Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/E8TqUS_fgvCQdghbr832vqxoies.roa
File:                     E8TqUS_fgvCQdghbr832vqxoies.roa (raw, json)
Hash identifier:          GX+6Ge75j3NjjTRRCT7iKzAMer/8CHFAFnE8P3Z+Iok=
Subject key identifier:   13:C4:EA:51:2F:DF:82:F0:90:76:08:5B:AF:CD:F6:BE:AC:68:89:EB
Certificate issuer:       /CN=2f6f0ea0127a6e392195696380be5bb0474b01df
Certificate serial:       01856D540B6305E33EB4D07D5B0A64720A7A
Authority key identifier: 2F:6F:0E:A0:12:7A:6E:39:21:95:69:63:80:BE:5B:B0:47:4B:01:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L28OoBJ6bjkhlWljgL5bsEdLAd8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/E8TqUS_fgvCQdghbr832vqxoies.roa
Signing time:             Sun 01 Jan 2023 12:35:02 +0000
ROA not before:           Sun 01 Jan 2023 12:35:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     553
IP address blocks:        45.90.132.0/22 maxlen: 22
                          2a0e:3c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 22 May 2023 21:20:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:54:0b:63:05:e3:3e:b4:d0:7d:5b:0a:64:72:0a:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f6f0ea0127a6e392195696380be5bb0474b01df
        Validity
            Not Before: Jan  1 12:35:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=13c4ea512fdf82f09076085bafcdf6beac6889eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:a1:3f:ca:ee:ac:0b:06:3d:a1:39:e3:d1:50:
                    08:d7:50:ea:be:ed:a7:c9:86:b8:7a:d3:ef:2e:90:
                    06:c8:c9:79:37:71:8d:06:79:c4:08:3f:3e:7e:1b:
                    e9:5d:10:c5:6a:5b:26:05:6c:4d:e1:a0:ed:7a:25:
                    ac:ec:92:21:ee:d4:5a:1e:7a:24:d2:7c:f5:cd:84:
                    a0:a8:25:43:5e:55:11:c8:40:03:f0:d6:e0:06:78:
                    2f:e6:a1:df:01:1f:3a:14:6a:45:bf:c0:e5:04:df:
                    f1:58:04:af:5e:32:fa:2a:6a:5b:54:2a:6e:4b:0e:
                    98:aa:02:33:8c:a4:83:37:f6:e4:e3:c3:5c:71:a7:
                    68:16:83:12:64:26:5f:24:ac:f0:45:f8:e8:f3:62:
                    e0:d9:5d:33:0e:3b:b8:42:a8:cf:a8:a3:2e:3d:f1:
                    fa:62:e7:b6:22:3b:1f:1d:78:95:36:23:4f:5d:18:
                    45:ae:c3:94:4e:5e:b4:ae:50:be:f8:8e:14:e8:8d:
                    7a:44:ce:3e:f3:0b:a1:1b:d1:8b:29:b3:ce:2b:16:
                    94:b0:37:8d:be:6a:38:4d:cf:8e:a8:86:bf:f0:be:
                    7f:bd:8c:34:cf:b9:50:b2:6f:9a:45:3b:34:66:09:
                    95:23:62:0d:88:75:7c:4b:d1:56:4f:b7:de:9f:2d:
                    f3:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:C4:EA:51:2F:DF:82:F0:90:76:08:5B:AF:CD:F6:BE:AC:68:89:EB
            X509v3 Authority Key Identifier:
                keyid:2F:6F:0E:A0:12:7A:6E:39:21:95:69:63:80:BE:5B:B0:47:4B:01:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L28OoBJ6bjkhlWljgL5bsEdLAd8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/E8TqUS_fgvCQdghbr832vqxoies.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/L28OoBJ6bjkhlWljgL5bsEdLAd8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.90.132.0/22
                IPv6:
                  2a0e:3c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         31:98:d6:3d:79:2f:d5:d8:a3:b7:52:68:4b:f5:29:0f:4d:37:
         7e:3d:d6:b8:68:f4:e8:91:82:0c:d3:26:9f:37:8b:6d:e4:f8:
         fa:6f:09:0c:b8:6a:00:34:47:21:47:62:d9:46:6b:ba:b5:25:
         0a:d5:bf:17:47:ec:02:58:50:37:14:cb:f0:88:8b:bb:6e:9c:
         aa:db:b8:14:6b:8e:53:35:a9:80:b0:f5:ef:d8:c8:be:e2:26:
         ea:9b:07:39:6f:3d:38:e6:75:26:e2:11:88:aa:1f:c6:77:7e:
         37:f7:df:12:57:a9:3a:6b:b7:87:b6:d9:b4:64:1a:8a:06:7d:
         ff:49:48:c4:38:59:0b:b1:b0:f3:a2:87:1a:40:c5:ea:c9:b7:
         54:ba:a9:73:51:af:8b:75:22:56:8a:83:7b:74:2a:fb:8e:42:
         6d:da:5c:84:2c:3f:74:42:01:0c:94:f3:54:16:06:a3:42:d5:
         ac:6e:27:d8:a0:d0:68:8d:3e:47:0d:fe:9f:60:46:29:a4:09:
         8b:5c:f4:fe:36:70:11:dc:ee:cb:de:73:f0:1c:cd:54:9a:f4:
         67:ce:5f:aa:3c:75:79:c9:9c:15:b7:4a:3c:1a:03:ec:6c:59:
         04:ce:72:19:53:a8:9e:fc:c6:99:06:dd:88:16:5e:c6:26:ee:
         4a:92:c5:db
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtVAtjBeM+tNB9Wwpkcgp6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmYwZWEwMTI3YTZlMzkyMTk1Njk2MzgwYmU1YmIwNDc0
YjAxZGYwHhcNMjMwMTAxMTIzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2M0ZWE1MTJmZGY4MmYwOTA3NjA4NWJhZmNkZjZiZWFjNjg4OWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKE/yu6sCwY9oTnj0VAI11Dqvu2n
yYa4etPvLpAGyMl5N3GNBnnECD8+fhvpXRDFalsmBWxN4aDteiWs7JIh7tRaHnok
0nz1zYSgqCVDXlURyEAD8NbgBngv5qHfAR86FGpFv8DlBN/xWASvXjL6KmpbVCpu
Sw6YqgIzjKSDN/bk48NccadoFoMSZCZfJKzwRfjo82Lg2V0zDju4QqjPqKMuPfH6
Yue2IjsfHXiVNiNPXRhFrsOUTl60rlC++I4U6I16RM4+8wuhG9GLKbPOKxaUsDeN
vmo4Tc+OqIa/8L5/vYw0z7lQsm+aRTs0ZgmVI2INiHV8S9FWT7feny3z+wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBPE6lEv34LwkHYIW6/N9r6saInrMB8GA1UdIwQY
MBaAFC9vDqASem45IZVpY4C+W7BHSwHfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDI4T29CSjZiamtobFdsamdMNWJzRWRMQWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS82MjY0MWYtY2Y5OS00NTE0LWI3ZDct
YjJhMjMyNDZlNjE0LzEvRThUcVVTX2ZndkNRZGdoYnI4MzJ2cXhvaWVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS82MjY0MWYtY2Y5OS00NTE0LWI3ZDctYjJhMjMyNDZlNjE0
LzEvTDI4T29CSjZiamtobFdsamdMNWJzRWRMQWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVqEMA0E
AgACMAcDBQMqDgPAMA0GCSqGSIb3DQEBCwUAA4IBAQAxmNY9eS/V2KO3UmhL9SkP
TTd+Pda4aPTokYIM0yafN4tt5Pj6bwkMuGoANEchR2LZRmu6tSUK1b8XR+wCWFA3
FMvwiIu7bpyq27gUa45TNamAsPXv2Mi+4ibqmwc5bz045nUm4hGIqh/Gd343998S
V6k6a7eHttm0ZBqKBn3/SUjEOFkLsbDzoocaQMXqybdUuqlzUa+LdSJWioN7dCr7
jkJt2lyELD90QgEMlPNUFgajQtWsbifYoNBojT5HDf6fYEYppAmLXPT+NnAR3O7L
3nPwHM1UmvRnzl+qPHV5yZwVt0o8GgPsbFkEznIZU6ie/MaZBt2IFl7GJu5KksXb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:00 2024 by rpki-client on console-fra.rpki-client.org