Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1ALTs7y4w7l9zrPbSe1IpdI9FCU.roa
File:                     1ALTs7y4w7l9zrPbSe1IpdI9FCU.roa (raw, json)
Hash identifier:          2Ft61loru8VGyJtyJnD/0hHyFfVT1TioIjtJ7NyZahc=
Subject key identifier:   D4:02:D3:B3:BC:B8:C3:B9:7D:CE:B3:DB:49:ED:48:A5:D2:3D:14:25
Certificate issuer:       /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial:       0187A2AD4F53C16C79D5505D796F42A7D6B6
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1ALTs7y4w7l9zrPbSe1IpdI9FCU.roa
Signing time:             Fri 21 Apr 2023 07:17:59 +0000
ROA not before:           Fri 21 Apr 2023 07:17:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        45.149.92.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 24 Apr 2023 20:57:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:a2:ad:4f:53:c1:6c:79:d5:50:5d:79:6f:42:a7:d6:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
        Validity
            Not Before: Apr 21 07:17:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d402d3b3bcb8c3b97dceb3db49ed48a5d23d1425
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:12:a1:ad:a1:e6:ef:73:be:dc:4d:f5:57:45:
                    9b:f6:84:ea:43:66:0a:10:72:1b:76:12:37:42:98:
                    9f:21:ef:ff:20:8f:d4:7c:b7:5d:f6:7d:85:77:49:
                    4e:6d:3d:49:ac:95:99:44:21:50:23:69:4d:43:ea:
                    7e:66:13:58:07:13:5c:dd:87:c9:7e:87:97:de:af:
                    b1:5d:35:3f:c0:07:20:76:e0:81:77:ba:fd:dd:ac:
                    e1:01:d2:2c:84:a2:65:6d:2f:2b:0a:7d:ba:12:f9:
                    ff:83:54:62:c7:86:95:b0:7b:7d:44:8f:a9:54:f8:
                    7c:fb:c0:01:22:fe:84:7e:50:2f:78:b3:58:8f:8e:
                    19:6c:57:f8:cf:af:d2:90:c9:9e:c9:fe:1c:78:83:
                    b3:4e:f2:c2:c4:ef:7b:b9:29:74:59:e1:88:1f:6d:
                    48:9b:68:5f:00:09:43:8f:2c:f4:b7:e7:b9:3e:7f:
                    a9:91:13:bd:bf:22:59:71:6b:04:db:e1:23:ee:ab:
                    a5:63:2b:55:18:4b:3f:7f:ba:63:2d:88:7b:c1:dd:
                    2b:88:ec:da:48:79:da:ea:8e:0a:0f:01:20:cb:69:
                    09:19:a3:d7:0c:cb:d6:91:df:f3:59:11:a3:e4:38:
                    5d:70:90:4f:ea:a3:e4:af:8a:ff:5a:8f:a4:57:01:
                    e1:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:02:D3:B3:BC:B8:C3:B9:7D:CE:B3:DB:49:ED:48:A5:D2:3D:14:25
            X509v3 Authority Key Identifier:
                keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1ALTs7y4w7l9zrPbSe1IpdI9FCU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.149.92.0/23

    Signature Algorithm: sha256WithRSAEncryption
         20:96:16:00:35:8c:ce:a2:26:16:c3:66:30:2b:e1:a2:a6:a3:
         70:af:02:f1:cb:f4:bd:4f:fb:e9:65:11:13:5b:9a:e3:89:f2:
         a1:c5:b4:de:3e:76:1f:14:d2:d1:e5:64:5c:87:58:20:2b:18:
         76:c2:d4:ea:f3:16:12:16:1d:1d:5a:b0:c1:01:60:8b:8c:6e:
         47:01:dc:61:64:fa:f1:db:6d:bb:5e:56:f3:47:81:09:92:b0:
         33:fb:bb:6d:1e:de:1a:9f:7e:bc:b8:1e:bc:71:19:e9:05:3e:
         83:0b:99:a7:d3:86:11:de:8b:5e:d0:a3:38:67:1e:f8:70:23:
         45:1a:81:10:1e:1c:2d:22:48:d4:f6:9a:d0:a2:2b:6f:4e:c7:
         92:9c:10:e1:fa:95:c0:08:d3:e5:0c:f0:70:93:66:78:e7:ad:
         62:2d:1e:b2:07:9b:ab:dd:12:06:6d:2a:67:94:08:d1:91:02:
         25:23:97:40:49:42:11:a4:68:43:3d:22:f2:37:7a:2f:4b:01:
         c0:c9:d3:27:a0:9e:e3:2a:e4:29:6c:2b:30:de:ba:f3:9f:70:
         79:0c:b6:30:7e:4b:f3:0c:35:41:e3:d7:76:a1:0f:11:23:d1:
         06:bb:d3:1d:ad:c9:13:86:ad:da:38:76:b4:75:ee:d1:37:0e:
         ff:88:bf:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeirU9TwWx51VBdeW9Cp9a2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjMwNDIxMDcxNzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDAyZDNiM2JjYjhjM2I5N2RjZWIzZGI0OWVkNDhhNWQyM2QxNDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBKhraHm73O+3E31V0Wb9oTqQ2YK
EHIbdhI3QpifIe//II/UfLdd9n2Fd0lObT1JrJWZRCFQI2lNQ+p+ZhNYBxNc3YfJ
foeX3q+xXTU/wAcgduCBd7r93azhAdIshKJlbS8rCn26Evn/g1Rix4aVsHt9RI+p
VPh8+8ABIv6EflAveLNYj44ZbFf4z6/SkMmeyf4ceIOzTvLCxO97uSl0WeGIH21I
m2hfAAlDjyz0t+e5Pn+pkRO9vyJZcWsE2+Ej7qulYytVGEs/f7pjLYh7wd0riOza
SHna6o4KDwEgy2kJGaPXDMvWkd/zWRGj5DhdcJBP6qPkr4r/Wo+kVwHhlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNQC07O8uMO5fc6z20ntSKXSPRQlMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvMUFMVHM3eTR3N2w5enJQYlNlMUlwZEk5RkNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZVcMA0G
CSqGSIb3DQEBCwUAA4IBAQAglhYANYzOoiYWw2YwK+GipqNwrwLxy/S9T/vpZRET
W5rjifKhxbTePnYfFNLR5WRch1ggKxh2wtTq8xYSFh0dWrDBAWCLjG5HAdxhZPrx
2227XlbzR4EJkrAz+7ttHt4an368uB68cRnpBT6DC5mn04YR3ote0KM4Zx74cCNF
GoEQHhwtIkjU9prQoitvTseSnBDh+pXACNPlDPBwk2Z4561iLR6yB5ur3RIGbSpn
lAjRkQIlI5dASUIRpGhDPSLyN3ovSwHAydMnoJ7jKuQpbCsw3rrzn3B5DLYwfkvz
DDVB49d2oQ8RI9EGu9MdrckThq3aOHa0de7RNw7/iL/6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:52 2024 by rpki-client on console-fra.rpki-client.org