Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/ldy4wx6RXQLTw1-W_PePb0R5ANI.roa
File:                     ldy4wx6RXQLTw1-W_PePb0R5ANI.roa (raw, json)
Hash identifier:          voLHpUaxCfVUfsu+wg18uFyJfrKTSJxgLonwrn0DzbQ=
Subject key identifier:   95:DC:B8:C3:1E:91:5D:02:D3:C3:5F:96:FC:F7:8F:6F:44:79:00:D2
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       01871527DCC759D374EC91B5F1A545E7C770
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/ldy4wx6RXQLTw1-W_PePb0R5ANI.roa
Signing time:             Fri 24 Mar 2023 19:45:46 +0000
ROA not before:           Fri 24 Mar 2023 19:45:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44477
IP address blocks:        45.145.0.0/24 maxlen: 24
                          194.156.98.0/24 maxlen: 24
                          194.156.99.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 11 Jul 2023 18:33:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:15:27:dc:c7:59:d3:74:ec:91:b5:f1:a5:45:e7:c7:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Mar 24 19:45:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=95dcb8c31e915d02d3c35f96fcf78f6f447900d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:2d:4e:0c:b9:77:15:07:fa:be:41:a6:fa:0c:
                    74:d4:f4:ad:d6:d8:05:55:75:80:87:df:35:d3:e0:
                    73:00:60:fa:7e:db:5b:da:69:99:e7:c8:29:5b:c8:
                    0a:d7:87:e8:80:14:a1:1b:5b:95:bd:24:10:0c:32:
                    d5:4e:74:20:10:9d:b6:5a:0a:44:50:4b:96:ac:1d:
                    63:c8:49:8b:af:96:d0:8f:60:c4:75:84:e6:78:50:
                    38:f7:60:5d:ef:5d:82:5a:1e:ee:71:24:6f:95:08:
                    33:4c:32:ac:32:3a:ae:dc:f2:1a:c1:ae:dd:87:e4:
                    cc:34:bd:07:c9:2d:ff:6a:a2:64:09:73:ea:8e:af:
                    08:d3:ea:02:61:86:a3:85:99:71:c9:31:b0:11:ad:
                    12:46:7e:9d:71:51:63:a7:2c:4e:10:dd:47:13:0e:
                    d7:ab:2c:e2:75:ca:fb:97:5e:1c:84:ce:e0:0f:17:
                    91:6e:61:60:09:78:de:7d:a9:06:7f:40:f0:b5:25:
                    5b:96:13:8d:46:38:7f:f1:55:bd:29:f4:4d:0d:55:
                    90:62:92:52:36:47:c8:29:25:32:b0:e6:c4:4a:e1:
                    d0:ca:08:e1:44:60:a3:c7:0b:53:0f:0d:d6:b8:76:
                    7f:83:ea:97:68:63:04:4f:9f:49:5a:bd:97:ed:81:
                    dd:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:DC:B8:C3:1E:91:5D:02:D3:C3:5F:96:FC:F7:8F:6F:44:79:00:D2
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/ldy4wx6RXQLTw1-W_PePb0R5ANI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.145.0.0/24
                  194.156.98.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ab:85:8e:fd:fe:18:a0:ad:46:96:4b:cd:91:88:c7:66:6f:3a:
         dc:7b:ce:a2:fb:41:ac:c4:a8:19:3e:bf:ef:c3:c3:dd:ee:51:
         a6:41:ba:73:46:04:07:b7:cf:60:67:d8:cc:af:11:9e:1a:dc:
         e1:84:ac:73:48:1a:46:25:ef:58:91:99:cf:cb:87:61:d1:f7:
         4a:7d:4f:7d:8c:b2:15:da:c2:da:ef:48:51:b2:a2:54:e8:6b:
         44:83:c4:39:94:ed:51:72:d1:37:4c:bf:57:f5:ae:3e:f7:11:
         03:7c:2c:3e:c3:47:34:04:a0:3d:bc:04:20:96:c8:7d:f5:60:
         d3:7e:2e:61:4e:7f:89:66:1a:93:2e:00:71:a6:c2:7c:b0:87:
         c3:ba:71:09:b4:98:b4:d7:e2:fb:c5:00:76:6b:81:c2:e0:d1:
         7e:ae:55:10:6e:b4:ae:ad:12:32:57:71:08:df:6e:bb:5a:63:
         68:2f:62:ef:d3:c4:18:22:2a:1c:39:38:3b:a4:74:dc:6b:e1:
         7a:bf:9d:00:40:3c:20:db:64:b4:88:1b:c5:2f:0f:f9:8b:7c:
         f9:18:2a:83:cd:a1:ba:f7:02:1e:7c:48:8f:46:2f:28:48:65:
         e6:9d:0d:ad:a0:24:16:86:da:0c:55:e1:24:f8:23:3c:6c:1e:
         ac:a6:5e:7f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcVJ9zHWdN07JG18aVF58dwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwMzI0MTk0NTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWRjYjhjMzFlOTE1ZDAyZDNjMzVmOTZmY2Y3OGY2ZjQ0NzkwMGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgS1ODLl3FQf6vkGm+gx01PSt1tgF
VXWAh9810+BzAGD6fttb2mmZ58gpW8gK14fogBShG1uVvSQQDDLVTnQgEJ22WgpE
UEuWrB1jyEmLr5bQj2DEdYTmeFA492Bd712CWh7ucSRvlQgzTDKsMjqu3PIawa7d
h+TMNL0HyS3/aqJkCXPqjq8I0+oCYYajhZlxyTGwEa0SRn6dcVFjpyxOEN1HEw7X
qyzidcr7l14chM7gDxeRbmFgCXjefakGf0DwtSVblhONRjh/8VW9KfRNDVWQYpJS
NkfIKSUysObESuHQygjhRGCjxwtTDw3WuHZ/g+qXaGMET59JWr2X7YHdQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJXcuMMekV0C08Nflvz3j29EeQDSMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvbGR5NHd4NlJYUUxUdzEtV19QZVBiMFI1QU5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZEAAwQB
wpxiMA0GCSqGSIb3DQEBCwUAA4IBAQCrhY79/higrUaWS82RiMdmbzrce86i+0Gs
xKgZPr/vw8Pd7lGmQbpzRgQHt89gZ9jMrxGeGtzhhKxzSBpGJe9YkZnPy4dh0fdK
fU99jLIV2sLa70hRsqJU6GtEg8Q5lO1RctE3TL9X9a4+9xEDfCw+w0c0BKA9vAQg
lsh99WDTfi5hTn+JZhqTLgBxpsJ8sIfDunEJtJi01+L7xQB2a4HC4NF+rlUQbrSu
rRIyV3EI3267WmNoL2Lv08QYIiocOTg7pHTca+F6v50AQDwg22S0iBvFLw/5i3z5
GCqDzaG69wIefEiPRi8oSGXmnQ2toCQWhtoMVeEk+CM8bB6spl5/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org