Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/ayI4cM53hlKnOCRrvBv-Jz532Nc.roa
File:                     ayI4cM53hlKnOCRrvBv-Jz532Nc.roa (raw, json)
Hash identifier:          7fwMQ4cyjaEzR13OVGKIvvA4B+blD5LYMVc4av5gWX4=
Subject key identifier:   6B:22:38:70:CE:77:86:52:A7:38:24:6B:BC:1B:FE:27:3E:77:D8:D7
Certificate issuer:       /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial:       0185E9B3CE1E390F760A8F5759FC3CEA2FB7
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/ayI4cM53hlKnOCRrvBv-Jz532Nc.roa
Signing time:             Wed 25 Jan 2023 16:12:33 +0000
ROA not before:           Wed 25 Jan 2023 16:12:33 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        45.149.94.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 21 Feb 2023 16:53:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e9:b3:ce:1e:39:0f:76:0a:8f:57:59:fc:3c:ea:2f:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
        Validity
            Not Before: Jan 25 16:12:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6b223870ce778652a738246bbc1bfe273e77d8d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:a1:d5:cc:ea:3c:ec:76:34:0d:59:17:b2:b6:
                    32:9c:d2:b3:2b:1d:dd:32:bf:20:81:49:3a:c1:b6:
                    b7:c5:59:8e:39:ae:e4:5e:d3:b8:f3:61:5f:c7:e6:
                    69:17:9f:47:f5:a1:02:94:df:4d:61:5d:37:2c:7c:
                    f9:f5:61:d6:d1:13:f5:b7:bf:dd:83:6b:cf:08:95:
                    22:d7:41:6f:4a:4d:77:41:96:46:5f:24:23:cc:ec:
                    0c:d2:4f:4e:f9:5c:01:57:ac:1e:09:21:db:c3:16:
                    55:5f:74:2f:af:c3:fa:a8:b5:51:3d:66:19:e3:e5:
                    1a:b0:05:ce:78:54:a9:5a:b1:36:d1:ce:30:e9:37:
                    0b:22:19:13:57:87:a2:2b:29:1f:b8:85:f0:4c:53:
                    db:09:9c:d9:8f:26:02:67:12:26:bc:ed:09:3d:68:
                    a7:57:78:5a:0d:c3:67:5b:ae:5e:f3:8a:ef:be:1a:
                    a3:b3:27:42:cc:df:c5:1e:a9:b6:f2:92:59:71:be:
                    4e:35:24:17:c2:a7:fe:bd:26:fe:76:f6:8a:97:e4:
                    f6:bc:bc:08:c3:0f:6b:4d:04:13:db:0d:00:62:39:
                    0b:8c:4e:f8:cd:10:0f:6e:b2:7d:d8:1b:db:7c:37:
                    15:89:36:42:2c:cc:dc:7b:4b:be:8e:f5:47:e8:1a:
                    85:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:22:38:70:CE:77:86:52:A7:38:24:6B:BC:1B:FE:27:3E:77:D8:D7
            X509v3 Authority Key Identifier:
                keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/ayI4cM53hlKnOCRrvBv-Jz532Nc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.149.94.0/23

    Signature Algorithm: sha256WithRSAEncryption
         49:45:cf:a4:46:16:4d:ab:2f:62:de:59:ae:8e:98:bc:0f:e9:
         0e:29:32:76:4f:7d:ef:16:2f:d0:6a:44:c8:03:bd:58:ae:73:
         6c:56:e7:d7:5c:65:e9:24:2d:1d:4d:a8:cb:06:a2:1f:a3:9b:
         f2:17:16:02:1f:3e:5a:ac:9c:ab:c8:37:d8:a6:d2:ab:7f:7c:
         e7:35:9b:e6:89:04:dd:1e:20:92:83:66:3c:b3:54:4c:52:d3:
         da:a6:12:90:9e:64:b2:77:69:b1:91:1a:43:d8:9a:9c:51:f8:
         39:6b:01:ea:da:c9:90:09:1f:e6:65:77:78:99:6e:dc:0f:64:
         34:c9:35:be:0b:f1:69:89:8b:85:10:f5:69:8f:d3:20:61:cc:
         ce:d7:1d:8c:4b:51:3f:0a:4a:bd:b9:63:0f:73:a4:26:6e:e8:
         18:d1:72:41:1d:59:a2:35:a8:99:f2:4b:39:7c:00:09:2a:21:
         60:e3:3e:79:34:f1:f7:c0:bb:a5:e8:b0:d7:39:2e:fc:bf:ad:
         cb:98:da:37:16:fe:0d:15:20:28:bc:b0:2f:5a:85:1e:53:cd:
         45:1a:a8:41:6f:d4:9d:3b:26:65:13:e9:36:78:ab:1f:2c:e5:
         7c:f1:aa:d1:d0:95:fa:dd:30:92:53:3b:fa:68:c0:ec:e6:84:
         3a:75:a7:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXps84eOQ92Co9XWfw86i+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjMwMTI1MTYxMjMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjIyMzg3MGNlNzc4NjUyYTczODI0NmJiYzFiZmUyNzNlNzdkOGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KHVzOo87HY0DVkXsrYynNKzKx3d
Mr8ggUk6wba3xVmOOa7kXtO482Ffx+ZpF59H9aEClN9NYV03LHz59WHW0RP1t7/d
g2vPCJUi10FvSk13QZZGXyQjzOwM0k9O+VwBV6weCSHbwxZVX3Qvr8P6qLVRPWYZ
4+UasAXOeFSpWrE20c4w6TcLIhkTV4eiKykfuIXwTFPbCZzZjyYCZxImvO0JPWin
V3haDcNnW65e84rvvhqjsydCzN/FHqm28pJZcb5ONSQXwqf+vSb+dvaKl+T2vLwI
ww9rTQQT2w0AYjkLjE74zRAPbrJ92BvbfDcViTZCLMzce0u+jvVH6BqFzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGsiOHDOd4ZSpzgka7wb/ic+d9jXMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvYXlJNGNNNTNobEtuT0NScnZCdi1KejUzMk5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZVeMA0G
CSqGSIb3DQEBCwUAA4IBAQBJRc+kRhZNqy9i3lmujpi8D+kOKTJ2T33vFi/QakTI
A71YrnNsVufXXGXpJC0dTajLBqIfo5vyFxYCHz5arJyryDfYptKrf3znNZvmiQTd
HiCSg2Y8s1RMUtPaphKQnmSyd2mxkRpD2JqcUfg5awHq2smQCR/mZXd4mW7cD2Q0
yTW+C/FpiYuFEPVpj9MgYczO1x2MS1E/Ckq9uWMPc6QmbugY0XJBHVmiNaiZ8ks5
fAAJKiFg4z55NPH3wLul6LDXOS78v63LmNo3Fv4NFSAovLAvWoUeU81FGqhBb9Sd
OyZlE+k2eKsfLOV88arR0JX63TCSUzv6aMDs5oQ6dacl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:31 2024 by rpki-client on console-ams.rpki-client.org