Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/Qa1tmoqL8SFY_AG8JeTyCv05ROo.roa
File:                     Qa1tmoqL8SFY_AG8JeTyCv05ROo.roa (raw, json)
Hash identifier:          x6hO3IbptkDGbM90w3ad3ys+qDsZsUpUFgPkvJqehhY=
Subject key identifier:   41:AD:6D:9A:8A:8B:F1:21:58:FC:01:BC:25:E4:F2:0A:FD:39:44:EA
Certificate issuer:       /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial:       018E9EEC3935EC4A5BE1B0FE53B8E452D02A
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/Qa1tmoqL8SFY_AG8JeTyCv05ROo.roa
Signing time:             Tue 02 Apr 2024 13:07:45 +0000
ROA not before:           Tue 02 Apr 2024 13:07:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     9009
IP address blocks:        45.131.162.0/24 maxlen: 24
                          45.131.163.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 23 May 2024 09:58:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:9e:ec:39:35:ec:4a:5b:e1:b0:fe:53:b8:e4:52:d0:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
        Validity
            Not Before: Apr  2 13:07:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=41ad6d9a8a8bf12158fc01bc25e4f20afd3944ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:7c:66:29:b1:68:84:81:2c:62:11:0a:98:90:
                    9f:f3:4f:49:13:47:4b:0c:e9:eb:7d:bc:48:1d:57:
                    9e:f5:e3:f5:36:e7:68:37:9d:83:fd:9f:a5:69:c0:
                    44:a4:bd:93:31:da:93:8c:3e:44:c5:61:ef:1b:81:
                    11:97:31:32:70:70:28:0e:85:24:31:1f:55:27:89:
                    9a:06:64:15:82:5f:5f:fb:6c:e2:f5:bd:22:0c:d5:
                    bd:07:12:d3:1a:66:e4:9f:fc:47:b5:84:02:df:72:
                    5e:7c:bf:d2:4b:42:17:c9:12:5f:25:dd:53:d7:c0:
                    19:15:61:c4:42:3a:cf:3c:00:e8:fe:23:2e:b8:c8:
                    60:ed:c6:4d:ab:ab:67:e4:f0:a4:de:36:e2:58:fb:
                    77:93:d6:9b:da:41:c2:7d:22:58:20:18:1f:56:fe:
                    d5:26:50:af:e7:82:10:74:f1:37:79:a4:d8:31:8c:
                    f0:f1:39:72:70:3a:fb:b3:f9:81:94:4b:8f:86:0d:
                    2a:4d:6d:db:fc:32:38:f2:45:8b:af:d3:8a:54:dd:
                    a0:37:73:87:1c:e3:9d:33:5f:3e:ad:b6:ec:d1:3e:
                    68:6c:5b:c1:d3:0e:96:8b:64:d2:a3:36:bd:d8:e1:
                    95:15:06:85:c8:45:8b:40:28:b1:93:58:c4:c3:03:
                    47:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:AD:6D:9A:8A:8B:F1:21:58:FC:01:BC:25:E4:F2:0A:FD:39:44:EA
            X509v3 Authority Key Identifier:
                keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/Qa1tmoqL8SFY_AG8JeTyCv05ROo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.131.162.0/23

    Signature Algorithm: sha256WithRSAEncryption
         70:8e:be:72:8a:29:6a:53:00:c3:d7:d5:94:8b:1e:f1:79:8c:
         a8:0e:2e:45:41:21:22:b5:a1:df:0a:03:e5:72:a8:16:c2:1f:
         10:71:8f:ab:9a:55:8e:73:ef:72:a8:cd:fd:05:6b:dd:f4:7a:
         e4:34:e2:92:12:d0:4e:fc:47:a2:2b:c0:f7:bd:40:ce:d0:e0:
         26:6d:1e:d5:c0:66:77:f8:ca:b5:8e:3c:98:fb:33:e4:f4:71:
         4a:1f:2e:64:6f:df:87:b0:cf:42:fc:78:a4:84:8d:1f:aa:a9:
         ca:68:20:ff:ab:60:10:02:0b:0e:6d:03:3f:be:c4:37:b5:de:
         ff:6d:59:38:60:62:69:6a:14:b5:25:25:2d:68:c9:5f:db:1a:
         92:25:83:23:22:08:cc:81:b3:78:79:d5:21:4d:59:0a:a8:f3:
         69:95:57:0c:3c:19:af:60:ad:6a:a1:ed:48:63:2a:57:c8:94:
         48:e9:b3:69:42:a6:1a:25:a4:05:ea:3d:b2:20:98:74:1b:91:
         d1:e5:06:11:18:67:66:be:3d:8d:1c:e3:d4:da:54:52:1d:c2:
         f1:95:5f:7f:b7:46:84:01:64:7a:d5:66:5e:cc:b2:98:a8:a1:
         de:e7:c2:e1:4e:a4:3c:e8:69:60:9e:46:ac:d0:51:5d:a7:74:
         8e:8e:bf:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6e7Dk17Epb4bD+U7jkUtAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDAyMTMwNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWFkNmQ5YThhOGJmMTIxNThmYzAxYmMyNWU0ZjIwYWZkMzk0NGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXxmKbFohIEsYhEKmJCf809JE0dL
DOnrfbxIHVee9eP1NudoN52D/Z+lacBEpL2TMdqTjD5ExWHvG4ERlzEycHAoDoUk
MR9VJ4maBmQVgl9f+2zi9b0iDNW9BxLTGmbkn/xHtYQC33JefL/SS0IXyRJfJd1T
18AZFWHEQjrPPADo/iMuuMhg7cZNq6tn5PCk3jbiWPt3k9ab2kHCfSJYIBgfVv7V
JlCv54IQdPE3eaTYMYzw8TlycDr7s/mBlEuPhg0qTW3b/DI48kWLr9OKVN2gN3OH
HOOdM18+rbbs0T5obFvB0w6Wi2TSoza92OGVFQaFyEWLQCixk1jEwwNH/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEGtbZqKi/EhWPwBvCXk8gr9OUTqMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvUWExdG1vcUw4U0ZZX0FHOEplVHlDdjA1Uk9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYOiMA0G
CSqGSIb3DQEBCwUAA4IBAQBwjr5yiilqUwDD19WUix7xeYyoDi5FQSEitaHfCgPl
cqgWwh8QcY+rmlWOc+9yqM39BWvd9HrkNOKSEtBO/EeiK8D3vUDO0OAmbR7VwGZ3
+Mq1jjyY+zPk9HFKHy5kb9+HsM9C/HikhI0fqqnKaCD/q2AQAgsObQM/vsQ3td7/
bVk4YGJpahS1JSUtaMlf2xqSJYMjIgjMgbN4edUhTVkKqPNplVcMPBmvYK1qoe1I
YypXyJRI6bNpQqYaJaQF6j2yIJh0G5HR5QYRGGdmvj2NHOPU2lRSHcLxlV9/t0aE
AWR61WZezLKYqKHe58LhTqQ86Glgnkas0FFdp3SOjr8F
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:08 2024 by rpki-client on console-fra.rpki-client.org