Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/IUfLjLmeFLcemOVy3w8tEP2noxo.roa
File:                     IUfLjLmeFLcemOVy3w8tEP2noxo.roa (raw, json)
Hash identifier:          CPG3nheGEzKaTX/i4CJUFEg/8kMG48/hzFurdCmp8YU=
Subject key identifier:   21:47:CB:8C:B9:9E:14:B7:1E:98:E5:72:DF:0F:2D:10:FD:A7:A3:1A
Certificate issuer:       /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial:       018A1BCB5781A23FB3E7B5FB6A33846C2EB4
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/IUfLjLmeFLcemOVy3w8tEP2noxo.roa
Signing time:             Tue 22 Aug 2023 05:50:25 +0000
ROA not before:           Tue 22 Aug 2023 05:50:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9009
IP address blocks:        45.156.52.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:30:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:1b:cb:57:81:a2:3f:b3:e7:b5:fb:6a:33:84:6c:2e:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
        Validity
            Not Before: Aug 22 05:50:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2147cb8cb99e14b71e98e572df0f2d10fda7a31a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:d8:bf:73:19:76:57:4a:b3:72:52:b0:7a:67:
                    b7:b9:f6:b1:af:bf:b7:87:44:2a:79:f8:68:75:6b:
                    7a:58:22:66:04:c7:03:af:29:d1:5a:b4:b1:48:aa:
                    c5:d9:6a:1c:34:46:20:63:0f:5d:aa:46:90:2b:14:
                    42:6c:75:e1:34:6c:ba:d8:08:63:1d:54:34:c9:2b:
                    16:97:ba:b6:42:15:a0:99:f4:c9:db:6d:28:f7:61:
                    1b:32:6a:26:e4:71:05:07:34:a7:88:80:ba:ba:52:
                    60:21:15:f9:57:94:d0:37:16:73:94:fe:85:1d:74:
                    65:09:a5:6f:3d:40:5e:52:af:12:7c:6c:2f:a7:e3:
                    b2:c8:ef:f5:1f:3a:c4:d8:8e:16:b8:66:b5:8e:4c:
                    18:6d:c0:ba:a6:dd:0b:92:3b:44:b0:73:bd:dd:6d:
                    8c:e5:61:38:27:14:bd:8c:57:34:b4:9f:94:ba:7a:
                    3e:7d:21:12:33:b9:4e:fa:b6:74:29:0c:e9:ff:f5:
                    95:fc:10:22:b8:4e:dc:fb:ad:19:6f:76:1e:6e:c2:
                    5e:75:73:c5:d0:36:5c:fe:50:6d:d6:8a:0d:d3:dc:
                    c0:cc:76:de:3c:c5:37:35:4c:76:72:54:7a:93:5a:
                    e9:63:23:c1:31:6e:81:07:a8:d3:48:4c:92:e4:2f:
                    e5:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:47:CB:8C:B9:9E:14:B7:1E:98:E5:72:DF:0F:2D:10:FD:A7:A3:1A
            X509v3 Authority Key Identifier:
                keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/IUfLjLmeFLcemOVy3w8tEP2noxo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.156.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3c:b4:c6:fc:38:cf:09:6c:b1:6c:fd:33:1e:00:99:57:29:85:
         fe:77:b9:fe:9f:87:bc:dc:96:90:dd:ac:08:4d:27:05:a9:c8:
         4e:ea:39:7f:7d:78:ae:33:11:93:6b:f4:79:41:bc:80:c4:cc:
         21:19:f9:03:c2:07:92:21:c9:68:35:67:ff:ad:bd:d9:1f:91:
         e0:61:51:10:f7:40:e2:c0:c7:b5:95:1c:29:4e:e8:d5:02:3a:
         a9:f1:db:b7:b5:dc:33:2d:fe:8f:83:fc:e8:7d:58:95:96:a7:
         1c:50:d1:8c:05:10:e7:40:d2:e0:72:5c:d7:f7:82:ad:57:ed:
         82:08:25:5c:d0:de:57:87:b1:5e:db:90:17:b2:31:34:62:d1:
         38:c7:c6:60:bb:06:9a:33:44:1a:14:2d:5d:6d:8a:4c:42:94:
         87:25:a1:08:16:54:48:54:04:81:ae:dd:32:4e:a1:1c:a4:06:
         46:77:35:cd:c0:fe:34:a5:95:78:51:73:bf:58:13:e8:7a:3a:
         66:ef:ed:30:b7:d7:38:0d:15:67:0c:18:c4:fa:8c:7a:03:fb:
         c6:14:8b:2e:61:72:a2:fc:ac:5f:50:fe:9d:ee:9d:37:1e:66:
         79:a0:e3:57:5a:03:ff:98:f2:43:3e:b6:01:93:f2:4c:72:23:
         c8:14:57:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoby1eBoj+z57X7ajOEbC60MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjMwODIyMDU1MDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTQ3Y2I4Y2I5OWUxNGI3MWU5OGU1NzJkZjBmMmQxMGZkYTdhMzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9i/cxl2V0qzclKweme3ufaxr7+3
h0QqefhodWt6WCJmBMcDrynRWrSxSKrF2WocNEYgYw9dqkaQKxRCbHXhNGy62Ahj
HVQ0ySsWl7q2QhWgmfTJ220o92EbMmom5HEFBzSniIC6ulJgIRX5V5TQNxZzlP6F
HXRlCaVvPUBeUq8SfGwvp+OyyO/1HzrE2I4WuGa1jkwYbcC6pt0LkjtEsHO93W2M
5WE4JxS9jFc0tJ+Uuno+fSESM7lO+rZ0KQzp//WV/BAiuE7c+60Zb3YebsJedXPF
0DZc/lBt1ooN09zAzHbePMU3NUx2clR6k1rpYyPBMW6BB6jTSEyS5C/lJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCFHy4y5nhS3Hpjlct8PLRD9p6MaMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvSVVmTGpMbWVGTGNlbU9WeTN3OHRFUDJub3hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZw0MA0G
CSqGSIb3DQEBCwUAA4IBAQA8tMb8OM8JbLFs/TMeAJlXKYX+d7n+n4e83JaQ3awI
TScFqchO6jl/fXiuMxGTa/R5QbyAxMwhGfkDwgeSIcloNWf/rb3ZH5HgYVEQ90Di
wMe1lRwpTujVAjqp8du3tdwzLf6Pg/zofViVlqccUNGMBRDnQNLgclzX94KtV+2C
CCVc0N5Xh7Fe25AXsjE0YtE4x8ZguwaaM0QaFC1dbYpMQpSHJaEIFlRIVASBrt0y
TqEcpAZGdzXNwP40pZV4UXO/WBPoejpm7+0wt9c4DRVnDBjE+ox6A/vGFIsuYXKi
/KxfUP6d7p03HmZ5oONXWgP/mPJDPrYBk/JMciPIFFcK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:46 2024 by rpki-client on console-fra.rpki-client.org