Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/223d8f-58ac-4df7-bf1e-442010b579ef/1/zqyas6MZdjED8miCG6YyPmqRxiU.roa
File:                     zqyas6MZdjED8miCG6YyPmqRxiU.roa (raw, json)
Hash identifier:          SwmEbcK1QPJc3t2yB8S64jYZqNDHULmNF/V6bBhWrto=
Subject key identifier:   CE:AC:9A:B3:A3:19:76:31:03:F2:68:82:1B:A6:32:3E:6A:91:C6:25
Certificate issuer:       /CN=5d0a0d396f769369365f2b983c531afeca9710a7
Certificate serial:       018F764BBC221E8B73A4C9DAEFF9D7BCC399
Authority key identifier: 5D:0A:0D:39:6F:76:93:69:36:5F:2B:98:3C:53:1A:FE:CA:97:10:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XQoNOW92k2k2XyuYPFMa_sqXEKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/223d8f-58ac-4df7-bf1e-442010b579ef/1/zqyas6MZdjED8miCG6YyPmqRxiU.roa
Signing time:             Tue 14 May 2024 08:50:25 +0000
ROA not before:           Tue 14 May 2024 08:50:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48350
IP address blocks:        45.148.236.0/22 maxlen: 22
                          45.148.236.0/24 maxlen: 24
                          45.148.237.0/24 maxlen: 24
                          45.148.238.0/24 maxlen: 24
                          45.148.239.0/24 maxlen: 24
                          91.209.111.0/24 maxlen: 24
                          2a0f:7a00::/32 maxlen: 48
                          2a0f:7a02::/32 maxlen: 48

Validation:               Failed, certificate revoked on Tue 14 May 2024 21:48:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:76:4b:bc:22:1e:8b:73:a4:c9:da:ef:f9:d7:bc:c3:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d0a0d396f769369365f2b983c531afeca9710a7
        Validity
            Not Before: May 14 08:50:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ceac9ab3a319763103f268821ba6323e6a91c625
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:9e:87:20:85:a4:3d:1c:2f:1e:e9:56:37:6c:
                    e6:58:eb:1f:c3:f7:60:44:61:43:93:a0:48:46:75:
                    c2:43:a1:0d:89:f5:cd:51:a2:ce:b3:bc:69:e8:11:
                    10:dc:cc:c7:4b:df:db:86:cb:a2:86:3b:e7:6f:70:
                    76:42:24:48:56:ea:2c:64:98:dd:c5:50:c0:f5:31:
                    82:35:b3:18:b4:22:e5:fb:9f:aa:09:6a:42:28:3e:
                    bb:1f:97:ba:b5:c6:e8:46:ae:8d:63:3a:67:91:0f:
                    8d:47:ba:6a:e8:58:35:ba:5c:15:d4:82:48:c5:83:
                    6e:1a:95:f2:cb:49:e1:87:9c:20:77:d6:f4:89:98:
                    98:0c:7e:15:d0:cd:60:cd:5b:94:fd:5d:2a:fe:67:
                    a3:76:09:34:b2:85:31:e0:4b:56:94:69:f3:6f:67:
                    1f:43:db:e1:6b:e8:58:d6:30:e4:fa:46:7c:83:96:
                    2c:93:d6:65:7f:34:3c:06:74:07:f6:3b:d6:e2:36:
                    ed:20:75:b7:97:51:71:f6:dd:18:9f:a4:91:ea:06:
                    2c:80:fb:bb:22:ce:63:a5:1a:ca:e4:b1:94:9c:9a:
                    35:a1:4f:14:9f:aa:75:04:cd:88:11:a1:32:68:10:
                    94:e0:cd:94:17:a0:67:23:95:bd:5f:01:9b:c8:5e:
                    37:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:AC:9A:B3:A3:19:76:31:03:F2:68:82:1B:A6:32:3E:6A:91:C6:25
            X509v3 Authority Key Identifier:
                keyid:5D:0A:0D:39:6F:76:93:69:36:5F:2B:98:3C:53:1A:FE:CA:97:10:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XQoNOW92k2k2XyuYPFMa_sqXEKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/223d8f-58ac-4df7-bf1e-442010b579ef/1/zqyas6MZdjED8miCG6YyPmqRxiU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/223d8f-58ac-4df7-bf1e-442010b579ef/1/XQoNOW92k2k2XyuYPFMa_sqXEKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.148.236.0/22
                  91.209.111.0/24
                IPv6:
                  2a0f:7a00::/32
                  2a0f:7a02::/32

    Signature Algorithm: sha256WithRSAEncryption
         10:8e:e2:78:10:ad:59:77:17:4a:e6:b6:b4:43:a6:e0:7a:3e:
         cf:4e:12:01:de:f3:31:ea:fd:62:2e:81:be:c2:7f:f9:72:8c:
         f1:c6:f6:b8:0a:4a:3c:33:5e:85:2c:32:9a:70:23:d8:48:74:
         51:7b:da:9c:8c:3a:00:7e:d3:5d:f4:9c:f1:29:75:9b:17:7e:
         d9:d5:d8:ee:57:cf:1b:13:14:ad:c0:37:e9:5c:0c:9e:96:b3:
         51:8a:37:2a:7c:8b:83:c7:4f:bd:c0:3a:a0:39:66:dc:17:b8:
         9a:a3:88:1f:72:21:ad:16:46:4c:c2:7e:34:29:d5:d4:f8:7f:
         94:32:85:b6:76:09:c5:3b:18:f8:04:91:58:d4:e4:a2:32:5a:
         82:18:9e:f4:e9:9a:91:73:29:b4:8f:0e:d8:aa:38:c5:3b:3f:
         c8:34:fc:08:3b:02:f3:68:11:9c:86:44:c3:8b:7b:e5:f4:2a:
         93:c3:e5:5a:76:dd:d9:27:8c:40:7f:44:5f:e9:06:47:5f:ec:
         d4:8a:9e:1c:b7:00:e5:3f:1f:1c:ce:57:6c:50:fc:c3:00:b7:
         82:b8:65:67:bf:7b:ed:c2:12:b7:4e:7e:91:5a:70:af:73:25:
         8a:24:e0:d6:7b:10:97:f5:95:eb:bf:14:01:98:90:e0:45:51:
         c6:b6:d9:7d
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY92S7wiHotzpMna7/nXvMOZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMGEwZDM5NmY3NjkzNjkzNjVmMmI5ODNjNTMxYWZlY2E5
NzEwYTcwHhcNMjQwNTE0MDg1MDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWFjOWFiM2EzMTk3NjMxMDNmMjY4ODIxYmE2MzIzZTZhOTFjNjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZ6HIIWkPRwvHulWN2zmWOsfw/dg
RGFDk6BIRnXCQ6ENifXNUaLOs7xp6BEQ3MzHS9/bhsuihjvnb3B2QiRIVuosZJjd
xVDA9TGCNbMYtCLl+5+qCWpCKD67H5e6tcboRq6NYzpnkQ+NR7pq6Fg1ulwV1IJI
xYNuGpXyy0nhh5wgd9b0iZiYDH4V0M1gzVuU/V0q/mejdgk0soUx4EtWlGnzb2cf
Q9vha+hY1jDk+kZ8g5Ysk9ZlfzQ8BnQH9jvW4jbtIHW3l1Fx9t0Yn6SR6gYsgPu7
Is5jpRrK5LGUnJo1oU8Un6p1BM2IEaEyaBCU4M2UF6BnI5W9XwGbyF43FQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFM6smrOjGXYxA/JoghumMj5qkcYlMB8GA1UdIwQY
MBaAFF0KDTlvdpNpNl8rmDxTGv7KlxCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFFvTk9XOTJrMmsyWHl1WVBGTWFfc3FYRUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yMjNkOGYtNThhYy00ZGY3LWJmMWUt
NDQyMDEwYjU3OWVmLzEvenF5YXM2TVpkakVEOG1pQ0c2WXlQbXFSeGlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yMjNkOGYtNThhYy00ZGY3LWJmMWUtNDQyMDEwYjU3OWVm
LzEvWFFvTk9XOTJrMmsyWHl1WVBGTWFfc3FYRUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLZTsAwQA
W9FvMBQEAgACMA4DBQAqD3oAAwUAKg96AjANBgkqhkiG9w0BAQsFAAOCAQEAEI7i
eBCtWXcXSua2tEOm4Ho+z04SAd7zMer9Yi6BvsJ/+XKM8cb2uApKPDNehSwymnAj
2Eh0UXvanIw6AH7TXfSc8Sl1mxd+2dXY7lfPGxMUrcA36VwMnpazUYo3KnyLg8dP
vcA6oDlm3Be4mqOIH3IhrRZGTMJ+NCnV1Ph/lDKFtnYJxTsY+ASRWNTkojJaghie
9OmakXMptI8O2Ko4xTs/yDT8CDsC82gRnIZEw4t75fQqk8PlWnbd2SeMQH9EX+kG
R1/s1IqeHLcA5T8fHM5XbFD8wwC3grhlZ7977cISt05+kVpwr3MliiTg1nsQl/WV
678UAZiQ4EVRxrbZfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:19 2024 by rpki-client on console-ams.rpki-client.org