Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BvW0bnhJCdWi_DdVhkqlQju9btw.roa
File:                     BvW0bnhJCdWi_DdVhkqlQju9btw.roa (raw, json)
Hash identifier:          IEP89J5GKKWRupX0CxLlbp1en9oOI0jDIUu76Anf8s4=
Subject key identifier:   06:F5:B4:6E:78:49:09:D5:A2:FC:37:55:86:4A:A5:42:3B:BD:6E:DC
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0187A8A33AC43EBD316568931B51945770EE
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BvW0bnhJCdWi_DdVhkqlQju9btw.roa
Signing time:             Sat 22 Apr 2023 11:04:42 +0000
ROA not before:           Sat 22 Apr 2023 11:04:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203442
IP address blocks:        45.148.118.0/24 maxlen: 24
                          2a0e:97c0:bc0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Mon 24 Apr 2023 20:37:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:a8:a3:3a:c4:3e:bd:31:65:68:93:1b:51:94:57:70:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Apr 22 11:04:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=06f5b46e784909d5a2fc3755864aa5423bbd6edc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:5a:c4:84:54:c2:91:8e:d9:df:e3:c7:5d:b2:
                    b9:64:36:66:2b:5a:13:10:ac:25:ff:c3:db:b1:73:
                    7c:17:2b:fa:7d:57:e0:0f:bd:69:7a:aa:70:16:23:
                    73:ca:60:60:5f:ff:7c:0f:2b:44:2c:a3:d9:02:ac:
                    20:28:ba:42:d9:38:a5:6b:bc:29:e9:98:82:9b:1e:
                    d0:7a:93:d7:be:69:66:e9:70:e4:41:c0:76:f4:5b:
                    41:15:09:cf:f0:99:d8:57:43:38:be:07:ca:76:20:
                    be:6a:cc:36:e3:8b:ad:66:bb:68:7b:b3:28:83:48:
                    7e:c0:5c:b9:48:1f:de:19:7f:2e:db:27:e5:50:ea:
                    30:55:e4:88:33:c5:fe:68:9f:b3:ce:87:71:33:7b:
                    fa:88:57:8b:a2:73:75:2f:d7:af:1b:5b:00:57:54:
                    e1:38:b2:1e:77:88:c2:e5:65:12:ea:aa:61:f9:5a:
                    a4:8b:43:59:30:4a:fd:79:76:a5:7b:f5:1f:e4:4b:
                    00:30:19:9b:ad:87:0d:c7:f5:c0:1b:99:fa:a1:7d:
                    3a:49:92:9b:9a:6e:e9:82:16:62:1e:89:34:7a:5b:
                    14:2a:38:3b:9a:87:4e:a4:fa:34:68:ad:47:3f:41:
                    1c:4d:d9:a8:23:42:ea:61:9c:88:d2:38:a0:b6:2d:
                    fb:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:F5:B4:6E:78:49:09:D5:A2:FC:37:55:86:4A:A5:42:3B:BD:6E:DC
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BvW0bnhJCdWi_DdVhkqlQju9btw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.148.118.0/24
                IPv6:
                  2a0e:97c0:bc0::/44

    Signature Algorithm: sha256WithRSAEncryption
         cc:97:b1:77:1e:6e:67:12:61:f2:23:a3:ac:74:9f:44:6d:f3:
         52:eb:ab:37:62:45:ca:13:81:5a:a4:b0:81:b7:0e:6a:f4:c3:
         9d:e1:f4:20:d6:2d:25:e1:9b:e8:f7:12:a3:c7:74:d7:08:32:
         be:57:9c:1e:7a:56:94:97:45:33:de:c3:ce:b6:3e:31:7a:09:
         6c:45:b1:f5:72:90:76:fd:41:8f:e7:67:99:9c:ae:62:c0:44:
         c2:86:eb:88:70:9a:8c:47:57:1b:b3:06:3f:07:d2:29:40:3a:
         7d:85:1f:ef:59:c2:7d:1f:4d:0f:46:df:14:aa:a5:ea:04:6a:
         35:1f:6c:8e:f6:fc:c0:ba:ea:93:f1:b2:f7:c7:de:8a:13:c6:
         c2:8e:e8:32:a8:bb:f3:87:88:31:7a:9c:60:70:7c:a6:6a:5c:
         61:f5:a5:e2:ba:c5:cd:83:27:3b:ba:d0:2a:45:99:a0:d5:7f:
         03:6a:a7:3a:5d:42:6c:28:16:b1:bb:74:2a:46:2e:a6:8d:c2:
         66:45:17:c4:f3:93:73:3d:9a:c7:c4:7b:2b:d3:ca:97:fc:e6:
         22:89:63:e8:64:fe:3a:e5:98:42:f6:7c:2c:fd:bb:ce:02:09:
         9e:30:62:98:69:7b:91:a8:e5:0e:5e:98:b4:7a:ca:2b:d9:9a:
         e5:6a:b8:35
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYeoozrEPr0xZWiTG1GUV3DuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNDIyMTEwNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmY1YjQ2ZTc4NDkwOWQ1YTJmYzM3NTU4NjRhYTU0MjNiYmQ2ZWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVrEhFTCkY7Z3+PHXbK5ZDZmK1oT
EKwl/8PbsXN8Fyv6fVfgD71peqpwFiNzymBgX/98DytELKPZAqwgKLpC2Tila7wp
6ZiCmx7QepPXvmlm6XDkQcB29FtBFQnP8JnYV0M4vgfKdiC+asw244utZrtoe7Mo
g0h+wFy5SB/eGX8u2yflUOowVeSIM8X+aJ+zzodxM3v6iFeLonN1L9evG1sAV1Th
OLIed4jC5WUS6qph+Vqki0NZMEr9eXale/Uf5EsAMBmbrYcNx/XAG5n6oX06SZKb
mm7pghZiHok0elsUKjg7modOpPo0aK1HP0EcTdmoI0LqYZyI0jigti37owIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAb1tG54SQnVovw3VYZKpUI7vW7cMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQnZXMGJuaEpDZFdpX0RkVmhrcWxRanU5YnR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZR2MA8E
AgACMAkDBwQqDpfAC8AwDQYJKoZIhvcNAQELBQADggEBAMyXsXcebmcSYfIjo6x0
n0Rt81LrqzdiRcoTgVqksIG3Dmr0w53h9CDWLSXhm+j3EqPHdNcIMr5XnB56VpSX
RTPew862PjF6CWxFsfVykHb9QY/nZ5mcrmLARMKG64hwmoxHVxuzBj8H0ilAOn2F
H+9Zwn0fTQ9G3xSqpeoEajUfbI72/MC66pPxsvfH3ooTxsKO6DKou/OHiDF6nGBw
fKZqXGH1peK6xc2DJzu60CpFmaDVfwNqpzpdQmwoFrG7dCpGLqaNwmZFF8Tzk3M9
msfEeyvTypf85iKJY+hk/jrlmEL2fCz9u84CCZ4wYphpe5Go5Q5emLR6yivZmuVq
uDU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:56 2024 by rpki-client on console-ams.rpki-client.org