Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/ae1953-bfc4-42b5-950b-9c98d11197b7/1/6lEVflU-m8TNSkciuWsNIqG_x-0.roa
File:                     6lEVflU-m8TNSkciuWsNIqG_x-0.roa (raw, json)
Hash identifier:          56sa5qSrQnd9XrPL0eJ6wsC0TXVWtFzpHFzwODe2NJ8=
Subject key identifier:   EA:51:15:7E:55:3E:9B:C4:CD:4A:47:22:B9:6B:0D:22:A1:BF:C7:ED
Certificate issuer:       /CN=4142d3f9b31126e0850265715c9fc32174b557a4
Certificate serial:       018572C387451CD024A254C640808B8CE6E6
Authority key identifier: 41:42:D3:F9:B3:11:26:E0:85:02:65:71:5C:9F:C3:21:74:B5:57:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QULT-bMRJuCFAmVxXJ_DIXS1V6Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/ae1953-bfc4-42b5-950b-9c98d11197b7/1/6lEVflU-m8TNSkciuWsNIqG_x-0.roa
Signing time:             Mon 02 Jan 2023 13:54:54 +0000
ROA not before:           Mon 02 Jan 2023 13:54:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208095
IP address blocks:        45.159.28.0/24 maxlen: 24
                          45.159.29.0/24 maxlen: 24
                          2a0f:67c0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:c3:87:45:1c:d0:24:a2:54:c6:40:80:8b:8c:e6:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4142d3f9b31126e0850265715c9fc32174b557a4
        Validity
            Not Before: Jan  2 13:54:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ea51157e553e9bc4cd4a4722b96b0d22a1bfc7ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:5c:09:0c:27:0b:2c:89:fc:23:80:e5:2d:fc:
                    6a:01:2a:f8:95:21:46:d3:03:ae:74:4e:de:ec:e8:
                    14:9d:c9:d5:72:33:51:4d:9a:0b:92:d2:f3:2d:a2:
                    7d:bc:82:f7:9b:c4:dd:f4:66:63:19:2a:da:e7:f3:
                    e5:ca:16:86:68:31:a8:4b:3a:cf:c4:8e:61:b8:a0:
                    a3:25:9e:62:07:77:eb:8a:2b:c0:cb:eb:4c:e1:03:
                    01:31:ba:7f:21:3f:28:b4:19:76:df:72:64:2c:6e:
                    92:db:ef:8c:30:ac:09:ac:73:35:a7:23:79:b8:3b:
                    60:29:f5:e9:26:75:3f:fe:12:47:36:32:05:9a:68:
                    e9:9f:b2:d5:c4:86:44:33:d1:fe:fe:68:36:99:ed:
                    f8:87:a3:27:c1:f5:b7:3c:6a:9d:f9:6d:de:ba:be:
                    15:d4:c2:3d:2c:01:43:7c:af:69:70:77:2c:db:e4:
                    43:67:48:d8:54:27:c4:55:0f:fb:a0:3d:03:98:14:
                    2e:13:9f:be:a9:fa:1d:f9:06:74:a1:b5:86:dd:15:
                    28:48:2b:3a:5f:ab:8d:79:15:48:b4:2a:f8:c4:34:
                    bc:10:47:de:3a:ed:fd:52:5f:fe:f0:6a:e0:ac:de:
                    e4:ef:56:c7:5f:13:5d:09:4e:1f:ba:af:59:c0:8e:
                    d8:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:51:15:7E:55:3E:9B:C4:CD:4A:47:22:B9:6B:0D:22:A1:BF:C7:ED
            X509v3 Authority Key Identifier:
                keyid:41:42:D3:F9:B3:11:26:E0:85:02:65:71:5C:9F:C3:21:74:B5:57:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QULT-bMRJuCFAmVxXJ_DIXS1V6Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/ae1953-bfc4-42b5-950b-9c98d11197b7/1/6lEVflU-m8TNSkciuWsNIqG_x-0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/ae1953-bfc4-42b5-950b-9c98d11197b7/1/QULT-bMRJuCFAmVxXJ_DIXS1V6Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.159.28.0/23
                IPv6:
                  2a0f:67c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         8b:c2:10:bf:ab:0b:34:97:b2:02:01:8c:1a:2b:3a:f0:f5:36:
         3c:bf:07:65:ca:7c:c0:fd:ad:2d:77:3d:2c:be:95:98:dc:8d:
         35:05:cf:94:fe:48:ac:a5:1b:28:d6:58:5c:65:18:0c:da:21:
         6f:fc:17:c1:fb:be:f6:b9:ef:05:66:56:ed:e8:b7:cd:a6:13:
         c7:c2:fd:ab:88:b8:62:e5:19:c8:d2:29:69:b1:13:1e:ca:3c:
         12:a6:dd:ef:81:1f:05:d6:be:d6:db:0c:6b:c2:36:b8:96:bd:
         5d:88:a6:13:c4:7e:b7:36:3d:ee:84:dc:af:3c:1d:6e:56:b1:
         75:ff:fe:f6:f3:5e:4e:fb:e3:bd:b3:82:26:2f:61:55:f5:9f:
         05:ba:13:e8:0d:0f:2a:92:6e:a8:76:2c:e9:69:64:ca:97:3a:
         0d:cf:44:c2:ff:65:cd:43:15:83:6a:fe:43:37:ac:a9:76:5f:
         d7:e4:5a:a5:cb:52:25:5d:95:68:29:09:f4:4f:d1:f8:f1:eb:
         35:41:7a:00:99:69:fd:44:9c:47:bc:3f:22:47:67:36:c0:ed:
         e9:3d:06:1c:81:4c:03:fa:cd:55:ea:fb:1c:f7:9d:d3:6d:9b:
         42:0e:7b:9c:38:ab:27:a2:61:3d:95:56:5a:e2:3b:85:67:04:
         14:04:15:33
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyw4dFHNAkolTGQICLjObmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNDJkM2Y5YjMxMTI2ZTA4NTAyNjU3MTVjOWZjMzIxNzRi
NTU3YTQwHhcNMjMwMTAyMTM1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTUxMTU3ZTU1M2U5YmM0Y2Q0YTQ3MjJiOTZiMGQyMmExYmZjN2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFwJDCcLLIn8I4DlLfxqASr4lSFG
0wOudE7e7OgUncnVcjNRTZoLktLzLaJ9vIL3m8Td9GZjGSra5/PlyhaGaDGoSzrP
xI5huKCjJZ5iB3friivAy+tM4QMBMbp/IT8otBl233JkLG6S2++MMKwJrHM1pyN5
uDtgKfXpJnU//hJHNjIFmmjpn7LVxIZEM9H+/mg2me34h6MnwfW3PGqd+W3eur4V
1MI9LAFDfK9pcHcs2+RDZ0jYVCfEVQ/7oD0DmBQuE5++qfod+QZ0obWG3RUoSCs6
X6uNeRVItCr4xDS8EEfeOu39Ul/+8GrgrN7k71bHXxNdCU4fuq9ZwI7YMQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOpRFX5VPpvEzUpHIrlrDSKhv8ftMB8GA1UdIwQY
MBaAFEFC0/mzESbghQJlcVyfwyF0tVekMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVVMVC1iTVJKdUNGQW1WeFhKX0RJWFMxVjZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9hZTE5NTMtYmZjNC00MmI1LTk1MGIt
OWM5OGQxMTE5N2I3LzEvNmxFVmZsVS1tOFROU2tjaXVXc05JcUdfeC0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9hZTE5NTMtYmZjNC00MmI1LTk1MGItOWM5OGQxMTE5N2I3
LzEvUVVMVC1iTVJKdUNGQW1WeFhKX0RJWFMxVjZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBLZ8cMA8E
AgACMAkDBwAqD2fAAAAwDQYJKoZIhvcNAQELBQADggEBAIvCEL+rCzSXsgIBjBor
OvD1Njy/B2XKfMD9rS13PSy+lZjcjTUFz5T+SKylGyjWWFxlGAzaIW/8F8H7vva5
7wVmVu3ot82mE8fC/auIuGLlGcjSKWmxEx7KPBKm3e+BHwXWvtbbDGvCNriWvV2I
phPEfrc2Pe6E3K88HW5WsXX//vbzXk77472zgiYvYVX1nwW6E+gNDyqSbqh2LOlp
ZMqXOg3PRML/Zc1DFYNq/kM3rKl2X9fkWqXLUiVdlWgpCfRP0fjx6zVBegCZaf1E
nEe8PyJHZzbA7ek9BhyBTAP6zVXq+xz3ndNtm0IOe5w4qyeiYT2VVlriO4VnBBQE
FTM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:24 2024 by rpki-client on console-ams.rpki-client.org