Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/BHcQPRDtDOZrvsq7DFvyb3hO0Tw.roa
File:                     BHcQPRDtDOZrvsq7DFvyb3hO0Tw.roa (raw, json)
Hash identifier:          QLdU0PdVKZmAUSU7q1Gq+VdjQB9/xeEaf7vshR2J+Zc=
Subject key identifier:   04:77:10:3D:10:ED:0C:E6:6B:BE:CA:BB:0C:5B:F2:6F:78:4E:D1:3C
Certificate issuer:       /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial:       018CC56E0F9D92C8B28ED34BE799229794D3
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/BHcQPRDtDOZrvsq7DFvyb3hO0Tw.roa
Signing time:             Mon 01 Jan 2024 14:29:33 +0000
ROA not before:           Mon 01 Jan 2024 14:29:33 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     203020
IP address blocks:        45.149.94.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 10 Apr 2024 18:58:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:0f:9d:92:c8:b2:8e:d3:4b:e7:99:22:97:94:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
        Validity
            Not Before: Jan  1 14:29:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0477103d10ed0ce66bbecabb0c5bf26f784ed13c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:a0:58:5a:a7:c3:51:6d:c9:03:23:05:27:ce:
                    38:62:b7:d7:26:5e:2b:db:cf:ab:f4:7b:61:dd:56:
                    03:62:f1:19:54:08:80:f6:b1:1f:ef:5a:1c:ac:93:
                    3e:a3:5a:ba:12:4f:9e:51:12:f4:5f:f4:24:34:39:
                    f6:5d:bf:31:ea:d3:93:fe:d1:26:1d:a1:4a:86:28:
                    ac:f0:66:c0:48:68:ce:02:00:83:c4:e0:d1:8d:27:
                    05:91:87:88:88:0b:70:e0:83:d9:8d:25:2f:cc:ad:
                    20:6c:c0:b2:99:fa:b7:73:fb:b2:e1:1a:2d:6c:c6:
                    38:4a:25:05:40:a3:a0:ed:4b:54:33:0e:6f:f1:3b:
                    15:5f:bc:89:77:8c:1c:fb:96:66:13:a8:e6:92:66:
                    6d:61:13:28:9d:14:c0:b1:02:2d:58:ec:04:16:fd:
                    fc:d3:d6:32:73:b2:2a:3d:83:92:ca:dd:5a:27:06:
                    5a:de:99:4c:db:ec:c4:a8:90:ad:05:ee:b0:d4:81:
                    0e:9a:37:be:01:97:70:b3:e8:d9:6a:c0:7d:cd:45:
                    19:ff:a9:e1:11:72:20:a2:e4:d2:e2:c9:4a:9e:a3:
                    55:1f:51:42:fe:86:ef:63:8d:c8:31:8c:0d:0d:79:
                    db:e7:5c:1f:67:d4:48:f0:e8:ba:12:1e:65:e4:42:
                    02:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:77:10:3D:10:ED:0C:E6:6B:BE:CA:BB:0C:5B:F2:6F:78:4E:D1:3C
            X509v3 Authority Key Identifier:
                keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/BHcQPRDtDOZrvsq7DFvyb3hO0Tw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.149.94.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:90:53:b8:2f:07:1c:e3:0e:c1:18:75:32:b2:97:b3:fc:18:
         a6:02:3c:00:6c:2b:1a:86:be:d9:37:c0:00:20:29:c5:2c:7a:
         be:2c:61:27:3d:a5:d0:55:c0:00:5c:03:87:48:56:30:ce:00:
         4c:50:af:1a:9d:9f:c7:7b:8b:5f:55:ab:41:c3:ec:48:96:7b:
         46:c7:3a:25:48:e0:cc:46:2b:a9:55:b5:ea:b4:b6:a3:04:10:
         59:27:4e:4d:45:17:92:c4:5e:65:3b:ea:c7:8a:7b:e2:9f:7a:
         1a:33:be:99:72:b0:4a:30:ab:b5:a0:4e:6b:fa:49:cd:db:11:
         92:80:7b:c7:c0:e3:85:2a:ef:7c:1c:c8:b5:c8:37:ae:b1:98:
         4e:32:00:50:9b:d2:13:67:6e:2d:fc:dc:c8:47:fd:cb:ec:37:
         dd:a1:75:64:4c:6b:2d:37:fb:49:e3:29:f1:88:54:f4:bb:5c:
         9d:d3:e0:3b:62:3b:14:73:32:9b:5b:10:9f:14:19:1a:dc:bd:
         5b:0b:bb:ba:0f:a5:78:82:84:1f:76:7b:27:a1:ee:d0:b4:ce:
         75:ac:05:aa:20:a1:11:ca:80:00:61:43:c5:ba:e1:29:28:d9:
         02:d4:c8:6c:2a:4e:85:d0:54:0f:8d:a3:ba:b6:ab:02:ac:27:
         ae:d9:05:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbg+dksiyjtNL55kil5TTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjQwMTAxMTQyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDc3MTAzZDEwZWQwY2U2NmJiZWNhYmIwYzViZjI2Zjc4NGVkMTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqBYWqfDUW3JAyMFJ844YrfXJl4r
28+r9Hth3VYDYvEZVAiA9rEf71ocrJM+o1q6Ek+eURL0X/QkNDn2Xb8x6tOT/tEm
HaFKhiis8GbASGjOAgCDxODRjScFkYeIiAtw4IPZjSUvzK0gbMCymfq3c/uy4Rot
bMY4SiUFQKOg7UtUMw5v8TsVX7yJd4wc+5ZmE6jmkmZtYRMonRTAsQItWOwEFv38
09Yyc7IqPYOSyt1aJwZa3plM2+zEqJCtBe6w1IEOmje+AZdws+jZasB9zUUZ/6nh
EXIgouTS4slKnqNVH1FC/obvY43IMYwNDXnb51wfZ9RI8Oi6Eh5l5EICjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAR3ED0Q7Qzma77Kuwxb8m94TtE8MB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvQkhjUVBSRHRET1pydnNxN0RGdnliM2hPMFR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZVeMA0G
CSqGSIb3DQEBCwUAA4IBAQCTkFO4Lwcc4w7BGHUyspez/BimAjwAbCsahr7ZN8AA
ICnFLHq+LGEnPaXQVcAAXAOHSFYwzgBMUK8anZ/He4tfVatBw+xIlntGxzolSODM
RiupVbXqtLajBBBZJ05NRReSxF5lO+rHinvin3oaM76ZcrBKMKu1oE5r+knN2xGS
gHvHwOOFKu98HMi1yDeusZhOMgBQm9ITZ24t/NzIR/3L7DfdoXVkTGstN/tJ4ynx
iFT0u1yd0+A7YjsUczKbWxCfFBka3L1bC7u6D6V4goQfdnsnoe7QtM51rAWqIKER
yoAAYUPFuuEpKNkC1MhsKk6F0FQPjaO6tqsCrCeu2QXV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:31 2024 by rpki-client on console-ams.rpki-client.org