Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/a67996-54f1-4f1e-a760-8e0d5293aac8/1/AEU-ipVIFQVRdLPOl-gZWJC_6Jw.roa
File:                     AEU-ipVIFQVRdLPOl-gZWJC_6Jw.roa (raw, json)
Hash identifier:          u6r05Fw6YpwMhndpy4CrbEWBA5d2YEaZ6tsE0TMQyUM=
Subject key identifier:   00:45:3E:8A:95:48:15:05:51:74:B3:CE:97:E8:19:58:90:BF:E8:9C
Certificate issuer:       /CN=d2ba2618ab4b6042ee25c4679e0775e4306d71c6
Certificate serial:       01856F14A6E833A2A38350FCA831B0B8D75A
Authority key identifier: D2:BA:26:18:AB:4B:60:42:EE:25:C4:67:9E:07:75:E4:30:6D:71:C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0romGKtLYELuJcRnngd15DBtccY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/a67996-54f1-4f1e-a760-8e0d5293aac8/1/AEU-ipVIFQVRdLPOl-gZWJC_6Jw.roa
Signing time:             Sun 01 Jan 2023 20:45:02 +0000
ROA not before:           Sun 01 Jan 2023 20:45:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        45.145.176.0/22 maxlen: 22

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:14:a6:e8:33:a2:a3:83:50:fc:a8:31:b0:b8:d7:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2ba2618ab4b6042ee25c4679e0775e4306d71c6
        Validity
            Not Before: Jan  1 20:45:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=00453e8a954815055174b3ce97e8195890bfe89c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:2c:d8:af:6c:8a:2d:86:04:22:91:50:91:bd:
                    74:f4:4d:72:11:ae:10:3e:dd:88:89:5e:87:0a:12:
                    f9:8c:86:a6:3b:d3:06:9e:50:b5:78:91:35:f9:cd:
                    96:0d:ed:7d:8f:d4:2f:6c:a8:03:85:48:55:2d:3c:
                    48:49:f0:91:f8:ec:f5:35:d4:52:9e:2f:cf:0c:db:
                    51:2a:91:8f:99:67:b0:3e:7c:c9:fd:2b:b5:1a:c9:
                    76:68:bb:65:9a:76:19:67:c4:61:39:1a:2a:ba:54:
                    39:ec:bc:f4:5f:5b:51:5a:b8:47:59:46:6e:9d:84:
                    31:3f:b3:3c:d2:ac:8c:30:c3:b9:32:ea:40:80:4c:
                    68:9c:d8:e0:b6:7f:f4:44:56:ad:a2:3c:2c:41:01:
                    45:d4:24:25:a7:fe:bd:64:63:56:b7:df:20:9f:4a:
                    c3:83:a9:fe:56:d2:0e:dd:9a:bd:8c:19:e4:6c:52:
                    be:98:cf:6f:6c:c8:d0:63:ea:82:e3:78:8c:b4:8d:
                    69:5e:8f:f7:bc:c4:fb:60:a2:4a:16:b5:eb:07:b4:
                    55:30:7a:14:c0:17:c4:8d:ba:ae:51:56:f8:e9:80:
                    c3:51:ca:ab:a8:72:4f:9f:ed:cf:65:cf:fd:d9:b3:
                    f4:5a:b0:93:9d:f4:a9:02:44:ee:01:14:59:73:4c:
                    67:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:45:3E:8A:95:48:15:05:51:74:B3:CE:97:E8:19:58:90:BF:E8:9C
            X509v3 Authority Key Identifier:
                keyid:D2:BA:26:18:AB:4B:60:42:EE:25:C4:67:9E:07:75:E4:30:6D:71:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0romGKtLYELuJcRnngd15DBtccY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a67996-54f1-4f1e-a760-8e0d5293aac8/1/AEU-ipVIFQVRdLPOl-gZWJC_6Jw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a67996-54f1-4f1e-a760-8e0d5293aac8/1/0romGKtLYELuJcRnngd15DBtccY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.145.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5f:92:72:60:30:ee:52:6a:a6:dc:b0:11:00:0f:64:74:30:1d:
         2b:99:fa:43:74:30:c1:41:08:43:8f:99:99:36:5b:fa:f3:9c:
         ab:a6:9d:80:a5:55:61:41:6e:3f:c6:7d:47:3b:d6:dd:e6:7d:
         9a:b3:44:40:ca:de:48:d7:4f:aa:e3:c9:04:bc:67:ff:7b:cb:
         3a:0d:15:7b:79:6d:44:ee:ef:47:71:53:ba:f6:d5:c2:44:55:
         b3:4c:b8:e4:d1:f6:98:5a:b3:ea:cc:2d:b6:e6:c0:f6:06:b2:
         90:03:ea:d8:70:ce:ea:c4:24:d0:59:f5:dd:22:1c:1a:dc:57:
         e6:cb:aa:d8:82:cd:71:f1:4f:5c:9a:92:15:b6:04:d9:9e:57:
         05:8d:bc:35:c9:3b:31:65:98:9c:b8:df:ec:e5:b7:d5:65:8d:
         e8:d1:58:ba:4f:26:35:fe:6b:cf:3f:13:c6:80:56:6a:b0:e6:
         68:9b:57:da:b0:cc:c0:23:4b:e9:d6:bd:59:50:a9:9a:f1:09:
         b5:02:d0:7c:37:a9:a2:26:83:55:cf:da:79:9c:6c:f7:ac:f4:
         58:e1:43:09:ea:60:0d:6f:07:52:cf:44:17:c1:6a:d7:e2:80:
         be:5c:2e:a6:bc:84:a7:7c:96:9a:1b:67:ac:97:88:5e:11:27:
         05:e0:1b:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFKboM6Kjg1D8qDGwuNdaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYmEyNjE4YWI0YjYwNDJlZTI1YzQ2NzllMDc3NWU0MzA2
ZDcxYzYwHhcNMjMwMTAxMjA0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDQ1M2U4YTk1NDgxNTA1NTE3NGIzY2U5N2U4MTk1ODkwYmZlODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2izYr2yKLYYEIpFQkb109E1yEa4Q
Pt2IiV6HChL5jIamO9MGnlC1eJE1+c2WDe19j9QvbKgDhUhVLTxISfCR+Oz1NdRS
ni/PDNtRKpGPmWewPnzJ/Su1Gsl2aLtlmnYZZ8RhORoqulQ57Lz0X1tRWrhHWUZu
nYQxP7M80qyMMMO5MupAgExonNjgtn/0RFatojwsQQFF1CQlp/69ZGNWt98gn0rD
g6n+VtIO3Zq9jBnkbFK+mM9vbMjQY+qC43iMtI1pXo/3vMT7YKJKFrXrB7RVMHoU
wBfEjbquUVb46YDDUcqrqHJPn+3PZc/92bP0WrCTnfSpAkTuARRZc0xnHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFABFPoqVSBUFUXSzzpfoGViQv+icMB8GA1UdIwQY
MBaAFNK6JhirS2BC7iXEZ54HdeQwbXHGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHJvbUdLdExZRUx1SmNSbm5nZDE1REJ0Y2NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hNjc5OTYtNTRmMS00ZjFlLWE3NjAt
OGUwZDUyOTNhYWM4LzEvQUVVLWlwVklGUVZSZExQT2wtZ1pXSkNfNkp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hNjc5OTYtNTRmMS00ZjFlLWE3NjAtOGUwZDUyOTNhYWM4
LzEvMHJvbUdLdExZRUx1SmNSbm5nZDE1REJ0Y2NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZGwMA0G
CSqGSIb3DQEBCwUAA4IBAQBfknJgMO5SaqbcsBEAD2R0MB0rmfpDdDDBQQhDj5mZ
Nlv685yrpp2ApVVhQW4/xn1HO9bd5n2as0RAyt5I10+q48kEvGf/e8s6DRV7eW1E
7u9HcVO69tXCRFWzTLjk0faYWrPqzC225sD2BrKQA+rYcM7qxCTQWfXdIhwa3Ffm
y6rYgs1x8U9cmpIVtgTZnlcFjbw1yTsxZZicuN/s5bfVZY3o0Vi6TyY1/mvPPxPG
gFZqsOZom1fasMzAI0vp1r1ZUKma8Qm1AtB8N6miJoNVz9p5nGz3rPRY4UMJ6mAN
bwdSz0QXwWrX4oC+XC6mvISnfJaaG2esl4heEScF4Bt8
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:07 2024 by rpki-client on console-fra.rpki-client.org