Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/8b43b3-03eb-4867-a60e-d7d9533287c5/1/20bsPA_lG4UGmzGT7tn87RxEBZQ.roa
File:                     20bsPA_lG4UGmzGT7tn87RxEBZQ.roa (raw, json)
Hash identifier:          gdYTzLOC7hEzRc1WO6nAc4j2Wc+WoX3ZPE6e+YyKQgI=
Subject key identifier:   DB:46:EC:3C:0F:E5:1B:85:06:9B:31:93:EE:D9:FC:ED:1C:44:05:94
Certificate issuer:       /CN=e5e70065e009ded95856e80a053b2e9edceffb8c
Certificate serial:       0185701ED316EAE396ED63ADED4A5D2E88CF
Authority key identifier: E5:E7:00:65:E0:09:DE:D9:58:56:E8:0A:05:3B:2E:9E:DC:EF:FB:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5ecAZeAJ3tlYVugKBTsuntzv-4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/8b43b3-03eb-4867-a60e-d7d9533287c5/1/20bsPA_lG4UGmzGT7tn87RxEBZQ.roa
Signing time:             Mon 02 Jan 2023 01:35:46 +0000
ROA not before:           Mon 02 Jan 2023 01:35:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400040
IP address blocks:        212.46.46.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:1e:d3:16:ea:e3:96:ed:63:ad:ed:4a:5d:2e:88:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5e70065e009ded95856e80a053b2e9edceffb8c
        Validity
            Not Before: Jan  2 01:35:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=db46ec3c0fe51b85069b3193eed9fced1c440594
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:80:bd:12:ce:2d:2a:a0:61:97:b5:54:5f:0f:
                    55:9a:2d:6f:ec:99:7f:dd:d9:9b:12:18:c2:97:b7:
                    c3:ff:22:b0:7e:05:a9:2d:34:97:5b:b9:bd:20:3d:
                    75:d3:28:37:8c:9c:30:94:f7:cf:3b:bd:75:8e:4c:
                    83:ba:d7:1f:ea:be:34:b6:ad:0b:37:13:38:ee:f2:
                    2b:46:71:67:85:9d:55:a7:bf:9c:47:27:50:8b:4c:
                    ff:b6:9c:fe:45:e6:1d:25:0a:56:9e:44:49:3b:40:
                    21:c6:f6:c0:e9:89:c5:ab:dc:18:b2:48:c3:b4:67:
                    d0:58:de:54:32:d9:28:94:4b:0a:37:25:fa:99:71:
                    dd:96:d2:61:fd:8a:c2:98:d6:4a:a9:91:a4:c7:97:
                    36:62:2c:4d:8b:8f:94:42:84:d1:3d:c0:26:a8:48:
                    88:9d:be:56:62:04:56:f8:13:50:6e:d2:6f:ae:e5:
                    d5:81:25:6e:1b:d6:8c:dd:98:40:fa:fd:da:c2:ef:
                    97:28:8b:0b:e4:49:e8:16:2e:65:97:1b:ab:13:b4:
                    38:be:f8:89:37:29:5b:33:b9:49:96:07:35:e4:97:
                    06:a6:ef:cc:d9:55:67:04:56:4d:88:4a:c3:9a:02:
                    7a:1b:00:fb:30:a9:7b:28:74:11:7a:d1:3d:4b:0a:
                    3c:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:46:EC:3C:0F:E5:1B:85:06:9B:31:93:EE:D9:FC:ED:1C:44:05:94
            X509v3 Authority Key Identifier:
                keyid:E5:E7:00:65:E0:09:DE:D9:58:56:E8:0A:05:3B:2E:9E:DC:EF:FB:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5ecAZeAJ3tlYVugKBTsuntzv-4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/8b43b3-03eb-4867-a60e-d7d9533287c5/1/20bsPA_lG4UGmzGT7tn87RxEBZQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/8b43b3-03eb-4867-a60e-d7d9533287c5/1/5ecAZeAJ3tlYVugKBTsuntzv-4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.46.46.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:f6:2c:08:9c:d8:72:66:8a:a2:dc:18:7d:dc:44:4c:c8:12:
         70:82:e9:54:e1:43:b3:e1:8b:3e:f5:1d:51:73:7b:3c:60:20:
         1c:12:2c:17:57:3f:6e:fe:e5:c8:3a:84:6f:a6:f4:2f:36:bd:
         5f:7c:fb:3a:11:d8:8b:44:22:2d:3e:0b:6e:08:aa:ee:b9:ae:
         96:8e:07:28:ef:09:9b:e5:37:99:cb:e7:56:05:a9:20:50:4a:
         20:6f:7a:95:09:a6:01:d6:2c:4f:30:a4:14:b6:4f:b7:f5:14:
         0a:f1:69:78:fd:ec:8a:79:a7:a9:28:17:5d:7f:24:f0:94:e9:
         ef:35:87:46:36:61:b4:0f:f2:3e:bc:28:c1:6c:42:ad:01:e1:
         0a:86:4b:03:cc:e3:19:b9:f9:a4:4f:74:90:1a:81:3f:79:1b:
         3e:b4:6b:9d:65:20:ce:12:47:7c:36:eb:fe:21:49:cb:08:08:
         3a:0b:a0:47:68:d2:18:40:2c:47:79:84:87:97:ff:f6:fd:18:
         69:a9:6a:dd:28:f5:47:6f:ec:f0:fb:6e:46:d8:9c:c3:d5:e9:
         6b:f5:b2:91:4b:e6:7b:06:94:6f:84:01:c4:10:af:45:fb:f1:
         e6:7c:bf:10:a9:71:2d:fb:a0:52:0b:28:f2:0c:13:ea:c8:67:
         72:d0:8e:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwHtMW6uOW7WOt7UpdLojPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZTcwMDY1ZTAwOWRlZDk1ODU2ZTgwYTA1M2IyZTllZGNl
ZmZiOGMwHhcNMjMwMTAyMDEzNTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjQ2ZWMzYzBmZTUxYjg1MDY5YjMxOTNlZWQ5ZmNlZDFjNDQwNTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoC9Es4tKqBhl7VUXw9Vmi1v7Jl/
3dmbEhjCl7fD/yKwfgWpLTSXW7m9ID110yg3jJwwlPfPO711jkyDutcf6r40tq0L
NxM47vIrRnFnhZ1Vp7+cRydQi0z/tpz+ReYdJQpWnkRJO0AhxvbA6YnFq9wYskjD
tGfQWN5UMtkolEsKNyX6mXHdltJh/YrCmNZKqZGkx5c2YixNi4+UQoTRPcAmqEiI
nb5WYgRW+BNQbtJvruXVgSVuG9aM3ZhA+v3awu+XKIsL5EnoFi5llxurE7Q4vviJ
NylbM7lJlgc15JcGpu/M2VVnBFZNiErDmgJ6GwD7MKl7KHQRetE9Swo8ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNtG7DwP5RuFBpsxk+7Z/O0cRAWUMB8GA1UdIwQY
MBaAFOXnAGXgCd7ZWFboCgU7Lp7c7/uMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWVjQVplQUozdGxZVnVnS0JUc3VudHp2LTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84YjQzYjMtMDNlYi00ODY3LWE2MGUt
ZDdkOTUzMzI4N2M1LzEvMjBic1BBX2xHNFVHbXpHVDd0bjg3UnhFQlpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84YjQzYjMtMDNlYi00ODY3LWE2MGUtZDdkOTUzMzI4N2M1
LzEvNWVjQVplQUozdGxZVnVnS0JUc3VudHp2LTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1C4uMA0G
CSqGSIb3DQEBCwUAA4IBAQBF9iwInNhyZoqi3Bh93ERMyBJwgulU4UOz4Ys+9R1R
c3s8YCAcEiwXVz9u/uXIOoRvpvQvNr1ffPs6EdiLRCItPgtuCKruua6Wjgco7wmb
5TeZy+dWBakgUEogb3qVCaYB1ixPMKQUtk+39RQK8Wl4/eyKeaepKBddfyTwlOnv
NYdGNmG0D/I+vCjBbEKtAeEKhksDzOMZufmkT3SQGoE/eRs+tGudZSDOEkd8Nuv+
IUnLCAg6C6BHaNIYQCxHeYSHl//2/RhpqWrdKPVHb+zw+25G2JzD1elr9bKRS+Z7
BpRvhAHEEK9F+/HmfL8QqXEt+6BSCyjyDBPqyGdy0I5R
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:39 2024 by rpki-client on console-ams.rpki-client.org