Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/3Xg1qdPE-p1ijAM534A8i__u6yU.roa
File:                     3Xg1qdPE-p1ijAM534A8i__u6yU.roa (raw, json)
Hash identifier:          jewGQkjUGgcq6BZf9sKmOw6TqlUtkOoscA2w7zCE/G0=
Subject key identifier:   DD:78:35:A9:D3:C4:FA:9D:62:8C:03:39:DF:80:3C:8B:FF:EE:EB:25
Certificate issuer:       /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial:       018B8FE5FC673D6A9AAE843AE0D8483BC2A3
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/3Xg1qdPE-p1ijAM534A8i__u6yU.roa
Signing time:             Thu 02 Nov 2023 11:58:16 +0000
ROA not before:           Thu 02 Nov 2023 11:58:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211936
IP address blocks:        45.66.93.0/24 maxlen: 24
                          45.66.92.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:8f:e5:fc:67:3d:6a:9a:ae:84:3a:e0:d8:48:3b:c2:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
        Validity
            Not Before: Nov  2 11:58:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dd7835a9d3c4fa9d628c0339df803c8bffeeeb25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:29:60:e3:70:7b:3e:b3:52:26:5e:1e:6c:3b:
                    46:d2:58:85:3a:69:56:36:61:99:0c:7e:73:3b:5b:
                    cd:8c:51:ba:c7:f3:2f:8c:30:d0:24:8c:af:64:c5:
                    76:da:45:0f:2a:fd:c3:8c:0b:81:0d:14:18:65:2c:
                    b0:63:11:c1:61:c1:5c:14:6f:62:97:8d:aa:40:57:
                    ac:f5:cb:42:27:28:2f:14:d3:cd:f5:a0:c7:33:20:
                    89:62:e6:99:e2:c7:db:fc:69:78:19:b1:63:e2:b0:
                    f0:c3:5f:14:88:1c:59:ab:94:25:87:d0:f8:78:15:
                    0d:82:1a:5e:cc:09:b2:1b:f9:11:8d:e5:06:c4:42:
                    b9:c1:9e:62:75:ca:6a:fe:a4:63:76:22:a7:1a:39:
                    c4:75:7b:03:22:a8:d5:af:4d:d2:bc:64:1d:73:9e:
                    52:eb:01:b6:62:bd:3e:17:0a:50:79:ac:e3:ac:ef:
                    2a:d2:65:14:1c:f8:85:ac:77:a2:da:56:de:dc:c3:
                    e1:00:15:4b:02:34:6a:b9:9a:06:30:e2:f8:fa:1d:
                    48:58:ed:8f:a0:ac:27:f0:62:a7:2c:20:b5:f7:21:
                    81:22:20:b1:ad:11:cc:4c:51:a4:a9:a3:4f:c9:82:
                    7e:02:a8:33:05:ed:fb:61:78:eb:25:df:99:4e:36:
                    f0:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:78:35:A9:D3:C4:FA:9D:62:8C:03:39:DF:80:3C:8B:FF:EE:EB:25
            X509v3 Authority Key Identifier:
                keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/3Xg1qdPE-p1ijAM534A8i__u6yU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.66.92.0/23

    Signature Algorithm: sha256WithRSAEncryption
         06:cd:75:10:b6:73:5d:0a:4f:1c:c8:c6:1e:db:59:16:52:ea:
         e8:94:a4:47:b0:13:5b:c2:4b:94:e3:61:b3:f2:bc:e1:be:06:
         83:01:1f:41:53:57:18:4b:0b:b6:bc:01:45:ef:19:9d:a7:4f:
         8d:45:e3:e0:81:de:d1:69:e4:99:a0:ea:1c:5b:4f:ae:7b:63:
         37:cf:d7:4f:0b:e7:69:50:6d:9d:19:97:41:ee:eb:8b:d6:e7:
         78:8a:17:b5:5d:fa:e6:ad:c8:ba:9f:93:7d:83:d1:73:ff:8f:
         c6:e7:34:b6:f3:be:73:37:64:8c:92:71:32:29:4f:31:71:14:
         c7:14:a8:3e:44:32:7d:b6:91:16:7c:eb:3b:9c:77:c0:5d:79:
         ea:3b:19:6b:fe:fc:e8:14:67:0a:93:b1:44:0d:72:a1:bd:cf:
         3f:7a:5a:29:6d:da:ce:51:a4:63:85:e4:73:f0:a5:51:85:fe:
         44:75:f6:9e:e7:c8:59:30:d1:f6:87:80:d5:22:ce:11:ad:1e:
         5a:d8:f4:0e:63:61:03:2e:2e:57:f5:9c:7e:c1:e0:d3:3d:54:
         cd:0e:83:89:da:5b:f0:28:c7:78:f6:b8:4e:8f:bc:f3:d0:50:
         2b:fa:d7:00:1a:2e:3b:f1:ed:c5:6c:8c:6e:71:84:44:37:8f:
         5d:53:83:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuP5fxnPWqaroQ64NhIO8KjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjMxMTAyMTE1ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDc4MzVhOWQzYzRmYTlkNjI4YzAzMzlkZjgwM2M4YmZmZWVlYjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmylg43B7PrNSJl4ebDtG0liFOmlW
NmGZDH5zO1vNjFG6x/MvjDDQJIyvZMV22kUPKv3DjAuBDRQYZSywYxHBYcFcFG9i
l42qQFes9ctCJygvFNPN9aDHMyCJYuaZ4sfb/Gl4GbFj4rDww18UiBxZq5Qlh9D4
eBUNghpezAmyG/kRjeUGxEK5wZ5idcpq/qRjdiKnGjnEdXsDIqjVr03SvGQdc55S
6wG2Yr0+FwpQeazjrO8q0mUUHPiFrHei2lbe3MPhABVLAjRquZoGMOL4+h1IWO2P
oKwn8GKnLCC19yGBIiCxrRHMTFGkqaNPyYJ+AqgzBe37YXjrJd+ZTjbwJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN14NanTxPqdYowDOd+APIv/7uslMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvM1hnMXFkUEUtcDFpakFNNTM0QThpX191NnlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLUJcMA0G
CSqGSIb3DQEBCwUAA4IBAQAGzXUQtnNdCk8cyMYe21kWUurolKRHsBNbwkuU42Gz
8rzhvgaDAR9BU1cYSwu2vAFF7xmdp0+NRePggd7RaeSZoOocW0+ue2M3z9dPC+dp
UG2dGZdB7uuL1ud4ihe1Xfrmrci6n5N9g9Fz/4/G5zS2875zN2SMknEyKU8xcRTH
FKg+RDJ9tpEWfOs7nHfAXXnqOxlr/vzoFGcKk7FEDXKhvc8/elopbdrOUaRjheRz
8KVRhf5Edfae58hZMNH2h4DVIs4RrR5a2PQOY2EDLi5X9Zx+weDTPVTNDoOJ2lvw
KMd49rhOj7zz0FAr+tcAGi478e3FbIxucYREN49dU4N+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:08 2024 by rpki-client on console-ams.rpki-client.org