Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/gA73iFzHs_lSKlGi_hShqyMgFK4.roa
File:                     gA73iFzHs_lSKlGi_hShqyMgFK4.roa (raw, json)
Hash identifier:          ipBdFIAsUmFPFkARNi+MYKqlkqXvFt+KcqgkUuzAytQ=
Subject key identifier:   80:0E:F7:88:5C:C7:B3:F9:52:2A:51:A2:FE:14:A1:AB:23:20:14:AE
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       01856ED4C0B07E9D2F7A4F8F885FB1CE348F
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/gA73iFzHs_lSKlGi_hShqyMgFK4.roa
Signing time:             Sun 01 Jan 2023 19:35:14 +0000
ROA not before:           Sun 01 Jan 2023 19:35:14 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399641
IP address blocks:        45.154.157.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d4:c0:b0:7e:9d:2f:7a:4f:8f:88:5f:b1:ce:34:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Jan  1 19:35:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=800ef7885cc7b3f9522a51a2fe14a1ab232014ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:0b:af:c6:b7:95:64:52:eb:af:0e:29:86:f3:
                    ff:82:3b:2d:4e:b8:0e:14:3b:71:7f:07:1e:ab:65:
                    e7:36:fb:7e:23:49:e6:d0:7f:59:e2:42:7b:45:a0:
                    5a:f8:9d:2a:c3:7e:01:f4:42:56:09:8a:99:9c:50:
                    16:3f:59:4d:fa:13:f2:14:b2:ea:f2:7f:6c:ea:02:
                    e9:46:5e:8f:89:cb:bb:c4:bd:45:ca:a4:88:80:f1:
                    33:82:50:d1:9c:d7:9e:18:80:66:a3:ad:8a:b2:f7:
                    53:85:ba:42:91:cf:04:44:f5:eb:86:ec:f3:d6:51:
                    45:29:a7:88:62:f8:fd:7d:f8:53:ee:6f:09:c9:19:
                    e4:30:48:7c:8f:60:9a:e2:94:cd:9b:08:3d:e9:5e:
                    0d:00:de:79:d3:69:9f:e3:43:38:64:02:b1:fa:7f:
                    6f:75:28:69:fb:43:18:b9:70:55:6c:8b:6e:37:ac:
                    58:51:50:51:c5:e2:56:50:ac:67:9a:83:05:15:42:
                    6d:aa:0d:21:e5:91:05:37:a5:9e:d2:92:a0:2c:86:
                    cc:3d:3b:7c:d0:22:a3:85:96:9d:d4:c2:6c:a8:c7:
                    79:43:80:db:04:7c:9f:9f:3f:70:29:f9:48:66:95:
                    3f:d1:28:1b:ca:4a:a8:3e:b6:ba:bf:ea:6e:33:c0:
                    8d:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:0E:F7:88:5C:C7:B3:F9:52:2A:51:A2:FE:14:A1:AB:23:20:14:AE
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/gA73iFzHs_lSKlGi_hShqyMgFK4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.154.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:5f:ca:87:8a:08:28:bd:15:45:7c:7e:b0:d1:92:23:e7:fa:
         b5:1e:70:14:43:40:87:d0:b3:ba:00:62:91:9b:74:30:7e:9e:
         a8:1b:14:88:67:0e:37:bc:bf:bc:77:f9:69:71:7b:bf:19:11:
         4a:2b:08:24:df:c9:d7:0a:52:40:bc:94:da:d4:65:79:a4:56:
         b3:69:d5:70:a6:9a:a5:4d:55:ed:95:3b:fa:4a:97:4b:3f:7b:
         49:b9:96:b0:af:32:b8:9d:a8:82:2f:09:8e:ad:2c:19:5d:43:
         9c:07:4f:2a:9b:62:1d:3f:a4:81:c0:78:b7:28:b4:4a:e3:00:
         43:a8:ce:cf:c9:2b:d5:ba:f0:e5:39:88:f4:47:06:f5:e4:c9:
         32:ea:69:9d:d9:c2:3d:c9:0d:6a:d1:8f:c6:9b:f6:b5:40:83:
         21:ac:18:7d:73:26:ca:35:48:f8:28:93:49:d9:1c:01:f1:5d:
         c1:1c:ab:23:33:91:40:2f:4d:3f:da:6f:a9:28:ca:94:22:77:
         e1:9a:3c:1d:79:c4:5f:9b:bd:e1:e4:8d:e1:f3:5b:81:59:3e:
         f6:30:13:c8:e3:c8:f4:7e:6b:d3:26:32:fb:94:36:22:59:01:
         2f:6a:d4:04:d5:71:a0:64:41:b1:d4:8e:87:48:9d:0f:bc:ed:
         33:2e:a1:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1MCwfp0vek+PiF+xzjSPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwMTAxMTkzNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDBlZjc4ODVjYzdiM2Y5NTIyYTUxYTJmZTE0YTFhYjIzMjAxNGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQuvxreVZFLrrw4phvP/gjstTrgO
FDtxfwceq2XnNvt+I0nm0H9Z4kJ7RaBa+J0qw34B9EJWCYqZnFAWP1lN+hPyFLLq
8n9s6gLpRl6Picu7xL1FyqSIgPEzglDRnNeeGIBmo62KsvdThbpCkc8ERPXrhuzz
1lFFKaeIYvj9ffhT7m8JyRnkMEh8j2Ca4pTNmwg96V4NAN5502mf40M4ZAKx+n9v
dShp+0MYuXBVbItuN6xYUVBRxeJWUKxnmoMFFUJtqg0h5ZEFN6We0pKgLIbMPTt8
0CKjhZad1MJsqMd5Q4DbBHyfnz9wKflIZpU/0SgbykqoPra6v+puM8CN7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIAO94hcx7P5UipRov4UoasjIBSuMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvZ0E3M2lGekhzX2xTS2xHaV9oU2hxeU1nRks0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZqdMA0G
CSqGSIb3DQEBCwUAA4IBAQBoX8qHiggovRVFfH6w0ZIj5/q1HnAUQ0CH0LO6AGKR
m3Qwfp6oGxSIZw43vL+8d/lpcXu/GRFKKwgk38nXClJAvJTa1GV5pFazadVwppql
TVXtlTv6SpdLP3tJuZawrzK4naiCLwmOrSwZXUOcB08qm2IdP6SBwHi3KLRK4wBD
qM7PySvVuvDlOYj0Rwb15Mky6mmd2cI9yQ1q0Y/Gm/a1QIMhrBh9cybKNUj4KJNJ
2RwB8V3BHKsjM5FAL00/2m+pKMqUInfhmjwdecRfm73h5I3h81uBWT72MBPI48j0
fmvTJjL7lDYiWQEvatQE1XGgZEGx1I6HSJ0PvO0zLqFW
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:08 2024 by rpki-client on console-ams.rpki-client.org