Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ihsaQJtSYb2fwpCaT19MUqfR2Dc.roa
File:                     ihsaQJtSYb2fwpCaT19MUqfR2Dc.roa (raw, json)
Hash identifier:          rhmdtJkf6y2owZ5QIK8V2CKH5g+TJS1anGTVH16y37M=
Subject key identifier:   8A:1B:1A:40:9B:52:61:BD:9F:C2:90:9A:4F:5F:4C:52:A7:D1:D8:37
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       01856F799AE2202C2A02E5AD518FD54E31EB
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ihsaQJtSYb2fwpCaT19MUqfR2Dc.roa
Signing time:             Sun 01 Jan 2023 22:35:18 +0000
ROA not before:           Sun 01 Jan 2023 22:35:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212477
IP address blocks:        45.140.140.0/22 maxlen: 24
                          45.137.206.0/24 maxlen: 24
                          45.140.188.0/22 maxlen: 24
                          45.137.204.0/23 maxlen: 24
                          45.137.207.0/24 maxlen: 24
                          45.140.213.0/24 maxlen: 24
                          45.140.212.0/24 maxlen: 24
                          2a07:e345:100::/40 maxlen: 48

Validation:               Failed, certificate revoked on Sun 29 Jan 2023 18:43:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:79:9a:e2:20:2c:2a:02:e5:ad:51:8f:d5:4e:31:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Jan  1 22:35:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8a1b1a409b5261bd9fc2909a4f5f4c52a7d1d837
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:ff:12:2d:06:35:4b:e5:02:4e:98:bb:f4:c7:
                    b1:0a:6a:f4:81:c2:f1:10:26:eb:06:25:95:9f:dc:
                    7f:80:f3:fe:17:7f:6d:11:8a:aa:83:17:e7:f8:b6:
                    13:5d:12:4c:c8:db:6e:86:8a:c7:e5:35:6c:ee:41:
                    59:99:44:6a:49:dc:b9:05:fa:1f:0a:cc:48:46:52:
                    97:79:f5:ed:23:cb:ae:d1:75:11:af:ae:9a:38:9a:
                    22:94:b3:b5:12:ad:e7:bd:e1:18:f2:72:fa:c0:9c:
                    d6:b2:13:c9:ba:0c:fb:c8:fe:85:8d:2c:7e:f9:f2:
                    b4:41:91:1e:e6:73:fe:9f:90:71:3a:ee:40:00:b2:
                    f2:97:84:02:4a:d8:60:c9:be:5d:12:5f:c1:e4:41:
                    ea:f7:af:87:f2:73:32:2c:88:b5:bb:67:70:84:37:
                    f7:e7:37:48:62:fd:b9:45:78:5e:0d:70:67:82:9a:
                    6a:f7:6a:2b:44:b5:f7:20:e6:04:3f:5a:e0:fd:6c:
                    6d:b7:df:72:03:fa:cc:38:23:8a:1a:86:4a:f4:50:
                    54:cd:4b:dd:b7:b1:c3:cf:ae:3e:aa:af:a0:78:0a:
                    0f:e0:a1:47:a5:73:4e:ff:b6:f9:ad:4c:4f:f6:c3:
                    df:63:d6:3d:97:b4:4a:c4:52:33:13:d5:7b:ae:16:
                    84:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:1B:1A:40:9B:52:61:BD:9F:C2:90:9A:4F:5F:4C:52:A7:D1:D8:37
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ihsaQJtSYb2fwpCaT19MUqfR2Dc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.137.204.0/22
                  45.140.140.0/22
                  45.140.188.0/22
                  45.140.212.0/23
                IPv6:
                  2a07:e345:100::/40

    Signature Algorithm: sha256WithRSAEncryption
         42:ee:57:79:5a:4c:b7:27:ff:2c:0b:01:a5:b2:10:52:01:b2:
         0e:e4:c6:e9:56:42:c0:57:c9:6b:5c:5d:59:f9:1e:32:c1:5e:
         09:ea:5e:6b:c8:28:3e:f8:1e:e0:60:e0:a5:1e:63:bb:d8:73:
         e3:23:cb:6a:b5:15:c1:c2:11:bf:db:9d:f9:ef:36:3d:09:8b:
         55:3b:83:29:21:7a:a4:f2:dc:f9:7c:0e:a5:21:de:e0:07:a4:
         be:f2:3a:4b:91:8b:5d:c3:1b:47:8f:aa:43:c2:04:fe:8b:6b:
         b8:43:e7:0f:79:5a:04:19:6b:39:49:6b:8c:65:aa:ec:61:72:
         8e:05:7f:52:e5:ce:97:de:82:49:9c:12:ae:bf:94:4f:d4:20:
         44:b1:02:4a:7f:77:a3:c2:d1:bf:ba:51:dc:01:54:a7:56:0f:
         7e:84:3b:63:a2:4c:a1:0a:5f:09:3a:bb:b0:df:51:0d:5e:17:
         af:33:00:64:28:1c:df:53:f1:d2:f3:30:76:a3:f5:04:24:52:
         04:77:ae:12:09:39:96:e4:db:d6:22:4e:d3:15:c0:2e:c5:dc:
         56:a5:52:ed:4a:d1:ec:0f:fa:ea:a3:f1:23:62:7a:22:d0:13:
         e2:06:68:80:48:da:fd:23:d9:b8:8f:dc:14:30:f1:45:f1:b0:
         c0:7e:fd:f8
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVveZriICwqAuWtUY/VTjHrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTAxMjIzNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTFiMWE0MDliNTI2MWJkOWZjMjkwOWE0ZjVmNGM1MmE3ZDFkODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgf8SLQY1S+UCTpi79MexCmr0gcLx
ECbrBiWVn9x/gPP+F39tEYqqgxfn+LYTXRJMyNtuhorH5TVs7kFZmURqSdy5Bfof
CsxIRlKXefXtI8uu0XURr66aOJoilLO1Eq3nveEY8nL6wJzWshPJugz7yP6FjSx+
+fK0QZEe5nP+n5BxOu5AALLyl4QCSthgyb5dEl/B5EHq96+H8nMyLIi1u2dwhDf3
5zdIYv25RXheDXBngppq92orRLX3IOYEP1rg/Wxtt99yA/rMOCOKGoZK9FBUzUvd
t7HDz64+qq+geAoP4KFHpXNO/7b5rUxP9sPfY9Y9l7RKxFIzE9V7rhaE6QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFIobGkCbUmG9n8KQmk9fTFKn0dg3MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvaWhzYVFKdFNZYjJmd3BDYVQxOU1VcWZSMkRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQCLYnMAwQC
LYyMAwQCLYy8AwQBLYzUMA4EAgACMAgDBgAqB+NFATANBgkqhkiG9w0BAQsFAAOC
AQEAQu5XeVpMtyf/LAsBpbIQUgGyDuTG6VZCwFfJa1xdWfkeMsFeCepea8goPvge
4GDgpR5ju9hz4yPLarUVwcIRv9ud+e82PQmLVTuDKSF6pPLc+XwOpSHe4AekvvI6
S5GLXcMbR4+qQ8IE/otruEPnD3laBBlrOUlrjGWq7GFyjgV/UuXOl96CSZwSrr+U
T9QgRLECSn93o8LRv7pR3AFUp1YPfoQ7Y6JMoQpfCTq7sN9RDV4XrzMAZCgc31Px
0vMwdqP1BCRSBHeuEgk5luTb1iJO0xXALsXcVqVS7UrR7A/66qPxI2J6ItAT4gZo
gEja/SPZuI/cFDDxRfGwwH79+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:52 2024 by rpki-client on console-ams.rpki-client.org