Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/xLss9n2l1_mRTQkiRZ7orgrktzs.roa
File:                     xLss9n2l1_mRTQkiRZ7orgrktzs.roa (raw, json)
Hash identifier:          M55keNXjkyHQHv7LJk4udxiX9Pv0Dj/sfjraoDFuFjg=
Subject key identifier:   C4:BB:2C:F6:7D:A5:D7:F9:91:4D:09:22:45:9E:E8:AE:0A:E4:B7:3B
Certificate issuer:       /CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Certificate serial:       018572714113EC7043B20C65908A5809E6DF
Authority key identifier: 03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/xLss9n2l1_mRTQkiRZ7orgrktzs.roa
Signing time:             Mon 02 Jan 2023 12:25:02 +0000
ROA not before:           Mon 02 Jan 2023 12:25:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201619
IP address blocks:        45.148.75.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:71:41:13:ec:70:43:b2:0c:65:90:8a:58:09:e6:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
        Validity
            Not Before: Jan  2 12:25:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c4bb2cf67da5d7f9914d0922459ee8ae0ae4b73b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:f1:e8:bf:94:1e:dc:0f:dc:b1:bd:66:2b:a0:
                    0b:c0:1d:88:ee:0a:a2:06:af:5d:50:e1:51:0f:68:
                    5b:ab:8a:8f:ac:9d:5e:b0:07:49:04:17:28:c2:54:
                    b9:ec:07:62:85:66:8f:03:e3:cc:72:d4:5d:72:f8:
                    99:d9:bf:fa:e1:6f:01:cb:0e:b0:1e:8c:01:1e:cc:
                    70:42:99:99:c6:0c:eb:5e:fe:6d:be:42:f8:47:a7:
                    b1:c8:6e:5a:17:bc:b3:db:9d:09:0b:55:a9:cb:08:
                    1b:a3:8b:2d:8e:c9:e2:e2:bd:d2:27:c1:ce:c8:f8:
                    76:5f:cf:da:e2:20:3f:4c:0e:de:cb:00:3e:2f:a1:
                    e0:d3:63:86:7e:b8:da:47:ee:81:5a:d4:57:ba:dc:
                    c7:bd:e7:c0:25:7b:de:31:9b:ac:29:5a:d9:81:26:
                    83:0c:90:19:7f:df:d5:85:21:5e:90:d6:9d:2b:a4:
                    02:b9:44:b0:34:32:49:45:1f:bd:c8:af:6c:43:05:
                    82:4c:fe:52:f3:2b:7f:92:4b:40:01:25:7f:d8:62:
                    75:09:15:ab:82:13:72:c8:f8:48:1c:0a:d7:19:16:
                    8b:15:2f:3c:d2:a3:a7:de:4a:b6:de:f2:7b:65:b3:
                    4b:3b:df:f0:f5:5e:43:86:9a:c2:a2:fc:63:a2:dd:
                    bf:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:BB:2C:F6:7D:A5:D7:F9:91:4D:09:22:45:9E:E8:AE:0A:E4:B7:3B
            X509v3 Authority Key Identifier:
                keyid:03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/xLss9n2l1_mRTQkiRZ7orgrktzs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.148.75.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:a3:83:da:5c:54:ee:a0:2c:47:6f:c8:8c:12:40:e1:bb:24:
         9d:a1:2e:ee:84:dd:8c:6f:37:bd:af:1a:1d:b1:b3:ad:4d:c3:
         3b:59:c5:39:17:a3:aa:0e:32:bc:0e:16:d1:a1:68:b8:7d:43:
         94:27:96:fa:b1:e3:ee:41:3f:97:1f:c3:c2:11:41:b2:4b:76:
         b3:ab:1d:71:10:6e:86:d8:bb:b3:10:ad:da:19:cd:33:c2:d4:
         b0:4c:8e:8e:21:cb:fb:cf:1c:21:8b:24:66:6b:82:1c:16:56:
         a2:fd:60:a7:64:49:13:a3:98:87:4b:de:e2:e9:64:5a:7e:cb:
         1b:08:5f:ac:34:2f:7b:2c:29:cc:19:4a:cc:98:3e:20:eb:7f:
         73:25:54:7d:38:c7:24:eb:20:e5:de:38:12:9c:c6:c4:e0:73:
         64:04:c2:20:87:e2:7f:d4:93:92:50:55:6d:70:9f:a7:85:4d:
         ec:6b:ae:5d:5b:84:90:52:41:8c:1f:85:07:04:1e:b8:83:53:
         8a:e6:77:b1:dd:2b:a6:79:18:c0:c5:8d:cd:c9:5d:e0:8c:bf:
         3a:c4:36:6b:0d:f2:9c:92:1f:e5:e4:e6:35:4d:a0:4e:56:37:
         0c:98:55:b2:25:98:3d:fd:ea:bb:97:02:ca:b5:03:75:4b:03:
         5d:2d:3f:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVycUET7HBDsgxlkIpYCebfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzY2JkYjA1OTVmYzQ4OTAyOTM4YTc4ZjQyYzFlYWYwYTE1
OWJmNDYwHhcNMjMwMTAyMTIyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGJiMmNmNjdkYTVkN2Y5OTE0ZDA5MjI0NTllZThhZTBhZTRiNzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvHov5Qe3A/csb1mK6ALwB2I7gqi
Bq9dUOFRD2hbq4qPrJ1esAdJBBcowlS57AdihWaPA+PMctRdcviZ2b/64W8Byw6w
HowBHsxwQpmZxgzrXv5tvkL4R6exyG5aF7yz250JC1Wpywgbo4stjsni4r3SJ8HO
yPh2X8/a4iA/TA7eywA+L6Hg02OGfrjaR+6BWtRXutzHvefAJXveMZusKVrZgSaD
DJAZf9/VhSFekNadK6QCuUSwNDJJRR+9yK9sQwWCTP5S8yt/kktAASV/2GJ1CRWr
ghNyyPhIHArXGRaLFS880qOn3kq23vJ7ZbNLO9/w9V5DhprCovxjot2/fwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMS7LPZ9pdf5kU0JIkWe6K4K5Lc7MB8GA1UdIwQY
MBaAFAPL2wWV/EiQKTinj0LB6vChWb9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYt
ZjY2MTM4MDY2MzU4LzEveExzczluMmwxX21SVFFraVJaN29yZ3JrdHpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYtZjY2MTM4MDY2MzU4
LzEvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZRLMA0G
CSqGSIb3DQEBCwUAA4IBAQCDo4PaXFTuoCxHb8iMEkDhuySdoS7uhN2Mbze9rxod
sbOtTcM7WcU5F6OqDjK8DhbRoWi4fUOUJ5b6sePuQT+XH8PCEUGyS3azqx1xEG6G
2LuzEK3aGc0zwtSwTI6OIcv7zxwhiyRma4IcFlai/WCnZEkTo5iHS97i6WRafssb
CF+sNC97LCnMGUrMmD4g639zJVR9OMck6yDl3jgSnMbE4HNkBMIgh+J/1JOSUFVt
cJ+nhU3sa65dW4SQUkGMH4UHBB64g1OK5nex3SumeRjAxY3NyV3gjL86xDZrDfKc
kh/l5OY1TaBOVjcMmFWyJZg9/eq7lwLKtQN1SwNdLT93
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:12 2024 by rpki-client on console-fra.rpki-client.org