Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/CQV0evEvIbitNwM_CHL8pPGi9tc.roa
File:                     CQV0evEvIbitNwM_CHL8pPGi9tc.roa (raw, json)
Hash identifier:          ie1ChGXY2+BCcq22x6UHooAtZdH6EWlkv9+IiDIDR6w=
Subject key identifier:   09:05:74:7A:F1:2F:21:B8:AD:37:03:3F:08:72:FC:A4:F1:A2:F6:D7
Certificate issuer:       /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial:       018DCFAC8D3F3353636B8912B7DEF988E3A2
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/CQV0evEvIbitNwM_CHL8pPGi9tc.roa
Signing time:             Thu 22 Feb 2024 07:16:48 +0000
ROA not before:           Thu 22 Feb 2024 07:16:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57604
IP address blocks:        45.141.208.0/22 maxlen: 24
                          45.150.8.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 28 Feb 2024 09:39:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:cf:ac:8d:3f:33:53:63:6b:89:12:b7:de:f9:88:e3:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
        Validity
            Not Before: Feb 22 07:16:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0905747af12f21b8ad37033f0872fca4f1a2f6d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:80:c2:8f:3b:9d:5a:cb:ff:10:5b:b3:99:f0:
                    97:fd:0f:ad:3f:77:b2:90:7e:7f:30:71:f0:1d:77:
                    3d:5d:8f:61:85:f1:1d:00:a6:ab:09:7b:b0:a7:76:
                    2d:c5:20:4a:4b:53:72:78:01:d1:94:e0:7f:01:c9:
                    d4:0e:43:a6:5f:02:72:8c:7a:7a:15:86:2f:42:ee:
                    b8:89:98:41:b6:ac:7c:4f:2a:df:80:df:e5:c3:ba:
                    a9:d6:ea:d8:b5:ad:6f:94:d9:fe:ee:f4:01:ea:40:
                    3c:11:f6:f5:23:cd:5f:0a:df:bf:ef:37:25:d2:8f:
                    14:e1:50:1e:5e:a5:b6:ae:fd:40:c4:c7:7f:de:4c:
                    ae:ca:f8:ec:3e:a3:33:e2:2e:cb:96:be:40:a0:2a:
                    4c:1b:48:6e:21:68:8a:9d:c1:d9:7f:4a:d7:b9:0a:
                    04:89:8a:22:6c:30:05:7b:e4:24:60:66:9f:08:49:
                    27:9b:b2:6c:83:cb:56:3f:0d:6a:37:ba:fd:4e:2a:
                    f1:84:1e:a6:8c:07:6e:eb:7c:71:02:24:2c:89:f8:
                    6d:bf:8a:22:c1:12:73:d6:ee:99:b1:a8:28:15:a9:
                    65:99:e4:40:74:2c:41:a3:c5:03:a6:17:37:4c:b0:
                    c5:c3:6f:0f:af:d6:93:4e:cf:99:27:39:2c:f9:b7:
                    6b:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:05:74:7A:F1:2F:21:B8:AD:37:03:3F:08:72:FC:A4:F1:A2:F6:D7
            X509v3 Authority Key Identifier:
                keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/CQV0evEvIbitNwM_CHL8pPGi9tc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.141.208.0/22
                  45.150.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b1:2e:3d:1f:ae:ce:74:9b:81:76:43:2b:36:50:14:86:a7:4c:
         54:dd:9b:60:56:f2:99:c1:21:b6:92:c7:c2:9a:bd:a6:7f:38:
         0c:d7:13:68:b4:d0:d6:91:79:b2:46:bb:05:3c:73:36:50:63:
         8c:e8:f0:01:5f:36:c0:70:5d:5e:62:3b:bf:21:77:8f:fb:38:
         49:68:7c:97:37:49:bf:7a:9b:01:5e:b0:b0:d1:76:3b:a0:9f:
         41:da:29:ea:b4:4b:98:b1:4e:60:f2:f2:98:67:24:70:04:78:
         93:0d:f9:9b:f9:43:d6:da:4c:15:35:35:1c:ea:37:0d:c9:e0:
         5c:ea:5c:81:3f:b8:89:f8:9c:93:f6:92:87:25:ea:82:94:ee:
         16:7e:87:22:d9:cf:bd:c6:f6:0f:37:05:dc:bb:10:06:3f:15:
         c7:01:93:f3:e2:b8:b5:d6:82:47:08:4e:d9:00:04:ca:25:5e:
         17:4a:0f:e0:dd:de:6c:23:07:5b:b6:0b:94:53:da:00:72:e3:
         82:39:b3:8a:76:d9:88:cf:06:b7:96:2a:12:b9:8b:30:3d:04:
         ca:25:7f:d6:17:34:73:ef:3f:3a:ab:e2:bd:f6:bc:82:83:d1:
         ec:ca:f0:86:89:53:72:f1:47:14:51:82:a2:7a:e8:c1:0a:d6:
         37:fc:0c:22
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3PrI0/M1Nja4kSt975iOOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjQwMjIyMDcxNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTA1NzQ3YWYxMmYyMWI4YWQzNzAzM2YwODcyZmNhNGYxYTJmNmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9YDCjzudWsv/EFuzmfCX/Q+tP3ey
kH5/MHHwHXc9XY9hhfEdAKarCXuwp3YtxSBKS1NyeAHRlOB/AcnUDkOmXwJyjHp6
FYYvQu64iZhBtqx8TyrfgN/lw7qp1urYta1vlNn+7vQB6kA8Efb1I81fCt+/7zcl
0o8U4VAeXqW2rv1AxMd/3kyuyvjsPqMz4i7Llr5AoCpMG0huIWiKncHZf0rXuQoE
iYoibDAFe+QkYGafCEknm7Jsg8tWPw1qN7r9TirxhB6mjAdu63xxAiQsifhtv4oi
wRJz1u6ZsagoFallmeRAdCxBo8UDphc3TLDFw28Pr9aTTs+ZJzks+bdrYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAkFdHrxLyG4rTcDPwhy/KTxovbXMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvQ1FWMGV2RXZJYml0TndNX0NITDhwUEdpOXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLY3QAwQC
LZYIMA0GCSqGSIb3DQEBCwUAA4IBAQCxLj0frs50m4F2Qys2UBSGp0xU3ZtgVvKZ
wSG2ksfCmr2mfzgM1xNotNDWkXmyRrsFPHM2UGOM6PABXzbAcF1eYju/IXeP+zhJ
aHyXN0m/epsBXrCw0XY7oJ9B2inqtEuYsU5g8vKYZyRwBHiTDfmb+UPW2kwVNTUc
6jcNyeBc6lyBP7iJ+JyT9pKHJeqClO4Wfoci2c+9xvYPNwXcuxAGPxXHAZPz4ri1
1oJHCE7ZAATKJV4XSg/g3d5sIwdbtguUU9oAcuOCObOKdtmIzwa3lioSuYswPQTK
JX/WFzRz7z86q+K99ryCg9HsyvCGiVNy8UcUUYKieujBCtY3/Awi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:23 2024 by rpki-client on console-fra.rpki-client.org