Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/5a2117-f583-445d-b72e-eba9c5cb32d0/1/4aXFFe46JgF-aXP-qcK4Qk9MmCU.roa
File:                     4aXFFe46JgF-aXP-qcK4Qk9MmCU.roa (raw, json)
Hash identifier:          c80N0QgON203IZ7zOvjfJc36Y0MhPZgUua9JRuwYc3A=
Subject key identifier:   E1:A5:C5:15:EE:3A:26:01:7E:69:73:FE:A9:C2:B8:42:4F:4C:98:25
Certificate issuer:       /CN=a4929fcd61dc69dccfbe01d5ff0035b41ac95260
Certificate serial:       01857142DB74E43ECB5C418B48200BC94A10
Authority key identifier: A4:92:9F:CD:61:DC:69:DC:CF:BE:01:D5:FF:00:35:B4:1A:C9:52:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pJKfzWHcadzPvgHV_wA1tBrJUmA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/5a2117-f583-445d-b72e-eba9c5cb32d0/1/4aXFFe46JgF-aXP-qcK4Qk9MmCU.roa
Signing time:             Mon 02 Jan 2023 06:54:44 +0000
ROA not before:           Mon 02 Jan 2023 06:54:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35913
IP address blocks:        45.150.16.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 16 Oct 2023 14:20:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:42:db:74:e4:3e:cb:5c:41:8b:48:20:0b:c9:4a:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4929fcd61dc69dccfbe01d5ff0035b41ac95260
        Validity
            Not Before: Jan  2 06:54:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e1a5c515ee3a26017e6973fea9c2b8424f4c9825
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:d8:a3:6a:c4:bc:13:32:1e:71:a8:d7:4f:43:
                    ca:0e:21:ee:e3:99:92:64:48:a1:0b:b5:87:9f:02:
                    bf:60:de:1b:19:8e:68:27:47:db:e2:f6:4d:ab:fd:
                    57:e4:41:15:b2:39:9c:cc:b1:18:85:75:89:10:6b:
                    71:06:0b:e1:1d:9d:a9:d9:8b:3a:6f:48:fc:40:be:
                    66:8f:3e:5b:1f:b7:e8:05:6b:3e:81:fe:c8:8c:cf:
                    cc:ad:de:47:69:d2:cb:fe:9c:7b:70:2b:04:63:8c:
                    12:a5:a6:88:6d:11:69:11:57:d1:1a:c6:43:73:04:
                    7a:01:a5:6f:a8:40:15:f4:e9:e6:f7:18:3f:e2:71:
                    0e:22:c3:9f:85:22:e7:51:33:22:c5:33:82:64:57:
                    84:c4:29:67:d5:6e:e9:19:27:65:0f:59:6e:cd:7f:
                    0b:a5:aa:6c:a8:e9:ae:87:69:7c:b5:84:fb:84:2b:
                    5f:a0:0f:88:5e:bc:6d:53:c4:cb:47:ca:6e:bc:77:
                    22:03:d7:2e:c2:74:23:7a:09:1f:00:23:09:c5:9d:
                    ee:92:c8:f5:d3:f8:b4:d4:88:01:3f:51:6f:f4:cb:
                    c4:e6:52:f5:c6:46:02:b7:89:a1:88:20:e8:83:00:
                    f2:c8:1e:a1:fb:87:1a:5c:4f:c3:57:02:43:0a:90:
                    34:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:A5:C5:15:EE:3A:26:01:7E:69:73:FE:A9:C2:B8:42:4F:4C:98:25
            X509v3 Authority Key Identifier:
                keyid:A4:92:9F:CD:61:DC:69:DC:CF:BE:01:D5:FF:00:35:B4:1A:C9:52:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJKfzWHcadzPvgHV_wA1tBrJUmA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/5a2117-f583-445d-b72e-eba9c5cb32d0/1/4aXFFe46JgF-aXP-qcK4Qk9MmCU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/5a2117-f583-445d-b72e-eba9c5cb32d0/1/pJKfzWHcadzPvgHV_wA1tBrJUmA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.150.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         43:52:1c:a7:c0:58:07:38:e3:0c:e7:31:8d:ba:7e:98:7c:19:
         60:cf:97:55:f7:96:ad:a0:2c:52:f5:5e:53:3e:73:c0:3a:05:
         0b:d3:90:be:ef:8a:4f:60:8e:e4:ae:57:29:1e:db:3f:7d:3b:
         58:33:a7:8b:c9:1a:76:95:52:3f:9b:71:f8:bf:e5:2d:bb:47:
         47:1d:4f:ef:5b:ce:f8:e5:09:3e:8c:7d:cd:86:bb:ee:dd:76:
         06:b6:fc:c4:59:4b:40:12:a0:f0:a6:10:05:84:49:45:54:7d:
         b9:42:d1:d0:54:5c:9d:6c:3a:f0:bc:c1:79:42:f4:d6:39:0a:
         32:e1:7d:07:d1:ba:59:8b:82:0c:5f:86:4d:e7:69:e9:02:d5:
         c7:00:c5:8d:0e:3d:20:10:c3:fb:e5:db:ed:f3:c2:35:9e:e8:
         a0:65:c3:ed:82:b4:52:f2:d1:74:5e:e1:c7:91:0c:24:b9:ea:
         cf:2c:08:e3:dd:f3:82:d7:1a:17:9e:cc:26:06:69:aa:3d:f4:
         ea:2f:df:f5:3d:29:56:86:e6:eb:b2:47:c6:6c:22:72:74:14:
         0a:dc:30:90:e0:6e:d3:9b:9a:48:78:67:43:b8:93:20:93:5d:
         97:c5:4d:80:f6:57:1a:42:ba:76:1e:4a:f2:dd:e2:7f:8b:b0:
         b3:14:cf:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxQtt05D7LXEGLSCALyUoQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OTI5ZmNkNjFkYzY5ZGNjZmJlMDFkNWZmMDAzNWI0MWFj
OTUyNjAwHhcNMjMwMTAyMDY1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWE1YzUxNWVlM2EyNjAxN2U2OTczZmVhOWMyYjg0MjRmNGM5ODI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndijasS8EzIecajXT0PKDiHu45mS
ZEihC7WHnwK/YN4bGY5oJ0fb4vZNq/1X5EEVsjmczLEYhXWJEGtxBgvhHZ2p2Ys6
b0j8QL5mjz5bH7foBWs+gf7IjM/Mrd5HadLL/px7cCsEY4wSpaaIbRFpEVfRGsZD
cwR6AaVvqEAV9Onm9xg/4nEOIsOfhSLnUTMixTOCZFeExCln1W7pGSdlD1luzX8L
papsqOmuh2l8tYT7hCtfoA+IXrxtU8TLR8puvHciA9cuwnQjegkfACMJxZ3uksj1
0/i01IgBP1Fv9MvE5lL1xkYCt4mhiCDogwDyyB6h+4caXE/DVwJDCpA0ewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOGlxRXuOiYBfmlz/qnCuEJPTJglMB8GA1UdIwQY
MBaAFKSSn81h3Gncz74B1f8ANbQayVJgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEpLZnpXSGNhZHpQdmdIVl93QTF0QnJKVW1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy81YTIxMTctZjU4My00NDVkLWI3MmUt
ZWJhOWM1Y2IzMmQwLzEvNGFYRkZlNDZKZ0YtYVhQLXFjSzRRazlNbUNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy81YTIxMTctZjU4My00NDVkLWI3MmUtZWJhOWM1Y2IzMmQw
LzEvcEpLZnpXSGNhZHpQdmdIVl93QTF0QnJKVW1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZYQMA0G
CSqGSIb3DQEBCwUAA4IBAQBDUhynwFgHOOMM5zGNun6YfBlgz5dV95atoCxS9V5T
PnPAOgUL05C+74pPYI7krlcpHts/fTtYM6eLyRp2lVI/m3H4v+Utu0dHHU/vW874
5Qk+jH3Nhrvu3XYGtvzEWUtAEqDwphAFhElFVH25QtHQVFydbDrwvMF5QvTWOQoy
4X0H0bpZi4IMX4ZN52npAtXHAMWNDj0gEMP75dvt88I1nuigZcPtgrRS8tF0XuHH
kQwkuerPLAjj3fOC1xoXnswmBmmqPfTqL9/1PSlWhubrskfGbCJydBQK3DCQ4G7T
m5pIeGdDuJMgk12XxU2A9lcaQrp2Hkry3eJ/i7CzFM/Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:14 2024 by rpki-client on console-fra.rpki-client.org