Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/vX9Aw-IDikZAJ1COlriX6wLyyNI.roa
File:                     vX9Aw-IDikZAJ1COlriX6wLyyNI.roa (raw, json)
Hash identifier:          el75+4hh2s6Z3Qvgu8gBli8iLRzUBlYUIh4Yy5NUtbE=
Subject key identifier:   BD:7F:40:C3:E2:03:8A:46:40:27:50:8E:96:B8:97:EB:02:F2:C8:D2
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0185710321129BA54B2E35918D3910C2F634
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/vX9Aw-IDikZAJ1COlriX6wLyyNI.roa
Signing time:             Mon 02 Jan 2023 05:45:08 +0000
ROA not before:           Mon 02 Jan 2023 05:45:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212477
IP address blocks:        45.141.200.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Wed 18 Jan 2023 06:09:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:03:21:12:9b:a5:4b:2e:35:91:8d:39:10:c2:f6:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan  2 05:45:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bd7f40c3e2038a464027508e96b897eb02f2c8d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:42:99:fe:6f:6d:02:67:24:34:02:b3:7c:cb:
                    ab:72:5d:1b:58:43:c3:7f:22:9b:0f:eb:c8:42:d6:
                    32:7f:32:ec:c8:4e:2a:90:2d:57:b0:60:a4:6e:6d:
                    3d:5d:92:49:81:b8:dc:01:70:fc:58:a3:d9:da:4d:
                    bf:19:9f:9f:02:d6:01:33:e0:98:85:45:3d:6d:66:
                    ad:b3:2f:bf:85:cb:a9:19:9d:43:b5:53:4b:a8:f2:
                    0e:e0:58:8e:e9:c7:d9:ac:4d:94:27:76:0b:92:90:
                    0c:52:a7:56:da:7c:0c:62:bf:12:9c:e7:cd:9c:ab:
                    48:26:40:5b:81:bc:6c:10:bd:85:97:01:df:66:00:
                    56:0f:26:e8:bf:12:c1:c1:d4:85:e8:99:3e:14:01:
                    91:de:a3:1b:a4:0c:d4:f2:b6:86:1d:e3:9d:ea:1e:
                    e5:98:5c:c0:d3:ec:66:fe:29:4f:fe:74:22:d2:cf:
                    67:7d:93:55:5d:b8:a1:86:7f:00:27:61:61:42:fa:
                    8f:b5:7e:4a:a9:84:85:01:83:e1:96:99:47:07:9c:
                    a7:47:55:77:10:3d:77:f0:10:91:04:61:b5:a0:a3:
                    fc:4c:9f:cc:28:f3:fb:bc:43:ab:ef:78:ba:79:3e:
                    5a:c0:f1:25:be:e6:c2:72:90:fa:48:76:ac:b5:63:
                    10:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:7F:40:C3:E2:03:8A:46:40:27:50:8E:96:B8:97:EB:02:F2:C8:D2
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/vX9Aw-IDikZAJ1COlriX6wLyyNI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.141.200.0/23

    Signature Algorithm: sha256WithRSAEncryption
         08:74:77:87:b7:84:b1:97:6b:1a:f8:bf:99:d3:bd:cc:60:b5:
         d0:60:69:8d:33:1b:3d:32:f8:0d:2c:95:86:90:a8:e0:2c:9e:
         90:8b:6a:6b:a7:a5:f3:16:1f:fc:2d:14:03:f8:ac:61:58:fe:
         70:d7:fa:6f:d0:40:d3:9a:b1:8c:e5:85:3d:3f:7b:ac:47:d2:
         dc:07:c5:24:db:32:1a:39:76:a9:99:cb:6f:9a:0d:d0:1d:25:
         fe:cc:48:04:2f:8e:17:d4:8d:75:16:30:fb:11:55:b7:35:ec:
         a9:89:19:d7:77:01:88:c6:33:47:28:0c:d0:1f:c9:ae:49:9e:
         06:c4:24:ea:30:63:1c:39:97:a0:a9:a9:bd:0f:ca:6b:62:63:
         4c:26:51:a1:c2:c6:d5:44:1d:99:76:9f:f4:8c:21:85:bb:c5:
         2a:01:8f:dc:f1:47:be:12:27:6e:4c:2e:83:aa:7d:50:40:cf:
         bc:54:0e:a5:87:9e:5c:95:f0:a1:75:21:df:c9:63:67:c1:56:
         af:12:39:a3:99:ef:68:5a:04:be:b2:da:27:cf:7e:f5:0a:7a:
         ef:da:0e:93:83:26:a8:6b:a8:07:6b:e7:0b:29:90:26:30:22:
         2a:31:fc:cf:56:70:1e:95:e7:2a:38:30:78:03:d1:16:4f:5c:
         ec:65:85:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxAyESm6VLLjWRjTkQwvY0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDdmNDBjM2UyMDM4YTQ2NDAyNzUwOGU5NmI4OTdlYjAyZjJjOGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUKZ/m9tAmckNAKzfMurcl0bWEPD
fyKbD+vIQtYyfzLsyE4qkC1XsGCkbm09XZJJgbjcAXD8WKPZ2k2/GZ+fAtYBM+CY
hUU9bWatsy+/hcupGZ1DtVNLqPIO4FiO6cfZrE2UJ3YLkpAMUqdW2nwMYr8SnOfN
nKtIJkBbgbxsEL2FlwHfZgBWDybovxLBwdSF6Jk+FAGR3qMbpAzU8raGHeOd6h7l
mFzA0+xm/ilP/nQi0s9nfZNVXbihhn8AJ2FhQvqPtX5KqYSFAYPhlplHB5ynR1V3
ED138BCRBGG1oKP8TJ/MKPP7vEOr73i6eT5awPElvubCcpD6SHastWMQ7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL1/QMPiA4pGQCdQjpa4l+sC8sjSMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdlg5QXctSURpa1pBSjFDT2xyaVg2d0x5eU5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLY3IMA0G
CSqGSIb3DQEBCwUAA4IBAQAIdHeHt4Sxl2sa+L+Z073MYLXQYGmNMxs9MvgNLJWG
kKjgLJ6Qi2prp6XzFh/8LRQD+KxhWP5w1/pv0EDTmrGM5YU9P3usR9LcB8Uk2zIa
OXapmctvmg3QHSX+zEgEL44X1I11FjD7EVW3NeypiRnXdwGIxjNHKAzQH8muSZ4G
xCTqMGMcOZegqam9D8prYmNMJlGhwsbVRB2Zdp/0jCGFu8UqAY/c8Ue+EiduTC6D
qn1QQM+8VA6lh55clfChdSHfyWNnwVavEjmjme9oWgS+stonz371Cnrv2g6Tgyao
a6gHa+cLKZAmMCIqMfzPVnAelecqODB4A9EWT1zsZYUB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:14 2024 by rpki-client on console-ams.rpki-client.org