Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/_wiEV0oBMUxpWu3TF9_-DzsgDPY.roa
File:                     _wiEV0oBMUxpWu3TF9_-DzsgDPY.roa (raw, json)
Hash identifier:          03nBPip3KA2dDDPtj3J6B1HS74cxlZNhqE1fkwtLshA=
Subject key identifier:   FF:08:84:57:4A:01:31:4C:69:5A:ED:D3:17:DF:FE:0F:3B:20:0C:F6
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       018BB0651AFDAAA2F738B4E0E657EB2F7973
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/_wiEV0oBMUxpWu3TF9_-DzsgDPY.roa
Signing time:             Wed 08 Nov 2023 19:24:57 +0000
ROA not before:           Wed 08 Nov 2023 19:24:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216022
IP address blocks:        45.134.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:b0:65:1a:fd:aa:a2:f7:38:b4:e0:e6:57:eb:2f:79:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Nov  8 19:24:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ff0884574a01314c695aedd317dffe0f3b200cf6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:c7:ad:55:07:94:ee:bb:e3:3f:d5:5f:2a:66:
                    a0:f1:fb:4e:b1:03:6f:0f:a2:7d:02:dd:cc:da:a5:
                    d0:67:47:e4:ad:52:f1:6a:7c:c7:49:06:3a:77:ca:
                    53:c7:b4:23:32:43:7f:a0:0d:1d:68:85:50:bf:b0:
                    04:7c:e8:d7:0a:c1:67:61:2d:8b:6a:58:46:f7:cd:
                    fe:8d:3e:1b:d3:90:83:b8:8d:59:8c:5d:1e:b1:b0:
                    3a:57:e0:a4:66:3f:78:e6:91:d6:e2:5c:17:99:6b:
                    15:d1:1c:76:38:68:19:1c:b5:6e:11:17:bb:20:c5:
                    4c:85:0e:63:01:f4:c4:1c:9d:b5:94:d8:73:c6:1a:
                    cc:21:d4:47:62:b5:07:b7:40:7f:4c:b6:11:f2:ab:
                    f1:ca:6e:df:3e:98:ea:4d:b9:0b:75:fd:e7:6a:cc:
                    18:c6:70:cf:dd:36:7b:d1:36:f0:ac:06:f0:ce:97:
                    7b:87:30:07:27:e7:f2:01:f6:89:ea:bf:13:b7:e8:
                    8b:a9:5b:bb:2c:4e:54:33:6e:f4:74:a0:e9:e4:e7:
                    a8:24:a0:07:c8:47:be:bb:34:2d:9f:f1:f5:db:f9:
                    1f:a3:27:38:a7:04:6f:bd:9b:ae:e7:76:73:6b:b0:
                    6e:4a:f6:73:6d:8e:72:74:da:c8:5b:e3:cf:85:14:
                    80:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:08:84:57:4A:01:31:4C:69:5A:ED:D3:17:DF:FE:0F:3B:20:0C:F6
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/_wiEV0oBMUxpWu3TF9_-DzsgDPY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.134.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:b3:51:a1:87:7d:5a:c5:8c:df:6c:c0:b8:65:cb:16:b0:9a:
         64:18:65:73:88:39:3f:dd:5c:20:d2:6e:4f:ed:3c:7b:35:05:
         fd:32:ca:58:17:1c:df:0f:c5:b6:70:72:eb:23:c8:be:4c:9d:
         f7:e3:0d:69:0c:9f:59:d1:f3:b1:91:a7:ed:5b:3f:27:80:0d:
         30:2b:ff:02:35:de:d3:47:8f:6a:04:09:95:ea:ba:0f:b5:6a:
         da:0a:09:87:f6:50:80:e0:12:10:3d:c7:4b:78:e4:6a:fa:2c:
         6f:0d:ce:c1:2d:a7:29:02:cd:2a:ee:85:6e:f9:cb:44:7a:79:
         91:06:1f:c2:a4:1c:e8:ba:43:07:70:fb:19:29:72:7b:ee:95:
         b2:24:90:53:82:d0:df:6f:49:9a:d0:28:da:65:3d:38:d9:d6:
         b9:01:74:c5:d7:be:c5:d0:ca:9f:66:a9:cd:51:73:b3:1f:54:
         d3:17:c0:ba:b1:ef:8f:5b:8b:09:87:3e:31:f5:f3:df:40:3f:
         cc:eb:33:4c:40:37:14:c0:f8:c8:d8:61:55:e0:87:ed:e1:02:
         2a:1f:5a:f4:b8:5d:37:1f:8b:26:12:b3:91:b8:cb:08:ea:19:
         a1:a3:88:47:c5:d3:45:3f:59:4d:f5:6e:f3:a0:ab:78:d7:1f:
         bd:bc:4d:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuwZRr9qqL3OLTg5lfrL3lzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMxMTA4MTkyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjA4ODQ1NzRhMDEzMTRjNjk1YWVkZDMxN2RmZmUwZjNiMjAwY2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2setVQeU7rvjP9VfKmag8ftOsQNv
D6J9At3M2qXQZ0fkrVLxanzHSQY6d8pTx7QjMkN/oA0daIVQv7AEfOjXCsFnYS2L
alhG983+jT4b05CDuI1ZjF0esbA6V+CkZj945pHW4lwXmWsV0Rx2OGgZHLVuERe7
IMVMhQ5jAfTEHJ21lNhzxhrMIdRHYrUHt0B/TLYR8qvxym7fPpjqTbkLdf3naswY
xnDP3TZ70TbwrAbwzpd7hzAHJ+fyAfaJ6r8Tt+iLqVu7LE5UM270dKDp5OeoJKAH
yEe+uzQtn/H12/kfoyc4pwRvvZuu53Zza7BuSvZzbY5ydNrIW+PPhRSACwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP8IhFdKATFMaVrt0xff/g87IAz2MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvX3dpRVYwb0JNVXhwV3UzVEY5Xy1EenNnRFBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYbeMA0G
CSqGSIb3DQEBCwUAA4IBAQCAs1Ghh31axYzfbMC4ZcsWsJpkGGVziDk/3Vwg0m5P
7Tx7NQX9MspYFxzfD8W2cHLrI8i+TJ334w1pDJ9Z0fOxkaftWz8ngA0wK/8CNd7T
R49qBAmV6roPtWraCgmH9lCA4BIQPcdLeORq+ixvDc7BLacpAs0q7oVu+ctEenmR
Bh/CpBzoukMHcPsZKXJ77pWyJJBTgtDfb0ma0CjaZT042da5AXTF177F0MqfZqnN
UXOzH1TTF8C6se+PW4sJhz4x9fPfQD/M6zNMQDcUwPjI2GFV4Ift4QIqH1r0uF03
H4smErORuMsI6hmho4hHxdNFP1lN9W7zoKt41x+9vE2W
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org