Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/cl0UT-cv0m2pDTsc0_ovxgq498E.roa
File:                     cl0UT-cv0m2pDTsc0_ovxgq498E.roa (raw, json)
Hash identifier:          o0aV/Bpztqi6TI/IwPGN0lFjfb0ZVPkxht3yQpA/WlY=
Subject key identifier:   72:5D:14:4F:E7:2F:D2:6D:A9:0D:3B:1C:D3:FA:2F:C6:0A:B8:F7:C1
Certificate issuer:       /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial:       0185700279EACF1D7BA263C57AA80B350829
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/cl0UT-cv0m2pDTsc0_ovxgq498E.roa
Signing time:             Mon 02 Jan 2023 01:04:48 +0000
ROA not before:           Mon 02 Jan 2023 01:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47899
IP address blocks:        94.102.176.0/20 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:02:79:ea:cf:1d:7b:a2:63:c5:7a:a8:0b:35:08:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
        Validity
            Not Before: Jan  2 01:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=725d144fe72fd26da90d3b1cd3fa2fc60ab8f7c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:8e:82:cc:21:9f:a9:b7:ef:a1:5f:00:ad:63:
                    3b:b6:57:37:6c:73:2c:f2:2a:47:d8:d3:7e:72:7f:
                    cc:f5:1d:b7:eb:43:4c:57:79:1d:20:00:53:ed:a9:
                    3a:b5:84:ae:a8:84:da:f5:4d:60:ec:7d:7f:0b:e3:
                    c8:41:b9:f9:e0:4c:6e:08:d9:16:90:7c:25:09:2e:
                    98:31:8c:39:fe:0e:88:5a:0b:56:c8:74:66:45:e6:
                    e6:f9:f4:ff:4f:68:88:be:e3:85:10:35:63:53:ac:
                    bb:b4:1a:40:fd:a8:53:e9:d3:b7:98:91:e5:50:35:
                    2a:25:45:74:62:d9:58:dd:17:de:c5:b4:5b:eb:45:
                    4e:5f:7e:a0:eb:fc:d2:a0:a9:94:40:73:8a:d2:60:
                    40:7b:23:1e:d9:80:35:33:ce:13:f0:15:ac:3e:20:
                    8b:7e:23:ec:cb:69:6b:db:98:2a:c1:ec:ca:cf:81:
                    cb:1c:43:d2:27:da:88:82:a8:f5:c8:78:52:8a:43:
                    89:f5:69:5c:7e:37:a4:75:16:14:29:ca:e2:a2:6b:
                    76:74:23:72:8e:c2:d9:34:50:11:36:a6:69:2a:42:
                    9c:7e:ad:7a:6a:aa:ee:d3:3b:ba:06:13:42:6f:a8:
                    f0:f9:44:52:89:bb:3e:5d:e1:ad:61:63:33:d1:1f:
                    1e:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:5D:14:4F:E7:2F:D2:6D:A9:0D:3B:1C:D3:FA:2F:C6:0A:B8:F7:C1
            X509v3 Authority Key Identifier:
                keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/cl0UT-cv0m2pDTsc0_ovxgq498E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.102.176.0/20

    Signature Algorithm: sha256WithRSAEncryption
         87:f6:ca:09:4a:34:17:4c:d3:68:a2:0a:25:ed:ea:6d:61:1b:
         37:c1:f4:32:79:66:74:2b:ea:12:ed:5d:e9:ba:4c:07:d3:92:
         d2:e8:b3:fc:3b:2b:20:a4:05:d5:b3:a9:83:cf:e3:1e:52:d5:
         00:b7:57:67:d5:0c:53:1f:2f:d0:64:eb:f9:bb:71:cc:3b:41:
         ea:1f:a4:2f:05:2a:6c:45:29:43:65:64:8c:09:f1:a8:2f:08:
         f6:b7:1e:75:ce:56:25:0e:a6:01:4c:af:5c:96:55:6c:e1:65:
         b0:33:24:94:05:b1:6a:d8:84:6c:4d:68:a2:1b:4b:40:f3:f1:
         7d:bf:86:d4:5d:9d:41:f1:d3:97:af:c8:e6:e2:42:88:f5:59:
         55:9d:83:9c:10:13:ee:c3:34:87:aa:16:57:5b:64:95:c8:3b:
         ad:ea:27:0c:3f:db:33:30:c4:b3:ad:8c:f9:6c:c2:be:f7:1e:
         44:c9:50:17:45:48:76:86:85:7b:d0:37:6c:9c:b8:cb:63:f6:
         a3:cf:a2:79:df:77:f2:68:4d:93:95:8c:92:f4:9e:fe:93:d4:
         6e:83:84:b5:a1:40:f4:f1:a3:61:4e:a7:d3:e0:31:d3:ca:a9:
         e8:10:a2:01:37:56:35:f5:41:99:0a:a6:3a:5a:f8:22:e1:6d:
         aa:71:15:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwAnnqzx17omPFeqgLNQgpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjMwMTAyMDEwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjVkMTQ0ZmU3MmZkMjZkYTkwZDNiMWNkM2ZhMmZjNjBhYjhmN2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuo6CzCGfqbfvoV8ArWM7tlc3bHMs
8ipH2NN+cn/M9R2360NMV3kdIABT7ak6tYSuqITa9U1g7H1/C+PIQbn54ExuCNkW
kHwlCS6YMYw5/g6IWgtWyHRmRebm+fT/T2iIvuOFEDVjU6y7tBpA/ahT6dO3mJHl
UDUqJUV0YtlY3RfexbRb60VOX36g6/zSoKmUQHOK0mBAeyMe2YA1M84T8BWsPiCL
fiPsy2lr25gqwezKz4HLHEPSJ9qIgqj1yHhSikOJ9WlcfjekdRYUKcriomt2dCNy
jsLZNFARNqZpKkKcfq16aqru0zu6BhNCb6jw+URSibs+XeGtYWMz0R8eRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHJdFE/nL9JtqQ07HNP6L8YKuPfBMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvY2wwVVQtY3YwbTJwRFRzYzBfb3Z4Z3E0OThFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEXmawMA0G
CSqGSIb3DQEBCwUAA4IBAQCH9soJSjQXTNNoogol7eptYRs3wfQyeWZ0K+oS7V3p
ukwH05LS6LP8OysgpAXVs6mDz+MeUtUAt1dn1QxTHy/QZOv5u3HMO0HqH6QvBSps
RSlDZWSMCfGoLwj2tx51zlYlDqYBTK9cllVs4WWwMySUBbFq2IRsTWiiG0tA8/F9
v4bUXZ1B8dOXr8jm4kKI9VlVnYOcEBPuwzSHqhZXW2SVyDut6icMP9szMMSzrYz5
bMK+9x5EyVAXRUh2hoV70DdsnLjLY/ajz6J533fyaE2TlYyS9J7+k9Rug4S1oUD0
8aNhTqfT4DHTyqnoEKIBN1Y19UGZCqY6Wvgi4W2qcRWh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:30 2024 by rpki-client on console-ams.rpki-client.org