Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/S1Qk5pG0l79pW29i42usAnVz9EY.roa
File:                     S1Qk5pG0l79pW29i42usAnVz9EY.roa (raw, json)
Hash identifier:          8aSJxKtpqcj0ryIGuDy6yx0H6lo0OehEONhbM61vws8=
Subject key identifier:   4B:54:24:E6:91:B4:97:BF:69:5B:6F:62:E3:6B:AC:02:75:73:F4:46
Certificate issuer:       /CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Certificate serial:       01856BDCA9D1F63B71B469294593959A28A0
Authority key identifier: 5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/S1Qk5pG0l79pW29i42usAnVz9EY.roa
Signing time:             Sun 01 Jan 2023 05:45:01 +0000
ROA not before:           Sun 01 Jan 2023 05:45:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399641
IP address blocks:        45.151.71.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:dc:a9:d1:f6:3b:71:b4:69:29:45:93:95:9a:28:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c892aed3833e6100f5e0cf12271fd80b755c361
        Validity
            Not Before: Jan  1 05:45:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4b5424e691b497bf695b6f62e36bac027573f446
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:cb:d1:59:c5:29:b0:bf:18:77:f3:88:8b:e0:
                    f7:b2:47:81:bc:61:c4:98:58:c4:3f:c9:02:91:d8:
                    7c:81:d9:14:2d:c8:b6:70:7a:ed:db:d8:18:82:63:
                    39:eb:ce:e2:5e:52:2b:6f:4c:18:08:2e:67:25:a4:
                    e4:8c:9b:cb:e8:94:24:17:f4:df:17:e9:eb:a6:03:
                    e2:31:7b:b4:6d:a8:0f:81:57:13:d0:2b:d6:b6:da:
                    8b:86:fb:7d:fc:df:35:fe:69:d8:f7:9b:ca:d9:d9:
                    62:6a:50:8e:ea:d5:e5:7a:6a:6e:91:03:21:23:65:
                    64:db:8a:fc:95:61:f2:5a:d2:38:a6:0d:22:d7:cc:
                    c7:48:e7:cb:b2:99:11:70:86:1d:d5:db:6e:52:64:
                    35:28:f0:b4:48:c1:d4:39:d5:4c:51:c8:ac:dd:c0:
                    1b:74:7a:1f:da:4e:89:d3:af:17:e1:7f:18:1f:61:
                    25:28:a8:ad:a4:27:b2:ca:76:68:8d:af:ac:87:db:
                    b4:eb:04:54:98:42:97:f4:6c:57:e0:3b:28:f5:ce:
                    9d:8a:11:30:b1:7e:25:e7:67:b1:cd:13:e7:dc:86:
                    bf:0c:27:34:81:82:09:cb:bb:b8:64:ae:f5:80:3c:
                    23:f0:38:a1:2f:ec:42:f3:4c:50:c8:37:03:b0:38:
                    97:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:54:24:E6:91:B4:97:BF:69:5B:6F:62:E3:6B:AC:02:75:73:F4:46
            X509v3 Authority Key Identifier:
                keyid:5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/S1Qk5pG0l79pW29i42usAnVz9EY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.151.71.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c1:8e:69:c5:48:ce:35:6d:dc:90:ec:45:d0:b8:aa:76:4a:37:
         86:84:65:65:e4:d2:c4:50:5b:1c:45:b6:20:9a:6f:37:76:7c:
         e2:2f:fd:5a:e6:81:04:5d:67:9d:4c:1f:5a:fb:f7:07:af:d1:
         62:16:f6:2f:f6:62:99:5d:87:6a:82:6e:03:f7:02:9e:3c:56:
         a9:c5:08:9f:a5:fb:3d:d5:c9:dd:d4:1b:a3:eb:ee:07:fe:02:
         e7:86:6e:c4:5b:28:ce:df:16:b3:14:34:82:6b:0a:01:f0:80:
         fa:63:a8:ef:57:26:61:6e:28:93:68:bc:70:28:8d:3a:9d:48:
         eb:39:19:d9:29:5e:96:29:78:28:c4:eb:57:34:98:0f:b3:09:
         b3:5c:90:6c:80:fa:57:5b:d2:77:3b:0f:af:c0:b6:1b:1f:36:
         58:91:d2:01:d9:10:9f:1e:5c:9e:26:fd:13:4a:f8:1d:46:ee:
         da:bd:c1:c0:43:0b:73:10:08:40:a3:51:1d:f7:54:c2:4d:e4:
         2a:22:fc:dc:6b:9a:01:e1:bb:81:ca:c7:5d:96:90:7e:7c:d4:
         34:fe:5b:f1:d0:c1:7b:00:93:f1:b1:a5:c0:0c:2b:2f:1d:ec:
         10:ad:86:19:33:69:2c:44:04:64:f0:92:45:b6:13:dc:78:59:
         45:c8:eb:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr3KnR9jtxtGkpRZOVmiigMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjODkyYWVkMzgzM2U2MTAwZjVlMGNmMTIyNzFmZDgwYjc1
NWMzNjEwHhcNMjMwMTAxMDU0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjU0MjRlNjkxYjQ5N2JmNjk1YjZmNjJlMzZiYWMwMjc1NzNmNDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcvRWcUpsL8Yd/OIi+D3skeBvGHE
mFjEP8kCkdh8gdkULci2cHrt29gYgmM5687iXlIrb0wYCC5nJaTkjJvL6JQkF/Tf
F+nrpgPiMXu0bagPgVcT0CvWttqLhvt9/N81/mnY95vK2dlialCO6tXlempukQMh
I2Vk24r8lWHyWtI4pg0i18zHSOfLspkRcIYd1dtuUmQ1KPC0SMHUOdVMUcis3cAb
dHof2k6J068X4X8YH2ElKKitpCeyynZoja+sh9u06wRUmEKX9GxX4Dso9c6dihEw
sX4l52exzRPn3Ia/DCc0gYIJy7u4ZK71gDwj8DihL+xC80xQyDcDsDiX1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEtUJOaRtJe/aVtvYuNrrAJ1c/RGMB8GA1UdIwQY
MBaAFFyJKu04M+YQD14M8SJx/YC3VcNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2Ut
M2FhN2RhYTlkM2VjLzEvUzFRazVwRzBsNzlwVzI5aTQydXNBblZ6OUVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2UtM2FhN2RhYTlkM2Vj
LzEvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZdHMA0G
CSqGSIb3DQEBCwUAA4IBAQDBjmnFSM41bdyQ7EXQuKp2SjeGhGVl5NLEUFscRbYg
mm83dnziL/1a5oEEXWedTB9a+/cHr9FiFvYv9mKZXYdqgm4D9wKePFapxQifpfs9
1cnd1Buj6+4H/gLnhm7EWyjO3xazFDSCawoB8ID6Y6jvVyZhbiiTaLxwKI06nUjr
ORnZKV6WKXgoxOtXNJgPswmzXJBsgPpXW9J3Ow+vwLYbHzZYkdIB2RCfHlyeJv0T
SvgdRu7avcHAQwtzEAhAo1Ed91TCTeQqIvzca5oB4buBysddlpB+fNQ0/lvx0MF7
AJPxsaXADCsvHewQrYYZM2ksRARk8JJFthPceFlFyOvY
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:24 2024 by rpki-client on console-ams.rpki-client.org