Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/3e7654-5124-4a6e-9497-9a9ed1ef2e8d/1/it4PLhn-5AI-HC0wJSvVovV3q-c.roa
File:                     it4PLhn-5AI-HC0wJSvVovV3q-c.roa (raw, json)
Hash identifier:          SRoqQkABcGpREaVE0ubo+aKmYhkyoE9FERZ/krLyic4=
Subject key identifier:   8A:DE:0F:2E:19:FE:E4:02:3E:1C:2D:30:25:2B:D5:A2:F5:77:AB:E7
Certificate issuer:       /CN=21f10e34421baff174d60678f32fa5e35cdf957e
Certificate serial:       01856F79562F8191A1329621609223476707
Authority key identifier: 21:F1:0E:34:42:1B:AF:F1:74:D6:06:78:F3:2F:A5:E3:5C:DF:95:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IfEONEIbr_F01gZ48y-l41zflX4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/3e7654-5124-4a6e-9497-9a9ed1ef2e8d/1/it4PLhn-5AI-HC0wJSvVovV3q-c.roa
Signing time:             Sun 01 Jan 2023 22:35:01 +0000
ROA not before:           Sun 01 Jan 2023 22:35:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48814
IP address blocks:        45.94.148.0/24 maxlen: 24
                          45.94.151.0/24 maxlen: 24
                          45.94.149.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:79:56:2f:81:91:a1:32:96:21:60:92:23:47:67:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21f10e34421baff174d60678f32fa5e35cdf957e
        Validity
            Not Before: Jan  1 22:35:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8ade0f2e19fee4023e1c2d30252bd5a2f577abe7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:36:1b:d1:60:ed:ad:4d:83:bc:62:83:60:73:
                    69:1f:12:9f:b6:6e:7e:d8:1c:7d:c4:a8:0c:0d:e2:
                    0c:3f:cb:06:9f:3b:51:36:37:48:90:53:74:f0:4c:
                    63:e0:16:52:72:4b:c1:58:ed:35:48:9e:a2:ff:b2:
                    9b:df:41:f0:ce:e9:63:12:c6:b8:1d:b8:10:be:a2:
                    0c:a3:ea:d9:65:79:80:3c:9a:a6:65:ab:53:af:f0:
                    ff:a9:a5:ac:f1:01:1a:51:28:2a:75:3f:7c:30:f9:
                    0e:1e:40:97:23:df:df:1d:60:56:c0:e6:f4:76:ac:
                    cc:22:71:72:18:51:6b:f2:1a:06:be:31:46:de:4e:
                    95:5e:a2:65:50:1b:b6:17:4b:fa:a2:f0:3b:35:0c:
                    7c:5f:48:1e:c8:41:57:38:c2:39:41:f8:3f:7f:57:
                    45:9f:01:09:a8:af:60:95:c9:ac:05:7e:30:82:73:
                    bf:29:fe:22:7d:ba:a2:81:f4:d7:f8:23:9b:ed:3b:
                    4c:43:cf:c7:90:42:a2:97:74:ca:3f:db:c2:c0:f9:
                    c6:08:b7:80:00:af:d0:76:b4:04:e6:4a:6f:44:4d:
                    b2:62:d0:20:fe:5a:ea:6a:fa:63:84:81:31:ea:6c:
                    4d:c8:88:ff:89:0c:9b:02:8a:0b:23:90:0d:90:52:
                    c8:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:DE:0F:2E:19:FE:E4:02:3E:1C:2D:30:25:2B:D5:A2:F5:77:AB:E7
            X509v3 Authority Key Identifier:
                keyid:21:F1:0E:34:42:1B:AF:F1:74:D6:06:78:F3:2F:A5:E3:5C:DF:95:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IfEONEIbr_F01gZ48y-l41zflX4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/3e7654-5124-4a6e-9497-9a9ed1ef2e8d/1/it4PLhn-5AI-HC0wJSvVovV3q-c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/3e7654-5124-4a6e-9497-9a9ed1ef2e8d/1/IfEONEIbr_F01gZ48y-l41zflX4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.94.148.0/23
                  45.94.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:1d:d3:76:3b:4f:c1:9d:87:5d:9a:ec:ca:7b:b1:49:09:27:
         d9:70:25:4e:66:7a:e8:2b:60:cd:a6:30:ab:fc:6e:38:78:d4:
         ee:9f:62:9a:4b:0a:fd:cf:0e:20:ba:7e:86:bb:f1:1c:76:36:
         06:68:dd:03:51:ce:65:e5:9f:95:cd:99:f5:77:42:81:60:1f:
         ac:5b:f3:a1:0d:bd:a6:bd:97:99:78:89:27:fe:7f:ab:72:45:
         6f:2d:da:8e:cf:ab:61:54:b7:14:7c:1e:66:bd:0e:7a:a2:d2:
         d2:cb:27:98:1f:8a:36:64:db:cd:f7:08:35:1b:d8:1d:ec:20:
         07:e2:9b:a9:1f:67:3b:e5:55:55:45:c6:de:33:4d:6f:b0:ff:
         7d:96:65:58:75:c4:e5:3c:6b:75:49:90:f3:ff:36:87:bf:9c:
         7c:ae:4d:52:56:75:10:ce:cf:e9:36:f2:db:26:26:11:5d:84:
         3b:e6:ff:fb:a8:b8:73:aa:7b:f5:6d:e7:14:97:ac:a2:05:af:
         26:52:59:f6:c1:a5:b0:ae:57:03:28:e6:49:ae:f3:0d:e2:3d:
         18:63:09:9c:5e:4c:56:2a:81:80:86:1a:b7:ce:35:4f:6f:04:
         d9:e8:cb:28:0f:71:1c:7a:18:c6:93:14:fe:e2:20:66:a9:da:
         45:79:b3:2a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVveVYvgZGhMpYhYJIjR2cHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxZjEwZTM0NDIxYmFmZjE3NGQ2MDY3OGYzMmZhNWUzNWNk
Zjk1N2UwHhcNMjMwMTAxMjIzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWRlMGYyZTE5ZmVlNDAyM2UxYzJkMzAyNTJiZDVhMmY1NzdhYmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTYb0WDtrU2DvGKDYHNpHxKftm5+
2Bx9xKgMDeIMP8sGnztRNjdIkFN08Exj4BZSckvBWO01SJ6i/7Kb30HwzuljEsa4
HbgQvqIMo+rZZXmAPJqmZatTr/D/qaWs8QEaUSgqdT98MPkOHkCXI9/fHWBWwOb0
dqzMInFyGFFr8hoGvjFG3k6VXqJlUBu2F0v6ovA7NQx8X0geyEFXOMI5Qfg/f1dF
nwEJqK9glcmsBX4wgnO/Kf4ifbqigfTX+COb7TtMQ8/HkEKil3TKP9vCwPnGCLeA
AK/QdrQE5kpvRE2yYtAg/lrqavpjhIEx6mxNyIj/iQybAooLI5ANkFLIdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIreDy4Z/uQCPhwtMCUr1aL1d6vnMB8GA1UdIwQY
MBaAFCHxDjRCG6/xdNYGePMvpeNc35V+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWZFT05FSWJyX0YwMWdaNDh5LWw0MXpmbFg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8zZTc2NTQtNTEyNC00YTZlLTk0OTct
OWE5ZWQxZWYyZThkLzEvaXQ0UExobi01QUktSEMwd0pTdlZvdlYzcS1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8zZTc2NTQtNTEyNC00YTZlLTk0OTctOWE5ZWQxZWYyZThk
LzEvSWZFT05FSWJyX0YwMWdaNDh5LWw0MXpmbFg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLV6UAwQA
LV6XMA0GCSqGSIb3DQEBCwUAA4IBAQAwHdN2O0/BnYddmuzKe7FJCSfZcCVOZnro
K2DNpjCr/G44eNTun2KaSwr9zw4gun6Gu/EcdjYGaN0DUc5l5Z+VzZn1d0KBYB+s
W/OhDb2mvZeZeIkn/n+rckVvLdqOz6thVLcUfB5mvQ56otLSyyeYH4o2ZNvN9wg1
G9gd7CAH4pupH2c75VVVRcbeM01vsP99lmVYdcTlPGt1SZDz/zaHv5x8rk1SVnUQ
zs/pNvLbJiYRXYQ75v/7qLhzqnv1becUl6yiBa8mUln2waWwrlcDKOZJrvMN4j0Y
YwmcXkxWKoGAhhq3zjVPbwTZ6MsoD3EcehjGkxT+4iBmqdpFebMq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:52 2024 by rpki-client on console-ams.rpki-client.org