Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/X70NhIndRFdIZspepEU72KviCio.roa
File:                     X70NhIndRFdIZspepEU72KviCio.roa (raw, json)
Hash identifier:          vh6NvL1mOETvdgT5lauJ3v4LTMTlb5d5hYl5RYPrI7c=
Subject key identifier:   5F:BD:0D:84:89:DD:44:57:48:66:CA:5E:A4:45:3B:D8:AB:E2:0A:2A
Certificate issuer:       /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial:       018CC492E1C1E487716A06F827AA78B343B0
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/X70NhIndRFdIZspepEU72KviCio.roa
Signing time:             Mon 01 Jan 2024 10:30:09 +0000
ROA not before:           Mon 01 Jan 2024 10:30:09 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     23470
IP address blocks:        45.147.62.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 22 Apr 2024 11:45:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:92:e1:c1:e4:87:71:6a:06:f8:27:aa:78:b3:43:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
        Validity
            Not Before: Jan  1 10:30:09 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5fbd0d8489dd44574866ca5ea4453bd8abe20a2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:51:3f:8c:7e:24:3d:39:5d:7b:06:6e:93:82:
                    65:64:e2:f5:d6:d1:6a:80:50:06:5e:d0:0a:0b:da:
                    34:30:cb:c0:f6:ed:0c:a9:02:ef:85:39:a5:10:e4:
                    01:5f:67:1f:3d:d3:50:b9:95:62:bf:1a:4b:c5:e5:
                    de:13:cf:af:03:b2:04:f0:c6:c6:6e:a6:c5:30:45:
                    d8:0d:c2:75:6a:13:84:aa:28:33:69:eb:6b:19:48:
                    fa:0b:7c:bc:78:d5:65:f6:b4:dc:5d:da:36:85:9d:
                    b4:92:95:dd:02:d0:86:cc:d4:59:9a:b3:c2:30:cc:
                    96:54:90:4a:56:21:9a:a7:9f:b9:0d:de:09:a8:1f:
                    4b:46:1f:21:bc:1d:08:1f:58:45:94:53:e4:3a:8c:
                    fe:57:56:bd:a4:e7:5b:ba:e4:12:e1:09:69:4d:98:
                    81:e2:1d:3f:83:0d:8a:64:92:7c:3c:5b:3a:c7:54:
                    a6:b7:42:18:eb:00:e9:18:af:d7:ee:75:c0:69:00:
                    06:41:de:82:a5:9e:43:3c:72:0e:50:20:1f:04:1b:
                    34:e9:57:b2:73:92:fc:15:ba:6b:7e:30:40:cf:db:
                    ad:c2:5c:6b:bd:bf:9a:c9:38:a3:f5:d1:b1:82:53:
                    4c:ef:74:8c:4d:0e:94:5e:48:80:ae:17:6d:99:ae:
                    b7:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:BD:0D:84:89:DD:44:57:48:66:CA:5E:A4:45:3B:D8:AB:E2:0A:2A
            X509v3 Authority Key Identifier:
                keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/X70NhIndRFdIZspepEU72KviCio.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.147.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bb:5c:7f:07:db:1f:8d:89:ed:33:b8:70:b4:86:53:ab:3e:60:
         10:33:b9:ea:21:3c:5c:21:1a:2f:1a:aa:6c:da:9c:e9:03:66:
         e3:08:ad:e8:e6:a5:0f:77:ea:6c:36:f6:a1:77:71:01:3c:f3:
         7c:1b:86:02:e9:24:94:2d:3b:23:22:ad:ac:2d:70:84:20:5d:
         e7:d6:99:b1:bc:5f:20:cb:90:47:3d:b5:15:0b:2b:ea:ca:36:
         de:b9:f1:73:98:e3:8f:ff:6e:a6:42:b3:73:0b:87:7e:1f:ab:
         5f:ef:b4:3b:bf:fa:cd:0f:bf:f6:d1:32:68:ab:91:fe:c0:7e:
         8e:b6:5e:4c:4a:42:fb:84:01:8f:12:1b:26:de:ba:db:4f:57:
         ae:75:61:5a:26:f2:08:f4:8d:3e:02:7d:14:c8:43:e7:5f:69:
         27:21:20:75:1b:3e:59:0b:2e:c6:9e:37:cb:08:8f:75:61:4b:
         39:f0:d1:fd:de:82:e2:eb:36:59:7b:a6:57:5f:9c:a8:11:c7:
         31:81:6d:2e:6e:00:8d:91:ff:fc:a4:d7:00:60:3c:d7:0b:79:
         b3:d0:a8:ab:d2:44:70:eb:b9:6a:02:e9:3b:e1:fd:62:7a:19:
         d7:3d:a5:c5:b9:58:49:61:5b:68:38:67:52:63:4f:76:05:b9:
         6a:7f:37:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkuHB5Idxagb4J6p4s0OwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjQwMTAxMTAzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmJkMGQ4NDg5ZGQ0NDU3NDg2NmNhNWVhNDQ1M2JkOGFiZTIwYTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1E/jH4kPTldewZuk4JlZOL11tFq
gFAGXtAKC9o0MMvA9u0MqQLvhTmlEOQBX2cfPdNQuZVivxpLxeXeE8+vA7IE8MbG
bqbFMEXYDcJ1ahOEqigzaetrGUj6C3y8eNVl9rTcXdo2hZ20kpXdAtCGzNRZmrPC
MMyWVJBKViGap5+5Dd4JqB9LRh8hvB0IH1hFlFPkOoz+V1a9pOdbuuQS4QlpTZiB
4h0/gw2KZJJ8PFs6x1Smt0IY6wDpGK/X7nXAaQAGQd6CpZ5DPHIOUCAfBBs06Vey
c5L8FbprfjBAz9utwlxrvb+ayTij9dGxglNM73SMTQ6UXkiArhdtma63nQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF+9DYSJ3URXSGbKXqRFO9ir4goqMB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvWDcwTmhJbmRSRmRJWnNwZXBFVTcyS3ZpQ2lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZM+MA0G
CSqGSIb3DQEBCwUAA4IBAQC7XH8H2x+Nie0zuHC0hlOrPmAQM7nqITxcIRovGqps
2pzpA2bjCK3o5qUPd+psNvahd3EBPPN8G4YC6SSULTsjIq2sLXCEIF3n1pmxvF8g
y5BHPbUVCyvqyjbeufFzmOOP/26mQrNzC4d+H6tf77Q7v/rND7/20TJoq5H+wH6O
tl5MSkL7hAGPEhsm3rrbT1eudWFaJvII9I0+An0UyEPnX2knISB1Gz5ZCy7GnjfL
CI91YUs58NH93oLi6zZZe6ZXX5yoEccxgW0ubgCNkf/8pNcAYDzXC3mz0Kir0kRw
67lqAuk74f1iehnXPaXFuVhJYVtoOGdSY092BblqfzeX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:08 2024 by rpki-client on console-ams.rpki-client.org