Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/4e198e-2f61-46f3-b5f6-06d6e947e38f/1/fJrd9Fl3TQ3eX0NZUgM_RJYTGMc.roa
File:                     fJrd9Fl3TQ3eX0NZUgM_RJYTGMc.roa (raw, json)
Hash identifier:          bKUdV/KdaVBsD6YJ9ORnX/PgxvQ6tewIEoPZDXNwC2s=
Subject key identifier:   7C:9A:DD:F4:59:77:4D:0D:DE:5F:43:59:52:03:3F:44:96:13:18:C7
Certificate issuer:       /CN=0589ee303ff7d0d557599fa04b293dc2b16bb4d4
Certificate serial:       0185708CA538A0ED34A768737B9A4677CA43
Authority key identifier: 05:89:EE:30:3F:F7:D0:D5:57:59:9F:A0:4B:29:3D:C2:B1:6B:B4:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BYnuMD_30NVXWZ-gSyk9wrFrtNQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/4e198e-2f61-46f3-b5f6-06d6e947e38f/1/fJrd9Fl3TQ3eX0NZUgM_RJYTGMc.roa
Signing time:             Mon 02 Jan 2023 03:35:43 +0000
ROA not before:           Mon 02 Jan 2023 03:35:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212570
IP address blocks:        45.132.147.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:30:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:8c:a5:38:a0:ed:34:a7:68:73:7b:9a:46:77:ca:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0589ee303ff7d0d557599fa04b293dc2b16bb4d4
        Validity
            Not Before: Jan  2 03:35:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7c9addf459774d0dde5f435952033f44961318c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:fd:35:46:9f:18:c0:1a:01:5e:fc:e5:a4:42:
                    49:a2:2b:a3:cf:e6:5d:65:c6:30:59:55:13:99:28:
                    d6:e2:94:35:73:4e:e8:10:75:27:81:e0:51:c1:a1:
                    4c:44:69:0a:dd:78:05:06:a1:25:e1:33:2c:e5:ee:
                    e9:51:5e:0c:8e:8f:23:0d:96:85:98:37:20:e6:80:
                    11:03:83:93:29:e0:44:51:9f:5e:2e:47:e5:da:51:
                    d2:aa:90:07:05:f2:70:22:03:4b:a0:f6:d4:22:95:
                    f4:bc:60:8c:11:7c:52:29:ef:62:d8:be:79:27:e9:
                    31:37:a1:8f:e9:36:06:aa:2a:62:6a:15:2b:4f:49:
                    e9:13:0a:5c:29:b2:59:1d:da:19:67:d9:1d:1e:53:
                    31:35:ee:46:84:81:71:a3:5a:27:bd:84:e0:55:7d:
                    c5:df:cd:6a:55:8b:73:30:d4:30:57:e6:f7:72:bc:
                    13:07:1b:c8:dd:1d:b3:4c:37:bd:e8:7e:26:13:7a:
                    bf:9a:14:39:c2:c6:6e:c4:5c:c9:3b:dd:66:4e:35:
                    87:9e:cc:0b:89:1b:86:f4:9c:ec:53:34:09:ac:48:
                    cc:cb:88:71:81:06:44:c9:46:c3:41:d1:d3:1e:31:
                    6e:62:9b:28:d4:d8:64:4d:fe:bf:ae:11:30:ab:e5:
                    0a:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:9A:DD:F4:59:77:4D:0D:DE:5F:43:59:52:03:3F:44:96:13:18:C7
            X509v3 Authority Key Identifier:
                keyid:05:89:EE:30:3F:F7:D0:D5:57:59:9F:A0:4B:29:3D:C2:B1:6B:B4:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BYnuMD_30NVXWZ-gSyk9wrFrtNQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4e198e-2f61-46f3-b5f6-06d6e947e38f/1/fJrd9Fl3TQ3eX0NZUgM_RJYTGMc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4e198e-2f61-46f3-b5f6-06d6e947e38f/1/BYnuMD_30NVXWZ-gSyk9wrFrtNQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.132.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:cb:9d:6a:08:5c:2d:86:4d:88:d6:05:fd:94:01:73:bc:5b:
         b4:24:67:66:9f:8b:c3:4f:95:b9:89:57:9d:e4:df:b7:21:9f:
         17:88:37:40:ed:2e:cc:57:24:e5:7f:33:6f:e4:79:2f:16:be:
         db:cc:40:6d:13:68:bb:d4:a4:9f:44:fc:11:82:74:7f:af:0f:
         95:52:e0:76:8d:68:95:30:1b:5c:8a:b9:2a:f1:9c:c1:8d:38:
         87:20:c9:e2:44:c7:f8:21:55:7b:5a:3e:98:d8:8e:64:75:28:
         04:8d:99:3d:ad:da:90:08:0f:08:3a:e2:88:d0:88:57:e7:8c:
         f5:17:61:5e:9e:9b:43:f0:69:97:b5:6d:7e:d8:60:84:cb:3a:
         4f:d2:35:0e:52:d4:9a:9d:78:25:58:6f:e4:50:fb:ed:35:cb:
         31:52:12:c2:f3:34:4c:d9:6d:94:7b:74:39:8c:26:bf:24:c2:
         59:3b:3a:9e:0e:93:56:e4:48:56:68:75:3b:d9:65:46:35:24:
         9b:03:e9:e0:33:1b:48:61:45:92:de:46:0e:d4:55:5a:81:52:
         d2:77:04:2e:b9:7a:53:61:af:0c:08:7a:41:16:07:58:fd:79:
         ec:44:95:0b:14:6d:e9:3b:f1:80:04:1c:c9:89:63:e4:cb:04:
         e2:1e:73:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjKU4oO00p2hze5pGd8pDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ODllZTMwM2ZmN2QwZDU1NzU5OWZhMDRiMjkzZGMyYjE2
YmI0ZDQwHhcNMjMwMTAyMDMzNTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzlhZGRmNDU5Nzc0ZDBkZGU1ZjQzNTk1MjAzM2Y0NDk2MTMxOGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/01Rp8YwBoBXvzlpEJJoiujz+Zd
ZcYwWVUTmSjW4pQ1c07oEHUngeBRwaFMRGkK3XgFBqEl4TMs5e7pUV4Mjo8jDZaF
mDcg5oARA4OTKeBEUZ9eLkfl2lHSqpAHBfJwIgNLoPbUIpX0vGCMEXxSKe9i2L55
J+kxN6GP6TYGqipiahUrT0npEwpcKbJZHdoZZ9kdHlMxNe5GhIFxo1onvYTgVX3F
381qVYtzMNQwV+b3crwTBxvI3R2zTDe96H4mE3q/mhQ5wsZuxFzJO91mTjWHnswL
iRuG9JzsUzQJrEjMy4hxgQZEyUbDQdHTHjFuYpso1NhkTf6/rhEwq+UKbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHya3fRZd00N3l9DWVIDP0SWExjHMB8GA1UdIwQY
MBaAFAWJ7jA/99DVV1mfoEspPcKxa7TUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlludU1EXzMwTlZYV1otZ1N5azl3ckZydE5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My80ZTE5OGUtMmY2MS00NmYzLWI1ZjYt
MDZkNmU5NDdlMzhmLzEvZkpyZDlGbDNUUTNlWDBOWlVnTV9SSllUR01jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My80ZTE5OGUtMmY2MS00NmYzLWI1ZjYtMDZkNmU5NDdlMzhm
LzEvQlludU1EXzMwTlZYV1otZ1N5azl3ckZydE5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYSTMA0G
CSqGSIb3DQEBCwUAA4IBAQB5y51qCFwthk2I1gX9lAFzvFu0JGdmn4vDT5W5iVed
5N+3IZ8XiDdA7S7MVyTlfzNv5HkvFr7bzEBtE2i71KSfRPwRgnR/rw+VUuB2jWiV
MBtcirkq8ZzBjTiHIMniRMf4IVV7Wj6Y2I5kdSgEjZk9rdqQCA8IOuKI0IhX54z1
F2FenptD8GmXtW1+2GCEyzpP0jUOUtSanXglWG/kUPvtNcsxUhLC8zRM2W2Ue3Q5
jCa/JMJZOzqeDpNW5EhWaHU72WVGNSSbA+ngMxtIYUWS3kYO1FVagVLSdwQuuXpT
Ya8MCHpBFgdY/XnsRJULFG3pO/GABBzJiWPkywTiHnOz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:16 2024 by rpki-client on console-ams.rpki-client.org