Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/In3-vvrUtlYkxiSzwNqUI09axmM.roa
File:                     In3-vvrUtlYkxiSzwNqUI09axmM.roa (raw, json)
Hash identifier:          N7UCGBmIyjryVY5vz0st7/1KI1k+rE+CVxTNAS4kEu8=
Subject key identifier:   22:7D:FE:BE:FA:D4:B6:56:24:C6:24:B3:C0:DA:94:23:4F:5A:C6:63
Certificate issuer:       /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial:       0189FA14B4C1B68587019B49AE4B1A33CBA2
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/In3-vvrUtlYkxiSzwNqUI09axmM.roa
Signing time:             Tue 15 Aug 2023 16:43:28 +0000
ROA not before:           Tue 15 Aug 2023 16:43:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31244
IP address blocks:        45.131.107.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:fa:14:b4:c1:b6:85:87:01:9b:49:ae:4b:1a:33:cb:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
        Validity
            Not Before: Aug 15 16:43:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=227dfebefad4b65624c624b3c0da94234f5ac663
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:c4:eb:8b:e7:37:3e:cb:2e:34:ea:38:5e:a0:
                    34:30:ab:9b:1c:17:6a:ea:fa:54:ac:b9:ca:4f:02:
                    1e:6e:77:d9:e1:39:c6:6c:9f:30:c6:a8:26:42:b4:
                    ea:82:1b:4c:6d:76:e9:26:f4:74:5e:d6:c8:fc:92:
                    06:56:60:32:08:f6:f7:bf:90:45:56:68:26:be:48:
                    e9:c0:47:ea:18:db:c8:09:a7:07:9f:22:4d:e6:e2:
                    4a:17:b9:6c:6d:66:d5:ce:f0:93:83:3f:11:ac:6f:
                    d1:c6:87:8e:cd:dc:34:67:03:d6:0c:eb:72:2e:24:
                    06:77:21:ae:a5:41:56:62:c5:10:66:dd:4a:52:ae:
                    b5:91:3e:e9:f0:99:96:90:5f:e9:e1:3d:44:cf:98:
                    b5:54:c5:57:a7:f0:6a:cc:3c:85:f1:cc:5a:f4:c2:
                    1e:17:3d:b8:ee:47:e4:85:26:11:51:90:5a:2f:6a:
                    1c:b8:18:1b:13:24:f9:2b:9d:58:4f:29:53:c5:f1:
                    da:44:3a:f7:19:c9:8a:00:28:c1:bd:7b:38:f4:ed:
                    73:60:ac:5b:b9:8b:b9:7b:eb:2c:06:34:d5:44:eb:
                    ed:59:a7:2b:81:57:ee:42:e9:f7:36:ad:a2:1f:ab:
                    1d:60:97:d4:ec:81:98:8d:f6:6a:9f:81:11:aa:6d:
                    fc:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:7D:FE:BE:FA:D4:B6:56:24:C6:24:B3:C0:DA:94:23:4F:5A:C6:63
            X509v3 Authority Key Identifier:
                keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/In3-vvrUtlYkxiSzwNqUI09axmM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.131.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:47:cd:43:47:45:f4:0d:e6:d6:77:e4:53:a2:76:d2:2c:08:
         1c:6a:00:c0:9f:12:d0:c5:3e:c9:da:83:f1:61:3b:b1:b9:11:
         76:93:38:c5:34:ee:28:3b:e3:ee:e0:74:2c:1a:96:80:d5:83:
         79:fc:05:be:02:68:5a:0f:dd:f0:fc:57:ff:a8:11:48:f8:c1:
         d5:19:3d:ea:14:91:e6:4d:d9:ff:0e:9a:4a:ec:cc:1c:68:c4:
         6a:a3:01:e2:49:8b:de:ff:3d:1e:ae:8e:f9:50:d6:17:8b:3c:
         fb:c8:79:76:9a:7d:da:71:ab:9b:cf:47:1e:41:80:18:69:ae:
         9e:2b:6e:46:94:3e:02:7c:6f:73:74:fb:73:46:3d:30:a9:9f:
         ab:57:a1:3b:81:7c:2b:aa:f1:f3:2e:0e:b2:17:79:ed:99:c8:
         79:5b:77:09:84:14:59:b0:f1:36:f3:7d:17:9c:17:a3:d8:7b:
         99:f7:81:89:b8:6a:8e:24:38:fc:d9:b2:59:23:28:c1:ce:7d:
         e4:58:15:26:6b:08:19:ec:a0:e7:f5:1c:ce:06:ea:c2:31:10:
         a7:3e:5a:51:ca:a7:02:01:74:ec:27:51:31:fc:df:de:5d:13:
         99:cf:b7:de:3c:89:d0:b9:ff:5d:c0:b0:31:47:0f:e4:70:d1:
         c8:4b:ac:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn6FLTBtoWHAZtJrksaM8uiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjMwODE1MTY0MzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjdkZmViZWZhZDRiNjU2MjRjNjI0YjNjMGRhOTQyMzRmNWFjNjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMTri+c3PssuNOo4XqA0MKubHBdq
6vpUrLnKTwIebnfZ4TnGbJ8wxqgmQrTqghtMbXbpJvR0XtbI/JIGVmAyCPb3v5BF
VmgmvkjpwEfqGNvICacHnyJN5uJKF7lsbWbVzvCTgz8RrG/RxoeOzdw0ZwPWDOty
LiQGdyGupUFWYsUQZt1KUq61kT7p8JmWkF/p4T1Ez5i1VMVXp/BqzDyF8cxa9MIe
Fz247kfkhSYRUZBaL2ocuBgbEyT5K51YTylTxfHaRDr3GcmKACjBvXs49O1zYKxb
uYu5e+ssBjTVROvtWacrgVfuQun3Nq2iH6sdYJfU7IGYjfZqn4ERqm38DwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCJ9/r761LZWJMYks8DalCNPWsZjMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvSW4zLXZ2clV0bFlreGlTendOcVVJMDlheG1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYNrMA0G
CSqGSIb3DQEBCwUAA4IBAQBQR81DR0X0DebWd+RTonbSLAgcagDAnxLQxT7J2oPx
YTuxuRF2kzjFNO4oO+Pu4HQsGpaA1YN5/AW+AmhaD93w/Ff/qBFI+MHVGT3qFJHm
Tdn/DppK7MwcaMRqowHiSYve/z0ero75UNYXizz7yHl2mn3acaubz0ceQYAYaa6e
K25GlD4CfG9zdPtzRj0wqZ+rV6E7gXwrqvHzLg6yF3ntmch5W3cJhBRZsPE2830X
nBej2HuZ94GJuGqOJDj82bJZIyjBzn3kWBUmawgZ7KDn9RzOBurCMRCnPlpRyqcC
AXTsJ1Ex/N/eXROZz7fePInQuf9dwLAxRw/kcNHIS6zx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:12 2024 by rpki-client on console-ams.rpki-client.org