Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/aniWKE6m0ds7GFpUCxBUY20h_pE.roa
File:                     aniWKE6m0ds7GFpUCxBUY20h_pE.roa (raw, json)
Hash identifier:          uLMzLHmLWC48coBmhbsultHeyuDYftyndcB/k+AMgcs=
Subject key identifier:   6A:78:96:28:4E:A6:D1:DB:3B:18:5A:54:0B:10:54:63:6D:21:FE:91
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       018A9304A71137BC617340BBD484FEAD235C
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/aniWKE6m0ds7GFpUCxBUY20h_pE.roa
Signing time:             Thu 14 Sep 2023 09:27:50 +0000
ROA not before:           Thu 14 Sep 2023 09:27:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     142111
IP address blocks:        45.86.73.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 14 Sep 2023 15:04:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:93:04:a7:11:37:bc:61:73:40:bb:d4:84:fe:ad:23:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Sep 14 09:27:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6a7896284ea6d1db3b185a540b1054636d21fe91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:8e:b3:6f:e1:7e:d3:b1:ad:75:02:4b:8a:80:
                    23:61:40:e6:aa:7e:be:a1:44:d1:c9:3a:bf:48:99:
                    1d:5d:f1:a2:7e:80:69:0a:56:c2:2f:30:d5:8d:9e:
                    1c:b4:80:03:a8:6e:08:e4:94:48:5d:50:4f:db:9c:
                    b0:de:f3:2c:32:b9:d9:0d:ad:00:f0:95:bc:7e:13:
                    6a:47:c4:fd:a1:9f:61:44:f9:b9:f4:1d:6d:a3:db:
                    9f:36:0a:e0:56:0a:30:0e:81:d9:4f:bc:a0:b3:f8:
                    2a:c2:6e:44:00:a6:c5:d4:ee:b4:2c:0c:dd:6c:b7:
                    41:ad:09:ab:56:cd:f9:38:e3:d4:67:40:5c:04:2d:
                    74:3c:4d:7f:c0:a6:e9:ec:e6:73:23:3e:6c:fe:27:
                    83:3a:b1:81:e3:9b:a3:32:63:69:41:b2:5e:04:d2:
                    da:7e:dd:b7:9d:c3:05:17:72:36:fc:44:41:33:f3:
                    74:85:dc:45:3f:83:7d:ea:79:1b:28:43:d0:5e:10:
                    be:d2:3f:07:b4:ab:a9:f0:60:ad:e1:a8:bf:45:51:
                    11:9a:01:aa:35:3b:26:5b:c1:e4:7d:00:e7:57:90:
                    c9:ed:9a:ad:ed:00:52:f1:f9:d4:e2:0e:75:85:39:
                    99:ec:35:f7:b2:95:73:30:05:b6:ed:22:c6:de:a1:
                    d0:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:78:96:28:4E:A6:D1:DB:3B:18:5A:54:0B:10:54:63:6D:21:FE:91
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/aniWKE6m0ds7GFpUCxBUY20h_pE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.86.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:c5:51:30:b5:0c:04:1c:ab:ee:87:7e:58:27:a7:f3:a8:05:
         53:ec:af:4a:ad:5c:a2:41:b3:5e:57:6f:fe:ae:9c:ed:6e:b1:
         8d:84:00:82:ba:7a:94:fc:7c:ac:a5:49:25:f8:fd:47:d8:36:
         1f:dc:c3:aa:53:96:64:e2:8d:56:7a:6b:56:52:50:15:0a:92:
         7c:63:3e:31:19:60:41:6e:ff:13:34:1d:e6:b6:35:a2:62:09:
         f0:4b:dd:f3:05:14:00:7c:fb:7d:54:69:df:e8:8b:71:ef:28:
         d4:fc:b5:09:2e:c1:8c:a6:6e:b3:07:c1:37:9d:93:46:10:4a:
         cf:56:65:68:ee:0d:bb:ec:56:da:82:6a:31:71:dc:fa:ba:b3:
         4d:8f:d6:d9:77:c4:ea:20:3d:da:6c:b6:29:3c:08:6c:64:83:
         2c:24:a5:67:5b:4e:09:07:f3:64:3d:ee:da:1c:67:62:2c:dc:
         c4:7c:b9:1f:1f:5c:dd:f6:d6:7f:29:50:15:ee:27:d0:7b:d3:
         30:ed:56:b1:ee:cd:b5:14:98:c0:bc:a6:d3:9d:e1:59:5b:ad:
         63:0a:7d:a2:75:85:37:fa:1a:3f:42:61:d2:76:ff:e2:f9:c4:
         b1:34:7f:20:3c:e9:49:77:59:07:d6:67:4a:f4:b7:db:7d:00:
         36:03:05:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqTBKcRN7xhc0C71IT+rSNcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwOTE0MDkyNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTc4OTYyODRlYTZkMWRiM2IxODVhNTQwYjEwNTQ2MzZkMjFmZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm46zb+F+07GtdQJLioAjYUDmqn6+
oUTRyTq/SJkdXfGifoBpClbCLzDVjZ4ctIADqG4I5JRIXVBP25yw3vMsMrnZDa0A
8JW8fhNqR8T9oZ9hRPm59B1to9ufNgrgVgowDoHZT7ygs/gqwm5EAKbF1O60LAzd
bLdBrQmrVs35OOPUZ0BcBC10PE1/wKbp7OZzIz5s/ieDOrGB45ujMmNpQbJeBNLa
ft23ncMFF3I2/ERBM/N0hdxFP4N96nkbKEPQXhC+0j8HtKup8GCt4ai/RVERmgGq
NTsmW8HkfQDnV5DJ7Zqt7QBS8fnU4g51hTmZ7DX3spVzMAW27SLG3qHQQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGp4lihOptHbOxhaVAsQVGNtIf6RMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvYW5pV0tFNm0wZHM3R0ZwVUN4QlVZMjBoX3BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVZJMA0G
CSqGSIb3DQEBCwUAA4IBAQA+xVEwtQwEHKvuh35YJ6fzqAVT7K9KrVyiQbNeV2/+
rpztbrGNhACCunqU/HyspUkl+P1H2DYf3MOqU5Zk4o1WemtWUlAVCpJ8Yz4xGWBB
bv8TNB3mtjWiYgnwS93zBRQAfPt9VGnf6Itx7yjU/LUJLsGMpm6zB8E3nZNGEErP
VmVo7g277Fbagmoxcdz6urNNj9bZd8TqID3abLYpPAhsZIMsJKVnW04JB/NkPe7a
HGdiLNzEfLkfH1zd9tZ/KVAV7ifQe9Mw7Vax7s21FJjAvKbTneFZW61jCn2idYU3
+ho/QmHSdv/i+cSxNH8gPOlJd1kH1mdK9LfbfQA2AwUY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:25 2024 by rpki-client on console-fra.rpki-client.org