Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/qvI6p-8yPWZ-_MKCnQ4KhmMhhsQ.roa
File:                     qvI6p-8yPWZ-_MKCnQ4KhmMhhsQ.roa (raw, json)
Hash identifier:          mOKfgs0ebSiNNCSnSa/VI3Jvp4aZ5NrMh/4DdJSowwU=
Subject key identifier:   AA:F2:3A:A7:EF:32:3D:66:7E:FC:C2:82:9D:0E:0A:86:63:21:86:C4
Certificate issuer:       /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial:       0186ED116B2B2488D550007EF0A12FB96D14
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/qvI6p-8yPWZ-_MKCnQ4KhmMhhsQ.roa
Signing time:             Fri 17 Mar 2023 00:56:27 +0000
ROA not before:           Fri 17 Mar 2023 00:56:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21859
IP address blocks:        45.8.33.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:ed:11:6b:2b:24:88:d5:50:00:7e:f0:a1:2f:b9:6d:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
        Validity
            Not Before: Mar 17 00:56:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aaf23aa7ef323d667efcc2829d0e0a86632186c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:7c:aa:02:39:96:c4:78:86:27:26:ac:e0:cf:
                    94:b7:4d:4c:55:f7:11:50:54:39:be:dd:04:0e:0e:
                    32:6f:dd:45:e9:8f:2f:fb:1b:bf:dd:2c:c6:12:d3:
                    bf:a6:35:e6:57:51:3e:e6:6c:b7:64:d0:e7:ff:cf:
                    21:2c:a6:47:91:85:2b:de:db:1e:e1:cc:7e:49:33:
                    6d:5d:22:21:79:d0:18:37:70:c0:b8:1d:c7:27:80:
                    a3:fe:f1:e4:a6:5f:b9:e6:f7:c2:e9:34:97:b2:6f:
                    43:69:fb:63:b9:75:ad:c8:64:1f:45:55:51:5a:bc:
                    fe:45:1c:e6:e3:29:0c:ba:b8:27:69:67:0d:7f:6a:
                    ea:36:69:32:b7:05:e8:ef:c2:03:8d:fd:c0:98:3c:
                    36:55:18:19:81:70:8c:43:03:c2:b6:19:8d:9b:94:
                    e4:3d:09:4b:e7:9d:9a:f2:b4:8c:98:f5:37:39:dd:
                    79:c1:b2:79:e4:e3:4b:16:d4:0b:78:93:81:5d:25:
                    f7:ae:b3:9e:ff:ec:98:47:00:19:dc:23:21:35:97:
                    00:1b:35:4c:44:51:84:58:39:5b:b0:be:36:06:6c:
                    fa:67:80:10:22:3e:10:6a:60:d3:d8:57:be:11:bb:
                    18:5a:f7:5c:ca:19:78:bb:b2:45:bb:e7:66:a8:06:
                    7f:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:F2:3A:A7:EF:32:3D:66:7E:FC:C2:82:9D:0E:0A:86:63:21:86:C4
            X509v3 Authority Key Identifier:
                keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/qvI6p-8yPWZ-_MKCnQ4KhmMhhsQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:45:e2:ed:49:ea:0a:97:aa:90:9f:99:78:cb:dd:a0:9f:5c:
         7f:d1:b0:95:52:27:8d:be:10:86:3c:e9:74:b8:ea:87:cf:12:
         41:4d:b6:1b:4c:e1:e2:83:74:a0:cf:9d:ef:03:c8:c7:0e:0b:
         09:10:47:9f:f7:c3:aa:38:06:70:72:6f:8e:1b:7e:fa:7d:93:
         4c:a8:7b:0d:d0:11:b5:33:a6:5f:79:99:8c:1d:8d:0a:28:94:
         8a:13:8d:c4:88:c8:d9:4a:d1:49:23:a6:ad:23:7e:e4:1f:3d:
         90:8f:f2:57:0c:76:bc:1e:8e:9a:04:28:2e:99:33:cc:4f:2d:
         18:b8:89:df:8a:5e:ac:8f:30:4d:3d:5b:6e:4b:3e:47:d7:4c:
         f7:13:fd:6a:c1:a6:f0:13:2a:3c:6b:2e:95:a8:33:8b:6c:85:
         d6:6e:1c:c9:fd:4c:78:8f:a9:44:52:d8:a3:40:5c:85:31:0c:
         69:de:ab:08:f8:b9:a9:1d:08:35:28:b0:d1:8d:33:1b:8c:95:
         30:9a:fb:b4:ba:37:33:86:bb:21:7d:7c:a3:2a:10:f5:48:a3:
         ab:0e:3c:f0:0e:77:b9:64:a6:22:a3:fa:50:a2:04:71:6a:29:
         44:54:b9:07:4f:c4:4d:8f:64:14:7b:ae:12:d2:1a:16:9a:7e:
         a0:f0:64:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbtEWsrJIjVUAB+8KEvuW0UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMwMzE3MDA1NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWYyM2FhN2VmMzIzZDY2N2VmY2MyODI5ZDBlMGE4NjYzMjE4NmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHyqAjmWxHiGJyas4M+Ut01MVfcR
UFQ5vt0EDg4yb91F6Y8v+xu/3SzGEtO/pjXmV1E+5my3ZNDn/88hLKZHkYUr3tse
4cx+STNtXSIhedAYN3DAuB3HJ4Cj/vHkpl+55vfC6TSXsm9DaftjuXWtyGQfRVVR
Wrz+RRzm4ykMurgnaWcNf2rqNmkytwXo78IDjf3AmDw2VRgZgXCMQwPCthmNm5Tk
PQlL552a8rSMmPU3Od15wbJ55ONLFtQLeJOBXSX3rrOe/+yYRwAZ3CMhNZcAGzVM
RFGEWDlbsL42Bmz6Z4AQIj4QamDT2Fe+EbsYWvdcyhl4u7JFu+dmqAZ/bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKryOqfvMj1mfvzCgp0OCoZjIYbEMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvcXZJNnAtOHlQV1otX01LQ25RNEtobU1oaHNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQghMA0G
CSqGSIb3DQEBCwUAA4IBAQCCReLtSeoKl6qQn5l4y92gn1x/0bCVUieNvhCGPOl0
uOqHzxJBTbYbTOHig3Sgz53vA8jHDgsJEEef98OqOAZwcm+OG376fZNMqHsN0BG1
M6ZfeZmMHY0KKJSKE43EiMjZStFJI6atI37kHz2Qj/JXDHa8Ho6aBCgumTPMTy0Y
uInfil6sjzBNPVtuSz5H10z3E/1qwabwEyo8ay6VqDOLbIXWbhzJ/Ux4j6lEUtij
QFyFMQxp3qsI+LmpHQg1KLDRjTMbjJUwmvu0ujczhrshfXyjKhD1SKOrDjzwDne5
ZKYio/pQogRxailEVLkHT8RNj2QUe64S0hoWmn6g8GTR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:48 2024 by rpki-client on console-fra.rpki-client.org