Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/KqYyBNulG33BZ7FTi5k_fdRp2Hw.roa
File:                     KqYyBNulG33BZ7FTi5k_fdRp2Hw.roa (raw, json)
Hash identifier:          917zMrSretZyX86afOhCYqlWu6q8SmbYx5I12lQmxmg=
Subject key identifier:   2A:A6:32:04:DB:A5:1B:7D:C1:67:B1:53:8B:99:3F:7D:D4:69:D8:7C
Certificate issuer:       /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial:       01856C6EF4C4F25BFA343B8430692FEF6E94
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/KqYyBNulG33BZ7FTi5k_fdRp2Hw.roa
Signing time:             Sun 01 Jan 2023 08:24:48 +0000
ROA not before:           Sun 01 Jan 2023 08:24:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34679
IP address blocks:        45.14.237.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:6e:f4:c4:f2:5b:fa:34:3b:84:30:69:2f:ef:6e:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
        Validity
            Not Before: Jan  1 08:24:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2aa63204dba51b7dc167b1538b993f7dd469d87c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:6e:c3:c0:86:92:67:16:22:5a:93:21:ff:2f:
                    1e:e8:34:65:69:29:70:6d:30:2c:db:b4:41:ad:01:
                    7d:dc:aa:9e:a6:f7:b0:66:22:e4:c4:dc:32:82:1b:
                    d3:d9:31:69:a1:4d:50:6b:86:95:18:51:08:94:42:
                    57:1f:54:43:ba:c5:36:ee:19:d6:75:2c:0c:ff:5a:
                    67:fc:85:16:7d:97:c2:34:de:2e:e1:b1:28:a0:be:
                    19:f4:9f:c7:3f:a5:b3:0e:07:76:09:ad:42:bc:4e:
                    a9:83:c1:1f:47:1a:26:58:df:14:bf:59:30:b9:6c:
                    01:13:ee:e6:08:fe:b4:9f:61:39:e3:da:dc:49:b3:
                    7d:34:35:99:3a:4c:7f:87:7b:9d:f7:82:4b:ea:cb:
                    35:18:1c:9b:51:d1:7a:98:9f:2b:ab:bf:f1:16:5c:
                    b1:a2:47:24:08:5b:62:35:24:df:fe:0b:14:16:33:
                    4e:b1:08:eb:0d:fd:33:22:10:89:9b:94:1b:24:17:
                    59:1a:7a:9c:59:3e:c2:23:65:4e:32:a3:92:23:6a:
                    01:df:aa:74:11:3a:26:14:7a:3b:08:5b:d4:2a:93:
                    39:14:f8:6c:d5:6a:bf:d7:04:c2:5c:9d:45:92:2b:
                    ce:c9:fe:9d:38:a1:e1:3b:93:3d:6d:4d:67:3c:9b:
                    6a:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:A6:32:04:DB:A5:1B:7D:C1:67:B1:53:8B:99:3F:7D:D4:69:D8:7C
            X509v3 Authority Key Identifier:
                keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/KqYyBNulG33BZ7FTi5k_fdRp2Hw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.14.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:f1:a1:57:a6:c8:02:38:92:db:b5:7a:8e:ac:1c:4d:91:bd:
         15:53:d7:d7:80:4b:fd:77:ea:d7:ba:64:94:41:a5:0b:ae:20:
         08:60:91:2c:5f:11:92:2d:c2:94:dd:f5:b1:82:83:b0:2c:66:
         22:1a:e0:42:fb:aa:70:0f:9e:cd:3f:f5:02:2c:c9:04:60:b4:
         a3:a5:b1:6a:ec:82:1b:94:b1:28:b4:50:a3:57:37:84:cf:55:
         38:2f:05:9e:6e:5f:d6:5a:46:c2:be:7f:34:a4:7b:ce:90:af:
         10:78:e2:cd:36:a9:5c:e4:31:ad:67:b1:2a:9a:66:fa:57:24:
         ce:20:40:30:e3:75:02:6a:12:ef:1b:08:5c:43:67:d8:dd:5a:
         80:6f:9d:f3:c4:a7:31:c1:8a:7d:bb:21:dc:61:66:f6:9d:b8:
         d6:50:79:25:5f:e0:ee:c1:4d:af:d4:ea:93:be:73:15:0f:e4:
         0c:ca:12:12:06:75:f7:9c:4c:d8:3f:e3:e1:91:f8:9b:f6:a8:
         f8:89:1f:52:ab:15:35:3d:3d:4c:89:e2:08:a9:17:04:53:6b:
         e6:0f:b1:ba:5b:f7:5d:87:09:d8:60:8d:c3:52:88:2a:f3:48:
         e0:5a:bb:52:eb:7d:08:aa:e2:d7:0c:88:0d:40:4e:b8:95:0c:
         8f:e4:22:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbvTE8lv6NDuEMGkv726UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjMwMTAxMDgyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWE2MzIwNGRiYTUxYjdkYzE2N2IxNTM4Yjk5M2Y3ZGQ0NjlkODdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAom7DwIaSZxYiWpMh/y8e6DRlaSlw
bTAs27RBrQF93KqepvewZiLkxNwyghvT2TFpoU1Qa4aVGFEIlEJXH1RDusU27hnW
dSwM/1pn/IUWfZfCNN4u4bEooL4Z9J/HP6WzDgd2Ca1CvE6pg8EfRxomWN8Uv1kw
uWwBE+7mCP60n2E549rcSbN9NDWZOkx/h3ud94JL6ss1GBybUdF6mJ8rq7/xFlyx
okckCFtiNSTf/gsUFjNOsQjrDf0zIhCJm5QbJBdZGnqcWT7CI2VOMqOSI2oB36p0
ETomFHo7CFvUKpM5FPhs1Wq/1wTCXJ1FkivOyf6dOKHhO5M9bU1nPJtqdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCqmMgTbpRt9wWexU4uZP33Uadh8MB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvS3FZeUJOdWxHMzNCWjdGVGk1a19mZFJwMkh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQ7tMA0G
CSqGSIb3DQEBCwUAA4IBAQBN8aFXpsgCOJLbtXqOrBxNkb0VU9fXgEv9d+rXumSU
QaULriAIYJEsXxGSLcKU3fWxgoOwLGYiGuBC+6pwD57NP/UCLMkEYLSjpbFq7IIb
lLEotFCjVzeEz1U4LwWebl/WWkbCvn80pHvOkK8QeOLNNqlc5DGtZ7Eqmmb6VyTO
IEAw43UCahLvGwhcQ2fY3VqAb53zxKcxwYp9uyHcYWb2nbjWUHklX+DuwU2v1OqT
vnMVD+QMyhISBnX3nEzYP+Phkfib9qj4iR9SqxU1PT1MieIIqRcEU2vmD7G6W/dd
hwnYYI3DUogq80jgWrtS630IquLXDIgNQE64lQyP5CLG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:42 2024 by rpki-client on console-ams.rpki-client.org