Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/CEWQ1IrxjxK9f4JMjbe4lq1JXAo.roa
File:                     CEWQ1IrxjxK9f4JMjbe4lq1JXAo.roa (raw, json)
Hash identifier:          qhviLqM3aGZC2fGWPX8E43s4BEhiEQa6s+9ZCPiwCTs=
Subject key identifier:   08:45:90:D4:8A:F1:8F:12:BD:7F:82:4C:8D:B7:B8:96:AD:49:5C:0A
Certificate issuer:       /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial:       018C8DCF3D84C3DEB2F9A0AA25569D389681
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/CEWQ1IrxjxK9f4JMjbe4lq1JXAo.roa
Signing time:             Thu 21 Dec 2023 19:16:58 +0000
ROA not before:           Thu 21 Dec 2023 19:16:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201838
IP address blocks:        45.136.232.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:8d:cf:3d:84:c3:de:b2:f9:a0:aa:25:56:9d:38:96:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
        Validity
            Not Before: Dec 21 19:16:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=084590d48af18f12bd7f824c8db7b896ad495c0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:db:9a:7b:61:97:bb:73:4b:0b:19:a8:ae:28:
                    5d:29:4a:8e:d7:f8:e0:22:a4:2b:f5:b9:dd:7f:c5:
                    d4:1a:28:88:08:bb:b3:b7:a7:61:31:a3:97:58:b1:
                    32:6e:97:86:a3:c0:25:6b:cd:9c:36:2c:90:e7:84:
                    bd:6f:78:a0:07:a9:3a:1a:25:9c:7a:81:e0:ea:1e:
                    9b:a7:b5:37:59:1c:93:c5:b5:9d:f5:40:e3:2d:66:
                    d5:ca:4f:c8:67:ae:35:5e:58:f6:3f:78:2c:c1:27:
                    5f:ed:ee:a5:d5:78:d9:5a:8f:e6:0a:35:4d:60:81:
                    ca:b4:8e:fe:eb:72:5d:50:ca:48:5d:7b:f3:68:17:
                    36:5c:a6:e3:56:2d:2c:39:40:3a:5c:62:cb:e3:07:
                    53:e5:0f:78:43:50:9d:bb:b8:93:9b:8a:a6:da:b1:
                    5a:d6:4f:bf:63:1c:1a:65:cc:a4:c1:08:fa:27:48:
                    a7:eb:a5:37:93:c2:22:d2:80:19:44:30:0d:e0:e4:
                    fe:e4:78:41:db:62:2f:1d:4b:c1:41:46:13:5a:94:
                    94:b5:ed:de:1a:9d:a5:55:e0:fc:3d:9d:18:0f:33:
                    f1:56:44:07:64:e9:21:b0:8d:87:91:a9:83:93:26:
                    ba:45:92:4a:fa:b5:95:2f:15:1d:50:2f:92:45:0b:
                    62:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:45:90:D4:8A:F1:8F:12:BD:7F:82:4C:8D:B7:B8:96:AD:49:5C:0A
            X509v3 Authority Key Identifier:
                keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/CEWQ1IrxjxK9f4JMjbe4lq1JXAo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.136.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         25:60:04:27:77:34:86:44:3e:74:29:ce:9e:ae:0b:18:e4:54:
         ab:ef:3a:6c:7e:9f:8c:2d:91:25:fc:56:72:40:ce:3f:58:2a:
         bc:2a:e8:1c:52:45:34:64:ca:dc:4f:9a:15:9c:49:b2:be:84:
         5d:24:88:d3:47:ff:7a:ec:19:8e:b1:eb:26:ea:d1:f3:73:19:
         99:16:4b:cc:08:08:f5:bc:bc:8a:ed:0d:a0:da:17:7c:99:b2:
         3e:3a:e4:24:a1:c3:7d:28:26:4f:b3:04:60:a5:3a:ec:cf:43:
         85:84:d2:3d:cc:3b:3b:1e:6c:43:f6:85:7d:f1:71:5b:49:ec:
         3f:6e:b0:dc:d6:12:a9:da:98:68:28:6e:ac:c4:a2:47:0a:6a:
         7a:27:5b:e7:f4:6b:85:2f:0b:d6:76:f7:e3:a7:e1:40:38:15:
         8d:cd:e0:a1:9b:fa:5a:4a:e1:b5:66:d6:86:af:2e:c3:3a:0f:
         5e:1a:15:ae:e3:de:e2:70:c2:5f:44:22:b1:5e:b5:2d:cd:7a:
         f4:f5:e7:ff:1a:a8:74:fc:8a:22:b2:eb:43:c9:1a:7d:75:d3:
         5b:39:0f:e4:6a:8d:d6:20:dc:b6:6b:fe:21:2f:a8:61:f8:f7:
         60:4e:63:e3:60:48:58:33:ef:23:7a:28:9e:9b:80:75:57:f7:
         51:f0:07:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyNzz2Ew96y+aCqJVadOJaBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMxMjIxMTkxNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODQ1OTBkNDhhZjE4ZjEyYmQ3ZjgyNGM4ZGI3Yjg5NmFkNDk1YzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9uae2GXu3NLCxmorihdKUqO1/jg
IqQr9bndf8XUGiiICLuzt6dhMaOXWLEybpeGo8Ala82cNiyQ54S9b3igB6k6GiWc
eoHg6h6bp7U3WRyTxbWd9UDjLWbVyk/IZ641Xlj2P3gswSdf7e6l1XjZWo/mCjVN
YIHKtI7+63JdUMpIXXvzaBc2XKbjVi0sOUA6XGLL4wdT5Q94Q1Cdu7iTm4qm2rFa
1k+/YxwaZcykwQj6J0in66U3k8Ii0oAZRDAN4OT+5HhB22IvHUvBQUYTWpSUte3e
Gp2lVeD8PZ0YDzPxVkQHZOkhsI2HkamDkya6RZJK+rWVLxUdUC+SRQtitQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAhFkNSK8Y8SvX+CTI23uJatSVwKMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvQ0VXUTFJcnhqeEs5ZjRKTWpiZTRscTFKWEFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYjoMA0G
CSqGSIb3DQEBCwUAA4IBAQAlYAQndzSGRD50Kc6ergsY5FSr7zpsfp+MLZEl/FZy
QM4/WCq8KugcUkU0ZMrcT5oVnEmyvoRdJIjTR/967BmOsesm6tHzcxmZFkvMCAj1
vLyK7Q2g2hd8mbI+OuQkocN9KCZPswRgpTrsz0OFhNI9zDs7HmxD9oV98XFbSew/
brDc1hKp2phoKG6sxKJHCmp6J1vn9GuFLwvWdvfjp+FAOBWNzeChm/paSuG1ZtaG
ry7DOg9eGhWu497icMJfRCKxXrUtzXr09ef/Gqh0/IoisutDyRp9ddNbOQ/kao3W
INy2a/4hL6hh+PdgTmPjYEhYM+8jeiiem4B1V/dR8Adg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:24 2024 by rpki-client on console-fra.rpki-client.org