Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/1-dQx-K7j2LSOGKBUlKr5J8jAPqo.roa
File:                     1-dQx-K7j2LSOGKBUlKr5J8jAPqo.roa (raw, json)
Hash identifier:          P+HEic7hXw1of8pP0mSB3KuzyUp/FUomZy9l3HHN0X8=
Subject key identifier:   F9:D4:31:F8:AE:E3:D8:B4:8E:18:A0:54:94:AA:F9:27:C8:C0:3E:AA
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       0188D477C2CEB5339D42B23E855C8B12C32A
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/1-dQx-K7j2LSOGKBUlKr5J8jAPqo.roa
Signing time:             Mon 19 Jun 2023 16:23:18 +0000
ROA not before:           Mon 19 Jun 2023 16:23:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        188.209.140.0/22 maxlen: 24
                          45.65.114.0/24 maxlen: 24
                          45.65.115.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 23 Jun 2023 07:33:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:d4:77:c2:ce:b5:33:9d:42:b2:3e:85:5c:8b:12:c3:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Jun 19 16:23:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f9d431f8aee3d8b48e18a05494aaf927c8c03eaa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:bb:32:87:98:ab:de:ed:1f:d4:da:0c:2e:ec:
                    46:f4:11:02:b8:ce:4d:48:c3:aa:dc:be:0b:19:a9:
                    18:d8:58:f7:ca:1d:91:3a:13:9e:39:31:70:78:5c:
                    7a:3d:3a:f5:e4:d1:57:0e:d5:a5:f5:52:c2:fd:b7:
                    65:6c:cf:27:dd:fe:7a:ee:d7:b7:60:66:e6:8c:f7:
                    47:e3:47:ad:82:53:ff:00:7d:ec:d9:60:24:97:4d:
                    b4:6e:0b:54:a3:8a:1e:0b:ee:4f:47:c1:bf:8b:98:
                    15:de:22:9a:e3:12:1b:bd:59:01:7a:ad:18:16:52:
                    77:ac:bd:50:19:fd:6d:56:d8:d5:24:95:b3:a6:f7:
                    21:64:09:2f:7e:64:43:43:1d:ca:c4:d7:9e:63:97:
                    97:79:e3:dd:d2:74:25:05:a4:19:13:dd:7c:e1:4b:
                    39:31:13:6f:e6:71:f1:0e:e9:a7:3e:94:5a:d6:76:
                    2c:9e:60:42:86:27:58:1f:59:82:78:ba:41:b7:43:
                    c2:39:54:bc:5e:b2:1f:dd:ae:95:38:5a:9b:de:09:
                    f1:5b:71:7f:2e:85:83:4a:b4:de:a8:ea:aa:1f:66:
                    57:f2:e6:8d:8b:a4:54:87:ef:03:4e:d6:11:f9:da:
                    17:7d:98:53:b3:4e:c2:0f:5d:8b:03:a8:6e:7e:75:
                    75:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:D4:31:F8:AE:E3:D8:B4:8E:18:A0:54:94:AA:F9:27:C8:C0:3E:AA
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/1-dQx-K7j2LSOGKBUlKr5J8jAPqo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.65.114.0/23
                  188.209.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         54:bd:b6:ef:76:cc:8a:87:e0:71:fe:b4:1d:92:8c:cc:c8:8c:
         4b:64:d9:9c:2a:76:69:ab:b3:c7:81:96:df:75:16:87:05:c8:
         0f:f3:b0:8e:0c:1e:ce:9e:d7:1d:79:17:67:f2:ce:c5:c4:e0:
         80:03:9b:7e:ac:33:9f:0c:53:dc:d5:a4:e6:18:e2:0f:9c:1b:
         ac:ff:24:e9:91:06:2e:ea:3a:cd:7b:f0:8f:d4:5a:26:0e:7c:
         4b:48:b3:1d:0d:b3:a7:6d:ba:05:52:42:e6:e8:99:b5:44:56:
         b8:38:bc:56:a2:de:86:b9:8c:e4:50:27:80:07:65:1e:3e:e5:
         29:31:d3:ad:a1:6a:94:19:5e:3c:2c:6c:f8:63:de:27:53:97:
         90:78:e1:37:61:0b:c1:4d:04:a4:ff:5a:be:ee:52:ed:48:ce:
         8f:b4:22:b7:e0:70:8a:d7:87:41:45:8c:73:6a:15:90:2e:73:
         b4:c7:40:ce:b3:27:1f:f8:2f:3c:c2:c2:1f:5e:01:b6:9e:36:
         be:d2:8d:f0:5a:8e:8a:c9:2a:e2:41:07:73:2e:8e:d0:79:89:
         3d:e5:36:e9:a1:67:7a:91:d4:76:62:94:93:eb:0a:c4:11:1b:
         55:cc:3c:72:ef:7b:a8:5d:7a:37:e1:b4:20:22:01:54:84:2c:
         9f:27:b2:07
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYjUd8LOtTOdQrI+hVyLEsMqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwNjE5MTYyMzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWQ0MzFmOGFlZTNkOGI0OGUxOGEwNTQ5NGFhZjkyN2M4YzAzZWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7syh5ir3u0f1NoMLuxG9BECuM5N
SMOq3L4LGakY2Fj3yh2ROhOeOTFweFx6PTr15NFXDtWl9VLC/bdlbM8n3f567te3
YGbmjPdH40etglP/AH3s2WAkl020bgtUo4oeC+5PR8G/i5gV3iKa4xIbvVkBeq0Y
FlJ3rL1QGf1tVtjVJJWzpvchZAkvfmRDQx3KxNeeY5eXeePd0nQlBaQZE9184Us5
MRNv5nHxDumnPpRa1nYsnmBChidYH1mCeLpBt0PCOVS8XrIf3a6VOFqb3gnxW3F/
LoWDSrTeqOqqH2ZX8uaNi6RUh+8DTtYR+doXfZhTs07CD12LA6hufnV10wIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPnUMfiu49i0jhigVJSq+SfIwD6qMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvMS1kUXgtSzdqMkxTT0dLQlVsS3I1SjhqQVBxby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzIvNDdhZmEzLWNlMzEtNDA2MC1hMDc4LWY1YWRkZGRmMWVj
NS8xLzJUMmlBWmtKMmZ3M2dwX1o3Q25aU096X2ZKSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAS1BcgME
ArzRjDANBgkqhkiG9w0BAQsFAAOCAQEAVL2273bMiofgcf60HZKMzMiMS2TZnCp2
aauzx4GW33UWhwXID/Owjgwezp7XHXkXZ/LOxcTggAObfqwznwxT3NWk5hjiD5wb
rP8k6ZEGLuo6zXvwj9RaJg58S0izHQ2zp226BVJC5uiZtURWuDi8VqLehrmM5FAn
gAdlHj7lKTHTraFqlBlePCxs+GPeJ1OXkHjhN2ELwU0EpP9avu5S7UjOj7Qit+Bw
iteHQUWMc2oVkC5ztMdAzrMnH/gvPMLCH14Btp42vtKN8FqOiskq4kEHcy6O0HmJ
PeU26aFnepHUdmKUk+sKxBEbVcw8cu97qF16N+G0ICIBVIQsnyeyBw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:54 2024 by rpki-client on console-ams.rpki-client.org