Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/Fh0xWUifoCyz2J1KVpn169R5vvw.roa
File:                     Fh0xWUifoCyz2J1KVpn169R5vvw.roa (raw, json)
Hash identifier:          DJbxY294B4ptj/+V2Hx/KGNbIKQFqz4TR3qxwTrRRIU=
Subject key identifier:   16:1D:31:59:48:9F:A0:2C:B3:D8:9D:4A:56:99:F5:EB:D4:79:BE:FC
Certificate issuer:       /CN=81fa48f40bc84540c46bd23be9b90897aa184f4d
Certificate serial:       01856E2FCA9EE8D240F3650A8D7D26A71F76
Authority key identifier: 81:FA:48:F4:0B:C8:45:40:C4:6B:D2:3B:E9:B9:08:97:AA:18:4F:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/Fh0xWUifoCyz2J1KVpn169R5vvw.roa
Signing time:             Sun 01 Jan 2023 16:35:03 +0000
ROA not before:           Sun 01 Jan 2023 16:35:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25082
IP address blocks:        45.91.216.0/22 maxlen: 23
                          195.64.248.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:2f:ca:9e:e8:d2:40:f3:65:0a:8d:7d:26:a7:1f:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81fa48f40bc84540c46bd23be9b90897aa184f4d
        Validity
            Not Before: Jan  1 16:35:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=161d3159489fa02cb3d89d4a5699f5ebd479befc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:a6:85:2a:fc:dc:dc:7c:68:9c:d0:b3:01:72:
                    14:87:ae:69:71:6f:48:65:96:6c:f7:02:2b:76:1d:
                    b5:e4:eb:4e:31:e9:77:33:18:e9:c8:3c:45:7b:6f:
                    60:2f:1a:d2:7c:9f:e7:f8:c9:be:c1:c5:7a:f1:23:
                    a6:89:55:08:e5:b9:7d:43:77:5e:0e:c9:1c:43:92:
                    37:57:5d:dc:12:92:d9:dc:c5:9f:c3:8a:4e:81:11:
                    86:93:7f:b0:09:cd:73:4d:0c:5a:a6:bf:a1:c3:5e:
                    d7:a8:7f:dd:4c:02:54:7f:76:14:2d:3a:88:8e:1b:
                    6b:bf:fd:6b:a7:7c:31:1b:48:31:80:0e:a4:e0:88:
                    03:30:2f:20:17:d1:9b:29:b1:2b:51:39:91:53:7d:
                    6d:16:8f:db:b3:66:60:a1:05:74:24:ad:c8:0f:32:
                    a7:34:a9:fb:a0:21:b5:ea:b5:fc:a1:78:04:5a:60:
                    48:b7:4e:85:44:1c:6e:71:15:cd:fd:30:9a:e8:59:
                    2d:3f:19:a5:39:29:d4:7b:49:9a:ba:14:02:5d:cb:
                    66:6a:dd:47:f2:d8:6e:c8:86:16:d3:48:14:2c:9f:
                    6f:fd:27:8c:55:2a:bd:2d:70:18:14:c5:d4:ec:50:
                    49:b9:77:6f:44:83:3d:84:8a:5a:1d:d3:b8:05:5f:
                    6c:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:1D:31:59:48:9F:A0:2C:B3:D8:9D:4A:56:99:F5:EB:D4:79:BE:FC
            X509v3 Authority Key Identifier:
                keyid:81:FA:48:F4:0B:C8:45:40:C4:6B:D2:3B:E9:B9:08:97:AA:18:4F:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/Fh0xWUifoCyz2J1KVpn169R5vvw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/gfpI9AvIRUDEa9I76bkIl6oYT00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.91.216.0/22
                  195.64.248.0/22

    Signature Algorithm: sha256WithRSAEncryption
         04:27:71:6e:8b:3e:2e:e5:b8:54:81:49:cc:8d:5c:1c:74:83:
         af:7c:ba:15:15:a6:76:d1:86:24:a0:03:12:69:5b:5d:58:7c:
         35:c7:f2:42:cc:91:d4:8f:6f:28:ae:f9:65:42:8f:cc:8f:6f:
         0b:ac:c2:39:60:4a:cb:5c:00:0f:fa:7f:4a:b0:c4:32:84:20:
         2d:00:98:48:75:ea:0d:d5:b3:89:6b:b4:c2:72:e5:97:46:8f:
         37:52:b5:b4:f7:d9:12:4e:c8:0e:7d:cd:75:50:e9:88:22:04:
         16:75:46:41:47:f7:ce:c4:d8:c2:92:62:0c:61:45:bd:91:92:
         e3:3d:8d:20:cd:d4:0a:bd:f9:f1:af:96:05:98:cb:91:9f:94:
         94:d0:43:c0:82:d1:f3:db:06:6c:43:5b:3f:c8:da:ff:b1:07:
         a3:60:d1:54:34:a0:88:ae:c6:c3:29:9c:02:ea:87:0f:6a:7f:
         92:b4:f5:a8:c5:fb:7d:2a:83:ef:46:a4:e4:e5:5d:57:92:f3:
         cd:de:7c:a2:2b:73:f3:58:01:4b:1a:3b:ff:a5:36:3f:68:35:
         94:32:4e:e6:d3:03:65:cd:1d:80:b1:0c:0c:78:15:45:1d:4b:
         bd:1b:b6:a1:02:86:01:d9:dc:fb:b4:af:b3:51:82:48:1d:03:
         c3:9c:60:18
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuL8qe6NJA82UKjX0mpx92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZmE0OGY0MGJjODQ1NDBjNDZiZDIzYmU5YjkwODk3YWEx
ODRmNGQwHhcNMjMwMTAxMTYzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjFkMzE1OTQ4OWZhMDJjYjNkODlkNGE1Njk5ZjVlYmQ0NzliZWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKaFKvzc3HxonNCzAXIUh65pcW9I
ZZZs9wIrdh215OtOMel3MxjpyDxFe29gLxrSfJ/n+Mm+wcV68SOmiVUI5bl9Q3de
DskcQ5I3V13cEpLZ3MWfw4pOgRGGk3+wCc1zTQxapr+hw17XqH/dTAJUf3YULTqI
jhtrv/1rp3wxG0gxgA6k4IgDMC8gF9GbKbErUTmRU31tFo/bs2ZgoQV0JK3IDzKn
NKn7oCG16rX8oXgEWmBIt06FRBxucRXN/TCa6FktPxmlOSnUe0mauhQCXctmat1H
8thuyIYW00gULJ9v/SeMVSq9LXAYFMXU7FBJuXdvRIM9hIpaHdO4BV9skwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBYdMVlIn6Ass9idSlaZ9evUeb78MB8GA1UdIwQY
MBaAFIH6SPQLyEVAxGvSO+m5CJeqGE9NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2ZwSTlBdklSVURFYTlJNzZia0lsNm9ZVDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8xNDYwNzgtZjliMi00MTYzLWFmMWEt
OGU5M2NiNWM1MzU1LzEvRmgweFdVaWZvQ3l6MkoxS1ZwbjE2OVI1dnZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8xNDYwNzgtZjliMi00MTYzLWFmMWEtOGU5M2NiNWM1MzU1
LzEvZ2ZwSTlBdklSVURFYTlJNzZia0lsNm9ZVDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVvYAwQC
w0D4MA0GCSqGSIb3DQEBCwUAA4IBAQAEJ3Fuiz4u5bhUgUnMjVwcdIOvfLoVFaZ2
0YYkoAMSaVtdWHw1x/JCzJHUj28orvllQo/Mj28LrMI5YErLXAAP+n9KsMQyhCAt
AJhIdeoN1bOJa7TCcuWXRo83UrW099kSTsgOfc11UOmIIgQWdUZBR/fOxNjCkmIM
YUW9kZLjPY0gzdQKvfnxr5YFmMuRn5SU0EPAgtHz2wZsQ1s/yNr/sQejYNFUNKCI
rsbDKZwC6ocPan+StPWoxft9KoPvRqTk5V1XkvPN3nyiK3PzWAFLGjv/pTY/aDWU
Mk7m0wNlzR2AsQwMeBVFHUu9G7ahAoYB2dz7tK+zUYJIHQPDnGAY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:56 2024 by rpki-client on console-fra.rpki-client.org