Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/nQfVwOwOQSCFOt0G9o1N8zh1omw.roa
File:                     nQfVwOwOQSCFOt0G9o1N8zh1omw.roa (raw, json)
Hash identifier:          n0oLnuFKF8Q7y2/y4gMFUPXlUCwpGdxUP5gRZqzwivo=
Subject key identifier:   9D:07:D5:C0:EC:0E:41:20:85:3A:DD:06:F6:8D:4D:F3:38:75:A2:6C
Certificate issuer:       /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial:       0189DF34F8EA00A7E118900369A63BD1A7BB
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/nQfVwOwOQSCFOt0G9o1N8zh1omw.roa
Signing time:             Thu 10 Aug 2023 11:28:58 +0000
ROA not before:           Thu 10 Aug 2023 11:28:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6718
IP address blocks:        45.250.64.0/22 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:df:34:f8:ea:00:a7:e1:18:90:03:69:a6:3b:d1:a7:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
        Validity
            Not Before: Aug 10 11:28:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9d07d5c0ec0e4120853add06f68d4df33875a26c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:2f:09:b0:95:b4:46:53:17:29:08:e9:82:5e:
                    ab:15:bf:c9:26:8a:64:f0:07:5b:45:a4:27:27:d4:
                    37:73:b9:06:53:ac:c4:8d:fa:8b:b4:2d:5b:74:eb:
                    f8:39:98:41:63:90:52:f8:24:7f:4f:5f:e3:32:f5:
                    1b:26:20:48:71:52:0e:ba:c9:bd:24:d7:01:17:4c:
                    42:0c:2e:d0:5b:6a:b7:52:8e:fe:59:4f:17:a2:a2:
                    2b:1d:62:48:c2:ce:d3:c5:17:19:6b:98:bb:fc:d5:
                    27:88:a5:a0:bb:3b:91:6e:7e:cd:3b:c5:96:ef:ac:
                    df:e1:c5:a5:e3:0b:ba:a1:25:41:62:7e:73:27:58:
                    7c:2b:0a:0b:37:59:ea:f5:90:6a:bb:72:76:ea:6e:
                    e1:27:38:d9:b9:54:5a:cf:ba:48:7e:e1:6c:cf:b4:
                    1e:ec:24:d4:79:9e:78:64:3f:13:5c:6a:62:a2:9b:
                    0a:b1:a4:28:86:c5:f7:1d:34:7a:94:36:fc:13:3c:
                    70:31:a7:8c:ed:8b:30:76:13:0e:68:99:e7:1f:db:
                    0b:d4:21:4c:c5:42:ff:51:f6:06:53:98:88:48:31:
                    2b:6a:0a:73:51:ab:25:ac:61:65:6d:34:4c:1f:95:
                    fe:85:99:93:d1:85:19:64:4b:01:43:25:a3:9d:d4:
                    72:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:07:D5:C0:EC:0E:41:20:85:3A:DD:06:F6:8D:4D:F3:38:75:A2:6C
            X509v3 Authority Key Identifier:
                keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/nQfVwOwOQSCFOt0G9o1N8zh1omw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.250.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ab:89:b1:3e:04:7f:a9:bb:ed:12:1b:cc:5c:57:9a:95:19:f2:
         87:cb:39:17:0f:23:00:5d:53:c5:54:df:b6:bd:3c:ab:f7:18:
         ce:1a:4f:d7:38:dd:d7:b3:6c:83:77:8b:c9:f2:8f:ae:6f:65:
         b8:70:cc:38:a1:13:07:60:47:00:38:4d:b7:d3:83:d8:cd:0c:
         06:af:08:a7:62:d4:48:d7:60:72:e8:31:9f:18:af:da:78:72:
         93:9e:cc:a2:c1:31:9a:ea:28:0e:76:35:df:25:1c:4f:65:fb:
         1e:49:16:c8:8e:3e:23:d6:1d:4c:13:f6:98:6e:39:75:59:8b:
         1b:ca:20:e2:55:ee:af:ed:61:c8:5d:0f:79:d2:a9:70:8e:4b:
         8d:36:70:35:50:69:53:1e:01:fb:70:8a:27:4b:a7:d9:d6:5c:
         39:68:24:57:8b:e7:e6:24:55:e3:ef:d6:8c:9f:64:30:c8:bf:
         2a:04:78:c8:f7:8c:5f:00:c7:9d:52:5d:17:94:0b:14:5d:03:
         5b:2e:d7:fc:84:bf:33:72:7f:e0:a6:2d:7e:34:f8:ec:4b:40:
         f5:43:d8:64:7f:65:b3:4e:5c:e3:b5:69:78:91:4e:24:a2:1f:
         3a:5b:96:74:30:ec:86:a0:2b:06:5c:33:85:15:66:22:8f:4b:
         67:a8:0a:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnfNPjqAKfhGJADaaY70ae7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDNhMmNhZjI5ODAxOWZiZDY2ODYyMTUxNmM4YzZlMWQx
MGU4M2MwHhcNMjMwODEwMTEyODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDA3ZDVjMGVjMGU0MTIwODUzYWRkMDZmNjhkNGRmMzM4NzVhMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsi8JsJW0RlMXKQjpgl6rFb/JJopk
8AdbRaQnJ9Q3c7kGU6zEjfqLtC1bdOv4OZhBY5BS+CR/T1/jMvUbJiBIcVIOusm9
JNcBF0xCDC7QW2q3Uo7+WU8XoqIrHWJIws7TxRcZa5i7/NUniKWguzuRbn7NO8WW
76zf4cWl4wu6oSVBYn5zJ1h8KwoLN1nq9ZBqu3J26m7hJzjZuVRaz7pIfuFsz7Qe
7CTUeZ54ZD8TXGpiopsKsaQohsX3HTR6lDb8EzxwMaeM7YswdhMOaJnnH9sL1CFM
xUL/UfYGU5iISDEragpzUaslrGFlbTRMH5X+hZmT0YUZZEsBQyWjndRy4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ0H1cDsDkEghTrdBvaNTfM4daJsMB8GA1UdIwQY
MBaAFGwDosrymAGfvWaGIVFsjG4dEOg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDkt
ZmMzN2ZiMGNkNDNiLzEvblFmVndPd09RU0NGT3QwRzlvMU44emgxb213LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDktZmMzN2ZiMGNkNDNi
LzEvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLfpAMA0G
CSqGSIb3DQEBCwUAA4IBAQCribE+BH+pu+0SG8xcV5qVGfKHyzkXDyMAXVPFVN+2
vTyr9xjOGk/XON3Xs2yDd4vJ8o+ub2W4cMw4oRMHYEcAOE2304PYzQwGrwinYtRI
12By6DGfGK/aeHKTnsyiwTGa6igOdjXfJRxPZfseSRbIjj4j1h1ME/aYbjl1WYsb
yiDiVe6v7WHIXQ950qlwjkuNNnA1UGlTHgH7cIonS6fZ1lw5aCRXi+fmJFXj79aM
n2QwyL8qBHjI94xfAMedUl0XlAsUXQNbLtf8hL8zcn/gpi1+NPjsS0D1Q9hkf2Wz
TlzjtWl4kU4koh86W5Z0MOyGoCsGXDOFFWYij0tnqAry
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:58 2024 by rpki-client on console-fra.rpki-client.org