Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/1-oSTdqmsljHiOZN-J08sXJL1cuE.roa
File:                     1-oSTdqmsljHiOZN-J08sXJL1cuE.roa (raw, json)
Hash identifier:          xQqdl+J7jgYLGEu+u0Pg6QxF5MAfmnIyDonOM0ZP2qo=
Subject key identifier:   FA:84:93:76:A9:AC:96:31:E2:39:93:7E:27:4F:2C:5C:92:F5:72:E1
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       0186F6826902E21298D9830E1B37211F0519
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/1-oSTdqmsljHiOZN-J08sXJL1cuE.roa
Signing time:             Sat 18 Mar 2023 20:56:27 +0000
ROA not before:           Sat 18 Mar 2023 20:56:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197309
IP address blocks:        45.136.204.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:f6:82:69:02:e2:12:98:d9:83:0e:1b:37:21:1f:05:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Mar 18 20:56:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fa849376a9ac9631e239937e274f2c5c92f572e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:0d:55:ce:51:24:e7:9c:2a:08:0c:68:db:12:
                    7c:49:9d:17:9e:6d:58:bc:9c:07:77:69:c3:72:c3:
                    a7:3c:f7:e3:00:af:8f:bb:a6:d0:53:3d:e3:84:ca:
                    75:0d:84:46:80:97:56:10:a2:82:5b:e5:bf:88:63:
                    9b:d3:5d:12:1a:57:dd:ed:ef:de:08:f7:d6:34:f3:
                    44:a9:1a:f6:15:0f:9a:55:41:11:21:58:24:df:c7:
                    5b:11:c3:15:c6:9b:9c:77:41:9c:64:34:df:b2:fa:
                    36:c2:49:d9:77:96:0b:e8:70:ee:9f:e5:46:f6:ad:
                    f5:57:b9:91:36:4f:91:b5:23:ef:1a:61:b9:85:e8:
                    99:33:bb:78:ee:0e:5a:34:73:cf:b8:5f:90:47:a6:
                    96:d3:62:1e:08:1f:30:47:32:e6:a7:bb:03:e6:c2:
                    86:19:09:76:e5:e2:35:ef:8d:51:7d:65:61:60:a1:
                    94:e8:85:6f:13:50:ec:41:53:f4:d3:ff:31:27:88:
                    70:89:ee:86:28:93:7c:d9:3c:d3:36:4c:86:9b:4c:
                    05:08:8f:0e:2b:dc:9f:3e:85:fa:9d:9d:88:e9:87:
                    d9:ce:88:62:45:be:92:45:9b:33:ac:e9:dc:d1:2d:
                    e8:11:79:36:48:39:ee:bd:81:45:6e:d3:77:ee:2d:
                    69:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:84:93:76:A9:AC:96:31:E2:39:93:7E:27:4F:2C:5C:92:F5:72:E1
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/1-oSTdqmsljHiOZN-J08sXJL1cuE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.136.204.0/23

    Signature Algorithm: sha256WithRSAEncryption
         51:c4:db:15:2f:86:15:65:a5:e2:1d:4e:5a:75:70:e6:06:a4:
         eb:e1:2f:c9:6a:99:fb:8f:9e:05:44:a1:d6:0c:fe:5e:c6:cb:
         b3:60:09:c6:c2:84:98:5d:34:a8:61:e2:7a:68:d0:1e:b7:b1:
         d8:9e:28:78:3e:e7:8e:f8:26:35:45:72:7b:bd:0d:a3:7c:33:
         14:2d:87:ca:fd:ee:a1:cd:ab:65:86:27:d1:23:f4:24:d5:46:
         04:18:71:5b:40:6e:ec:74:ff:0b:35:04:54:07:00:7c:30:19:
         26:17:c8:2d:d4:4a:91:0c:d8:7b:09:a6:25:42:18:8f:36:0f:
         d0:28:f3:c4:ce:a3:e7:39:16:48:07:1b:fd:2e:9d:f5:25:ff:
         c8:b0:57:e3:96:9b:5f:38:b4:9e:c8:7a:0b:60:81:52:bd:6a:
         0d:c0:ad:4f:8e:3d:26:5f:07:6a:41:76:08:87:61:fc:62:9a:
         17:99:12:c0:cf:99:b7:c5:57:98:a2:26:47:2b:ab:8e:78:1b:
         aa:50:c7:34:4e:54:4a:ab:ab:b5:88:56:15:9d:6a:e3:ba:e8:
         3a:41:89:6f:e6:f4:c6:44:a7:3a:6b:c1:2f:3f:0a:59:93:e5:
         40:66:59:f8:c8:91:e2:9b:ea:95:5d:8c:d4:f2:a6:76:9d:d0:
         51:b0:3e:1a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYb2gmkC4hKY2YMOGzchHwUZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwMzE4MjA1NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTg0OTM3NmE5YWM5NjMxZTIzOTkzN2UyNzRmMmM1YzkyZjU3MmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQ1VzlEk55wqCAxo2xJ8SZ0Xnm1Y
vJwHd2nDcsOnPPfjAK+Pu6bQUz3jhMp1DYRGgJdWEKKCW+W/iGOb010SGlfd7e/e
CPfWNPNEqRr2FQ+aVUERIVgk38dbEcMVxpucd0GcZDTfsvo2wknZd5YL6HDun+VG
9q31V7mRNk+RtSPvGmG5heiZM7t47g5aNHPPuF+QR6aW02IeCB8wRzLmp7sD5sKG
GQl25eI1741RfWVhYKGU6IVvE1DsQVP00/8xJ4hwie6GKJN82TzTNkyGm0wFCI8O
K9yfPoX6nZ2I6YfZzohiRb6SRZszrOnc0S3oEXk2SDnuvYFFbtN37i1pTQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPqEk3aprJYx4jmTfidPLFyS9XLhMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvMS1vU1RkcW1zbGpIaU9aTi1KMDhzWEpMMWN1RS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjUvOTk5Yjk3LWM3MzEtNDE5Mi04NWYxLTU3MzcwMWM4NDgz
My8xL1lpTGh3cVV4VXpTMmJZRDNqVnRRdEM1SUM1dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS2IzDAN
BgkqhkiG9w0BAQsFAAOCAQEAUcTbFS+GFWWl4h1OWnVw5gak6+EvyWqZ+4+eBUSh
1gz+XsbLs2AJxsKEmF00qGHiemjQHrex2J4oeD7njvgmNUVye70No3wzFC2Hyv3u
oc2rZYYn0SP0JNVGBBhxW0Bu7HT/CzUEVAcAfDAZJhfILdRKkQzYewmmJUIYjzYP
0CjzxM6j5zkWSAcb/S6d9SX/yLBX45abXzi0nsh6C2CBUr1qDcCtT449Jl8HakF2
CIdh/GKaF5kSwM+Zt8VXmKImRyurjngbqlDHNE5USqurtYhWFZ1q47roOkGJb+b0
xkSnOmvBLz8KWZPlQGZZ+MiR4pvqlV2M1PKmdp3QUbA+Gg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org