Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/p3QTBPescApo5UnU5huni8Nrclg.roa
File:                     p3QTBPescApo5UnU5huni8Nrclg.roa (raw, json)
Hash identifier:          ZHrtZkZCmF//7EfHwlx2Jif/eywdH69f4VCEE8/wwxg=
Subject key identifier:   A7:74:13:04:F7:AC:70:0A:68:E5:49:D4:E6:1B:A7:8B:C3:6B:72:58
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       01856F7998D0ADCA974804BA454E8CC5973B
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/p3QTBPescApo5UnU5huni8Nrclg.roa
Signing time:             Sun 01 Jan 2023 22:35:17 +0000
ROA not before:           Sun 01 Jan 2023 22:35:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211252
IP address blocks:        45.85.90.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 01 Nov 2023 15:53:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:79:98:d0:ad:ca:97:48:04:ba:45:4e:8c:c5:97:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Jan  1 22:35:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a7741304f7ac700a68e549d4e61ba78bc36b7258
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:c7:18:2d:64:a9:39:79:81:09:dd:34:4f:7e:
                    b5:cc:eb:7d:95:a0:10:a5:f0:f3:20:c4:82:d9:24:
                    99:49:9a:e2:04:b7:1a:91:e9:3a:53:12:1a:8d:e9:
                    9e:36:2e:71:84:3d:04:d0:93:71:d1:f7:1a:f3:3d:
                    83:bb:a0:75:80:04:eb:96:94:3c:70:85:e2:60:c5:
                    71:a2:53:23:49:eb:dc:29:d1:e2:c7:4d:6c:53:f1:
                    e3:94:37:f5:a3:68:d3:d0:c4:04:22:bb:6e:a1:fe:
                    02:82:b2:af:f5:50:63:35:bc:5b:2b:9c:9c:b3:22:
                    4d:94:04:7c:42:ca:5e:fe:f0:fd:20:a9:c2:03:08:
                    17:0f:88:ee:97:5b:f6:95:be:33:fc:62:71:f5:03:
                    91:fa:0b:58:5c:c1:9a:98:33:bf:f9:dc:b2:76:18:
                    e1:47:6e:21:66:42:92:84:6e:17:1f:57:8a:5a:2e:
                    1e:2a:ac:2d:ce:05:e5:8a:99:95:e9:fc:f2:b6:a4:
                    ad:db:33:32:f6:77:61:98:31:97:f8:c7:7e:91:ff:
                    78:bf:e8:5d:fd:61:fd:f4:12:c8:e5:06:42:12:d3:
                    a3:8d:c6:bd:ae:8c:b9:6d:a3:8e:15:48:2b:20:da:
                    66:3e:94:48:e0:08:4c:e1:47:4d:a7:45:8c:a2:82:
                    67:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:74:13:04:F7:AC:70:0A:68:E5:49:D4:E6:1B:A7:8B:C3:6B:72:58
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/p3QTBPescApo5UnU5huni8Nrclg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.85.90.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:d8:1b:a3:c9:d2:5c:25:c4:9b:e8:2e:d9:35:94:63:ca:07:
         21:e0:b4:2e:08:20:b4:fe:2f:cc:3c:0e:ba:71:6b:75:30:5e:
         75:59:46:54:4a:8e:55:dc:a0:93:c6:7a:c7:3d:c8:53:0d:dc:
         d7:6f:6f:b8:d6:a8:bf:bd:1c:4f:7c:3d:41:a0:c1:9b:a0:e0:
         82:1e:28:bc:f6:77:0e:ae:f9:7a:1b:6e:16:c1:71:2d:b8:6c:
         dc:78:b3:71:fb:d1:0c:0f:f3:81:f5:d0:db:5a:e5:e2:41:70:
         ca:bd:9e:24:96:5c:d6:37:5e:5b:bb:54:b9:39:c7:fc:20:3e:
         5f:2c:ad:2b:09:6c:de:67:ec:77:00:e0:7d:2b:b8:c9:f4:89:
         d8:ee:73:15:08:46:79:73:86:15:81:10:18:99:6f:8a:09:9f:
         f2:a5:f9:36:72:34:9a:8a:52:b3:ad:83:f4:6b:7e:14:d1:d0:
         24:32:d3:f9:7e:c1:e1:44:0b:62:18:53:68:37:af:21:ea:28:
         00:27:fe:eb:90:0e:da:fe:fb:bc:4a:13:4c:5f:00:a5:29:2a:
         fc:3c:4e:e3:74:17:3f:e9:b4:32:35:9b:f3:3d:d6:47:12:87:
         5f:d1:60:2e:c9:80:f8:c8:06:ff:ae:89:8e:34:97:da:15:ec:
         8c:aa:20:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVveZjQrcqXSAS6RU6MxZc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTAxMjIzNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzc0MTMwNGY3YWM3MDBhNjhlNTQ5ZDRlNjFiYTc4YmMzNmI3MjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8cYLWSpOXmBCd00T361zOt9laAQ
pfDzIMSC2SSZSZriBLcakek6UxIajemeNi5xhD0E0JNx0fca8z2Du6B1gATrlpQ8
cIXiYMVxolMjSevcKdHix01sU/HjlDf1o2jT0MQEIrtuof4CgrKv9VBjNbxbK5yc
syJNlAR8Qspe/vD9IKnCAwgXD4jul1v2lb4z/GJx9QOR+gtYXMGamDO/+dyydhjh
R24hZkKShG4XH1eKWi4eKqwtzgXlipmV6fzytqSt2zMy9ndhmDGX+Md+kf94v+hd
/WH99BLI5QZCEtOjjca9roy5baOOFUgrINpmPpRI4AhM4UdNp0WMooJntwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKd0EwT3rHAKaOVJ1OYbp4vDa3JYMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvcDNRVEJQZXNjQXBvNVVuVTVodW5pOE5yY2xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVVaMA0G
CSqGSIb3DQEBCwUAA4IBAQAD2BujydJcJcSb6C7ZNZRjygch4LQuCCC0/i/MPA66
cWt1MF51WUZUSo5V3KCTxnrHPchTDdzXb2+41qi/vRxPfD1BoMGboOCCHii89ncO
rvl6G24WwXEtuGzceLNx+9EMD/OB9dDbWuXiQXDKvZ4kllzWN15bu1S5Ocf8ID5f
LK0rCWzeZ+x3AOB9K7jJ9InY7nMVCEZ5c4YVgRAYmW+KCZ/ypfk2cjSailKzrYP0
a34U0dAkMtP5fsHhRAtiGFNoN68h6igAJ/7rkA7a/vu8ShNMXwClKSr8PE7jdBc/
6bQyNZvzPdZHEodf0WAuyYD4yAb/romONJfaFeyMqiAR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:52 2024 by rpki-client on console-ams.rpki-client.org