Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/85e104-5e52-4048-b1b1-c50968cda86f/1/NrqV60elo1bW2BL9JiNYiEo9jmk.roa
File:                     NrqV60elo1bW2BL9JiNYiEo9jmk.roa (raw, json)
Hash identifier:          /mpnYOy8YhKkuC7KE/xSwyihYn7U0ypTMVUwISCVSUw=
Subject key identifier:   36:BA:95:EB:47:A5:A3:56:D6:D8:12:FD:26:23:58:88:4A:3D:8E:69
Certificate issuer:       /CN=6ea1a10f7d944dacc1dec041aaa559d522bfbaeb
Certificate serial:       01857115182EAE6C6DB7481C9FEFBCD2E33C
Authority key identifier: 6E:A1:A1:0F:7D:94:4D:AC:C1:DE:C0:41:AA:A5:59:D5:22:BF:BA:EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bqGhD32UTazB3sBBqqVZ1SK_uus.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/85e104-5e52-4048-b1b1-c50968cda86f/1/NrqV60elo1bW2BL9JiNYiEo9jmk.roa
Signing time:             Mon 02 Jan 2023 06:04:45 +0000
ROA not before:           Mon 02 Jan 2023 06:04:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208834
IP address blocks:        45.83.72.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:15:18:2e:ae:6c:6d:b7:48:1c:9f:ef:bc:d2:e3:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ea1a10f7d944dacc1dec041aaa559d522bfbaeb
        Validity
            Not Before: Jan  2 06:04:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=36ba95eb47a5a356d6d812fd262358884a3d8e69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:74:c2:aa:a4:8e:2d:e9:6d:85:b3:47:ec:4f:
                    ca:4b:ab:61:a7:4c:c0:e5:99:6c:73:cf:1e:3d:89:
                    ec:b2:41:1d:88:84:54:46:ab:3d:b8:d9:75:83:ad:
                    03:e8:7f:9c:42:12:92:ea:0a:e7:81:35:28:e0:fd:
                    e4:d4:19:fc:5c:20:86:ab:c8:30:94:c3:fa:53:29:
                    ea:ae:b7:de:16:73:06:d0:e9:88:e9:c6:19:b8:bd:
                    f1:a4:f4:ed:e0:76:57:7a:29:fc:bb:5c:19:6a:e6:
                    49:9a:93:e3:bd:5b:b4:45:84:d5:74:39:f5:27:a2:
                    ac:a2:fa:7d:e7:08:68:82:f2:d8:c4:04:58:5a:98:
                    c9:6e:47:dc:7a:5c:0f:1b:fc:3a:d1:9e:3a:cb:31:
                    6f:df:8c:7e:7e:c2:1c:e7:76:b3:bd:cf:7b:94:ba:
                    a8:90:a7:68:12:ee:87:c2:ea:13:23:68:3d:76:29:
                    87:99:e3:7f:43:8b:d8:08:eb:2a:32:3f:7a:7a:37:
                    76:21:4c:32:6e:34:8e:b6:89:32:be:10:06:70:71:
                    9b:3d:ec:ed:4a:2b:ac:94:99:e0:62:09:f8:0b:9e:
                    0b:ef:93:fd:48:00:41:73:ca:dc:40:11:97:77:7d:
                    89:5a:82:8e:dc:ca:e9:84:ab:0d:49:51:67:95:d9:
                    a8:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:BA:95:EB:47:A5:A3:56:D6:D8:12:FD:26:23:58:88:4A:3D:8E:69
            X509v3 Authority Key Identifier:
                keyid:6E:A1:A1:0F:7D:94:4D:AC:C1:DE:C0:41:AA:A5:59:D5:22:BF:BA:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bqGhD32UTazB3sBBqqVZ1SK_uus.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/85e104-5e52-4048-b1b1-c50968cda86f/1/NrqV60elo1bW2BL9JiNYiEo9jmk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/85e104-5e52-4048-b1b1-c50968cda86f/1/bqGhD32UTazB3sBBqqVZ1SK_uus.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.83.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b1:1c:52:45:54:25:25:3c:7e:89:96:a1:e2:70:a2:4c:05:e1:
         37:5a:b0:13:00:9d:e5:34:51:d6:de:79:43:dd:01:17:43:78:
         34:97:bb:c9:f3:78:c8:2c:1d:d9:82:37:b4:26:f0:c4:b3:39:
         8e:2d:68:11:f1:93:df:48:c1:37:84:ee:5a:ff:6f:45:40:57:
         3c:02:58:28:b0:cb:f6:98:53:c6:b5:62:72:f2:f0:3b:36:18:
         cb:34:f8:05:72:cc:69:53:51:5f:76:2a:dd:cf:ae:2f:fa:7b:
         3f:dd:3c:d5:b7:28:52:aa:06:e2:a0:0e:dc:3a:b1:48:3e:b8:
         e3:7e:7d:94:39:b5:2f:99:08:0a:90:1f:ef:d9:89:99:16:3a:
         36:ba:3a:22:d7:b0:a7:f1:03:1a:6c:d5:75:ab:42:82:64:2a:
         c9:06:72:e9:c1:97:e2:8e:28:75:b1:21:23:c7:fb:f4:77:c7:
         79:8a:58:f5:c0:d0:8e:97:8a:e1:84:7d:f3:65:32:be:84:d3:
         03:7a:2d:46:ab:0b:3f:e7:37:cd:5c:b4:37:95:f3:d5:84:e3:
         e0:5e:57:a0:68:a4:d1:b0:88:a9:3c:2f:b7:28:12:a6:f2:58:
         3f:65:b7:90:34:9e:19:da:07:4d:e0:af:22:a2:c4:6b:e0:8e:
         3a:56:0d:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFRgurmxtt0gcn++80uM8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlYTFhMTBmN2Q5NDRkYWNjMWRlYzA0MWFhYTU1OWQ1MjJi
ZmJhZWIwHhcNMjMwMTAyMDYwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmJhOTVlYjQ3YTVhMzU2ZDZkODEyZmQyNjIzNTg4ODRhM2Q4ZTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHTCqqSOLelthbNH7E/KS6thp0zA
5Zlsc88ePYnsskEdiIRURqs9uNl1g60D6H+cQhKS6grngTUo4P3k1Bn8XCCGq8gw
lMP6UynqrrfeFnMG0OmI6cYZuL3xpPTt4HZXein8u1wZauZJmpPjvVu0RYTVdDn1
J6Ksovp95whogvLYxARYWpjJbkfcelwPG/w60Z46yzFv34x+fsIc53azvc97lLqo
kKdoEu6HwuoTI2g9dimHmeN/Q4vYCOsqMj96ejd2IUwybjSOtokyvhAGcHGbPezt
SiuslJngYgn4C54L75P9SABBc8rcQBGXd32JWoKO3MrphKsNSVFnldmo+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDa6letHpaNW1tgS/SYjWIhKPY5pMB8GA1UdIwQY
MBaAFG6hoQ99lE2swd7AQaqlWdUiv7rrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnFHaEQzMlVUYXpCM3NCQnFxVloxU0tfdXVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC84NWUxMDQtNWU1Mi00MDQ4LWIxYjEt
YzUwOTY4Y2RhODZmLzEvTnJxVjYwZWxvMWJXMkJMOUppTllpRW85am1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC84NWUxMDQtNWU1Mi00MDQ4LWIxYjEtYzUwOTY4Y2RhODZm
LzEvYnFHaEQzMlVUYXpCM3NCQnFxVloxU0tfdXVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVNIMA0G
CSqGSIb3DQEBCwUAA4IBAQCxHFJFVCUlPH6JlqHicKJMBeE3WrATAJ3lNFHW3nlD
3QEXQ3g0l7vJ83jILB3Zgje0JvDEszmOLWgR8ZPfSME3hO5a/29FQFc8AlgosMv2
mFPGtWJy8vA7NhjLNPgFcsxpU1Ffdirdz64v+ns/3TzVtyhSqgbioA7cOrFIPrjj
fn2UObUvmQgKkB/v2YmZFjo2ujoi17Cn8QMabNV1q0KCZCrJBnLpwZfijih1sSEj
x/v0d8d5ilj1wNCOl4rhhH3zZTK+hNMDei1Gqws/5zfNXLQ3lfPVhOPgXlegaKTR
sIipPC+3KBKm8lg/ZbeQNJ4Z2gdN4K8iosRr4I46Vg30
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:40 2024 by rpki-client on console-fra.rpki-client.org