Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/373ac8-3762-44ad-b14a-d386dc80d8bd/1/hdLlmhUduTMpg8YKUE07VgD0yag.roa
File:                     hdLlmhUduTMpg8YKUE07VgD0yag.roa (raw, json)
Hash identifier:          H5vSjaYTKFk5Je+YN7IJFvuIMAmcR2L9I9YiZYZUgfI=
Subject key identifier:   85:D2:E5:9A:15:1D:B9:33:29:83:C6:0A:50:4D:3B:56:00:F4:C9:A8
Certificate issuer:       /CN=4446a60ff3e51cded46483dfea32a65092cce87e
Certificate serial:       018571D791EAE3808FCA4D4061AAF7C4DF83
Authority key identifier: 44:46:A6:0F:F3:E5:1C:DE:D4:64:83:DF:EA:32:A6:50:92:CC:E8:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/REamD_PlHN7UZIPf6jKmUJLM6H4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/373ac8-3762-44ad-b14a-d386dc80d8bd/1/hdLlmhUduTMpg8YKUE07VgD0yag.roa
Signing time:             Mon 02 Jan 2023 09:37:11 +0000
ROA not before:           Mon 02 Jan 2023 09:37:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43915
IP address blocks:        45.152.28.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:30:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:d7:91:ea:e3:80:8f:ca:4d:40:61:aa:f7:c4:df:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4446a60ff3e51cded46483dfea32a65092cce87e
        Validity
            Not Before: Jan  2 09:37:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=85d2e59a151db9332983c60a504d3b5600f4c9a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:c0:36:c1:fe:b7:51:b4:39:09:dd:13:cb:d5:
                    fe:b4:3b:f3:0c:f5:e1:7a:48:90:69:e7:a2:66:34:
                    c1:6e:8d:2b:ed:3e:9d:42:8f:8a:b3:8b:e5:e1:df:
                    f1:14:89:28:4f:4c:c6:20:9e:5a:f8:b6:9a:1f:53:
                    78:0c:fa:00:f0:fb:b8:a2:06:4c:60:3b:05:a5:61:
                    b7:9d:32:a1:f6:68:4c:f9:d4:70:08:79:6b:49:9a:
                    41:fe:73:41:38:e1:55:99:35:9a:f7:ac:57:bc:20:
                    41:be:67:27:e3:de:5b:44:7b:28:43:35:e7:5d:07:
                    52:e0:b5:e5:d3:56:14:96:ec:20:4b:f1:17:98:0f:
                    7e:81:31:65:bd:ab:76:1c:05:c9:2f:2f:5a:d6:d5:
                    8d:b2:7d:d3:a8:2b:be:f0:ff:c0:e3:ca:88:36:00:
                    8c:58:ed:a5:58:5f:09:51:51:6e:09:f8:db:d8:0f:
                    eb:1c:04:c3:db:d4:1f:9a:75:c4:d1:a8:90:1d:21:
                    69:c7:4a:cf:34:11:e8:8f:1e:08:3d:1a:94:40:91:
                    14:47:cc:9a:f3:c8:06:2f:28:71:3f:b0:cc:ac:73:
                    2c:e0:48:b7:23:31:91:f7:4f:12:f0:90:79:be:f0:
                    e0:5e:12:c8:55:70:0e:71:4b:f4:9d:6c:a0:5a:cd:
                    da:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:D2:E5:9A:15:1D:B9:33:29:83:C6:0A:50:4D:3B:56:00:F4:C9:A8
            X509v3 Authority Key Identifier:
                keyid:44:46:A6:0F:F3:E5:1C:DE:D4:64:83:DF:EA:32:A6:50:92:CC:E8:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/REamD_PlHN7UZIPf6jKmUJLM6H4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/373ac8-3762-44ad-b14a-d386dc80d8bd/1/hdLlmhUduTMpg8YKUE07VgD0yag.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/373ac8-3762-44ad-b14a-d386dc80d8bd/1/REamD_PlHN7UZIPf6jKmUJLM6H4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.152.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         32:a8:76:73:7e:02:47:cc:b9:f4:79:45:98:39:d0:58:af:13:
         90:0d:f7:84:2c:48:68:55:fe:72:0e:31:0c:09:64:81:8c:2f:
         a0:1b:e1:c4:fc:87:7b:23:04:66:c3:2f:31:28:bd:4c:43:5f:
         59:7b:c6:e9:97:95:b5:d6:d6:fc:45:f2:1e:96:5c:dd:15:0e:
         a1:7c:1a:84:18:06:e3:5b:0d:0c:9f:f4:57:81:eb:a7:e5:11:
         2c:dc:90:c6:43:a6:80:9b:51:14:ec:0f:4d:82:9b:82:ad:5c:
         67:b1:3d:9e:2d:55:b7:d0:07:a2:60:0a:ec:a4:39:18:df:10:
         c4:dc:d7:b7:cb:a4:a1:5e:e5:94:ba:4b:e6:62:02:b1:41:98:
         ce:6e:4b:e5:10:1d:ff:90:fe:1d:17:ac:b1:38:72:dc:c1:f0:
         bc:03:83:d7:07:fd:1b:1d:e5:d2:4d:2a:f9:e0:fb:43:c1:fb:
         5e:31:38:fd:d6:f6:26:80:14:40:da:e0:5c:c4:c5:e0:9f:f6:
         8e:f8:81:d0:5a:f8:7f:71:d0:e5:42:4e:99:d1:ab:cc:89:73:
         ee:61:3b:f2:7f:d7:2c:4d:5c:75:41:57:85:80:aa:33:15:21:
         b6:fa:b1:6c:8c:a8:d6:c3:b0:da:1f:30:43:96:71:21:19:4b:
         7e:6b:4e:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx15Hq44CPyk1AYar3xN+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NDZhNjBmZjNlNTFjZGVkNDY0ODNkZmVhMzJhNjUwOTJj
Y2U4N2UwHhcNMjMwMTAyMDkzNzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWQyZTU5YTE1MWRiOTMzMjk4M2M2MGE1MDRkM2I1NjAwZjRjOWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMA2wf63UbQ5Cd0Ty9X+tDvzDPXh
ekiQaeeiZjTBbo0r7T6dQo+Ks4vl4d/xFIkoT0zGIJ5a+LaaH1N4DPoA8Pu4ogZM
YDsFpWG3nTKh9mhM+dRwCHlrSZpB/nNBOOFVmTWa96xXvCBBvmcn495bRHsoQzXn
XQdS4LXl01YUluwgS/EXmA9+gTFlvat2HAXJLy9a1tWNsn3TqCu+8P/A48qINgCM
WO2lWF8JUVFuCfjb2A/rHATD29QfmnXE0aiQHSFpx0rPNBHojx4IPRqUQJEUR8ya
88gGLyhxP7DMrHMs4Ei3IzGR908S8JB5vvDgXhLIVXAOcUv0nWygWs3aWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIXS5ZoVHbkzKYPGClBNO1YA9MmoMB8GA1UdIwQY
MBaAFERGpg/z5Rze1GSD3+oyplCSzOh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkVhbURfUGxITjdVWklQZjZqS21VSkxNNkg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8zNzNhYzgtMzc2Mi00NGFkLWIxNGEt
ZDM4NmRjODBkOGJkLzEvaGRMbG1oVWR1VE1wZzhZS1VFMDdWZ0QweWFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8zNzNhYzgtMzc2Mi00NGFkLWIxNGEtZDM4NmRjODBkOGJk
LzEvUkVhbURfUGxITjdVWklQZjZqS21VSkxNNkg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZgcMA0G
CSqGSIb3DQEBCwUAA4IBAQAyqHZzfgJHzLn0eUWYOdBYrxOQDfeELEhoVf5yDjEM
CWSBjC+gG+HE/Id7IwRmwy8xKL1MQ19Ze8bpl5W11tb8RfIellzdFQ6hfBqEGAbj
Ww0Mn/RXgeun5REs3JDGQ6aAm1EU7A9NgpuCrVxnsT2eLVW30AeiYArspDkY3xDE
3Ne3y6ShXuWUukvmYgKxQZjObkvlEB3/kP4dF6yxOHLcwfC8A4PXB/0bHeXSTSr5
4PtDwfteMTj91vYmgBRA2uBcxMXgn/aO+IHQWvh/cdDlQk6Z0avMiXPuYTvyf9cs
TVx1QVeFgKozFSG2+rFsjKjWw7DaHzBDlnEhGUt+a04t
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:55 2024 by rpki-client on console-fra.rpki-client.org