Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/8UYw3s2E46mBR-V3DGl9TDjGyMU.roa
File:                     8UYw3s2E46mBR-V3DGl9TDjGyMU.roa (raw, json)
Hash identifier:          azHTxklMiBl+089dSiPgFzoXwOB3qgRPVSGE7YIFLEU=
Subject key identifier:   F1:46:30:DE:CD:84:E3:A9:81:47:E5:77:0C:69:7D:4C:38:C6:C8:C5
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       01856F798398E52050B32BB122EDBC86042B
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/8UYw3s2E46mBR-V3DGl9TDjGyMU.roa
Signing time:             Sun 01 Jan 2023 22:35:12 +0000
ROA not before:           Sun 01 Jan 2023 22:35:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50673
IP address blocks:        45.94.200.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:79:83:98:e5:20:50:b3:2b:b1:22:ed:bc:86:04:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Jan  1 22:35:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f14630decd84e3a98147e5770c697d4c38c6c8c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:33:2b:89:a4:b4:fa:e4:03:6e:26:31:2a:4b:
                    f2:4b:ff:15:8c:68:6d:53:e3:70:5c:89:88:5c:ed:
                    82:68:f9:ba:dc:3f:35:55:60:6d:d5:49:5f:c6:42:
                    c8:d7:db:02:de:ce:14:c6:d4:40:03:d7:87:18:f7:
                    66:d6:e9:2d:a9:bf:cf:ed:fb:19:8a:64:3f:39:4e:
                    74:0c:35:d7:73:db:8b:64:5b:2b:02:b8:a9:fd:c7:
                    2b:e7:d9:00:6c:21:4b:8a:7b:a8:95:9f:12:b5:ad:
                    69:55:90:ed:6e:68:4e:d0:7b:8d:50:c7:7b:e8:df:
                    6d:a4:af:27:89:a0:a2:b0:73:85:af:3a:b9:04:3d:
                    68:40:96:13:db:05:4c:aa:bd:82:60:3d:4b:12:ad:
                    b0:32:e9:2b:23:d4:05:3d:16:1d:03:24:5d:d9:bf:
                    45:f4:03:f4:54:88:24:d7:62:8d:f1:2d:ad:51:bb:
                    14:48:62:88:af:3b:21:9e:46:db:42:eb:41:26:cf:
                    9b:de:b3:ff:73:d3:4a:40:cc:ae:6a:6e:d2:3f:b7:
                    67:f6:3a:d9:1c:ec:ad:4d:31:0c:58:3d:b4:aa:5b:
                    01:d3:86:59:97:10:1f:a7:f4:ac:13:25:05:de:43:
                    67:6c:50:16:27:cd:c5:67:e7:11:6f:b6:c3:3b:13:
                    2c:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:46:30:DE:CD:84:E3:A9:81:47:E5:77:0C:69:7D:4C:38:C6:C8:C5
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/8UYw3s2E46mBR-V3DGl9TDjGyMU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.94.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         69:b4:da:69:00:e3:b1:53:b5:3b:ca:b7:b3:b4:69:db:3d:6d:
         d4:06:4e:9c:8d:be:38:d1:92:5f:7e:b7:95:31:48:28:da:a0:
         df:95:37:52:0b:5d:c1:b8:80:3b:b0:b6:36:d8:72:54:22:b0:
         2d:78:e4:7b:3d:0e:b4:d5:a1:4c:37:d8:3b:f7:bf:31:9f:1f:
         bf:0c:c5:38:55:c9:9e:c8:9d:48:9a:45:4e:80:95:10:64:1a:
         c1:4e:a4:bd:e4:dc:a9:a8:96:c7:dc:8c:d6:e7:9e:e9:d7:17:
         67:cd:c3:cf:b2:9e:4c:6d:58:08:0b:8b:46:8d:89:27:13:86:
         e8:37:cc:a9:6b:03:99:3e:6f:8d:2d:79:5e:99:47:9e:f8:2a:
         29:e9:6c:ab:39:34:eb:84:95:0d:d3:e8:76:95:74:5f:08:7a:
         3e:0b:36:55:e6:b5:3f:51:88:e6:4b:4f:0c:1a:69:a1:80:cc:
         68:0f:5e:bb:b2:ff:c7:fa:ec:02:b6:00:18:f7:2d:84:b8:8e:
         e8:d6:27:6b:09:60:a4:28:5d:89:00:01:95:8c:13:b2:b0:4a:
         47:6c:af:9e:7a:ac:29:ad:51:19:47:78:80:a2:32:0d:7f:be:
         b6:06:0d:21:8e:c0:bd:d7:49:93:30:fb:a0:de:5e:ab:fe:b7:
         08:e3:94:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVveYOY5SBQsyuxIu28hgQrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTAxMjIzNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTQ2MzBkZWNkODRlM2E5ODE0N2U1NzcwYzY5N2Q0YzM4YzZjOGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzMriaS0+uQDbiYxKkvyS/8VjGht
U+NwXImIXO2CaPm63D81VWBt1UlfxkLI19sC3s4UxtRAA9eHGPdm1uktqb/P7fsZ
imQ/OU50DDXXc9uLZFsrArip/ccr59kAbCFLinuolZ8Sta1pVZDtbmhO0HuNUMd7
6N9tpK8niaCisHOFrzq5BD1oQJYT2wVMqr2CYD1LEq2wMukrI9QFPRYdAyRd2b9F
9AP0VIgk12KN8S2tUbsUSGKIrzshnkbbQutBJs+b3rP/c9NKQMyuam7SP7dn9jrZ
HOytTTEMWD20qlsB04ZZlxAfp/SsEyUF3kNnbFAWJ83FZ+cRb7bDOxMsGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPFGMN7NhOOpgUfldwxpfUw4xsjFMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvOFVZdzNzMkU0Nm1CUi1WM0RHbDlURGpHeU1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLV7IMA0G
CSqGSIb3DQEBCwUAA4IBAQBptNppAOOxU7U7yreztGnbPW3UBk6cjb440ZJffreV
MUgo2qDflTdSC13BuIA7sLY22HJUIrAteOR7PQ601aFMN9g7978xnx+/DMU4Vcme
yJ1ImkVOgJUQZBrBTqS95NypqJbH3IzW557p1xdnzcPPsp5MbVgIC4tGjYknE4bo
N8ypawOZPm+NLXlemUee+Cop6WyrOTTrhJUN0+h2lXRfCHo+CzZV5rU/UYjmS08M
GmmhgMxoD167sv/H+uwCtgAY9y2EuI7o1idrCWCkKF2JAAGVjBOysEpHbK+eeqwp
rVEZR3iAojINf762Bg0hjsC910mTMPug3l6r/rcI45TE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:51 2024 by rpki-client on console-fra.rpki-client.org