Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/5b9878-2080-4354-9592-b7231941fc3a/1/lVyIj8UVElCCfUrnURhXfVD6w8c.roa
File:                     lVyIj8UVElCCfUrnURhXfVD6w8c.roa (raw, json)
Hash identifier:          S1lsKdQVNGUURIWfpyq/rV2kgufD/+Rw3zFlYEIXWcI=
Subject key identifier:   95:5C:88:8F:C5:15:12:50:82:7D:4A:E7:51:18:57:7D:50:FA:C3:C7
Certificate issuer:       /CN=1662cfd26eccf289757399cc99c17d1cb4357535
Certificate serial:       018572CC8EAC3B3722AB25B317AE11566843
Authority key identifier: 16:62:CF:D2:6E:CC:F2:89:75:73:99:CC:99:C1:7D:1C:B4:35:75:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FmLP0m7M8ol1c5nMmcF9HLQ1dTU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/5b9878-2080-4354-9592-b7231941fc3a/1/lVyIj8UVElCCfUrnURhXfVD6w8c.roa
Signing time:             Mon 02 Jan 2023 14:04:46 +0000
ROA not before:           Mon 02 Jan 2023 14:04:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21473
IP address blocks:        45.148.216.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:cc:8e:ac:3b:37:22:ab:25:b3:17:ae:11:56:68:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1662cfd26eccf289757399cc99c17d1cb4357535
        Validity
            Not Before: Jan  2 14:04:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=955c888fc5151250827d4ae75118577d50fac3c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:f8:2d:3d:45:f1:bd:e8:b2:bb:1e:09:b1:be:
                    96:0e:d7:dc:66:72:43:ed:5f:00:29:1b:4d:ee:64:
                    7a:a7:d9:7a:18:e6:df:da:23:3e:ac:08:d6:1e:b7:
                    9e:9c:1a:6e:a6:ba:89:2c:60:54:6f:5b:46:aa:cb:
                    19:3a:2e:fe:13:9b:3c:25:39:24:56:d1:8c:43:8c:
                    a0:ce:b0:ad:f0:9b:66:9e:12:ba:b8:4c:48:3b:1d:
                    c4:19:4c:90:ba:a7:3d:01:21:e2:3c:64:a2:18:46:
                    e2:63:27:5d:92:c8:c2:75:fe:9b:07:dc:c2:ff:91:
                    04:ee:d4:5d:7e:af:b8:42:49:84:82:bb:af:a2:a5:
                    c5:db:f0:86:c2:85:f7:d3:b2:13:0d:37:0d:71:f4:
                    1b:f6:28:46:dd:ec:cb:a0:18:b0:a3:8e:30:8c:66:
                    6e:3a:a4:6d:6e:9c:53:2d:5c:26:ad:e6:33:b3:fc:
                    8b:bb:ef:e2:0e:7b:e0:38:ec:2e:c4:0b:cf:93:6d:
                    d5:e0:a3:02:24:23:b3:8a:7b:b4:09:3f:66:f9:49:
                    e7:f0:ac:ae:0c:44:e8:c1:df:a1:7f:3a:33:e8:2a:
                    24:ad:d4:f5:d6:ad:4c:ff:ca:56:f4:d2:59:86:f1:
                    89:24:71:c3:0c:3a:df:b8:90:f9:69:ab:84:65:aa:
                    87:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:5C:88:8F:C5:15:12:50:82:7D:4A:E7:51:18:57:7D:50:FA:C3:C7
            X509v3 Authority Key Identifier:
                keyid:16:62:CF:D2:6E:CC:F2:89:75:73:99:CC:99:C1:7D:1C:B4:35:75:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FmLP0m7M8ol1c5nMmcF9HLQ1dTU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/5b9878-2080-4354-9592-b7231941fc3a/1/lVyIj8UVElCCfUrnURhXfVD6w8c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/5b9878-2080-4354-9592-b7231941fc3a/1/FmLP0m7M8ol1c5nMmcF9HLQ1dTU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.148.216.0/23

    Signature Algorithm: sha256WithRSAEncryption
         d2:bd:6d:3f:89:e0:04:05:93:e3:d1:5e:5b:0a:63:e8:81:5a:
         7d:1c:65:62:12:43:0a:63:6f:47:8a:0a:66:24:e5:cd:39:04:
         60:b3:d9:a3:b7:07:27:c7:0c:2b:26:0d:36:b1:04:f1:ba:1d:
         c0:27:7f:d6:28:4a:40:e0:6b:b8:24:53:91:22:52:78:e4:47:
         0f:a7:7d:52:59:b2:e7:87:da:11:ec:e5:2e:b5:58:77:8b:87:
         ff:90:f9:6e:90:52:5d:28:a0:32:8b:f2:83:6c:ac:d9:09:a5:
         d6:44:e1:cf:b0:f5:f0:ab:2a:e1:43:68:1d:2f:fb:99:17:b9:
         db:02:4c:ae:54:6f:81:56:69:80:52:aa:d0:6a:5c:52:4b:f9:
         25:08:38:cf:ad:0a:d6:89:7e:95:ec:3d:3f:19:a9:d1:86:75:
         9d:9e:0f:05:e5:28:71:2a:d8:72:1b:96:2f:99:7d:cb:1b:d9:
         38:8c:fa:aa:96:66:90:a4:3f:74:d4:aa:1b:f8:f3:c7:85:74:
         b4:da:bf:5d:39:65:98:43:94:e2:59:87:ab:9e:ea:10:14:76:
         40:09:35:c2:2c:44:8a:f2:68:85:c7:33:4a:e5:1d:d4:d8:fe:
         c3:8a:f5:21:cb:22:d9:90:3c:f0:00:a5:83:66:e6:63:e0:00:
         27:2a:a9:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyzI6sOzciqyWzF64RVmhDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NjJjZmQyNmVjY2YyODk3NTczOTljYzk5YzE3ZDFjYjQz
NTc1MzUwHhcNMjMwMTAyMTQwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTVjODg4ZmM1MTUxMjUwODI3ZDRhZTc1MTE4NTc3ZDUwZmFjM2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvgtPUXxveiyux4Jsb6WDtfcZnJD
7V8AKRtN7mR6p9l6GObf2iM+rAjWHreenBpuprqJLGBUb1tGqssZOi7+E5s8JTkk
VtGMQ4ygzrCt8JtmnhK6uExIOx3EGUyQuqc9ASHiPGSiGEbiYyddksjCdf6bB9zC
/5EE7tRdfq+4QkmEgruvoqXF2/CGwoX307ITDTcNcfQb9ihG3ezLoBiwo44wjGZu
OqRtbpxTLVwmreYzs/yLu+/iDnvgOOwuxAvPk23V4KMCJCOzinu0CT9m+Unn8Kyu
DETowd+hfzoz6CokrdT11q1M/8pW9NJZhvGJJHHDDDrfuJD5aauEZaqHmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJVciI/FFRJQgn1K51EYV31Q+sPHMB8GA1UdIwQY
MBaAFBZiz9JuzPKJdXOZzJnBfRy0NXU1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm1MUDBtN004b2wxYzVuTW1jRjlITFExZFRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My81Yjk4NzgtMjA4MC00MzU0LTk1OTIt
YjcyMzE5NDFmYzNhLzEvbFZ5SWo4VVZFbENDZlVyblVSaFhmVkQ2dzhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My81Yjk4NzgtMjA4MC00MzU0LTk1OTItYjcyMzE5NDFmYzNh
LzEvRm1MUDBtN004b2wxYzVuTW1jRjlITFExZFRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZTYMA0G
CSqGSIb3DQEBCwUAA4IBAQDSvW0/ieAEBZPj0V5bCmPogVp9HGViEkMKY29Higpm
JOXNOQRgs9mjtwcnxwwrJg02sQTxuh3AJ3/WKEpA4Gu4JFORIlJ45EcPp31SWbLn
h9oR7OUutVh3i4f/kPlukFJdKKAyi/KDbKzZCaXWROHPsPXwqyrhQ2gdL/uZF7nb
AkyuVG+BVmmAUqrQalxSS/klCDjPrQrWiX6V7D0/GanRhnWdng8F5ShxKthyG5Yv
mX3LG9k4jPqqlmaQpD901Kob+PPHhXS02r9dOWWYQ5TiWYernuoQFHZACTXCLESK
8miFxzNK5R3U2P7DivUhyyLZkDzwAKWDZuZj4AAnKqk9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:02 2024 by rpki-client on console-ams.rpki-client.org