Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1NmO64yvJDneioLJ0GaH9n5EJQg.roa
File:                     1NmO64yvJDneioLJ0GaH9n5EJQg.roa (raw, json)
Hash identifier:          7dY6pCD1veH/XRXfPq0RStWaGSpuNKtO0qD5v+uxJ5Q=
Subject key identifier:   D4:D9:8E:EB:8C:AF:24:39:DE:8A:82:C9:D0:66:87:F6:7E:44:25:08
Certificate issuer:       /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial:       018CC794645F9FB665EDFBF71C8E3F464DA2
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1NmO64yvJDneioLJ0GaH9n5EJQg.roa
Signing time:             Tue 02 Jan 2024 00:30:40 +0000
ROA not before:           Tue 02 Jan 2024 00:30:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     203446
IP address blocks:        45.143.4.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 07 Jan 2024 20:49:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:94:64:5f:9f:b6:65:ed:fb:f7:1c:8e:3f:46:4d:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
        Validity
            Not Before: Jan  2 00:30:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d4d98eeb8caf2439de8a82c9d06687f67e442508
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:42:47:f7:86:c8:02:78:e3:c0:68:34:02:0b:
                    34:c2:1c:2f:08:8e:c9:ec:b9:1b:5e:15:f0:03:1c:
                    2a:96:51:32:61:a1:a8:45:25:8e:60:2d:9e:d7:1e:
                    06:e0:12:b8:bd:2b:ef:66:82:68:8a:8c:6b:4f:58:
                    07:a0:b5:c3:57:19:a6:74:5d:fe:ef:a8:df:e6:2d:
                    f0:ec:f5:ee:19:70:5e:a8:d3:17:44:fe:1f:d5:ff:
                    ec:2a:28:01:63:11:87:fa:c8:5f:fd:e5:ec:aa:68:
                    44:9c:bd:42:f4:1c:f8:d8:78:86:c4:fa:2c:89:2f:
                    40:1a:cc:b3:e4:d9:ff:ba:5a:b1:91:23:07:38:62:
                    72:93:31:26:dd:b4:66:31:a8:2b:a2:6c:96:8e:e2:
                    17:db:3e:b1:32:91:54:b2:64:86:e8:99:ae:2d:86:
                    e7:58:ce:92:7f:eb:d2:be:30:16:74:8b:ef:da:c1:
                    b0:fd:ce:d3:e3:12:b0:bf:e1:61:ff:13:44:eb:f7:
                    0c:f4:62:88:ae:43:73:d2:73:d1:ec:2a:9c:a1:e8:
                    70:7d:ae:1c:b7:8c:84:a1:ff:d5:18:34:e5:e6:0f:
                    b7:1c:28:58:3e:8c:29:c3:f3:b9:04:93:4b:2b:26:
                    57:8f:34:ec:67:5c:df:f4:0f:5e:5c:46:50:53:1f:
                    1d:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:D9:8E:EB:8C:AF:24:39:DE:8A:82:C9:D0:66:87:F6:7E:44:25:08
            X509v3 Authority Key Identifier:
                keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1NmO64yvJDneioLJ0GaH9n5EJQg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.143.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:77:00:04:44:3b:4d:d6:88:19:db:df:f8:11:43:5e:73:02:
         2e:8b:01:8a:74:ff:a3:44:f9:0f:90:75:7c:75:16:50:04:6b:
         4a:c2:35:89:29:76:17:dd:53:21:91:f1:5c:d6:12:fa:fb:e4:
         48:fd:ee:54:da:22:59:42:6f:4e:53:79:ed:14:a9:d5:84:54:
         e9:0a:13:8c:c1:ce:4e:ed:82:81:0b:a9:da:8d:0e:29:50:2e:
         93:42:13:fa:6a:ac:e1:81:7f:b4:9f:ff:5f:00:a4:a1:70:76:
         c8:93:7e:8c:c5:ae:c2:64:b6:3e:d1:dc:1a:ca:f8:5c:75:a5:
         08:9e:95:c1:30:91:c3:45:d8:bf:10:52:de:51:06:ae:b7:98:
         93:bc:7e:eb:3a:0b:e5:a5:c6:60:4c:e4:9a:77:1c:da:44:ef:
         ec:ab:d8:82:43:92:1a:9a:c5:34:07:21:1e:4f:31:ad:a0:cb:
         aa:cc:25:bf:0e:1b:72:29:4e:39:1b:52:e3:82:9e:ce:00:07:
         83:bc:aa:ac:b6:c2:7a:6a:6c:c3:d5:37:8b:82:89:ab:4a:ea:
         71:3e:7a:ec:15:3e:c8:f3:70:17:56:f1:1e:82:fa:3e:95:3c:
         77:31:57:5a:5b:20:5e:b9:31:1f:bf:b9:e9:a1:70:2d:52:27:
         a7:89:88:3b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzHlGRfn7Zl7fv3HI4/Rk2iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NjUxYjExOTRmMTJlOThlNzBkM2RhNzhlZmU0ZGQyNDY3
Y2Q0MjMwHhcNMjQwMTAyMDAzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGQ5OGVlYjhjYWYyNDM5ZGU4YTgyYzlkMDY2ODdmNjdlNDQyNTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUJH94bIAnjjwGg0Ags0whwvCI7J
7LkbXhXwAxwqllEyYaGoRSWOYC2e1x4G4BK4vSvvZoJoioxrT1gHoLXDVxmmdF3+
76jf5i3w7PXuGXBeqNMXRP4f1f/sKigBYxGH+shf/eXsqmhEnL1C9Bz42HiGxPos
iS9AGsyz5Nn/ulqxkSMHOGJykzEm3bRmMagromyWjuIX2z6xMpFUsmSG6JmuLYbn
WM6Sf+vSvjAWdIvv2sGw/c7T4xKwv+Fh/xNE6/cM9GKIrkNz0nPR7Cqcoehwfa4c
t4yEof/VGDTl5g+3HChYPowpw/O5BJNLKyZXjzTsZ1zf9A9eXEZQUx8d5QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNTZjuuMryQ53oqCydBmh/Z+RCUIMB8GA1UdIwQY
MBaAFPhlGxGU8S6Y5w09p47+TdJGfNQjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1HVWJFWlR4THBqbkRUMm5qdjVOMGtaODFDTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjli
LWExYjdjZWVmYTE2Yy8xLzFObU82NHl2SkRuZWlvTEowR2FIOW41RUpRZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjliLWExYjdjZWVmYTE2
Yy8xLzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtjwQw
DQYJKoZIhvcNAQELBQADggEBACN3AAREO03WiBnb3/gRQ15zAi6LAYp0/6NE+Q+Q
dXx1FlAEa0rCNYkpdhfdUyGR8VzWEvr75Ej97lTaIllCb05Tee0UqdWEVOkKE4zB
zk7tgoELqdqNDilQLpNCE/pqrOGBf7Sf/18ApKFwdsiTfozFrsJktj7R3BrK+Fx1
pQielcEwkcNF2L8QUt5RBq63mJO8fus6C+WlxmBM5Jp3HNpE7+yr2IJDkhqaxTQH
IR5PMa2gy6rMJb8OG3IpTjkbUuOCns4AB4O8qqy2wnpqbMPVN4uCiatK6nE+euwV
PsjzcBdW8R6C+j6VPHcxV1pbIF65MR+/uemhcC1SJ6eJiDs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:55 2024 by rpki-client on console-fra.rpki-client.org