Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/QiHhaoZB5v1qSvZRMPmQI2wLyE8.roa
File:                     QiHhaoZB5v1qSvZRMPmQI2wLyE8.roa (raw, json)
Hash identifier:          jCPwf5jt05dsgrOk7VUIxnxIB/QdDT1XsYHg/N2glmA=
Subject key identifier:   42:21:E1:6A:86:41:E6:FD:6A:4A:F6:51:30:F9:90:23:6C:0B:C8:4F
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       01856F7991AAB8D03171A6D1FC42BF7782AF
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/QiHhaoZB5v1qSvZRMPmQI2wLyE8.roa
Signing time:             Sun 01 Jan 2023 22:35:16 +0000
ROA not before:           Sun 01 Jan 2023 22:35:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206150
IP address blocks:        45.130.140.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 20 Jul 2023 09:12:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:79:91:aa:b8:d0:31:71:a6:d1:fc:42:bf:77:82:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Jan  1 22:35:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4221e16a8641e6fd6a4af65130f990236c0bc84f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:ca:ea:d3:04:8d:e1:d9:f8:b6:fa:ce:06:64:
                    1e:b8:54:58:ad:0b:0c:41:9f:09:a4:6b:e4:0d:50:
                    85:69:cb:9f:c9:c7:04:e8:ab:25:87:c1:ca:f8:3a:
                    69:b7:49:fd:a8:c7:71:2a:f4:4a:ff:12:c5:7f:8a:
                    73:3c:4e:a4:8e:c3:bb:38:25:ac:f9:23:5b:c2:9f:
                    08:cb:43:91:61:74:3c:85:c6:58:c5:68:be:86:88:
                    39:ad:f1:2d:19:60:ae:d2:74:23:f9:ba:9c:6a:94:
                    a8:4f:4a:e2:57:7f:82:d2:78:5c:c0:78:7c:f7:f3:
                    ea:2c:d5:2c:85:2d:84:d4:cb:55:cf:e5:5a:48:f1:
                    ce:ed:12:77:d4:37:28:51:5b:b1:f0:e0:e8:58:49:
                    c6:7b:f6:1d:8e:fe:53:65:d0:0f:b1:97:d2:0b:43:
                    c2:fd:01:85:53:cd:d7:66:ea:c2:04:60:8f:28:47:
                    f0:fb:dc:5e:69:2f:36:3d:50:98:22:35:97:0f:89:
                    b0:33:1e:cf:d7:33:8d:22:23:03:0f:bc:0e:fb:0c:
                    f7:86:3c:5b:80:86:0d:94:95:e8:6a:b2:f8:8c:e9:
                    14:d5:a2:bf:0b:09:8b:d8:b9:3a:ac:08:02:4f:89:
                    ee:93:ab:c2:18:f3:34:83:43:34:89:5e:e3:d3:cc:
                    52:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:21:E1:6A:86:41:E6:FD:6A:4A:F6:51:30:F9:90:23:6C:0B:C8:4F
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/QiHhaoZB5v1qSvZRMPmQI2wLyE8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.130.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:59:62:bd:8e:50:13:91:63:6a:1b:f3:99:e8:94:fa:18:4c:
         fa:9b:6b:d6:1a:c3:22:33:01:f5:4f:42:00:c8:f7:8a:13:5b:
         7c:ac:33:46:02:6b:b0:4b:a4:44:4a:60:19:ee:9d:10:e5:dc:
         54:5b:69:c3:10:0b:d8:ea:79:75:3d:bd:f2:f9:9b:2a:ef:72:
         77:3d:5a:5d:5f:d1:56:bd:19:b3:77:27:8b:cc:d2:5a:21:e9:
         d2:69:9d:d5:dd:4d:72:82:60:13:1e:eb:f8:23:0d:03:6f:ed:
         ea:ef:5f:09:eb:87:9c:1c:65:98:07:b5:72:1e:4d:76:80:96:
         28:51:24:03:0e:5c:08:7e:fd:7a:e8:42:c4:46:b2:6f:f7:ca:
         95:9a:44:9f:49:a0:11:ff:83:51:51:4a:a4:3a:25:71:be:18:
         15:be:96:c5:5d:18:75:98:12:ab:e0:d9:06:59:35:b5:3b:a9:
         fc:1d:9c:bf:07:c6:51:90:09:0c:7c:b0:75:e4:86:68:7d:87:
         16:d7:7b:1c:49:18:56:de:6b:7c:1d:dc:5a:f2:ef:11:16:73:
         45:de:d7:1e:33:e6:21:d9:f2:13:e5:e6:6e:75:39:80:7a:a1:
         1d:f2:d7:60:63:6e:4f:eb:61:c3:b3:a6:08:14:2e:9e:1e:cb:
         26:15:08:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVveZGquNAxcabR/EK/d4KvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTAxMjIzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjIxZTE2YTg2NDFlNmZkNmE0YWY2NTEzMGY5OTAyMzZjMGJjODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48rq0wSN4dn4tvrOBmQeuFRYrQsM
QZ8JpGvkDVCFacufyccE6Kslh8HK+Dppt0n9qMdxKvRK/xLFf4pzPE6kjsO7OCWs
+SNbwp8Iy0ORYXQ8hcZYxWi+hog5rfEtGWCu0nQj+bqcapSoT0riV3+C0nhcwHh8
9/PqLNUshS2E1MtVz+VaSPHO7RJ31DcoUVux8ODoWEnGe/Ydjv5TZdAPsZfSC0PC
/QGFU83XZurCBGCPKEfw+9xeaS82PVCYIjWXD4mwMx7P1zONIiMDD7wO+wz3hjxb
gIYNlJXoarL4jOkU1aK/CwmL2Lk6rAgCT4nuk6vCGPM0g0M0iV7j08xSnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEIh4WqGQeb9akr2UTD5kCNsC8hPMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvUWlIaGFvWkI1djFxU3ZaUk1QbVFJMndMeUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYKMMA0G
CSqGSIb3DQEBCwUAA4IBAQB/WWK9jlATkWNqG/OZ6JT6GEz6m2vWGsMiMwH1T0IA
yPeKE1t8rDNGAmuwS6RESmAZ7p0Q5dxUW2nDEAvY6nl1Pb3y+Zsq73J3PVpdX9FW
vRmzdyeLzNJaIenSaZ3V3U1ygmATHuv4Iw0Db+3q718J64ecHGWYB7VyHk12gJYo
USQDDlwIfv166ELERrJv98qVmkSfSaAR/4NRUUqkOiVxvhgVvpbFXRh1mBKr4NkG
WTW1O6n8HZy/B8ZRkAkMfLB15IZofYcW13scSRhW3mt8Hdxa8u8RFnNF3tceM+Yh
2fIT5eZudTmAeqEd8tdgY25P62HDs6YIFC6eHssmFQjz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org