Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/wrCqSB6YwouyNHYm3AulXT3AzWE.roa
File:                     wrCqSB6YwouyNHYm3AulXT3AzWE.roa (raw, json)
Hash identifier:          hqC9mM0BSgbVHXU69LkJ6Gum/WEvZQLbi76aEbFQo5M=
Subject key identifier:   C2:B0:AA:48:1E:98:C2:8B:B2:34:76:26:DC:0B:A5:5D:3D:C0:CD:61
Certificate issuer:       /CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Certificate serial:       018D1102ECB10A1FAA1534551DC509C736AD
Authority key identifier: A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/wrCqSB6YwouyNHYm3AulXT3AzWE.roa
Signing time:             Tue 16 Jan 2024 06:43:40 +0000
ROA not before:           Tue 16 Jan 2024 06:43:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     21859
IP address blocks:        45.146.202.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 06 Feb 2024 08:29:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:11:02:ec:b1:0a:1f:aa:15:34:55:1d:c5:09:c7:36:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
        Validity
            Not Before: Jan 16 06:43:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c2b0aa481e98c28bb2347626dc0ba55d3dc0cd61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:04:d5:29:9a:17:ac:3a:d0:3e:0e:b5:8e:bb:
                    7c:e9:5a:bc:b6:3a:a1:bc:2f:5d:86:ee:7e:81:75:
                    e4:84:80:ca:c6:5f:61:83:9f:f4:fb:bb:f3:16:19:
                    fb:0b:b7:f5:8c:90:a6:41:53:6d:46:7f:a7:2b:39:
                    fe:8a:8a:16:0f:ab:2f:f8:b9:ce:0d:71:e4:df:21:
                    31:6d:ab:46:d8:8a:01:32:1d:27:60:4d:d3:d2:51:
                    8c:71:1a:d7:62:20:27:b8:ad:40:45:9d:b1:d9:ea:
                    69:43:a3:37:c0:22:40:13:64:a4:6f:30:20:50:85:
                    6a:a1:dd:68:74:62:b7:a0:7e:cb:5b:33:64:b1:b3:
                    3b:6b:1c:25:54:24:5c:28:65:0a:06:4c:eb:49:59:
                    1c:a6:e4:ba:d8:cc:56:2a:d6:d5:33:08:92:12:f0:
                    18:2d:b4:88:f3:e3:9e:dc:7e:e7:d2:72:9e:74:52:
                    a9:83:e2:18:a9:9b:e3:41:01:8e:53:53:de:6d:3d:
                    e4:43:04:55:df:7a:b9:a3:d0:57:81:b9:c2:55:69:
                    5c:b3:61:e4:0c:ac:b6:29:cb:4f:b0:f9:f4:9f:b2:
                    3b:84:bc:99:e7:cc:f5:1b:90:b1:1c:05:12:4d:28:
                    f0:eb:52:d1:97:12:3c:d8:64:1f:65:2b:b7:c3:2c:
                    4a:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:B0:AA:48:1E:98:C2:8B:B2:34:76:26:DC:0B:A5:5D:3D:C0:CD:61
            X509v3 Authority Key Identifier:
                keyid:A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/wrCqSB6YwouyNHYm3AulXT3AzWE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.146.202.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cc:14:10:57:27:65:5a:01:a7:01:08:e7:0f:a4:0d:8f:94:63:
         ac:f9:ff:79:28:f8:d9:d4:93:98:3b:46:01:bd:9e:64:75:00:
         36:0f:e6:8e:f7:ef:d3:5d:88:a0:5a:7b:fb:81:3b:33:b5:09:
         03:69:11:75:17:26:b3:61:4e:61:8f:a8:23:9e:58:ee:1c:12:
         a0:7f:27:0c:f4:54:2c:1a:bb:a4:bf:5d:5a:93:eb:6e:b0:e1:
         3e:35:b5:8c:6d:be:19:83:8a:f8:5d:e1:c3:61:2f:be:68:3e:
         1e:89:05:70:b8:d0:45:48:86:ab:bd:41:90:9e:9d:d3:94:24:
         7b:a1:07:41:87:5f:3a:40:a6:8f:22:ba:67:b2:6d:10:69:7b:
         e1:1d:92:de:af:50:86:f8:ba:c3:3b:dd:b5:b2:de:13:8c:2e:
         7b:fa:fe:2d:b0:f9:5d:76:c8:15:b4:7c:88:7d:ac:56:59:44:
         e5:7b:e2:8d:a9:e8:7d:2d:6a:8d:c9:d3:dc:0e:fe:37:12:da:
         24:73:a6:77:6f:0a:8c:61:ca:98:d9:e1:0e:05:f8:19:f8:d7:
         9b:6f:1b:a1:49:a4:af:43:34:21:71:11:8a:a9:13:5b:01:9f:
         bf:ec:a0:47:70:d1:9f:d0:43:60:d4:39:75:3a:a9:14:f9:cc:
         3b:35:87:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0RAuyxCh+qFTRVHcUJxzatMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNTRhOWYzYTI2NjUxM2RkYzY5MzVkOGJlMDIyZTdlNTIz
MGVhMTAwHhcNMjQwMTE2MDY0MzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmIwYWE0ODFlOThjMjhiYjIzNDc2MjZkYzBiYTU1ZDNkYzBjZDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwTVKZoXrDrQPg61jrt86Vq8tjqh
vC9dhu5+gXXkhIDKxl9hg5/0+7vzFhn7C7f1jJCmQVNtRn+nKzn+iooWD6sv+LnO
DXHk3yExbatG2IoBMh0nYE3T0lGMcRrXYiAnuK1ARZ2x2eppQ6M3wCJAE2SkbzAg
UIVqod1odGK3oH7LWzNksbM7axwlVCRcKGUKBkzrSVkcpuS62MxWKtbVMwiSEvAY
LbSI8+Oe3H7n0nKedFKpg+IYqZvjQQGOU1PebT3kQwRV33q5o9BXgbnCVWlcs2Hk
DKy2KctPsPn0n7I7hLyZ58z1G5CxHAUSTSjw61LRlxI82GQfZSu3wyxKNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMKwqkgemMKLsjR2JtwLpV09wM1hMB8GA1UdIwQY
MBaAFKJUqfOiZlE93Gk12L4CLn5SMOoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTkt
YWRkZjBlMTg0OWViLzEvd3JDcVNCNll3b3V5TkhZbTNBdWxYVDNBeldFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTktYWRkZjBlMTg0OWVi
LzEvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZLKMA0G
CSqGSIb3DQEBCwUAA4IBAQDMFBBXJ2VaAacBCOcPpA2PlGOs+f95KPjZ1JOYO0YB
vZ5kdQA2D+aO9+/TXYigWnv7gTsztQkDaRF1FyazYU5hj6gjnljuHBKgfycM9FQs
Grukv11ak+tusOE+NbWMbb4Zg4r4XeHDYS++aD4eiQVwuNBFSIarvUGQnp3TlCR7
oQdBh186QKaPIrpnsm0QaXvhHZLer1CG+LrDO921st4TjC57+v4tsPlddsgVtHyI
faxWWUTle+KNqeh9LWqNydPcDv43Etokc6Z3bwqMYcqY2eEOBfgZ+NebbxuhSaSv
QzQhcRGKqRNbAZ+/7KBHcNGf0ENg1Dl1OqkU+cw7NYfw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:49 2024 by rpki-client on console-ams.rpki-client.org