Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/rKs5CW2oxZSjxAUapTyCHnhtsc4.roa
File:                     rKs5CW2oxZSjxAUapTyCHnhtsc4.roa (raw, json)
Hash identifier:          I1erzWZToZD89y8fMSasjTVc9FDpPYhjLPaQ/NyiRw0=
Subject key identifier:   AC:AB:39:09:6D:A8:C5:94:A3:C4:05:1A:A5:3C:82:1E:78:6D:B1:CE
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       0187248C2393ED59372541C30095225406BF
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/rKs5CW2oxZSjxAUapTyCHnhtsc4.roa
Signing time:             Mon 27 Mar 2023 19:29:36 +0000
ROA not before:           Mon 27 Mar 2023 19:29:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42375
IP address blocks:        45.147.2.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Thu 06 Apr 2023 16:49:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:24:8c:23:93:ed:59:37:25:41:c3:00:95:22:54:06:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Mar 27 19:29:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=acab39096da8c594a3c4051aa53c821e786db1ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:49:d8:47:a9:55:99:6e:13:a7:58:ea:96:a6:
                    43:e9:c9:65:cc:55:59:7b:f8:b2:53:4f:8e:1e:fd:
                    87:b0:46:dd:c4:37:57:6a:6e:a4:6c:fc:7a:dc:3a:
                    41:64:f6:da:e6:97:ae:dc:e5:2d:e0:93:95:e1:a4:
                    80:b0:84:c2:6b:4a:1b:21:d8:b6:f1:57:05:bc:a7:
                    93:21:a2:fc:9d:eb:12:e4:18:e9:57:32:2c:49:3b:
                    06:1a:71:a2:1c:d2:d7:32:5b:65:2e:f7:c3:5c:58:
                    7a:e2:d8:fe:b0:4b:0b:85:8f:0e:6b:68:64:cc:ea:
                    87:f2:cb:47:0e:59:d6:ac:5a:0e:1d:c9:22:95:9d:
                    36:6c:7b:90:9d:f3:f3:d9:31:e5:de:06:5e:70:84:
                    71:d8:8a:db:bd:23:38:60:c9:3a:d3:dc:10:fe:50:
                    5b:54:2e:72:10:2f:9e:58:d7:49:88:a9:d8:f9:1d:
                    fc:5d:0e:a4:bd:ab:10:87:45:91:f1:d0:55:bb:dd:
                    23:35:fc:29:2a:38:97:f1:82:b6:3e:c5:bb:7f:19:
                    3d:78:d1:65:b8:bd:e3:73:9d:07:7b:c8:2d:57:77:
                    2a:f6:a6:6c:82:5e:57:c5:30:bb:ff:90:2c:92:27:
                    f7:84:35:a8:4c:cb:cb:fa:21:a9:8c:31:c1:7b:e3:
                    7d:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:AB:39:09:6D:A8:C5:94:A3:C4:05:1A:A5:3C:82:1E:78:6D:B1:CE
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/rKs5CW2oxZSjxAUapTyCHnhtsc4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.147.2.0/23

    Signature Algorithm: sha256WithRSAEncryption
         39:ca:27:3a:3a:2b:78:e5:49:bc:b6:c8:35:db:3e:f5:3f:fa:
         8a:3c:47:25:a8:aa:0b:e8:5e:62:69:12:c0:97:00:5a:ac:25:
         ed:57:1b:60:3f:d5:5b:8f:d5:3a:25:47:4b:e3:76:76:4f:33:
         f6:09:82:49:ae:b4:17:60:3b:b3:05:4f:ed:2d:f7:ed:59:a4:
         a1:d5:a1:73:dc:da:98:d8:53:e1:56:8e:fd:99:ac:cb:3e:48:
         86:95:cf:b9:49:4b:76:a6:17:ee:36:e0:ea:16:46:c3:3a:2c:
         9e:29:a1:6f:66:25:43:2d:f7:b1:8a:fb:16:c4:2e:bc:0c:7c:
         e1:6f:14:8e:3a:ec:23:a9:fb:03:1b:d9:03:57:52:7a:cc:9e:
         bd:2a:ff:50:79:32:46:67:bf:56:9f:99:74:2c:17:db:cf:fb:
         58:e6:d6:f8:0b:0d:94:dd:6c:89:4b:c0:f5:0e:d5:5d:6c:3b:
         82:12:f1:c2:a4:65:b1:d6:60:b9:28:6b:21:5f:49:f6:50:85:
         01:4f:47:45:24:41:59:56:a4:c9:7f:08:13:3a:9b:c0:34:d0:
         af:1e:7b:d4:83:55:bc:f9:f0:65:57:c7:5a:e7:c4:f4:54:4a:
         09:27:01:7b:43:f3:dd:37:61:c3:f6:c1:df:24:c0:00:6b:56:
         9a:de:38:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYckjCOT7Vk3JUHDAJUiVAa/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwMzI3MTkyOTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2FiMzkwOTZkYThjNTk0YTNjNDA1MWFhNTNjODIxZTc4NmRiMWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEnYR6lVmW4Tp1jqlqZD6cllzFVZ
e/iyU0+OHv2HsEbdxDdXam6kbPx63DpBZPba5peu3OUt4JOV4aSAsITCa0obIdi2
8VcFvKeTIaL8nesS5BjpVzIsSTsGGnGiHNLXMltlLvfDXFh64tj+sEsLhY8Oa2hk
zOqH8stHDlnWrFoOHckilZ02bHuQnfPz2THl3gZecIRx2IrbvSM4YMk609wQ/lBb
VC5yEC+eWNdJiKnY+R38XQ6kvasQh0WR8dBVu90jNfwpKjiX8YK2PsW7fxk9eNFl
uL3jc50He8gtV3cq9qZsgl5XxTC7/5Askif3hDWoTMvL+iGpjDHBe+N9LQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKyrOQltqMWUo8QFGqU8gh54bbHOMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvcktzNUNXMm94WlNqeEFVYXBUeUNIbmh0c2M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZMCMA0G
CSqGSIb3DQEBCwUAA4IBAQA5yic6Oit45Um8tsg12z71P/qKPEclqKoL6F5iaRLA
lwBarCXtVxtgP9Vbj9U6JUdL43Z2TzP2CYJJrrQXYDuzBU/tLfftWaSh1aFz3NqY
2FPhVo79mazLPkiGlc+5SUt2phfuNuDqFkbDOiyeKaFvZiVDLfexivsWxC68DHzh
bxSOOuwjqfsDG9kDV1J6zJ69Kv9QeTJGZ79Wn5l0LBfbz/tY5tb4Cw2U3WyJS8D1
DtVdbDuCEvHCpGWx1mC5KGshX0n2UIUBT0dFJEFZVqTJfwgTOpvANNCvHnvUg1W8
+fBlV8da58T0VEoJJwF7Q/PdN2HD9sHfJMAAa1aa3jjQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org