Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/Abp3HAYoII16ktgbU3TO2TIvCD4.roa
File:                     Abp3HAYoII16ktgbU3TO2TIvCD4.roa (raw, json)
Hash identifier:          shVhuLgS4KIfqWRjUsYeBuslc4mLDvSTsy1MdB6aaTw=
Subject key identifier:   01:BA:77:1C:06:28:20:8D:7A:92:D8:1B:53:74:CE:D9:32:2F:08:3E
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018CC6B7AF981F6ABBA502E636D152694592
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/Abp3HAYoII16ktgbU3TO2TIvCD4.roa
Signing time:             Mon 01 Jan 2024 20:29:35 +0000
ROA not before:           Mon 01 Jan 2024 20:29:35 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     42938
IP address blocks:        45.147.3.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 11 Mar 2024 18:24:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b7:af:98:1f:6a:bb:a5:02:e6:36:d1:52:69:45:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jan  1 20:29:35 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=01ba771c0628208d7a92d81b5374ced9322f083e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:5a:8b:6e:d0:43:9d:94:8e:ee:2e:a2:7b:fa:
                    18:47:be:19:8e:77:8d:86:48:2b:b5:79:c3:9d:22:
                    4f:43:09:5a:78:91:39:5f:7d:97:ca:df:53:b7:d3:
                    61:e0:8a:03:2e:ce:f6:3f:e3:83:6c:60:5a:57:f4:
                    af:ba:f4:36:a7:2b:65:b6:d3:52:c0:5d:48:1a:e9:
                    91:02:71:c6:35:ff:9b:3c:4d:07:5c:db:86:cb:0e:
                    9a:cb:e7:57:23:95:ff:30:53:a8:2e:01:35:13:d7:
                    ae:ad:18:3c:5d:a8:15:33:79:c0:37:a3:ec:db:19:
                    ae:56:46:c2:29:7d:79:d1:5c:28:a1:b0:a0:a7:af:
                    5e:fe:8a:6b:ff:80:f8:10:b0:b9:61:eb:54:cb:90:
                    25:67:7d:fb:3e:03:2b:05:4f:13:e8:8a:e8:3f:e2:
                    a8:17:e6:6a:ce:32:8c:1e:7d:cc:d8:b6:dd:3a:57:
                    1f:c8:1f:fd:f9:d0:d4:ce:30:1e:16:54:cc:7a:79:
                    7e:50:f0:ef:41:82:46:f4:59:5f:87:63:80:42:3a:
                    a9:c3:72:18:fd:2e:6a:68:60:20:1a:13:60:f8:e6:
                    16:37:f2:05:f0:75:0c:49:e6:d6:3d:38:62:fd:92:
                    5f:1e:e0:dd:3f:65:35:fa:69:e8:7c:7f:ef:97:c2:
                    1e:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:BA:77:1C:06:28:20:8D:7A:92:D8:1B:53:74:CE:D9:32:2F:08:3E
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/Abp3HAYoII16ktgbU3TO2TIvCD4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.147.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:38:41:a6:c7:e9:7e:17:87:cf:ed:ba:9e:c7:ca:c8:dd:a7:
         d7:ce:52:2b:88:a3:40:60:f1:4a:0a:91:91:6e:ff:7b:50:4d:
         f2:c3:97:d0:6d:7e:9a:b4:32:06:6e:f0:e1:e9:d2:5a:51:0a:
         de:72:1e:47:38:f2:d5:21:95:3c:d0:b9:bb:24:37:10:da:0c:
         39:8d:10:9a:7b:6a:c0:1a:c3:3d:62:8a:67:7a:e6:3d:5f:17:
         9a:59:ca:1d:29:8a:75:65:8c:4b:93:bc:b7:09:69:42:ef:63:
         6b:07:77:c9:45:93:1a:fe:9f:85:01:d9:cd:a7:a4:e9:f0:72:
         58:68:4a:01:d3:98:2c:c0:1a:52:bb:12:37:18:e3:74:45:8b:
         2b:d8:d6:4a:5b:a6:d0:29:01:fb:93:74:5a:bd:62:45:a5:9c:
         05:7d:ae:4c:a9:74:a7:f0:74:e0:a3:56:2e:3b:a4:bc:31:fb:
         99:5c:0e:a1:f9:a6:05:66:22:f4:f7:0b:87:70:f8:df:cc:d6:
         ca:85:3d:b3:31:21:50:a8:c1:5a:7d:2c:8e:95:eb:a3:74:dd:
         8d:59:05:16:4c:07:21:4f:30:c7:43:61:ba:7f:55:3c:93:63:
         d2:1c:a5:ce:ef:4f:83:d6:db:c6:fd:4b:c0:7b:ae:67:0d:9d:
         a8:d6:ea:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt6+YH2q7pQLmNtFSaUWSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwMTAxMjAyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWJhNzcxYzA2MjgyMDhkN2E5MmQ4MWI1Mzc0Y2VkOTMyMmYwODNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFqLbtBDnZSO7i6ie/oYR74ZjneN
hkgrtXnDnSJPQwlaeJE5X32Xyt9Tt9Nh4IoDLs72P+ODbGBaV/SvuvQ2pytlttNS
wF1IGumRAnHGNf+bPE0HXNuGyw6ay+dXI5X/MFOoLgE1E9eurRg8XagVM3nAN6Ps
2xmuVkbCKX150VwoobCgp69e/opr/4D4ELC5YetUy5AlZ337PgMrBU8T6IroP+Ko
F+ZqzjKMHn3M2LbdOlcfyB/9+dDUzjAeFlTMenl+UPDvQYJG9Flfh2OAQjqpw3IY
/S5qaGAgGhNg+OYWN/IF8HUMSebWPThi/ZJfHuDdP2U1+mnofH/vl8IeSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAG6dxwGKCCNepLYG1N0ztkyLwg+MB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvQWJwM0hBWW9JSTE2a3RnYlUzVE8yVEl2Q0Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZMDMA0G
CSqGSIb3DQEBCwUAA4IBAQAsOEGmx+l+F4fP7bqex8rI3afXzlIriKNAYPFKCpGR
bv97UE3yw5fQbX6atDIGbvDh6dJaUQrech5HOPLVIZU80Lm7JDcQ2gw5jRCae2rA
GsM9YopneuY9XxeaWcodKYp1ZYxLk7y3CWlC72NrB3fJRZMa/p+FAdnNp6Tp8HJY
aEoB05gswBpSuxI3GON0RYsr2NZKW6bQKQH7k3RavWJFpZwFfa5MqXSn8HTgo1Yu
O6S8MfuZXA6h+aYFZiL09wuHcPjfzNbKhT2zMSFQqMFafSyOleujdN2NWQUWTAch
TzDHQ2G6f1U8k2PSHKXO70+D1tvG/UvAe65nDZ2o1uq6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org