Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/vxivyuBnEINBCHlKoo3HDgZLbqo.roa
File:                     vxivyuBnEINBCHlKoo3HDgZLbqo.roa (raw, json)
Hash identifier:          TZtvzlzr8X+wOWdVRy5fD2zCDAw2hqo0a1FdrJFmE/g=
Subject key identifier:   BF:18:AF:CA:E0:67:10:83:41:08:79:4A:A2:8D:C7:0E:06:4B:6E:AA
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       0186E17DDBE989C04C6F7C998E5E3B8375FC
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/vxivyuBnEINBCHlKoo3HDgZLbqo.roa
Signing time:             Tue 14 Mar 2023 18:59:27 +0000
ROA not before:           Tue 14 Mar 2023 18:59:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     40015
IP address blocks:        45.147.2.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 27 Mar 2023 19:28:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:e1:7d:db:e9:89:c0:4c:6f:7c:99:8e:5e:3b:83:75:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Mar 14 18:59:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bf18afcae06710834108794aa28dc70e064b6eaa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:59:49:d7:53:e1:f5:68:84:5a:6a:37:22:62:
                    04:8d:cb:47:80:b3:85:2a:b4:eb:5e:f7:36:7f:9b:
                    46:ee:5d:45:cd:ad:16:c6:c1:70:b6:69:ef:ea:68:
                    2d:4f:a5:79:c6:d9:57:05:aa:fa:4a:fa:fd:4a:67:
                    23:a1:b7:fa:ac:dd:4b:0c:13:4e:7f:79:28:83:29:
                    ae:99:9d:41:11:0f:ab:5f:50:0e:78:63:a0:1a:1b:
                    f4:70:a2:9e:e4:21:34:86:56:4c:f6:29:20:38:10:
                    3f:6f:8c:cf:cc:2b:3c:ef:c3:26:b2:11:0e:05:bb:
                    e2:04:5e:5e:ad:63:80:30:b7:20:ff:b7:f8:ce:28:
                    36:30:2d:61:26:ba:d9:5e:37:4c:97:fd:ed:26:89:
                    bd:b3:c9:7f:98:29:2f:44:3f:0a:c9:d2:db:b4:97:
                    02:a5:ea:b6:84:ab:95:c1:0b:06:59:81:4b:36:0a:
                    f6:35:52:0d:51:6a:0c:3d:05:7c:43:f3:6a:1b:4c:
                    9e:eb:48:56:6b:a0:b9:fc:3f:93:5d:4a:9d:bd:78:
                    71:52:2c:bf:ff:d0:83:1a:60:6d:05:e9:eb:78:4d:
                    eb:5e:f6:67:ba:58:c4:6f:7a:cf:2b:5f:d1:31:c8:
                    c9:c4:73:96:84:9b:ed:31:e1:a4:f0:18:4b:1a:dd:
                    3d:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:18:AF:CA:E0:67:10:83:41:08:79:4A:A2:8D:C7:0E:06:4B:6E:AA
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/vxivyuBnEINBCHlKoo3HDgZLbqo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.147.2.0/23

    Signature Algorithm: sha256WithRSAEncryption
         bd:1a:13:c8:56:99:1c:96:b2:05:74:97:56:72:cd:38:a5:77:
         ca:fb:21:2f:87:89:1a:29:08:3d:5a:99:8f:d2:95:ad:79:00:
         37:7f:e8:89:7b:95:cf:1f:a4:79:e3:68:b7:2b:77:88:dd:27:
         c7:d7:76:90:31:16:6c:b4:59:8a:8b:17:30:49:0e:df:16:0e:
         6b:f7:c7:29:c6:09:e9:25:c9:f8:d8:cc:af:ab:bd:03:25:50:
         3a:d5:6f:72:ba:0a:15:12:52:86:ba:a7:c5:16:78:ec:ad:88:
         1a:99:59:cf:c7:e9:97:6d:a4:9a:41:59:06:14:d4:16:57:c9:
         6f:fa:bf:55:13:b9:f3:1f:fc:86:65:5a:1a:3d:14:97:d5:5d:
         42:8a:9c:8f:c2:62:fd:b9:a3:df:30:12:4d:42:99:d4:8c:df:
         59:0e:d9:46:b4:ca:4c:5a:dd:7d:ec:2e:28:16:80:a0:b2:83:
         7f:f8:ec:00:d3:ef:55:29:07:3b:d5:c4:78:5e:e3:c6:e3:c6:
         48:42:4e:7f:be:2a:98:31:1b:35:54:bb:05:77:f3:b5:e3:10:
         e1:b2:80:0f:0d:b7:d3:19:c8:63:fa:ab:c0:c4:ec:49:84:97:
         f5:d3:6f:e8:db:ea:86:6c:20:6a:1e:bb:8d:8a:97:a2:92:5a:
         74:27:1d:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbhfdvpicBMb3yZjl47g3X8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwMzE0MTg1OTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjE4YWZjYWUwNjcxMDgzNDEwODc5NGFhMjhkYzcwZTA2NGI2ZWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVlJ11Ph9WiEWmo3ImIEjctHgLOF
KrTrXvc2f5tG7l1Fza0WxsFwtmnv6mgtT6V5xtlXBar6Svr9Smcjobf6rN1LDBNO
f3kogymumZ1BEQ+rX1AOeGOgGhv0cKKe5CE0hlZM9ikgOBA/b4zPzCs878MmshEO
BbviBF5erWOAMLcg/7f4zig2MC1hJrrZXjdMl/3tJom9s8l/mCkvRD8KydLbtJcC
peq2hKuVwQsGWYFLNgr2NVINUWoMPQV8Q/NqG0ye60hWa6C5/D+TXUqdvXhxUiy/
/9CDGmBtBenreE3rXvZnuljEb3rPK1/RMcjJxHOWhJvtMeGk8BhLGt09xwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL8Yr8rgZxCDQQh5SqKNxw4GS26qMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvdnhpdnl1Qm5FSU5CQ0hsS29vM0hEZ1pMYnFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZMCMA0G
CSqGSIb3DQEBCwUAA4IBAQC9GhPIVpkclrIFdJdWcs04pXfK+yEvh4kaKQg9WpmP
0pWteQA3f+iJe5XPH6R542i3K3eI3SfH13aQMRZstFmKixcwSQ7fFg5r98cpxgnp
Jcn42Myvq70DJVA61W9yugoVElKGuqfFFnjsrYgamVnPx+mXbaSaQVkGFNQWV8lv
+r9VE7nzH/yGZVoaPRSX1V1CipyPwmL9uaPfMBJNQpnUjN9ZDtlGtMpMWt197C4o
FoCgsoN/+OwA0+9VKQc71cR4XuPG48ZIQk5/viqYMRs1VLsFd/O14xDhsoAPDbfT
Gchj+qvAxOxJhJf102/o2+qGbCBqHruNipeiklp0Jx0A
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org