Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/fb5cde-9e0e-4586-aff1-9552d54afffe/1/r3sWqXJhUq9oqNZADDDp1z-B_aM.roa
File:                     r3sWqXJhUq9oqNZADDDp1z-B_aM.roa (raw, json)
Hash identifier:          KYn8jh3hKWBzODBP2zzxQ/gPzgA8KOMhhdSIx4af6Zo=
Subject key identifier:   AF:7B:16:A9:72:61:52:AF:68:A8:D6:40:0C:30:E9:D7:3F:81:FD:A3
Certificate issuer:       /CN=16ec858faa2fc7816eb22903d909f9a3fbbc1660
Certificate serial:       01856CF83B062F04FC72F4468F1593F13A5E
Authority key identifier: 16:EC:85:8F:AA:2F:C7:81:6E:B2:29:03:D9:09:F9:A3:FB:BC:16:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FuyFj6ovx4FusikD2Qn5o_u8FmA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/fb5cde-9e0e-4586-aff1-9552d54afffe/1/r3sWqXJhUq9oqNZADDDp1z-B_aM.roa
Signing time:             Sun 01 Jan 2023 10:54:45 +0000
ROA not before:           Sun 01 Jan 2023 10:54:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     24904
IP address blocks:        45.128.40.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:f8:3b:06:2f:04:fc:72:f4:46:8f:15:93:f1:3a:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16ec858faa2fc7816eb22903d909f9a3fbbc1660
        Validity
            Not Before: Jan  1 10:54:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=af7b16a9726152af68a8d6400c30e9d73f81fda3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:62:f7:54:bb:56:16:be:1a:8f:d0:94:38:4e:
                    a8:d9:b9:16:44:a8:dd:21:a3:dc:58:5a:18:a6:14:
                    01:ac:c4:ec:d7:0f:0c:3e:3c:52:e3:a2:1b:3c:cb:
                    b3:d6:c7:fe:67:94:dd:92:b8:78:17:bc:e2:ce:31:
                    f9:69:5d:f9:06:82:f3:35:d3:79:5f:75:50:9e:36:
                    15:c0:fd:6f:8d:a5:29:26:a1:9d:f2:1a:28:dc:e1:
                    cc:2b:94:23:83:3b:05:3d:dd:b0:6f:70:15:d6:5e:
                    df:85:f1:75:9c:9e:ac:ea:91:06:6c:8b:80:66:ee:
                    01:48:97:ef:c7:42:77:c4:ca:cc:49:07:59:a7:38:
                    4c:4d:89:c6:61:0c:4c:4b:f6:d5:c3:11:5d:e8:9b:
                    8e:15:e9:dc:80:82:8d:11:97:0b:0e:c6:49:61:de:
                    26:77:8b:9b:89:82:66:eb:33:64:a9:6a:0d:e7:71:
                    02:7f:f9:74:34:26:f5:2c:9e:34:3c:fd:d4:10:2a:
                    4c:36:29:27:3a:8f:2e:9a:f6:8f:64:f2:8c:60:f4:
                    bd:e8:0c:05:9e:90:98:f9:57:38:1e:e6:5e:63:cb:
                    31:a7:c3:89:5f:ba:54:dd:fc:56:98:e3:fa:28:2a:
                    5e:af:2d:9a:c5:33:9b:59:70:36:d8:25:74:ec:cf:
                    9a:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:7B:16:A9:72:61:52:AF:68:A8:D6:40:0C:30:E9:D7:3F:81:FD:A3
            X509v3 Authority Key Identifier:
                keyid:16:EC:85:8F:AA:2F:C7:81:6E:B2:29:03:D9:09:F9:A3:FB:BC:16:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FuyFj6ovx4FusikD2Qn5o_u8FmA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/fb5cde-9e0e-4586-aff1-9552d54afffe/1/r3sWqXJhUq9oqNZADDDp1z-B_aM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/fb5cde-9e0e-4586-aff1-9552d54afffe/1/FuyFj6ovx4FusikD2Qn5o_u8FmA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.128.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3f:52:fa:1b:88:03:1d:17:74:4a:19:29:52:21:77:c4:09:a9:
         94:1c:44:34:10:5b:91:9c:fd:51:07:66:dd:a8:a8:0b:bf:61:
         3e:d8:c4:79:a1:59:36:f5:8b:f3:ec:01:d3:1d:ba:7c:b4:d2:
         5e:a1:dd:37:09:83:3e:3f:60:de:d2:ef:b3:0e:57:fc:ab:63:
         b3:dc:91:d1:43:59:cd:c4:26:ba:35:3f:62:04:26:6e:d4:a9:
         f6:fa:e3:04:b3:7c:56:f6:a0:b9:7f:e2:f9:e1:12:a7:47:3d:
         dd:cd:1c:ba:bf:29:2c:0f:15:fe:8a:ed:a0:2e:ba:40:e9:78:
         da:b1:29:1a:b1:8e:db:36:fb:6f:5d:7b:ad:36:32:9e:55:e5:
         06:a1:e7:f2:d1:69:4c:1f:df:ac:96:e2:2d:6e:9c:60:21:7e:
         6d:e9:ba:74:ef:79:c7:cb:b1:b6:64:01:c8:e1:c7:fd:21:cd:
         53:ca:b2:c0:30:9c:85:e8:e2:91:a9:35:a1:06:7e:89:4e:70:
         f7:39:de:a5:12:48:24:65:c3:c6:6b:3a:29:86:70:da:d2:a0:
         e0:a8:80:44:03:27:54:f2:f4:11:d6:40:2c:dd:5f:d2:7d:34:
         80:a5:7e:bc:ed:ed:67:2f:18:0f:3f:23:37:34:5f:3b:b7:83:
         21:5e:9f:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs+DsGLwT8cvRGjxWT8TpeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ZWM4NThmYWEyZmM3ODE2ZWIyMjkwM2Q5MDlmOWEzZmJi
YzE2NjAwHhcNMjMwMTAxMTA1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjdiMTZhOTcyNjE1MmFmNjhhOGQ2NDAwYzMwZTlkNzNmODFmZGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWL3VLtWFr4aj9CUOE6o2bkWRKjd
IaPcWFoYphQBrMTs1w8MPjxS46IbPMuz1sf+Z5Tdkrh4F7zizjH5aV35BoLzNdN5
X3VQnjYVwP1vjaUpJqGd8hoo3OHMK5QjgzsFPd2wb3AV1l7fhfF1nJ6s6pEGbIuA
Zu4BSJfvx0J3xMrMSQdZpzhMTYnGYQxMS/bVwxFd6JuOFencgIKNEZcLDsZJYd4m
d4ubiYJm6zNkqWoN53ECf/l0NCb1LJ40PP3UECpMNiknOo8umvaPZPKMYPS96AwF
npCY+Vc4HuZeY8sxp8OJX7pU3fxWmOP6KCpery2axTObWXA22CV07M+a1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK97FqlyYVKvaKjWQAww6dc/gf2jMB8GA1UdIwQY
MBaAFBbshY+qL8eBbrIpA9kJ+aP7vBZgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnV5Rmo2b3Z4NEZ1c2lrRDJRbjVvX3U4Rm1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9mYjVjZGUtOWUwZS00NTg2LWFmZjEt
OTU1MmQ1NGFmZmZlLzEvcjNzV3FYSmhVcTlvcU5aQURERHAxei1CX2FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9mYjVjZGUtOWUwZS00NTg2LWFmZjEtOTU1MmQ1NGFmZmZl
LzEvRnV5Rmo2b3Z4NEZ1c2lrRDJRbjVvX3U4Rm1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYAoMA0G
CSqGSIb3DQEBCwUAA4IBAQA/UvobiAMdF3RKGSlSIXfECamUHEQ0EFuRnP1RB2bd
qKgLv2E+2MR5oVk29Yvz7AHTHbp8tNJeod03CYM+P2De0u+zDlf8q2Oz3JHRQ1nN
xCa6NT9iBCZu1Kn2+uMEs3xW9qC5f+L54RKnRz3dzRy6vyksDxX+iu2gLrpA6Xja
sSkasY7bNvtvXXutNjKeVeUGoefy0WlMH9+sluItbpxgIX5t6bp073nHy7G2ZAHI
4cf9Ic1TyrLAMJyF6OKRqTWhBn6JTnD3Od6lEkgkZcPGazophnDa0qDgqIBEAydU
8vQR1kAs3V/SfTSApX687e1nLxgPPyM3NF87t4MhXp/m
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:26 2024 by rpki-client on console-fra.rpki-client.org