Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/4457qLoNBb1NM9OsN2bTAIJPQrE.roa
File:                     4457qLoNBb1NM9OsN2bTAIJPQrE.roa (raw, json)
Hash identifier:          qdx/nlFZjRhnBOqRiPzPoJigQbSHSGe9CqeZzS34U9k=
Subject key identifier:   E3:8E:7B:A8:BA:0D:05:BD:4D:33:D3:AC:37:66:D3:00:82:4F:42:B1
Certificate issuer:       /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial:       01856DC1D3154E0449CFFBF1CA951B81BDC1
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/4457qLoNBb1NM9OsN2bTAIJPQrE.roa
Signing time:             Sun 01 Jan 2023 14:34:57 +0000
ROA not before:           Sun 01 Jan 2023 14:34:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200733
IP address blocks:        212.22.90.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:c1:d3:15:4e:04:49:cf:fb:f1:ca:95:1b:81:bd:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
        Validity
            Not Before: Jan  1 14:34:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e38e7ba8ba0d05bd4d33d3ac3766d300824f42b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:74:b1:19:3f:53:3a:9c:db:3e:e6:22:a5:e5:
                    e7:4e:d7:4a:73:ea:5d:2b:41:52:d4:25:4c:a1:6f:
                    f2:5e:3e:8f:b6:8b:a3:f6:4e:a6:50:66:3c:3a:7f:
                    a4:ae:97:ae:37:56:a5:98:ea:50:7a:61:5f:6b:6d:
                    b4:48:cd:cb:89:f7:f2:54:0f:75:72:f9:4a:ee:34:
                    80:48:ac:a5:4f:5c:2e:40:56:9b:66:4d:29:a6:c5:
                    20:5c:66:e3:ed:f5:e0:0b:ca:cd:ea:18:71:0a:c8:
                    64:e8:0c:d0:49:89:ab:18:c1:f4:b9:3d:a2:16:b8:
                    78:23:4d:87:07:a5:23:26:67:04:1d:52:44:2d:20:
                    13:de:35:5a:2a:c5:6b:d9:36:52:84:52:df:4f:fe:
                    05:83:66:a1:bf:bc:49:0a:18:4b:8a:17:32:3d:66:
                    b1:1f:85:25:0e:b5:dc:31:77:86:06:71:e0:fe:65:
                    f6:c7:4e:56:74:48:26:1b:09:d8:70:66:74:8d:da:
                    64:46:1b:a2:7c:24:a4:28:14:61:6d:75:46:78:38:
                    5c:e9:cb:2a:7f:e4:7f:8c:0b:a9:94:f5:92:18:c8:
                    76:2b:cb:96:03:18:06:93:3c:37:8f:7e:95:17:6e:
                    95:3f:c8:ca:b7:8b:11:75:2f:be:c3:11:3e:5d:a2:
                    8c:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:8E:7B:A8:BA:0D:05:BD:4D:33:D3:AC:37:66:D3:00:82:4F:42:B1
            X509v3 Authority Key Identifier:
                keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/4457qLoNBb1NM9OsN2bTAIJPQrE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.22.90.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:ce:cd:79:5d:6d:50:b4:3d:e2:3b:7e:38:33:a8:16:c0:b5:
         27:f8:02:24:76:34:02:f4:e0:d9:a9:9d:3b:c1:2b:01:5e:a9:
         d2:4e:55:c5:af:c1:4a:88:86:ea:06:80:40:da:8f:00:22:49:
         e9:a1:a8:de:e1:99:c4:a2:6b:c0:d1:60:16:65:7e:73:85:c7:
         cb:04:4f:36:87:6e:8e:c5:18:b1:ef:33:c3:f0:32:77:d5:80:
         9e:d2:1c:5d:90:3a:62:a4:30:92:cc:ca:5c:7a:e9:2d:f0:51:
         14:b3:4e:b4:57:de:7f:49:ea:b1:49:c5:b0:87:6f:92:c4:a5:
         cf:d2:c6:23:61:60:c3:29:b3:bd:36:ff:cf:18:d9:e7:99:41:
         2d:41:72:fb:1f:5a:2d:1e:69:d8:71:6a:f9:78:37:30:1e:37:
         36:74:d2:a8:d7:bb:c0:6b:a7:f3:4c:a6:f4:89:3d:05:fb:96:
         90:6b:17:77:4a:88:b2:ad:77:05:92:2a:aa:5c:72:5f:29:0e:
         a9:37:4a:c1:e0:54:2a:81:b0:36:b2:ea:86:01:d2:dd:4c:34:
         0d:b1:2a:76:0a:88:2e:e0:f9:95:c0:a9:f2:e0:3d:c6:1d:0d:
         1d:a3:a9:05:cb:e0:43:13:f4:e6:d8:13:09:94:a5:c2:2b:13:
         6d:7b:c2:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtwdMVTgRJz/vxypUbgb3BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjMwMTAxMTQzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzhlN2JhOGJhMGQwNWJkNGQzM2QzYWMzNzY2ZDMwMDgyNGY0MmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHSxGT9TOpzbPuYipeXnTtdKc+pd
K0FS1CVMoW/yXj6Ptouj9k6mUGY8On+krpeuN1almOpQemFfa220SM3LiffyVA91
cvlK7jSASKylT1wuQFabZk0ppsUgXGbj7fXgC8rN6hhxCshk6AzQSYmrGMH0uT2i
Frh4I02HB6UjJmcEHVJELSAT3jVaKsVr2TZShFLfT/4Fg2ahv7xJChhLihcyPWax
H4UlDrXcMXeGBnHg/mX2x05WdEgmGwnYcGZ0jdpkRhuifCSkKBRhbXVGeDhc6csq
f+R/jAuplPWSGMh2K8uWAxgGkzw3j36VF26VP8jKt4sRdS++wxE+XaKMmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOOOe6i6DQW9TTPTrDdm0wCCT0KxMB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvNDQ1N3FMb05CYjFOTTlPc04yYlRBSUpQUXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BZaMA0G
CSqGSIb3DQEBCwUAA4IBAQAJzs15XW1QtD3iO344M6gWwLUn+AIkdjQC9ODZqZ07
wSsBXqnSTlXFr8FKiIbqBoBA2o8AIknpoaje4ZnEomvA0WAWZX5zhcfLBE82h26O
xRix7zPD8DJ31YCe0hxdkDpipDCSzMpceukt8FEUs060V95/SeqxScWwh2+SxKXP
0sYjYWDDKbO9Nv/PGNnnmUEtQXL7H1otHmnYcWr5eDcwHjc2dNKo17vAa6fzTKb0
iT0F+5aQaxd3SoiyrXcFkiqqXHJfKQ6pN0rB4FQqgbA2suqGAdLdTDQNsSp2Cogu
4PmVwKny4D3GHQ0do6kFy+BDE/Tm2BMJlKXCKxNte8KW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:30 2024 by rpki-client on console-ams.rpki-client.org