Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/Q-crn2Lj73eLZktf-i_DWE_22jY.roa
File:                     Q-crn2Lj73eLZktf-i_DWE_22jY.roa (raw, json)
Hash identifier:          EbpjiZrHiejwxhI+nLmYCFSxTnHZzRA1ZiZKQjWHPtI=
Subject key identifier:   43:E7:2B:9F:62:E3:EF:77:8B:66:4B:5F:FA:2F:C3:58:4F:F6:DA:36
Certificate issuer:       /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial:       01856BEEC1C3E0A232BD4F91333B72138BDC
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/Q-crn2Lj73eLZktf-i_DWE_22jY.roa
Signing time:             Sun 01 Jan 2023 06:04:47 +0000
ROA not before:           Sun 01 Jan 2023 06:04:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208111
IP address blocks:        45.135.212.0/24 maxlen: 24
                          45.135.213.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:ee:c1:c3:e0:a2:32:bd:4f:91:33:3b:72:13:8b:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
        Validity
            Not Before: Jan  1 06:04:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=43e72b9f62e3ef778b664b5ffa2fc3584ff6da36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:be:99:e1:10:25:83:11:6c:0d:d3:db:00:03:
                    5a:1c:00:c8:c2:17:c4:ad:2c:fa:16:36:a4:39:ac:
                    0f:05:82:ce:e1:1d:f9:db:01:c9:21:09:ad:d0:f5:
                    91:f3:ba:cb:8c:83:1f:40:07:a9:26:f4:e3:66:90:
                    94:cf:d0:ff:52:c5:2a:08:b5:31:2c:13:b2:c6:d8:
                    95:8f:cb:24:1b:0a:29:57:8c:dd:42:a3:f4:30:f0:
                    0f:7a:af:8c:75:0e:49:ec:4a:3e:06:3f:47:e3:78:
                    71:4e:7d:8f:23:f6:37:6c:a3:97:89:55:60:b3:48:
                    89:89:c5:c9:f1:e4:c5:97:79:62:4c:78:62:0d:d6:
                    76:0d:ff:3a:be:25:69:ca:fd:42:1d:ff:a6:32:12:
                    1c:7d:74:77:3a:14:af:09:fb:a7:86:35:34:f3:ea:
                    2a:91:3b:04:9b:69:70:d9:3b:a1:3d:10:52:b4:7c:
                    ca:93:20:db:07:0e:31:d8:db:e6:c1:49:f2:72:05:
                    8b:ea:c2:e1:89:47:c5:5f:86:c1:8a:72:e8:98:73:
                    2a:b1:01:38:49:99:8e:44:a3:bd:f6:39:0d:39:8c:
                    c2:b1:5b:58:6e:4c:f1:d8:ae:2d:94:06:1c:a6:2a:
                    c1:07:72:1f:75:d2:04:2f:a3:a5:fe:1f:f9:d1:10:
                    47:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:E7:2B:9F:62:E3:EF:77:8B:66:4B:5F:FA:2F:C3:58:4F:F6:DA:36
            X509v3 Authority Key Identifier:
                keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/Q-crn2Lj73eLZktf-i_DWE_22jY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.135.212.0/23

    Signature Algorithm: sha256WithRSAEncryption
         bd:28:36:fa:6d:2e:78:e1:d3:78:e1:4a:65:86:24:a9:3c:54:
         a5:78:3a:95:51:db:79:61:90:96:ba:f5:11:6d:ab:47:b2:b1:
         17:06:6a:c1:f8:29:6d:7f:48:8e:02:b3:15:ea:be:3a:bc:2f:
         bb:99:de:89:c8:8f:f8:6b:c3:97:55:3c:20:17:82:57:1f:9f:
         15:ec:a4:6b:85:03:cd:a4:74:47:b6:85:9b:b2:c0:24:d2:44:
         aa:ea:b6:5f:fb:1f:b3:a9:7b:16:d4:2b:6f:ba:be:ee:56:f3:
         d0:5e:dd:32:35:a5:11:a3:25:e6:23:66:4a:2c:4e:bb:86:a9:
         4d:f4:81:cb:10:50:11:14:ca:01:5f:e5:bb:7c:f3:95:2c:8d:
         a1:dc:c6:17:05:7e:3f:00:5c:3f:20:c4:58:b8:a1:9b:54:08:
         1a:b4:d0:27:be:bc:2b:6d:c0:b0:0f:b1:09:b3:c7:33:33:a0:
         e7:c7:45:72:c3:ae:b7:4a:a8:2c:73:3f:4f:a1:5d:8e:2f:be:
         59:ad:04:46:4c:7a:91:d7:c3:56:d2:dc:82:f3:46:10:dc:d7:
         4a:71:dd:96:25:5a:d5:47:5a:18:2d:9a:3e:b6:97:11:cb:a5:
         00:8e:63:b3:96:1f:7d:ce:ce:8c:d6:0d:42:41:d1:9b:f3:31:
         57:64:ad:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr7sHD4KIyvU+RMztyE4vcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjMwMTAxMDYwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2U3MmI5ZjYyZTNlZjc3OGI2NjRiNWZmYTJmYzM1ODRmZjZkYTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmL6Z4RAlgxFsDdPbAANaHADIwhfE
rSz6FjakOawPBYLO4R352wHJIQmt0PWR87rLjIMfQAepJvTjZpCUz9D/UsUqCLUx
LBOyxtiVj8skGwopV4zdQqP0MPAPeq+MdQ5J7Eo+Bj9H43hxTn2PI/Y3bKOXiVVg
s0iJicXJ8eTFl3liTHhiDdZ2Df86viVpyv1CHf+mMhIcfXR3OhSvCfunhjU08+oq
kTsEm2lw2TuhPRBStHzKkyDbBw4x2NvmwUnycgWL6sLhiUfFX4bBinLomHMqsQE4
SZmORKO99jkNOYzCsVtYbkzx2K4tlAYcpirBB3IfddIEL6Ol/h/50RBHtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEPnK59i4+93i2ZLX/ovw1hP9to2MB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvUS1jcm4yTGo3M2VMWmt0Zi1pX0RXRV8yMmpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYfUMA0G
CSqGSIb3DQEBCwUAA4IBAQC9KDb6bS544dN44UplhiSpPFSleDqVUdt5YZCWuvUR
batHsrEXBmrB+Cltf0iOArMV6r46vC+7md6JyI/4a8OXVTwgF4JXH58V7KRrhQPN
pHRHtoWbssAk0kSq6rZf+x+zqXsW1Ctvur7uVvPQXt0yNaURoyXmI2ZKLE67hqlN
9IHLEFARFMoBX+W7fPOVLI2h3MYXBX4/AFw/IMRYuKGbVAgatNAnvrwrbcCwD7EJ
s8czM6Dnx0Vyw663Sqgscz9PoV2OL75ZrQRGTHqR18NW0tyC80YQ3NdKcd2WJVrV
R1oYLZo+tpcRy6UAjmOzlh99zs6M1g1CQdGb8zFXZK27
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:33 2024 by rpki-client on console-ams.rpki-client.org