Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/8_tWtwOQw-zbCoN8F5nG8KXNFlM.roa
File:                     8_tWtwOQw-zbCoN8F5nG8KXNFlM.roa (raw, json)
Hash identifier:          spxykMAfN90qOFONHQnlxle+EtNm5dpRzmxAaHFWajg=
Subject key identifier:   F3:FB:56:B7:03:90:C3:EC:DB:0A:83:7C:17:99:C6:F0:A5:CD:16:53
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       01856F798F2C3CDAB26F36ABB4D2068160ED
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/8_tWtwOQw-zbCoN8F5nG8KXNFlM.roa
Signing time:             Sun 01 Jan 2023 22:35:15 +0000
ROA not before:           Sun 01 Jan 2023 22:35:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202422
IP address blocks:        45.130.139.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 22 Jul 2023 03:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:79:8f:2c:3c:da:b2:6f:36:ab:b4:d2:06:81:60:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Jan  1 22:35:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f3fb56b70390c3ecdb0a837c1799c6f0a5cd1653
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:5e:ff:85:d3:b7:95:b5:e0:23:84:8b:bc:d6:
                    79:d7:7b:45:18:fd:65:50:2a:c3:8c:75:e1:70:4b:
                    8d:42:b2:2f:fb:ce:dd:26:db:36:d2:32:4d:d3:f4:
                    7f:bd:1c:35:1d:58:66:3a:b1:2e:ca:1e:fa:ca:d9:
                    6e:65:31:dc:29:8b:87:62:3b:45:a9:1c:30:9a:54:
                    3a:bf:eb:31:56:5e:95:eb:d9:e7:a3:8e:a6:1e:fd:
                    3e:23:8d:12:56:66:bd:83:4b:92:83:9a:04:e3:e0:
                    aa:54:90:81:83:6a:d7:29:c2:94:48:55:1a:4e:e3:
                    f0:e1:7b:4e:ee:b6:0f:f8:00:c6:67:8a:7c:1c:9d:
                    72:ca:49:26:1a:24:62:18:b4:f7:ea:40:a4:fd:d3:
                    d7:47:27:3a:1f:ca:23:c5:dd:26:07:6b:8a:96:89:
                    ac:a2:11:59:94:45:9d:18:72:94:cc:6c:29:58:c6:
                    a6:1c:03:d4:fd:2c:c2:b4:c3:37:1b:69:75:51:9b:
                    9b:79:40:e7:81:9a:8b:9a:9e:9f:aa:c0:8f:2d:0a:
                    78:51:f2:fa:46:4e:93:cd:7e:31:ae:b0:47:02:b2:
                    41:48:0a:6c:92:95:b3:2e:bd:be:b4:17:29:09:b9:
                    f4:8a:1f:5c:3f:8e:a6:50:db:ba:f2:b1:80:8a:37:
                    ea:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:FB:56:B7:03:90:C3:EC:DB:0A:83:7C:17:99:C6:F0:A5:CD:16:53
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/8_tWtwOQw-zbCoN8F5nG8KXNFlM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.130.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:f8:ab:57:10:76:46:78:64:aa:3c:ca:5e:3b:6b:c8:aa:8a:
         87:95:12:48:9f:5b:b5:93:37:a2:47:5d:fa:06:ed:f1:80:55:
         5e:7c:f9:6d:e1:06:6a:09:7d:d2:53:9b:e3:f8:9e:8d:05:dc:
         51:0d:f9:7d:23:b5:6b:52:99:04:51:fc:6b:a3:36:82:e4:8d:
         c7:f3:1f:7c:92:c0:21:fa:19:e5:da:78:e8:47:f6:4b:02:32:
         a9:0b:c0:13:71:0a:5c:44:d1:91:fa:86:0c:a1:7a:36:98:d2:
         4b:f2:64:3e:b0:9c:ed:c4:1a:0c:e0:a4:10:25:a7:d1:cb:fc:
         fb:62:a1:36:56:3a:71:7f:85:51:9c:27:68:33:f3:36:52:e8:
         53:ce:a6:69:aa:0a:76:21:5a:48:96:77:87:53:ba:8a:18:9c:
         b4:5c:d7:21:b0:8b:5d:1e:ab:a0:f2:45:82:15:f7:51:4a:90:
         ee:77:60:8d:6f:e0:c0:06:f8:c2:38:9c:c3:7e:25:a6:0b:c4:
         ab:28:ff:8f:4e:af:a3:b2:db:d2:fd:52:32:ff:1a:15:f4:1e:
         9f:b6:33:c7:8c:13:56:4c:e4:60:a9:0b:bc:04:1b:74:da:e1:
         e7:7a:0f:c6:01:9a:80:b0:c9:17:e8:56:36:5b:6a:3d:96:57:
         dd:ad:d7:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVveY8sPNqybzartNIGgWDtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTAxMjIzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2ZiNTZiNzAzOTBjM2VjZGIwYTgzN2MxNzk5YzZmMGE1Y2QxNjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiV7/hdO3lbXgI4SLvNZ513tFGP1l
UCrDjHXhcEuNQrIv+87dJts20jJN0/R/vRw1HVhmOrEuyh76ytluZTHcKYuHYjtF
qRwwmlQ6v+sxVl6V69nno46mHv0+I40SVma9g0uSg5oE4+CqVJCBg2rXKcKUSFUa
TuPw4XtO7rYP+ADGZ4p8HJ1yykkmGiRiGLT36kCk/dPXRyc6H8ojxd0mB2uKloms
ohFZlEWdGHKUzGwpWMamHAPU/SzCtMM3G2l1UZubeUDngZqLmp6fqsCPLQp4UfL6
Rk6TzX4xrrBHArJBSApskpWzLr2+tBcpCbn0ih9cP46mUNu68rGAijfq9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPP7VrcDkMPs2wqDfBeZxvClzRZTMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvOF90V3R3T1F3LXpiQ29OOEY1bkc4S1hORmxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYKLMA0G
CSqGSIb3DQEBCwUAA4IBAQCZ+KtXEHZGeGSqPMpeO2vIqoqHlRJIn1u1kzeiR136
Bu3xgFVefPlt4QZqCX3SU5vj+J6NBdxRDfl9I7VrUpkEUfxrozaC5I3H8x98ksAh
+hnl2njoR/ZLAjKpC8ATcQpcRNGR+oYMoXo2mNJL8mQ+sJztxBoM4KQQJafRy/z7
YqE2Vjpxf4VRnCdoM/M2UuhTzqZpqgp2IVpIlneHU7qKGJy0XNchsItdHqug8kWC
FfdRSpDud2CNb+DABvjCOJzDfiWmC8SrKP+PTq+jstvS/VIy/xoV9B6ftjPHjBNW
TORgqQu8BBt02uHneg/GAZqAsMkX6FY2W2o9llfdrdd+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org