Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c76d85-6864-4b37-bdb3-92e8be6279bb/1/icIVwvLeLAYdh81iV4sMD8bJSvY.roa
File:                     icIVwvLeLAYdh81iV4sMD8bJSvY.roa (raw, json)
Hash identifier:          2xl5/VD0KTVv1EDk9XKYWKVb2lb+HFYVeRFf0tLEtcI=
Subject key identifier:   89:C2:15:C2:F2:DE:2C:06:1D:87:CD:62:57:8B:0C:0F:C6:C9:4A:F6
Certificate issuer:       /CN=40d55b78836a93fb6f9ec9fa7a79ed9b8bea2ba1
Certificate serial:       0185704BCB34DE6485C418B97CC936AEB1CF
Authority key identifier: 40:D5:5B:78:83:6A:93:FB:6F:9E:C9:FA:7A:79:ED:9B:8B:EA:2B:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QNVbeINqk_tvnsn6enntm4vqK6E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/c76d85-6864-4b37-bdb3-92e8be6279bb/1/icIVwvLeLAYdh81iV4sMD8bJSvY.roa
Signing time:             Mon 02 Jan 2023 02:24:53 +0000
ROA not before:           Mon 02 Jan 2023 02:24:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62579
IP address blocks:        45.129.194.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 21 Nov 2023 09:29:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:4b:cb:34:de:64:85:c4:18:b9:7c:c9:36:ae:b1:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40d55b78836a93fb6f9ec9fa7a79ed9b8bea2ba1
        Validity
            Not Before: Jan  2 02:24:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=89c215c2f2de2c061d87cd62578b0c0fc6c94af6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:04:41:e5:05:6e:27:12:69:70:f1:75:9c:79:
                    7d:b1:59:15:16:85:8d:10:14:34:24:49:6d:6c:67:
                    cd:da:55:06:97:99:f8:6a:72:cb:77:99:cf:f5:52:
                    fd:d9:be:9e:87:c5:a3:e6:7e:b8:8d:70:99:a8:c3:
                    e0:d7:b7:2a:df:38:37:12:d7:04:57:a9:cd:30:e1:
                    a0:67:5b:37:c5:b6:63:fd:c7:b5:e7:e3:71:2c:56:
                    91:ae:b4:28:3d:d5:05:09:a1:d6:71:18:51:c9:52:
                    61:2c:61:b8:52:e2:47:c6:26:99:67:3e:f0:8e:4c:
                    cb:d0:66:6f:51:f7:6a:e4:f2:73:a9:e4:ad:57:61:
                    ab:e9:4e:d2:80:51:67:1e:ab:3a:74:ee:26:44:99:
                    51:37:01:a3:e9:50:f5:0b:23:45:17:3c:45:0d:6b:
                    33:c7:88:22:42:d0:24:9e:f1:82:d7:07:c2:db:35:
                    57:b6:ca:d7:eb:5a:1e:c3:0d:5a:48:7b:c8:32:72:
                    c4:0b:a1:fd:22:73:e9:41:fa:2f:20:f2:f3:1a:55:
                    5e:75:ce:42:67:12:cc:91:35:20:b5:17:9e:7b:2c:
                    fc:a4:6b:d9:86:8a:5c:ed:3b:9d:28:a0:f0:23:d0:
                    44:88:eb:96:03:d5:0c:49:fb:25:a9:33:5f:03:20:
                    83:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:C2:15:C2:F2:DE:2C:06:1D:87:CD:62:57:8B:0C:0F:C6:C9:4A:F6
            X509v3 Authority Key Identifier:
                keyid:40:D5:5B:78:83:6A:93:FB:6F:9E:C9:FA:7A:79:ED:9B:8B:EA:2B:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QNVbeINqk_tvnsn6enntm4vqK6E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c76d85-6864-4b37-bdb3-92e8be6279bb/1/icIVwvLeLAYdh81iV4sMD8bJSvY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c76d85-6864-4b37-bdb3-92e8be6279bb/1/QNVbeINqk_tvnsn6enntm4vqK6E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.129.194.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:45:f1:fb:9e:39:50:4c:d6:b5:0c:0c:b8:9b:d3:79:3a:4d:
         20:4f:0b:f3:69:b3:d9:6a:97:34:57:ce:ca:10:2e:14:db:dd:
         94:ac:3e:01:c7:6d:ab:dd:6c:4f:e2:90:ac:18:c5:88:a9:dc:
         91:79:cf:52:0c:ba:7e:3c:cf:22:f4:67:a6:94:0c:18:67:b4:
         87:28:e3:89:47:5a:55:c8:09:cd:71:73:54:be:80:35:ad:e2:
         cc:36:2a:d1:39:48:75:cd:fe:1c:11:ba:e7:f7:f9:00:02:0d:
         d5:af:3e:35:fd:04:df:a2:fb:30:26:92:74:99:17:51:db:d2:
         b5:62:05:a7:b3:e7:36:04:ce:8f:7e:21:3b:03:43:be:7b:7b:
         46:71:8c:0d:40:58:62:fa:8e:02:40:fa:21:60:96:82:d4:23:
         14:1c:c7:5e:f0:89:2e:cc:a1:be:1b:33:0e:70:eb:d2:e8:70:
         68:23:f7:67:fd:88:f7:f1:49:c6:c8:a4:40:ab:c6:89:04:c6:
         58:81:da:14:8f:d4:29:07:c7:f7:a2:e3:a4:b8:84:71:00:9a:
         bc:70:40:47:be:89:10:73:28:70:23:79:47:a7:13:e1:61:7b:
         36:a6:fc:c4:ea:6f:3b:40:81:75:44:c9:f7:94:1b:ce:12:46:
         5b:29:ae:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwS8s03mSFxBi5fMk2rrHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZDU1Yjc4ODM2YTkzZmI2ZjllYzlmYTdhNzllZDliOGJl
YTJiYTEwHhcNMjMwMTAyMDIyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWMyMTVjMmYyZGUyYzA2MWQ4N2NkNjI1NzhiMGMwZmM2Yzk0YWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywRB5QVuJxJpcPF1nHl9sVkVFoWN
EBQ0JEltbGfN2lUGl5n4anLLd5nP9VL92b6eh8Wj5n64jXCZqMPg17cq3zg3EtcE
V6nNMOGgZ1s3xbZj/ce15+NxLFaRrrQoPdUFCaHWcRhRyVJhLGG4UuJHxiaZZz7w
jkzL0GZvUfdq5PJzqeStV2Gr6U7SgFFnHqs6dO4mRJlRNwGj6VD1CyNFFzxFDWsz
x4giQtAknvGC1wfC2zVXtsrX61oeww1aSHvIMnLEC6H9InPpQfovIPLzGlVedc5C
ZxLMkTUgtReeeyz8pGvZhopc7TudKKDwI9BEiOuWA9UMSfslqTNfAyCDewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFInCFcLy3iwGHYfNYleLDA/GyUr2MB8GA1UdIwQY
MBaAFEDVW3iDapP7b57J+np57ZuL6iuhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU5WYmVJTnFrX3R2bnNuNmVubnRtNHZxSzZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNzZkODUtNjg2NC00YjM3LWJkYjMt
OTJlOGJlNjI3OWJiLzEvaWNJVnd2TGVMQVlkaDgxaVY0c01EOGJKU3ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNzZkODUtNjg2NC00YjM3LWJkYjMtOTJlOGJlNjI3OWJi
LzEvUU5WYmVJTnFrX3R2bnNuNmVubnRtNHZxSzZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYHCMA0G
CSqGSIb3DQEBCwUAA4IBAQCZRfH7njlQTNa1DAy4m9N5Ok0gTwvzabPZapc0V87K
EC4U292UrD4Bx22r3WxP4pCsGMWIqdyRec9SDLp+PM8i9GemlAwYZ7SHKOOJR1pV
yAnNcXNUvoA1reLMNirROUh1zf4cEbrn9/kAAg3Vrz41/QTfovswJpJ0mRdR29K1
YgWns+c2BM6PfiE7A0O+e3tGcYwNQFhi+o4CQPohYJaC1CMUHMde8IkuzKG+GzMO
cOvS6HBoI/dn/Yj38UnGyKRAq8aJBMZYgdoUj9QpB8f3ouOkuIRxAJq8cEBHvokQ
cyhwI3lHpxPhYXs2pvzE6m87QIF1RMn3lBvOEkZbKa53
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:18 2024 by rpki-client on console-ams.rpki-client.org