Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/cRTuohenNgXJqSCivSKE7YNnX0o.roa
File:                     cRTuohenNgXJqSCivSKE7YNnX0o.roa (raw, json)
Hash identifier:          Br5ZDObZTozvOwYvD2tKZKcTWWVYh8tHh+1d9usgf8I=
Subject key identifier:   71:14:EE:A2:17:A7:36:05:C9:A9:20:A2:BD:22:84:ED:83:67:5F:4A
Certificate issuer:       /CN=2f6f0ea0127a6e392195696380be5bb0474b01df
Certificate serial:       018845569F994EFF06D6DD1DECA8E4441D73
Authority key identifier: 2F:6F:0E:A0:12:7A:6E:39:21:95:69:63:80:BE:5B:B0:47:4B:01:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L28OoBJ6bjkhlWljgL5bsEdLAd8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/cRTuohenNgXJqSCivSKE7YNnX0o.roa
Signing time:             Mon 22 May 2023 21:21:24 +0000
ROA not before:           Mon 22 May 2023 21:21:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     553
IP address blocks:        45.90.132.0/22 maxlen: 22
                          185.134.84.0/22 maxlen: 22
                          2a0e:3c0::/29 maxlen: 29
                          2a06:ec00::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:45:56:9f:99:4e:ff:06:d6:dd:1d:ec:a8:e4:44:1d:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f6f0ea0127a6e392195696380be5bb0474b01df
        Validity
            Not Before: May 22 21:21:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7114eea217a73605c9a920a2bd2284ed83675f4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:86:9e:83:fc:88:b0:c8:b2:6a:74:e6:8f:0e:
                    cb:fe:9b:ac:11:41:08:ee:18:8e:97:80:20:45:ba:
                    53:be:03:3c:3d:68:6a:b4:e5:4c:43:b1:28:37:65:
                    71:01:f0:87:8f:48:cd:bd:21:40:e8:01:cb:6b:fd:
                    44:8a:9e:f3:d0:0d:70:ad:dc:6f:20:7a:8e:ea:54:
                    39:a6:82:4e:a5:fe:13:0a:38:c7:6b:45:4a:f6:82:
                    a3:d0:57:16:ab:01:95:2b:b8:c3:3a:34:ce:a9:fd:
                    01:db:45:de:fa:11:95:d2:ea:d6:72:64:c0:d9:0d:
                    63:7b:06:79:fb:96:32:ca:34:2b:27:cc:a8:a9:44:
                    46:41:67:5c:c7:7b:c9:dd:dc:a9:15:9d:4e:72:88:
                    1d:83:82:a0:5b:11:b4:01:3d:e0:19:37:b7:75:61:
                    e6:af:1a:c7:e8:5e:ed:73:b0:25:27:31:82:63:d7:
                    74:73:12:bc:9a:9a:bd:d9:11:46:ff:fe:6e:9e:a8:
                    06:68:00:63:30:a3:eb:a2:ca:58:cf:29:fa:94:cc:
                    fa:4e:fa:3b:16:1b:0a:48:61:b0:6b:55:47:2c:e5:
                    56:4f:7a:7d:fd:b5:5c:66:3a:28:2f:65:db:ee:32:
                    c6:94:f7:95:ef:b7:ae:94:13:8e:1f:86:65:7f:f9:
                    2a:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:14:EE:A2:17:A7:36:05:C9:A9:20:A2:BD:22:84:ED:83:67:5F:4A
            X509v3 Authority Key Identifier:
                keyid:2F:6F:0E:A0:12:7A:6E:39:21:95:69:63:80:BE:5B:B0:47:4B:01:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L28OoBJ6bjkhlWljgL5bsEdLAd8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/cRTuohenNgXJqSCivSKE7YNnX0o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/L28OoBJ6bjkhlWljgL5bsEdLAd8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.90.132.0/22
                  185.134.84.0/22
                IPv6:
                  2a06:ec00::/29
                  2a0e:3c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         79:28:e7:54:93:ac:c4:b3:44:af:5c:05:70:55:d1:db:a5:d3:
         30:50:73:84:51:fa:83:f4:d1:d6:37:0d:9d:64:f2:72:2c:e8:
         9e:56:64:c0:23:9a:ef:f5:23:2b:c2:f9:40:3b:e5:6b:6b:ff:
         ca:2c:61:7f:bc:88:81:ec:5e:e2:b9:cf:d3:87:25:dc:4a:61:
         d9:0b:61:9b:34:90:56:8f:8f:03:5f:80:77:42:0d:0e:bb:50:
         6d:75:fd:b8:30:fb:1e:a9:b2:06:21:81:28:69:cb:02:c4:83:
         cd:bb:05:cf:06:10:82:26:a5:8c:7c:b6:cc:cc:0c:b4:3f:4c:
         e9:f4:c5:17:fa:fd:09:0e:69:2c:39:af:5b:d8:49:5f:3a:65:
         6b:75:78:de:d6:0f:f5:86:4f:eb:35:a0:af:45:47:67:6b:08:
         69:e0:77:3f:35:f9:1a:2f:e2:6d:74:80:8e:2e:ab:5d:fb:b7:
         b3:c5:64:3a:fc:a8:dd:93:8e:c4:c6:97:59:1b:75:ec:48:0c:
         42:01:34:38:0d:c0:52:01:4c:e5:69:12:87:60:8d:7b:cb:8f:
         7c:69:98:4d:5d:db:0d:b5:bc:d1:26:18:dd:ce:4d:49:36:55:
         dc:ba:03:8c:14:30:61:54:b7:2c:cf:07:8e:0f:95:e4:19:b6:
         12:e0:02:4a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYhFVp+ZTv8G1t0d7KjkRB1zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmYwZWEwMTI3YTZlMzkyMTk1Njk2MzgwYmU1YmIwNDc0
YjAxZGYwHhcNMjMwNTIyMjEyMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTE0ZWVhMjE3YTczNjA1YzlhOTIwYTJiZDIyODRlZDgzNjc1ZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloaeg/yIsMiyanTmjw7L/pusEUEI
7hiOl4AgRbpTvgM8PWhqtOVMQ7EoN2VxAfCHj0jNvSFA6AHLa/1Eip7z0A1wrdxv
IHqO6lQ5poJOpf4TCjjHa0VK9oKj0FcWqwGVK7jDOjTOqf0B20Xe+hGV0urWcmTA
2Q1jewZ5+5YyyjQrJ8yoqURGQWdcx3vJ3dypFZ1Ocogdg4KgWxG0AT3gGTe3dWHm
rxrH6F7tc7AlJzGCY9d0cxK8mpq92RFG//5unqgGaABjMKProspYzyn6lMz6Tvo7
FhsKSGGwa1VHLOVWT3p9/bVcZjooL2Xb7jLGlPeV77eulBOOH4Zlf/kqbwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHEU7qIXpzYFyakgor0ihO2DZ19KMB8GA1UdIwQY
MBaAFC9vDqASem45IZVpY4C+W7BHSwHfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDI4T29CSjZiamtobFdsamdMNWJzRWRMQWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS82MjY0MWYtY2Y5OS00NTE0LWI3ZDct
YjJhMjMyNDZlNjE0LzEvY1JUdW9oZW5OZ1hKcVNDaXZTS0U3WU5uWDBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS82MjY0MWYtY2Y5OS00NTE0LWI3ZDctYjJhMjMyNDZlNjE0
LzEvTDI4T29CSjZiamtobFdsamdMNWJzRWRMQWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLVqEAwQC
uYZUMBQEAgACMA4DBQMqBuwAAwUDKg4DwDANBgkqhkiG9w0BAQsFAAOCAQEAeSjn
VJOsxLNEr1wFcFXR26XTMFBzhFH6g/TR1jcNnWTycizonlZkwCOa7/UjK8L5QDvl
a2v/yixhf7yIgexe4rnP04cl3Eph2QthmzSQVo+PA1+Ad0INDrtQbXX9uDD7Hqmy
BiGBKGnLAsSDzbsFzwYQgialjHy2zMwMtD9M6fTFF/r9CQ5pLDmvW9hJXzpla3V4
3tYP9YZP6zWgr0VHZ2sIaeB3PzX5Gi/ibXSAji6rXfu3s8VkOvyo3ZOOxMaXWRt1
7EgMQgE0OA3AUgFM5WkSh2CNe8uPfGmYTV3bDbW80SYY3c5NSTZV3LoDjBQwYVS3
LM8Hjg+V5Bm2EuACSg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:45 2024 by rpki-client on console-ams.rpki-client.org