Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/1-j2sDB_l-ml0aWAEO2rnNLYOZMI.roa
File:                     1-j2sDB_l-ml0aWAEO2rnNLYOZMI.roa (raw, json)
Hash identifier:          J6fjInNeTjB6LXYD6O9mTcSEmlXzev8Q2+z7A4to3lA=
Subject key identifier:   FA:3D:AC:0C:1F:E5:FA:69:74:69:60:04:3B:6A:E7:34:B6:0E:64:C2
Certificate issuer:       /CN=3718b734349bf327d9453b96501e44b192e55142
Certificate serial:       01856FC28AF875383E6B3E8490ECE9AD3786
Authority key identifier: 37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/1-j2sDB_l-ml0aWAEO2rnNLYOZMI.roa
Signing time:             Sun 01 Jan 2023 23:54:58 +0000
ROA not before:           Sun 01 Jan 2023 23:54:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399641
IP address blocks:        45.132.26.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:32:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:c2:8a:f8:75:38:3e:6b:3e:84:90:ec:e9:ad:37:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3718b734349bf327d9453b96501e44b192e55142
        Validity
            Not Before: Jan  1 23:54:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fa3dac0c1fe5fa69746960043b6ae734b60e64c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:77:52:b7:b0:0a:81:a9:95:cf:8f:f2:b5:13:
                    92:83:f4:82:33:b4:89:a5:84:59:7c:46:50:ed:3b:
                    26:d1:ff:85:6e:06:9b:6e:11:46:65:84:b0:d0:c5:
                    34:e1:13:3d:a2:9d:20:9c:82:6a:7b:26:7a:0e:40:
                    d9:fb:7b:b3:e1:da:44:db:60:1f:84:e8:70:f7:96:
                    cd:5b:88:5d:32:8b:59:54:d5:11:0e:07:92:32:3c:
                    b0:ab:bf:e9:37:c3:c1:e3:b1:43:1a:da:5c:62:f9:
                    e6:8b:61:92:f9:22:08:ce:95:46:ca:1c:27:1e:e6:
                    32:00:d0:b8:86:eb:ac:c9:f9:7e:28:ac:7a:fd:67:
                    eb:71:89:67:d7:f1:e6:88:11:4c:62:c2:3a:ea:40:
                    b2:b5:18:1f:c0:ee:b9:b1:bf:d8:69:a2:ba:19:16:
                    fa:62:1d:62:4b:f9:be:f7:49:72:1b:1d:cc:e7:b1:
                    c4:f7:15:a1:38:04:93:dc:18:f5:45:f0:e4:29:f3:
                    98:85:3c:6c:1e:a4:e1:dd:70:7b:01:69:b6:88:b8:
                    a6:e2:e4:34:07:c1:1f:aa:43:b5:21:1d:73:a4:e2:
                    f2:da:33:32:f6:d8:f5:ae:34:c3:03:2f:85:35:57:
                    de:c2:c2:c0:94:c3:51:27:8d:bc:07:c9:82:29:b6:
                    ff:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:3D:AC:0C:1F:E5:FA:69:74:69:60:04:3B:6A:E7:34:B6:0E:64:C2
            X509v3 Authority Key Identifier:
                keyid:37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/1-j2sDB_l-ml0aWAEO2rnNLYOZMI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.132.26.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:94:7d:03:a1:f5:76:c6:5c:e1:7d:c0:1e:9a:37:e7:99:a5:
         8b:67:27:75:bd:5a:4a:14:84:00:25:8d:1a:4e:12:e7:17:88:
         38:0c:9b:4e:c0:58:c1:11:4e:4a:54:75:77:7a:d8:9f:6e:85:
         3f:1a:36:b0:c3:25:f9:fe:56:ba:ca:a5:88:9c:92:88:c9:dc:
         26:11:28:fc:3e:90:09:d7:68:ac:96:1e:3b:48:2e:81:2e:7f:
         f4:14:e0:ce:0c:9b:80:22:7c:90:6d:58:e2:50:fd:f1:bd:be:
         41:41:e8:a4:3f:f6:72:17:d1:7b:4c:98:a4:fc:0e:8f:63:99:
         be:2a:1f:4a:ca:73:5c:e2:a1:2b:6b:b5:e9:84:1e:2a:74:a6:
         c1:0d:ce:af:28:2d:bb:74:c5:73:fc:f1:f5:d4:ec:42:68:a5:
         58:38:de:c3:ed:16:b7:90:db:b0:aa:85:67:f8:93:4a:13:7d:
         1a:3a:ca:77:a3:a0:63:f8:b3:12:7e:9b:c2:b0:30:42:c0:49:
         85:55:3a:99:49:d1:6f:5f:f5:b3:d6:ec:91:48:f6:14:1f:8d:
         1b:ad:91:ae:df:ab:81:a0:12:c0:ae:42:19:c4:7b:27:35:4c:
         eb:ae:88:cf:eb:02:86:dc:d9:ed:39:4c:30:dc:96:ba:61:57:
         87:ad:bf:bb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvwor4dTg+az6EkOzprTeGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MThiNzM0MzQ5YmYzMjdkOTQ1M2I5NjUwMWU0NGIxOTJl
NTUxNDIwHhcNMjMwMTAxMjM1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTNkYWMwYzFmZTVmYTY5NzQ2OTYwMDQzYjZhZTczNGI2MGU2NGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAondSt7AKgamVz4/ytROSg/SCM7SJ
pYRZfEZQ7Tsm0f+FbgabbhFGZYSw0MU04RM9op0gnIJqeyZ6DkDZ+3uz4dpE22Af
hOhw95bNW4hdMotZVNURDgeSMjywq7/pN8PB47FDGtpcYvnmi2GS+SIIzpVGyhwn
HuYyANC4huusyfl+KKx6/WfrcYln1/HmiBFMYsI66kCytRgfwO65sb/YaaK6GRb6
Yh1iS/m+90lyGx3M57HE9xWhOAST3Bj1RfDkKfOYhTxsHqTh3XB7AWm2iLim4uQ0
B8EfqkO1IR1zpOLy2jMy9tj1rjTDAy+FNVfewsLAlMNRJ428B8mCKbb/vQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPo9rAwf5fppdGlgBDtq5zS2DmTCMB8GA1UdIwQY
MBaAFDcYtzQ0m/Mn2UU7llAeRLGS5VFCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjct
YzgyM2NjOGYzODM3LzEvMS1qMnNEQl9sLW1sMGFXQUVPMnJuTkxZT1pNSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODMvN2JmOGE4LWU0OWMtNDA2ZS04ZWI3LWM4MjNjYzhmMzgz
Ny8xL054aTNORFNiOHlmWlJUdVdVQjVFc1pMbFVVSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2EGjAN
BgkqhkiG9w0BAQsFAAOCAQEAcZR9A6H1dsZc4X3AHpo355mli2cndb1aShSEACWN
Gk4S5xeIOAybTsBYwRFOSlR1d3rYn26FPxo2sMMl+f5WusqliJySiMncJhEo/D6Q
CddorJYeO0gugS5/9BTgzgybgCJ8kG1Y4lD98b2+QUHopD/2chfRe0yYpPwOj2OZ
viofSspzXOKhK2u16YQeKnSmwQ3Orygtu3TFc/zx9dTsQmilWDjew+0Wt5DbsKqF
Z/iTShN9GjrKd6OgY/izEn6bwrAwQsBJhVU6mUnRb1/1s9bskUj2FB+NG62Rrt+r
gaASwK5CGcR7JzVM666Iz+sChtzZ7TlMMNyWumFXh62/uw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:04 2024 by rpki-client on console-ams.rpki-client.org