Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/21c61a-d6b1-4aca-9782-97348336f33a/1/sa2GL3kD9veHaC9__MB9IEQ5DrA.roa
File:                     sa2GL3kD9veHaC9__MB9IEQ5DrA.roa (raw, json)
Hash identifier:          lPUl1kSJmclI2bOql6S1M0Y6rUr4x0khZlTxRllptSI=
Subject key identifier:   B1:AD:86:2F:79:03:F6:F7:87:68:2F:7F:FC:C0:7D:20:44:39:0E:B0
Certificate issuer:       /CN=315955c4af3eb1a8d3400a86625e365c26298d6a
Certificate serial:       018B82F01D3F3F2E3E75B419EC1F427CC7CC
Authority key identifier: 31:59:55:C4:AF:3E:B1:A8:D3:40:0A:86:62:5E:36:5C:26:29:8D:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MVlVxK8-sajTQAqGYl42XCYpjWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/21c61a-d6b1-4aca-9782-97348336f33a/1/sa2GL3kD9veHaC9__MB9IEQ5DrA.roa
Signing time:             Mon 30 Oct 2023 23:34:16 +0000
ROA not before:           Mon 30 Oct 2023 23:34:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47160
IP address blocks:        176.124.40.0/22 maxlen: 24
                          45.147.208.0/22 maxlen: 24
                          2a0f:3400::/29 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:82:f0:1d:3f:3f:2e:3e:75:b4:19:ec:1f:42:7c:c7:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=315955c4af3eb1a8d3400a86625e365c26298d6a
        Validity
            Not Before: Oct 30 23:34:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b1ad862f7903f6f787682f7ffcc07d2044390eb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:b5:0b:b8:b2:b7:f5:48:f7:d7:1c:1c:69:bf:
                    65:c2:c2:6c:e2:5c:e9:f0:23:62:ef:40:b2:19:3d:
                    83:3c:c6:7f:a7:65:32:49:d1:97:65:0f:31:24:58:
                    b4:7b:27:37:88:bb:4e:bd:81:67:42:ae:c1:77:06:
                    fe:59:a7:1c:69:c2:8c:64:20:c3:1c:e9:20:6c:25:
                    90:92:c5:74:2a:ab:1b:90:90:78:e3:48:3d:79:60:
                    dd:df:fa:a3:f8:66:7d:89:6f:08:3e:33:68:07:82:
                    d0:40:aa:fb:31:47:5e:88:cc:21:7c:87:e2:77:d1:
                    41:76:90:ef:57:03:b0:18:04:23:75:e2:f0:15:c2:
                    bf:00:56:8d:8f:c5:61:13:e6:db:9e:05:30:48:2c:
                    d8:04:86:90:af:04:cf:6b:7c:12:40:35:d5:f7:25:
                    9d:de:7d:e3:c2:f7:fd:b3:fa:c3:9a:c2:a5:a9:c1:
                    e6:bb:08:1d:38:0a:36:bf:53:86:f0:fa:ff:bc:04:
                    a1:55:85:e0:d2:6f:e7:a2:56:fa:44:01:81:00:1e:
                    8c:4b:7e:97:44:c4:f6:2c:b5:f8:97:6f:4b:bf:21:
                    d6:97:8b:ab:0d:31:ae:bb:f2:2a:d3:a2:9b:e2:a2:
                    6c:5f:a9:bb:1d:58:f6:3e:bb:c5:f8:cc:b9:17:fa:
                    c2:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:AD:86:2F:79:03:F6:F7:87:68:2F:7F:FC:C0:7D:20:44:39:0E:B0
            X509v3 Authority Key Identifier:
                keyid:31:59:55:C4:AF:3E:B1:A8:D3:40:0A:86:62:5E:36:5C:26:29:8D:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MVlVxK8-sajTQAqGYl42XCYpjWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/21c61a-d6b1-4aca-9782-97348336f33a/1/sa2GL3kD9veHaC9__MB9IEQ5DrA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/21c61a-d6b1-4aca-9782-97348336f33a/1/MVlVxK8-sajTQAqGYl42XCYpjWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.147.208.0/22
                  176.124.40.0/22
                IPv6:
                  2a0f:3400::/29

    Signature Algorithm: sha256WithRSAEncryption
         31:e9:76:95:a3:40:f6:c7:c1:59:74:2c:8d:01:4a:9c:da:82:
         09:e1:92:b1:94:b4:0d:b9:58:8a:66:e6:a6:88:95:67:64:93:
         fc:e0:c2:57:41:8f:7d:19:3c:e5:9d:a6:b1:66:56:dc:5d:dd:
         aa:47:97:a1:33:07:df:e2:5f:b8:ee:10:00:07:8f:49:43:6c:
         27:da:5a:8b:be:9c:2f:3f:31:59:cb:f5:21:15:8b:2b:90:4f:
         07:b4:0a:be:46:25:15:55:60:e5:07:be:7f:1f:23:1b:15:37:
         0e:b9:bc:fb:ac:9d:ea:e4:d4:6a:f1:62:c1:73:b5:69:5e:26:
         5d:0f:b5:bf:9b:14:d6:f3:47:25:56:95:0b:82:45:a5:e9:19:
         9a:dc:e8:c5:02:0b:23:ed:54:89:b1:df:a1:5a:79:63:c9:f9:
         55:e1:15:f2:9c:79:8d:b3:19:55:09:ec:e4:c0:73:80:18:05:
         6f:52:7f:81:85:d6:bb:83:c8:4f:ac:58:9d:12:e8:87:c3:b9:
         c2:f3:4f:15:86:74:40:65:8d:46:d6:6a:25:07:7c:46:e9:7c:
         0b:cc:a0:04:e6:a1:4d:9a:58:93:2b:aa:b2:d8:7d:59:3e:ac:
         4b:a4:ba:1f:80:b5:e0:e2:63:8c:c0:9e:50:cc:14:be:01:83:
         e5:ab:78:a3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYuC8B0/Py4+dbQZ7B9CfMfMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNTk1NWM0YWYzZWIxYThkMzQwMGE4NjYyNWUzNjVjMjYy
OThkNmEwHhcNMjMxMDMwMjMzNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWFkODYyZjc5MDNmNmY3ODc2ODJmN2ZmY2MwN2QyMDQ0MzkwZWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLULuLK39Uj31xwcab9lwsJs4lzp
8CNi70CyGT2DPMZ/p2UySdGXZQ8xJFi0eyc3iLtOvYFnQq7Bdwb+WaccacKMZCDD
HOkgbCWQksV0KqsbkJB440g9eWDd3/qj+GZ9iW8IPjNoB4LQQKr7MUdeiMwhfIfi
d9FBdpDvVwOwGAQjdeLwFcK/AFaNj8VhE+bbngUwSCzYBIaQrwTPa3wSQDXV9yWd
3n3jwvf9s/rDmsKlqcHmuwgdOAo2v1OG8Pr/vAShVYXg0m/nolb6RAGBAB6MS36X
RMT2LLX4l29LvyHWl4urDTGuu/Iq06Kb4qJsX6m7HVj2PrvF+My5F/rCewIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLGthi95A/b3h2gvf/zAfSBEOQ6wMB8GA1UdIwQY
MBaAFDFZVcSvPrGo00AKhmJeNlwmKY1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVZsVnhLOC1zYWpUUUFxR1lsNDJYQ1lwaldvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8yMWM2MWEtZDZiMS00YWNhLTk3ODIt
OTczNDgzMzZmMzNhLzEvc2EyR0wza0Q5dmVIYUM5X19NQjlJRVE1RHJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8yMWM2MWEtZDZiMS00YWNhLTk3ODItOTczNDgzMzZmMzNh
LzEvTVZsVnhLOC1zYWpUUUFxR1lsNDJYQ1lwaldvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLZPQAwQC
sHwoMA0EAgACMAcDBQMqDzQAMA0GCSqGSIb3DQEBCwUAA4IBAQAx6XaVo0D2x8FZ
dCyNAUqc2oIJ4ZKxlLQNuViKZuamiJVnZJP84MJXQY99GTzlnaaxZlbcXd2qR5eh
Mwff4l+47hAAB49JQ2wn2lqLvpwvPzFZy/UhFYsrkE8HtAq+RiUVVWDlB75/HyMb
FTcOubz7rJ3q5NRq8WLBc7VpXiZdD7W/mxTW80clVpULgkWl6Rma3OjFAgsj7VSJ
sd+hWnljyflV4RXynHmNsxlVCezkwHOAGAVvUn+Bhda7g8hPrFidEuiHw7nC808V
hnRAZY1G1molB3xG6XwLzKAE5qFNmliTK6qy2H1ZPqxLpLofgLXg4mOMwJ5QzBS+
AYPlq3ij
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:01 2024 by rpki-client on console-ams.rpki-client.org