Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3S58wPeTbjiBEfAj8TzG_uO-QyE.roa
File:                     3S58wPeTbjiBEfAj8TzG_uO-QyE.roa (raw, json)
Hash identifier:          9qqNlnQ1hKwYHfW4I4yePEltB8XN28n5rrXvnsp8vjQ=
Subject key identifier:   DD:2E:7C:C0:F7:93:6E:38:81:11:F0:23:F1:3C:C6:FE:E3:BE:43:21
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018CB44FCF873B1C3A180E3EC4EB1EE85CC1
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3S58wPeTbjiBEfAj8TzG_uO-QyE.roa
Signing time:             Fri 29 Dec 2023 06:42:58 +0000
ROA not before:           Fri 29 Dec 2023 06:42:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206150
IP address blocks:        45.130.82.0/24 maxlen: 24
                          2a0b:64c6::/32 maxlen: 48
                          2a10:7400::/32 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:b4:4f:cf:87:3b:1c:3a:18:0e:3e:c4:eb:1e:e8:5c:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Dec 29 06:42:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dd2e7cc0f7936e388111f023f13cc6fee3be4321
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:52:01:c7:4f:d3:a8:60:92:61:07:2c:58:1c:
                    99:b3:d1:7f:47:ab:0e:20:45:01:b2:5d:54:a0:04:
                    b1:85:80:21:f8:9a:a7:59:9c:46:32:ba:27:12:cb:
                    41:49:c9:6a:ae:8f:36:f1:6e:2b:2d:fc:3c:b7:cd:
                    59:a3:fb:e7:53:ac:26:a4:60:9a:9c:40:c9:cc:c0:
                    b8:a2:a3:ae:48:a9:3a:9f:5f:ed:16:ab:d3:5c:95:
                    4f:15:52:6d:bf:bf:65:86:17:fd:d4:b0:8f:43:e1:
                    f0:03:79:ef:3c:01:56:d5:5d:b8:69:cf:bd:f1:76:
                    eb:c6:e8:16:67:f5:c1:63:4b:45:c2:d9:5c:cf:ac:
                    ef:64:84:83:99:aa:a5:79:56:a1:45:ef:63:75:51:
                    a6:15:65:54:2b:6d:75:35:d0:d5:b4:d5:43:93:ba:
                    50:8c:4e:f2:b5:69:2f:f1:99:12:da:dd:c3:23:11:
                    e0:55:26:1b:f1:66:e6:2e:71:16:b7:01:fc:7d:91:
                    31:fb:47:4e:de:02:90:c0:09:11:bb:3f:26:ca:16:
                    b7:ce:22:b2:a0:1f:c9:c1:5d:a7:f0:a4:0c:57:64:
                    4f:90:bd:48:55:78:24:4d:61:16:52:03:5b:98:fd:
                    60:42:9b:ce:a5:2f:7e:d7:73:49:11:b8:0b:a7:d4:
                    3f:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:2E:7C:C0:F7:93:6E:38:81:11:F0:23:F1:3C:C6:FE:E3:BE:43:21
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3S58wPeTbjiBEfAj8TzG_uO-QyE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.130.82.0/24
                IPv6:
                  2a0b:64c6::/32
                  2a10:7400::/32

    Signature Algorithm: sha256WithRSAEncryption
         3c:ff:63:20:6d:ac:ce:09:38:ac:d0:b3:c1:af:2d:33:af:c7:
         bc:3d:ef:c4:00:14:11:9f:c5:e3:ae:f0:f3:28:c0:db:fd:7b:
         c0:17:35:66:04:eb:11:61:90:01:26:cd:d9:fb:55:d1:0b:0a:
         da:0f:80:b2:ac:b1:5d:65:68:fd:ed:ea:87:6d:24:c4:1e:f5:
         36:6e:ed:9e:04:d3:23:c3:d2:14:b0:1e:aa:7b:e3:17:ae:66:
         72:92:5f:e2:74:07:59:bd:08:24:38:ce:96:b5:7f:7f:a0:2c:
         a3:c9:88:68:7f:31:7a:ec:e4:f9:82:67:6a:1f:72:fa:05:0f:
         f8:23:3e:0e:9f:92:24:6b:a4:dc:0e:5f:fc:40:f8:c3:39:5e:
         54:4c:4f:fb:b0:a2:95:5d:20:1d:be:08:ff:50:3b:fb:4b:c2:
         dd:6d:72:9a:51:8a:89:a7:59:5e:6c:70:22:33:59:c0:fe:e2:
         c5:b9:02:4b:a6:ae:aa:f3:f9:d3:4c:73:64:b6:9f:96:08:3d:
         e8:18:97:ae:19:1e:4b:4f:d8:15:f9:53:4c:93:2f:ad:b3:06:
         72:73:83:4c:52:fe:9b:71:6a:63:a6:bb:70:bb:09:e5:b7:b8:
         8b:4e:e3:5c:fc:2e:03:52:93:a6:05:85:b9:35:8f:40:83:be:
         d8:c7:ca:8e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYy0T8+HOxw6GA4+xOse6FzBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMjI5MDY0MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDJlN2NjMGY3OTM2ZTM4ODExMWYwMjNmMTNjYzZmZWUzYmU0MzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFIBx0/TqGCSYQcsWByZs9F/R6sO
IEUBsl1UoASxhYAh+JqnWZxGMronEstBSclqro828W4rLfw8t81Zo/vnU6wmpGCa
nEDJzMC4oqOuSKk6n1/tFqvTXJVPFVJtv79lhhf91LCPQ+HwA3nvPAFW1V24ac+9
8XbrxugWZ/XBY0tFwtlcz6zvZISDmaqleVahRe9jdVGmFWVUK211NdDVtNVDk7pQ
jE7ytWkv8ZkS2t3DIxHgVSYb8WbmLnEWtwH8fZEx+0dO3gKQwAkRuz8myha3ziKy
oB/JwV2n8KQMV2RPkL1IVXgkTWEWUgNbmP1gQpvOpS9+13NJEbgLp9Q/7wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFN0ufMD3k244gRHwI/E8xv7jvkMhMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvM1M1OHdQZVRiamlCRWZBajhUekdfdU8tUXlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQALYJSMBQE
AgACMA4DBQAqC2TGAwUAKhB0ADANBgkqhkiG9w0BAQsFAAOCAQEAPP9jIG2szgk4
rNCzwa8tM6/HvD3vxAAUEZ/F467w8yjA2/17wBc1ZgTrEWGQASbN2ftV0QsK2g+A
sqyxXWVo/e3qh20kxB71Nm7tngTTI8PSFLAeqnvjF65mcpJf4nQHWb0IJDjOlrV/
f6Aso8mIaH8xeuzk+YJnah9y+gUP+CM+Dp+SJGuk3A5f/ED4wzleVExP+7CilV0g
Hb4I/1A7+0vC3W1ymlGKiadZXmxwIjNZwP7ixbkCS6auqvP500xzZLaflgg96BiX
rhkeS0/YFflTTJMvrbMGcnODTFL+m3FqY6a7cLsJ5be4i07jXPwuA1KTpgWFuTWP
QIO+2MfKjg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:08 2024 by rpki-client on console-ams.rpki-client.org