Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/KYurP1XEZGdSAII3VMDYlaiaRGE.roa
File:                     KYurP1XEZGdSAII3VMDYlaiaRGE.roa (raw, json)
Hash identifier:          WaIPZmejj0vQYd8MKUEncMWzpF9G3hCD8pjU7Oyrhhs=
Subject key identifier:   29:8B:AB:3F:55:C4:64:67:52:00:82:37:54:C0:D8:95:A8:9A:44:61
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       0189463B31F258CFFEDAFC8FA2B398B3024A
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/KYurP1XEZGdSAII3VMDYlaiaRGE.roa
Signing time:             Tue 11 Jul 2023 18:33:51 +0000
ROA not before:           Tue 11 Jul 2023 18:33:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48108
IP address blocks:        45.133.216.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:46:3b:31:f2:58:cf:fe:da:fc:8f:a2:b3:98:b3:02:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jul 11 18:33:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=298bab3f55c464675200823754c0d895a89a4461
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:b5:0b:00:12:ad:83:ff:55:47:f9:a1:85:da:
                    dd:7d:88:20:c4:a2:9c:2b:bf:96:cb:2b:0d:ec:06:
                    a8:ec:74:4b:0c:4e:b7:07:65:fd:78:ff:c8:54:0d:
                    17:82:4b:4c:b3:27:7f:f6:1e:e7:07:83:ee:4d:3f:
                    99:d2:b4:e6:2e:2a:97:3f:1d:a4:44:e0:36:63:00:
                    3a:50:95:56:1a:ac:c3:dd:16:28:73:b8:7e:51:37:
                    60:28:42:9e:40:5c:33:46:76:30:87:0e:fb:9d:f0:
                    79:58:7d:7f:57:0e:d9:f9:d0:ec:84:5b:8e:12:bf:
                    b3:da:aa:86:56:04:71:dd:7f:83:e4:66:75:02:98:
                    7b:85:ab:2f:46:98:64:be:38:b9:41:ef:95:c1:dc:
                    e8:c0:d2:43:23:1a:de:df:cd:99:59:73:d7:6e:45:
                    6b:60:bf:66:8f:b3:da:8e:14:ca:9c:82:2e:f9:50:
                    13:17:e8:1e:e5:6c:17:42:51:b2:77:00:81:b1:f2:
                    d7:26:2d:de:17:f9:be:39:36:b5:b6:d4:6b:91:94:
                    23:ee:cb:2c:3e:cc:59:ea:ac:4f:48:3b:ee:e2:24:
                    af:7d:c4:f9:58:97:d5:3a:d4:2f:b5:57:ec:53:5f:
                    6e:93:2c:46:4f:3d:6e:ce:cc:3f:1a:5b:54:e0:71:
                    1d:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:8B:AB:3F:55:C4:64:67:52:00:82:37:54:C0:D8:95:A8:9A:44:61
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/KYurP1XEZGdSAII3VMDYlaiaRGE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.133.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:1e:80:af:ed:ae:54:a6:d9:97:0a:a6:61:70:e1:48:5d:6b:
         a4:03:ed:b5:de:76:d5:54:e0:0a:00:09:ff:36:ed:fc:58:15:
         47:68:cc:de:3f:3e:36:bf:9b:2c:43:f0:58:d4:e3:57:02:82:
         c6:a4:42:48:7e:66:57:fd:16:1a:4b:93:31:18:25:c2:4a:2c:
         8d:24:09:07:03:1f:64:41:0a:ab:f5:7d:f9:1e:66:30:90:24:
         32:01:36:a8:ee:ad:6f:81:fd:e7:36:43:04:3a:5f:d8:75:0a:
         47:e1:68:ab:ee:4f:6b:8c:76:b4:ad:4d:eb:89:f7:8e:d5:ac:
         b7:6c:13:09:86:e0:3b:c5:12:e0:90:a2:3e:df:61:06:95:ea:
         bf:57:dd:a2:37:ce:88:0c:53:70:6b:6d:55:bf:a0:51:0d:c7:
         25:e1:c6:5f:a3:79:78:96:00:fc:9d:10:56:c2:72:39:63:81:
         7f:b2:f3:bc:69:e3:3b:77:aa:48:3c:ef:b7:90:75:e2:af:d4:
         e9:4b:de:e5:82:87:c4:98:1e:e7:9f:d5:60:0c:39:99:92:e9:
         e4:8a:f3:4f:c9:de:84:71:46:59:6e:f0:fa:f4:68:68:b9:f1:
         2f:d4:70:1b:b4:85:7c:a4:4c:cf:97:b7:f9:13:07:3a:d3:d7:
         0d:8c:83:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlGOzHyWM/+2vyPorOYswJKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwNzExMTgzMzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOThiYWIzZjU1YzQ2NDY3NTIwMDgyMzc1NGMwZDg5NWE4OWE0NDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbULABKtg/9VR/mhhdrdfYggxKKc
K7+WyysN7Aao7HRLDE63B2X9eP/IVA0XgktMsyd/9h7nB4PuTT+Z0rTmLiqXPx2k
ROA2YwA6UJVWGqzD3RYoc7h+UTdgKEKeQFwzRnYwhw77nfB5WH1/Vw7Z+dDshFuO
Er+z2qqGVgRx3X+D5GZ1Aph7hasvRphkvji5Qe+VwdzowNJDIxre382ZWXPXbkVr
YL9mj7PajhTKnIIu+VATF+ge5WwXQlGydwCBsfLXJi3eF/m+OTa1ttRrkZQj7sss
PsxZ6qxPSDvu4iSvfcT5WJfVOtQvtVfsU19ukyxGTz1uzsw/GltU4HEd7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCmLqz9VxGRnUgCCN1TA2JWomkRhMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvS1l1clAxWEVaR2RTQUlJM1ZNRFlsYWlhUkdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYXYMA0G
CSqGSIb3DQEBCwUAA4IBAQAHHoCv7a5UptmXCqZhcOFIXWukA+213nbVVOAKAAn/
Nu38WBVHaMzePz42v5ssQ/BY1ONXAoLGpEJIfmZX/RYaS5MxGCXCSiyNJAkHAx9k
QQqr9X35HmYwkCQyATao7q1vgf3nNkMEOl/YdQpH4Wir7k9rjHa0rU3rifeO1ay3
bBMJhuA7xRLgkKI+32EGleq/V92iN86IDFNwa21Vv6BRDccl4cZfo3l4lgD8nRBW
wnI5Y4F/svO8aeM7d6pIPO+3kHXir9TpS97lgofEmB7nn9VgDDmZkunkivNPyd6E
cUZZbvD69GhoufEv1HAbtIV8pEzPl7f5Ewc609cNjINX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org