42:6f:93:0e:71:08:1f:74:48:14:00:2e:45:63:3f:
                    9a:c1:ec:7b:4e:71:ca:52:c3:4a:e2:aa:db:2a:63:
                    3c:35:74:9f:e4:0a:33:b4:ce:81:ed:45:0c:a2:e7:
                    ad:9a:9f:f5:59:f4:02:9a:27:05:80:01:bc:71:5e:
                    94:22:97:ba:ca:2a:41:f3:ae:7b:54:b0:79:02:1f:
                    d7:b5:5c:5d:3c:99:99:1a:c6:79:32:2a:a2:37:d2:
                    08:d0:10:17:fc:ed:b2:fa:61:87:6d:d4:59:ce:a6:
                    47:45:98:66:35:b4:f9:c9:2f:2c:34:a2:b0:af:43:
                    0e:c4:37:7f:b6:ae:fb:77:a5:fa:91:d3:83:c7:7b:
                    6e:33:6b:98:4c:8b:3b:fe:32:cc:d9:8e:9e:55:77:
                    00:39:4f:12:b8:7b:1e:0d:32:ac:8e:70:f7:32:49:
                    bf:5b:43:d9:a7:ab:14:33:68:ec:af:87:c5:5f:74:
                    b4:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:D3:9F:E2:FA:F7:F7:B6:6B:35:D9:5F:1E:76:CB:F0:23:45:7B:15
            X509v3 Authority Key Identifier:
                keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/StOf4vr397ZrNdlfHnbL8CNFexU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.94.138.0/23
                  45.130.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:33:62:55:7c:f6:72:25:a6:2e:7a:d8:0c:7d:29:9e:89:53:
         68:ed:3e:f9:fc:1a:65:c8:99:0d:2b:af:25:71:09:b7:67:c8:
         1d:13:1e:e4:87:3e:09:3a:d4:58:4c:ce:b7:93:97:ef:67:44:
         1b:af:33:47:e5:09:82:3a:7c:6f:59:98:0e:dc:80:57:82:a0:
         8a:e6:99:03:d0:91:dd:36:2a:a8:c9:9e:56:5f:19:9f:ff:89:
         35:e4:4d:43:1c:5e:0d:e6:00:28:ee:17:93:cf:c7:81:10:ac:
         da:2a:25:79:7c:bd:b9:31:74:00:50:32:35:92:a9:d0:64:ef:
         20:70:43:5d:e1:d6:a3:93:48:07:eb:51:23:c8:ec:8e:0d:dd:
         c4:42:46:ec:1b:23:40:88:31:1e:d1:c8:14:47:a6:0a:94:ee:
         c3:0b:3b:ca:4d:50:eb:e5:ea:55:20:21:ed:43:8e:27:fb:c1:
         78:28:25:d7:c8:0c:36:cf:7e:ee:a7:80:76:5b:c3:14:8e:fa:
         4c:2c:07:7f:84:46:53:02:d1:b2:3f:c3:26:b6:cc:36:54:49:
         01:9b:94:19:ef:e4:24:5b:78:be:1f:e3:42:37:74:70:f8:62:
         42:f4:b7:2d:1d:e0:a4:7e:94:78:8e:29:2d:e2:3a:b0:03:f9:
         32:5b:50:12
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2nTayF8Svs8BR6mC0Xm4IUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjQwMjE0MTEwODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWQzOWZlMmZhZjdmN2I2NmIzNWQ5NWYxZTc2Y2JmMDIzNDU3YjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dhGWO+bfwPgDvIU137qq5X/VDda
+wQ0FI4auPOeqr3XaSfZPX4zn6pYqvN1Rys3kgqUA9D6SkpQsZ4TWqA4c3HzTQYj
fizMrSRCb5MOcQgfdEgUAC5FYz+awex7TnHKUsNK4qrbKmM8NXSf5AoztM6B7UUM
ouetmp/1WfQCmicFgAG8cV6UIpe6yipB8657VLB5Ah/XtVxdPJmZGsZ5MiqiN9II
0BAX/O2y+mGHbdRZzqZHRZhmNbT5yS8sNKKwr0MOxDd/tq77d6X6kdODx3tuM2uY
TIs7/jLM2Y6eVXcAOU8SuHseDTKsjnD3Mkm/W0PZp6sUM2jsr4fFX3S0zQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFErTn+L69/e2azXZXx52y/AjRXsVMB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvU3RPZjR2cjM5N1pyTmRsZkhuYkw4Q05GZXhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLV6KAwQA
LYIhMA0GCSqGSIb3DQEBCwUAA4IBAQCYM2JVfPZyJaYuetgMfSmeiVNo7T75/Bpl
yJkNK68lcQm3Z8gdEx7khz4JOtRYTM63k5fvZ0QbrzNH5QmCOnxvWZgO3IBXgqCK
5pkD0JHdNiqoyZ5WXxmf/4k15E1DHF4N5gAo7heTz8eBEKzaKiV5fL25MXQAUDI1
kqnQZO8gcENd4dajk0gH61EjyOyODd3EQkbsGyNAiDEe0cgUR6YKlO7DCzvKTVDr
5epVICHtQ44n+8F4KCXXyAw2z37up4B2W8MUjvpMLAd/hEZTAtGyP8Mmtsw2VEkB
m5QZ7+QkW3i+H+NCN3Rw+GJC9LctHeCkfpR4jikt4jqwA/kyW1AS
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:36 2024 by rpki-client on console-ams.rpki-client.org