Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/EDh1dmBmzeztIuOt6cu0EHrlLg8.roa
File:                     EDh1dmBmzeztIuOt6cu0EHrlLg8.roa (raw, json)
Hash identifier:          I1FUcYFHJH+lKfmDAXDISVdo6YcXYKfxlEgllvhJxbU=
Subject key identifier:   10:38:75:76:60:66:CD:EC:ED:22:E3:AD:E9:CB:B4:10:7A:E5:2E:0F
Certificate issuer:       /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial:       018AC823478F18244B5D4EFDA0671B63E2D6
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/EDh1dmBmzeztIuOt6cu0EHrlLg8.roa
Signing time:             Sun 24 Sep 2023 17:01:09 +0000
ROA not before:           Sun 24 Sep 2023 17:01:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211407
IP address blocks:        45.149.93.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:c8:23:47:8f:18:24:4b:5d:4e:fd:a0:67:1b:63:e2:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
        Validity
            Not Before: Sep 24 17:01:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=103875766066cdeced22e3ade9cbb4107ae52e0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:c3:7d:ea:f7:49:72:5f:07:87:ed:dd:31:d5:
                    92:6a:70:7e:58:84:3f:04:6c:ec:23:70:23:98:86:
                    94:06:e9:95:21:59:c1:ab:92:f1:7e:16:2b:40:b4:
                    6a:94:2a:11:2a:54:6a:de:35:30:f0:93:9c:1f:1e:
                    5b:6a:6c:89:4f:98:b2:49:9b:7d:b2:d1:e5:68:a9:
                    0f:e1:37:d3:a4:29:8f:3f:de:b5:e6:da:74:9c:41:
                    fb:83:1e:91:d3:02:67:92:86:51:48:42:d7:27:20:
                    8b:da:4b:28:4e:3c:74:3c:17:23:ca:ac:7f:60:a4:
                    e3:9f:2e:92:68:8b:12:2b:7d:ab:d9:a6:36:2c:80:
                    2a:d4:aa:c1:8c:e2:63:cb:12:df:2a:c2:66:15:f4:
                    c1:c9:99:29:ad:00:c1:b9:74:59:36:38:18:3b:89:
                    0d:6e:86:ac:06:d3:09:ae:71:b7:7f:ad:96:af:d3:
                    a6:99:53:75:02:6e:9c:17:9e:be:1d:96:9f:26:12:
                    00:39:0e:ca:c0:b1:5c:2d:03:b5:c3:c0:ca:16:b6:
                    bc:11:82:33:03:5a:ea:ad:b7:93:7f:35:cc:34:cf:
                    1b:ed:c7:b2:a5:e0:b6:48:4d:9b:57:7e:1e:bb:53:
                    d2:aa:ec:65:bc:6a:f1:b0:cf:da:7b:7b:a7:d9:8d:
                    29:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:38:75:76:60:66:CD:EC:ED:22:E3:AD:E9:CB:B4:10:7A:E5:2E:0F
            X509v3 Authority Key Identifier:
                keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/EDh1dmBmzeztIuOt6cu0EHrlLg8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.149.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:7d:a6:64:48:20:60:85:77:b6:98:01:27:05:54:52:cb:05:
         4b:9d:07:8d:01:4c:fa:d6:c0:59:92:c0:40:ff:73:6f:d7:e4:
         3d:ba:df:4e:c0:c5:05:ab:b7:ff:4d:20:22:05:6c:b6:48:39:
         3e:e7:05:91:7f:88:55:67:a7:8e:9e:38:b0:fb:18:cc:bc:d4:
         f9:d1:61:81:5f:1a:58:14:99:7b:17:8f:4a:d4:94:4f:f2:fe:
         14:1a:9d:2b:2e:e7:8a:5f:a6:89:04:53:c7:86:d8:86:0e:1a:
         0e:be:0f:f3:95:89:51:e8:ed:e8:16:d9:6d:97:b9:11:69:d6:
         7e:b6:8a:18:38:3d:77:8e:08:84:47:3f:f7:d0:76:51:0d:7c:
         d6:eb:f9:b0:f9:79:02:8a:2c:f3:1f:b1:fe:8c:1d:61:df:16:
         ec:03:74:08:f4:55:98:6e:1d:87:3d:65:1e:c3:52:2c:24:1a:
         bd:86:91:8a:7b:8a:d0:93:3f:52:b2:d5:d1:3d:2f:9d:ab:84:
         2a:08:be:87:35:44:b9:c9:8b:8a:a2:f0:69:51:82:2a:ed:47:
         1e:77:a8:34:3e:2f:a0:ac:a1:a6:50:49:01:0d:c6:01:e9:af:
         31:1a:dc:0c:05:f7:09:0b:43:07:bf:2a:ab:97:cf:47:0c:7f:
         23:d6:f5:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrII0ePGCRLXU79oGcbY+LWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjMwOTI0MTcwMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDM4NzU3NjYwNjZjZGVjZWQyMmUzYWRlOWNiYjQxMDdhZTUyZTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksN96vdJcl8Hh+3dMdWSanB+WIQ/
BGzsI3AjmIaUBumVIVnBq5LxfhYrQLRqlCoRKlRq3jUw8JOcHx5bamyJT5iySZt9
stHlaKkP4TfTpCmPP9615tp0nEH7gx6R0wJnkoZRSELXJyCL2ksoTjx0PBcjyqx/
YKTjny6SaIsSK32r2aY2LIAq1KrBjOJjyxLfKsJmFfTByZkprQDBuXRZNjgYO4kN
boasBtMJrnG3f62Wr9OmmVN1Am6cF56+HZafJhIAOQ7KwLFcLQO1w8DKFra8EYIz
A1rqrbeTfzXMNM8b7ceypeC2SE2bV34eu1PSquxlvGrxsM/ae3un2Y0plQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBA4dXZgZs3s7SLjrenLtBB65S4PMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvRURoMWRtQm16ZXp0SXVPdDZjdTBFSHJsTGc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZVdMA0G
CSqGSIb3DQEBCwUAA4IBAQBRfaZkSCBghXe2mAEnBVRSywVLnQeNAUz61sBZksBA
/3Nv1+Q9ut9OwMUFq7f/TSAiBWy2SDk+5wWRf4hVZ6eOnjiw+xjMvNT50WGBXxpY
FJl7F49K1JRP8v4UGp0rLueKX6aJBFPHhtiGDhoOvg/zlYlR6O3oFtltl7kRadZ+
tooYOD13jgiERz/30HZRDXzW6/mw+XkCiizzH7H+jB1h3xbsA3QI9FWYbh2HPWUe
w1IsJBq9hpGKe4rQkz9SstXRPS+dq4QqCL6HNUS5yYuKovBpUYIq7Uced6g0Pi+g
rKGmUEkBDcYB6a8xGtwMBfcJC0MHvyqrl89HDH8j1vXv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:52 2024 by rpki-client on console-fra.rpki-client.org