Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/729f92-5f03-4158-90ac-6d428f1c15fd/1/XEN_zvRF2Cle5iLUKjjfMHN2Qpg.roa
File:                     XEN_zvRF2Cle5iLUKjjfMHN2Qpg.roa (raw, json)
Hash identifier:          /vN/AQzEUx/+rekYOS1L1EOflaWSbPkM19BnNGFfbOc=
Subject key identifier:   5C:43:7F:CE:F4:45:D8:29:5E:E6:22:D4:2A:38:DF:30:73:76:42:98
Certificate issuer:       /CN=189947a9a5d88cc62cc898268f2bcafd6a7ffc5b
Certificate serial:       01856E2FA6E89830FE06DB7A6167EC6A15D7
Authority key identifier: 18:99:47:A9:A5:D8:8C:C6:2C:C8:98:26:8F:2B:CA:FD:6A:7F:FC:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GJlHqaXYjMYsyJgmjyvK_Wp__Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/729f92-5f03-4158-90ac-6d428f1c15fd/1/XEN_zvRF2Cle5iLUKjjfMHN2Qpg.roa
Signing time:             Sun 01 Jan 2023 16:34:54 +0000
ROA not before:           Sun 01 Jan 2023 16:34:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208849
IP address blocks:        45.82.212.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:2f:a6:e8:98:30:fe:06:db:7a:61:67:ec:6a:15:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=189947a9a5d88cc62cc898268f2bcafd6a7ffc5b
        Validity
            Not Before: Jan  1 16:34:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5c437fcef445d8295ee622d42a38df3073764298
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:28:ac:cd:26:e4:c2:68:02:47:81:3c:e1:32:
                    8a:24:8d:8d:11:da:29:ec:3f:a7:55:48:a3:b9:90:
                    f7:a0:67:7c:74:4a:93:af:7e:38:22:80:bb:78:cf:
                    af:3d:7f:d5:eb:fa:ea:64:67:6d:e6:fa:0e:78:0b:
                    5b:03:9e:a0:3c:64:ae:69:74:a3:75:53:bb:b3:ba:
                    4f:59:c0:59:c6:e2:ef:79:d4:e4:59:00:6c:97:1e:
                    bd:53:f3:8c:16:58:fd:0f:d3:1c:b3:aa:26:e7:e1:
                    27:a4:18:35:02:6d:f6:33:82:bb:2a:b0:3d:39:df:
                    5d:f1:9a:ae:40:d8:cc:bc:ca:84:af:24:37:db:8f:
                    3b:93:1b:ab:0e:b8:d7:49:c8:fb:c2:7d:d0:01:57:
                    2b:81:29:82:87:fb:f0:47:e1:75:a7:a2:f7:0c:23:
                    ec:ec:f3:1e:03:c0:3b:d6:1c:fe:65:e3:29:af:64:
                    ba:e4:a5:31:88:35:9f:cc:35:43:eb:7c:bf:ff:9c:
                    36:28:6e:fa:36:6b:2e:0e:29:c6:c3:db:fc:f5:ed:
                    7a:90:7b:da:37:ea:16:f4:14:fd:2a:fe:03:26:d7:
                    3d:a8:1f:a6:80:42:fa:8a:1f:ea:f8:8d:87:64:b8:
                    62:9c:7c:22:07:77:29:8a:22:04:62:8a:f5:39:63:
                    17:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:43:7F:CE:F4:45:D8:29:5E:E6:22:D4:2A:38:DF:30:73:76:42:98
            X509v3 Authority Key Identifier:
                keyid:18:99:47:A9:A5:D8:8C:C6:2C:C8:98:26:8F:2B:CA:FD:6A:7F:FC:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJlHqaXYjMYsyJgmjyvK_Wp__Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/729f92-5f03-4158-90ac-6d428f1c15fd/1/XEN_zvRF2Cle5iLUKjjfMHN2Qpg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/729f92-5f03-4158-90ac-6d428f1c15fd/1/GJlHqaXYjMYsyJgmjyvK_Wp__Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.82.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         64:3f:8d:5b:d7:01:04:29:88:3b:14:91:df:d0:fe:30:ca:7d:
         13:03:d4:44:3f:df:a6:d5:8b:83:9d:17:95:e4:c0:80:57:37:
         cb:a2:10:f3:f1:fd:bc:da:4f:27:89:ba:d0:65:76:95:b4:0a:
         8c:50:2e:ce:18:c6:07:e8:d1:e5:d3:6b:e2:0a:9a:36:f7:33:
         28:26:cb:96:67:2e:e7:5e:9a:a7:5a:b3:8b:f1:e3:e2:23:9e:
         87:da:11:17:38:b5:44:c5:68:45:1a:87:61:e4:1e:07:80:c7:
         a6:36:85:b6:30:06:28:d1:c5:ea:e5:18:ba:87:4b:df:8c:80:
         45:7b:dc:9a:c0:6b:74:40:a0:7c:9b:2f:ba:b8:b6:eb:4d:58:
         97:09:7a:12:99:90:73:85:87:37:c5:a1:77:cf:0b:73:d9:4a:
         92:14:65:b0:05:47:48:f9:72:97:d4:a4:f0:72:33:f4:81:6b:
         d9:36:cd:41:10:5e:b9:df:d7:1a:10:44:e9:a6:0a:f1:e0:05:
         c5:42:1e:ad:1b:e2:78:4e:7a:fc:9c:75:bc:f8:34:b9:04:f1:
         f6:ba:d6:f0:c6:d2:90:07:39:e3:50:86:26:16:57:12:c6:fe:
         a3:d9:0d:82:21:9d:8e:15:27:0c:b0:a6:16:72:d8:f5:12:d2:
         80:02:6f:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuL6bomDD+Btt6YWfsahXXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OTk0N2E5YTVkODhjYzYyY2M4OTgyNjhmMmJjYWZkNmE3
ZmZjNWIwHhcNMjMwMTAxMTYzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzQzN2ZjZWY0NDVkODI5NWVlNjIyZDQyYTM4ZGYzMDczNzY0Mjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCiszSbkwmgCR4E84TKKJI2NEdop
7D+nVUijuZD3oGd8dEqTr344IoC7eM+vPX/V6/rqZGdt5voOeAtbA56gPGSuaXSj
dVO7s7pPWcBZxuLvedTkWQBslx69U/OMFlj9D9Mcs6om5+EnpBg1Am32M4K7KrA9
Od9d8ZquQNjMvMqEryQ32487kxurDrjXScj7wn3QAVcrgSmCh/vwR+F1p6L3DCPs
7PMeA8A71hz+ZeMpr2S65KUxiDWfzDVD63y//5w2KG76NmsuDinGw9v89e16kHva
N+oW9BT9Kv4DJtc9qB+mgEL6ih/q+I2HZLhinHwiB3cpiiIEYor1OWMXLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFxDf870RdgpXuYi1Co43zBzdkKYMB8GA1UdIwQY
MBaAFBiZR6ml2IzGLMiYJo8ryv1qf/xbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0psSHFhWFlqTVlzeUpnbWp5dktfV3BfX0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS83MjlmOTItNWYwMy00MTU4LTkwYWMt
NmQ0MjhmMWMxNWZkLzEvWEVOX3p2UkYyQ2xlNWlMVUtqamZNSE4yUXBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS83MjlmOTItNWYwMy00MTU4LTkwYWMtNmQ0MjhmMWMxNWZk
LzEvR0psSHFhWFlqTVlzeUpnbWp5dktfV3BfX0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVLUMA0G
CSqGSIb3DQEBCwUAA4IBAQBkP41b1wEEKYg7FJHf0P4wyn0TA9REP9+m1YuDnReV
5MCAVzfLohDz8f282k8nibrQZXaVtAqMUC7OGMYH6NHl02viCpo29zMoJsuWZy7n
XpqnWrOL8ePiI56H2hEXOLVExWhFGodh5B4HgMemNoW2MAYo0cXq5Ri6h0vfjIBF
e9yawGt0QKB8my+6uLbrTViXCXoSmZBzhYc3xaF3zwtz2UqSFGWwBUdI+XKX1KTw
cjP0gWvZNs1BEF6539caEETppgrx4AXFQh6tG+J4Tnr8nHW8+DS5BPH2utbwxtKQ
BznjUIYmFlcSxv6j2Q2CIZ2OFScMsKYWctj1EtKAAm84
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:38 2024 by rpki-client on console-ams.rpki-client.org