Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/z3nOIotaX6DFMYiOR3RloJVwOIc.roa
File:                     z3nOIotaX6DFMYiOR3RloJVwOIc.roa (raw, json)
Hash identifier:          fpFOH7hrXyDB6kW/aV8s+L6Q+SkAF7as95mx+pNNrBw=
Subject key identifier:   CF:79:CE:22:8B:5A:5F:A0:C5:31:88:8E:47:74:65:A0:95:70:38:87
Certificate issuer:       /CN=28c6800d74bc4105b40e77ea085ba026dbeec35f
Certificate serial:       018570028814F24D067AD9F591F103E0502F
Authority key identifier: 28:C6:80:0D:74:BC:41:05:B4:0E:77:EA:08:5B:A0:26:DB:EE:C3:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KMaADXS8QQW0DnfqCFugJtvuw18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/z3nOIotaX6DFMYiOR3RloJVwOIc.roa
Signing time:             Mon 02 Jan 2023 01:04:52 +0000
ROA not before:           Mon 02 Jan 2023 01:04:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        45.145.232.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 23 May 2023 19:54:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:02:88:14:f2:4d:06:7a:d9:f5:91:f1:03:e0:50:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28c6800d74bc4105b40e77ea085ba026dbeec35f
        Validity
            Not Before: Jan  2 01:04:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cf79ce228b5a5fa0c531888e477465a095703887
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:75:29:62:d3:a6:f4:9f:d2:30:c1:79:a5:3a:
                    31:60:d4:d7:04:1c:1b:ac:79:f1:46:55:64:ce:54:
                    ed:8a:6f:df:44:91:2e:dc:9b:ba:fb:af:26:ae:73:
                    9f:ac:83:f1:ba:22:2c:0f:7f:9b:ef:a4:98:66:9b:
                    82:c5:e2:0b:29:88:6b:7a:af:08:32:12:bd:89:9f:
                    54:d0:b2:4e:a1:a4:97:b7:7f:d9:65:75:39:a6:ba:
                    bd:a9:1e:f4:09:c5:1c:fe:8b:23:ad:79:64:50:53:
                    db:63:ca:49:88:f9:fa:50:24:21:fa:be:f6:62:02:
                    16:b5:a9:29:7c:ea:45:f2:96:1d:82:37:9d:47:5f:
                    ed:dd:e8:f9:1c:08:b4:7f:6e:a5:36:20:02:a9:01:
                    e6:93:b4:78:83:51:31:50:97:7f:08:0e:74:0d:09:
                    ab:07:b2:a7:00:a1:29:3d:6d:3c:85:f7:7c:cf:b6:
                    c8:13:c2:99:91:6c:74:8b:4d:5c:37:8b:7b:c7:67:
                    54:9d:09:ee:80:2a:6a:90:bd:3e:f8:95:55:29:9f:
                    ac:5e:d2:c6:5d:bb:32:4d:aa:5e:de:10:be:37:ab:
                    7b:ba:be:09:46:a1:b7:86:e3:1a:15:a2:63:20:dc:
                    bd:5f:e2:60:3e:35:b6:a2:e0:51:d1:78:33:6b:95:
                    ed:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:79:CE:22:8B:5A:5F:A0:C5:31:88:8E:47:74:65:A0:95:70:38:87
            X509v3 Authority Key Identifier:
                keyid:28:C6:80:0D:74:BC:41:05:B4:0E:77:EA:08:5B:A0:26:DB:EE:C3:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMaADXS8QQW0DnfqCFugJtvuw18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/z3nOIotaX6DFMYiOR3RloJVwOIc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/KMaADXS8QQW0DnfqCFugJtvuw18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.145.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         15:16:cd:84:df:d6:1c:bc:fb:58:9c:17:c4:c6:38:bc:33:93:
         05:a2:62:7d:80:c2:d5:55:41:71:6b:07:74:b2:39:64:8f:86:
         dc:b8:f5:bd:6f:c9:36:a0:7d:88:2b:95:22:f1:89:5e:09:7d:
         5c:da:a7:2a:31:99:ef:32:ec:d5:ca:9d:0d:07:5f:ef:1b:d5:
         19:53:3a:b6:3c:fb:08:41:ee:fb:10:93:fa:d3:83:07:99:59:
         29:ca:aa:aa:6b:d1:0d:a4:88:8d:e2:aa:32:f6:cd:c2:dc:4c:
         df:a6:48:7a:ba:a5:5f:1e:ba:02:f9:35:77:80:10:b0:2d:b4:
         80:a5:ec:cd:6c:1f:4f:f8:a6:a8:a9:8c:82:ef:5f:dd:6b:e4:
         f6:b9:da:4c:c6:75:98:35:ca:a8:7c:3c:4a:44:b5:c9:c4:5b:
         29:ae:ef:f0:51:dc:df:c9:44:0d:24:b9:87:3f:ad:58:25:18:
         f8:e4:fb:5b:2d:1f:c1:77:3d:2e:c6:9e:79:66:f3:1f:6f:90:
         b0:1a:ad:4f:ed:3b:af:cf:db:4d:76:9f:64:87:d1:af:6e:51:
         c6:6d:71:9b:1c:79:9c:18:06:b3:1c:c9:9a:64:f2:3a:3a:bd:
         48:6e:c9:bc:56:06:83:06:52:a1:46:43:c1:92:f3:76:52:56:
         b4:c6:e6:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwAogU8k0Getn1kfED4FAvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzY4MDBkNzRiYzQxMDViNDBlNzdlYTA4NWJhMDI2ZGJl
ZWMzNWYwHhcNMjMwMTAyMDEwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjc5Y2UyMjhiNWE1ZmEwYzUzMTg4OGU0Nzc0NjVhMDk1NzAzODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXUpYtOm9J/SMMF5pToxYNTXBBwb
rHnxRlVkzlTtim/fRJEu3Ju6+68mrnOfrIPxuiIsD3+b76SYZpuCxeILKYhreq8I
MhK9iZ9U0LJOoaSXt3/ZZXU5prq9qR70CcUc/osjrXlkUFPbY8pJiPn6UCQh+r72
YgIWtakpfOpF8pYdgjedR1/t3ej5HAi0f26lNiACqQHmk7R4g1ExUJd/CA50DQmr
B7KnAKEpPW08hfd8z7bIE8KZkWx0i01cN4t7x2dUnQnugCpqkL0++JVVKZ+sXtLG
XbsyTape3hC+N6t7ur4JRqG3huMaFaJjINy9X+JgPjW2ouBR0Xgza5XtsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM95ziKLWl+gxTGIjkd0ZaCVcDiHMB8GA1UdIwQY
MBaAFCjGgA10vEEFtA536ghboCbb7sNfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01hQURYUzhRUVcwRG5mcUNGdWdKdHZ1dzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8yNDI5MTEtOTNjMC00NWU3LTkwMTIt
NDkzOWJiZmRmYjg2LzEvejNuT0lvdGFYNkRGTVlpT1IzUmxvSlZ3T0ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8yNDI5MTEtOTNjMC00NWU3LTkwMTItNDkzOWJiZmRmYjg2
LzEvS01hQURYUzhRUVcwRG5mcUNGdWdKdHZ1dzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZHoMA0G
CSqGSIb3DQEBCwUAA4IBAQAVFs2E39YcvPtYnBfExji8M5MFomJ9gMLVVUFxawd0
sjlkj4bcuPW9b8k2oH2IK5Ui8YleCX1c2qcqMZnvMuzVyp0NB1/vG9UZUzq2PPsI
Qe77EJP604MHmVkpyqqqa9ENpIiN4qoy9s3C3Ezfpkh6uqVfHroC+TV3gBCwLbSA
pezNbB9P+KaoqYyC71/da+T2udpMxnWYNcqofDxKRLXJxFspru/wUdzfyUQNJLmH
P61YJRj45PtbLR/Bdz0uxp55ZvMfb5CwGq1P7Tuvz9tNdp9kh9GvblHGbXGbHHmc
GAazHMmaZPI6Or1Ibsm8VgaDBlKhRkPBkvN2Ula0xuZL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:47 2024 by rpki-client on console-ams.rpki-client.org