Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/4CC2lIsPMRK5V8w4-PgKBrztd0o.roa
File:                     4CC2lIsPMRK5V8w4-PgKBrztd0o.roa (raw, json)
Hash identifier:          V1hFfl/TaUQezG4tzJ9fMCVlYu4QBfxXdvjWTso+1O0=
Subject key identifier:   E0:20:B6:94:8B:0F:31:12:B9:57:CC:38:F8:F8:0A:06:BC:ED:77:4A
Certificate issuer:       /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial:       01856F1DD4F56AFBAECFAF865D545FD51346
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/4CC2lIsPMRK5V8w4-PgKBrztd0o.roa
Signing time:             Sun 01 Jan 2023 20:55:04 +0000
ROA not before:           Sun 01 Jan 2023 20:55:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57848
IP address blocks:        45.131.152.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:1d:d4:f5:6a:fb:ae:cf:af:86:5d:54:5f:d5:13:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
        Validity
            Not Before: Jan  1 20:55:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e020b6948b0f3112b957cc38f8f80a06bced774a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:e1:69:23:de:f3:93:f9:1e:f2:47:8a:0a:40:
                    73:88:37:df:27:6f:0b:ab:d8:54:74:41:07:85:2d:
                    20:4a:42:65:0a:4d:dc:f0:d6:81:d1:98:1f:5a:98:
                    5c:b1:df:6d:89:97:1a:fd:d7:36:fa:64:c4:99:5e:
                    44:e5:ad:c9:3e:e5:b4:33:6c:0c:83:b8:6d:3d:ff:
                    64:b0:29:bf:6d:75:b5:38:5b:54:d6:22:35:bd:94:
                    bf:3f:a1:17:ba:43:dd:6f:10:ef:a7:b5:af:63:9f:
                    05:65:eb:3e:14:10:e2:b7:ea:e9:14:30:cb:6d:4b:
                    ce:76:4e:b1:be:76:8d:3e:bb:f0:83:0c:ac:84:63:
                    26:e6:e5:5b:e5:0f:6e:e8:9e:71:22:b6:d8:5b:b5:
                    95:44:50:36:c9:25:0b:f1:30:c5:45:7b:c3:24:f5:
                    88:73:e3:2d:0e:8b:df:54:ed:91:49:6c:ad:85:29:
                    ec:e2:8d:63:d7:ba:ec:da:57:4a:4c:74:01:81:59:
                    4d:35:45:f2:18:47:2a:a1:a6:5a:04:f0:40:29:3f:
                    ef:d6:eb:02:9d:34:5a:b8:9b:83:71:76:76:c3:aa:
                    fa:e5:97:77:b3:0d:16:83:99:bc:da:57:7b:55:4f:
                    5e:f9:a5:5d:56:5a:45:a2:15:59:6a:c6:00:96:45:
                    0d:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:20:B6:94:8B:0F:31:12:B9:57:CC:38:F8:F8:0A:06:BC:ED:77:4A
            X509v3 Authority Key Identifier:
                keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/4CC2lIsPMRK5V8w4-PgKBrztd0o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.131.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:09:4e:87:5d:c8:a2:a5:c8:5b:13:8a:16:70:35:35:71:0c:
         bf:96:70:89:28:08:0a:86:6f:c8:fc:a7:5f:ae:6a:be:85:26:
         25:f6:1c:6b:58:29:63:0c:6b:05:24:21:4f:28:fa:77:06:bc:
         e0:36:9b:66:0c:3f:35:a6:a3:92:1b:0a:bb:33:1e:03:0d:b9:
         24:57:61:e0:03:d7:bb:3e:12:a3:bd:90:18:f0:22:c6:08:6d:
         60:e3:6d:e1:bb:69:7c:ae:08:6a:b8:a8:ee:c1:28:7c:27:be:
         ec:cf:00:21:c8:67:e7:de:14:4d:58:df:9e:90:3f:6d:12:64:
         10:ce:1a:51:e2:4f:e1:5f:dc:74:c9:ff:f1:b1:36:5e:41:9d:
         41:c7:f3:73:85:39:3e:29:d7:05:5f:32:c9:42:40:5b:66:ec:
         7c:87:52:d3:27:6a:f2:b5:ee:ff:08:ac:d7:dd:b3:37:58:61:
         f3:86:c3:16:1a:e0:1a:7f:23:a2:5e:c7:b9:c3:48:0c:df:3e:
         4f:2d:8c:85:f4:7c:3b:f1:11:a1:69:33:88:b2:b6:bc:55:66:
         2e:e5:a5:14:07:81:a7:db:b7:92:c9:a0:b0:bf:95:16:65:11:
         46:3f:cd:4f:dc:6a:a0:09:2c:9f:e0:1c:8e:ab:b1:38:5c:72:
         64:54:45:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHdT1avuuz6+GXVRf1RNGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMwMTAxMjA1NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDIwYjY5NDhiMGYzMTEyYjk1N2NjMzhmOGY4MGEwNmJjZWQ3NzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+FpI97zk/ke8keKCkBziDffJ28L
q9hUdEEHhS0gSkJlCk3c8NaB0ZgfWphcsd9tiZca/dc2+mTEmV5E5a3JPuW0M2wM
g7htPf9ksCm/bXW1OFtU1iI1vZS/P6EXukPdbxDvp7WvY58FZes+FBDit+rpFDDL
bUvOdk6xvnaNPrvwgwyshGMm5uVb5Q9u6J5xIrbYW7WVRFA2ySUL8TDFRXvDJPWI
c+MtDovfVO2RSWythSns4o1j17rs2ldKTHQBgVlNNUXyGEcqoaZaBPBAKT/v1usC
nTRauJuDcXZ2w6r65Zd3sw0Wg5m82ld7VU9e+aVdVlpFohVZasYAlkUNAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOAgtpSLDzESuVfMOPj4Cga87XdKMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvNENDMmxJc1BNUks1Vjh3NC1QZ0tCcnp0ZDBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYOYMA0G
CSqGSIb3DQEBCwUAA4IBAQAlCU6HXciipchbE4oWcDU1cQy/lnCJKAgKhm/I/Kdf
rmq+hSYl9hxrWCljDGsFJCFPKPp3BrzgNptmDD81pqOSGwq7Mx4DDbkkV2HgA9e7
PhKjvZAY8CLGCG1g423hu2l8rghquKjuwSh8J77szwAhyGfn3hRNWN+ekD9tEmQQ
zhpR4k/hX9x0yf/xsTZeQZ1Bx/NzhTk+KdcFXzLJQkBbZux8h1LTJ2ryte7/CKzX
3bM3WGHzhsMWGuAafyOiXse5w0gM3z5PLYyF9Hw78RGhaTOIsra8VWYu5aUUB4Gn
27eSyaCwv5UWZRFGP81P3GqgCSyf4ByOq7E4XHJkVEWl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:46 2024 by rpki-client on console-ams.rpki-client.org