Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/OuqQK8L3KHNi_lQ87IMwZfElsWM.roa
File:                     OuqQK8L3KHNi_lQ87IMwZfElsWM.roa (raw, json)
Hash identifier:          YIyRFgeDfbUyBzxzRC9zcz1t3pM14zhUSJOJmaufuc0=
Subject key identifier:   3A:EA:90:2B:C2:F7:28:73:62:FE:54:3C:EC:83:30:65:F1:25:B1:63
Certificate issuer:       /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial:       018570FBB9C13ADB1F7B0C6ECB2CE6B257C1
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/OuqQK8L3KHNi_lQ87IMwZfElsWM.roa
Signing time:             Mon 02 Jan 2023 05:37:03 +0000
ROA not before:           Mon 02 Jan 2023 05:37:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34924
IP address blocks:        45.86.127.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:fb:b9:c1:3a:db:1f:7b:0c:6e:cb:2c:e6:b2:57:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
        Validity
            Not Before: Jan  2 05:37:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3aea902bc2f7287362fe543cec833065f125b163
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:86:04:39:bf:10:20:3a:16:b7:4f:6c:5c:da:
                    f0:80:50:54:61:93:e5:13:0c:7e:c0:77:59:f7:45:
                    b9:a4:c6:d5:53:03:af:07:f2:36:90:2e:50:be:45:
                    17:b3:5e:24:55:82:24:fe:ca:b5:a1:5b:56:09:94:
                    2d:e1:65:d4:54:92:a5:48:6d:fa:d7:65:2b:d6:be:
                    1f:ba:e5:9d:36:5b:0a:3a:a7:bb:49:1a:78:db:07:
                    bd:da:dd:cb:5d:82:16:96:c5:d3:29:1f:6b:8d:4f:
                    c4:14:9d:ce:61:2f:11:e4:7c:b8:b7:e0:e7:7e:bd:
                    3c:b7:99:2f:f6:89:0f:e1:55:5e:0c:90:d2:55:75:
                    63:25:25:ee:da:a9:06:68:c0:2b:9e:78:8b:21:b1:
                    d7:dd:74:5d:7b:08:56:ba:08:e4:d7:5d:f4:31:dd:
                    26:39:0b:79:06:f6:a1:e5:58:0c:17:42:07:fb:2d:
                    e9:ef:57:27:22:ab:f7:da:6f:80:0d:71:e9:b3:f4:
                    eb:b0:f8:7b:12:05:0b:9a:61:7e:ab:fe:89:8b:17:
                    b5:fb:7b:18:cc:86:19:db:1c:9b:bd:dc:95:7e:1b:
                    3f:a7:cf:2a:52:44:5d:3e:92:4c:4e:31:38:8a:c9:
                    95:9c:71:fa:2a:8b:32:1b:44:0f:55:45:82:15:78:
                    de:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:EA:90:2B:C2:F7:28:73:62:FE:54:3C:EC:83:30:65:F1:25:B1:63
            X509v3 Authority Key Identifier:
                keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/OuqQK8L3KHNi_lQ87IMwZfElsWM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.86.127.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:25:15:a8:12:8a:ee:22:86:cb:38:6d:4c:90:5c:ba:9a:1d:
         9f:d8:fc:a3:12:39:f1:38:14:11:fb:5e:25:e3:ae:0d:11:a6:
         4d:ca:32:9c:c4:d8:96:cb:f6:11:e4:13:74:07:d7:2b:2d:5e:
         60:5c:b5:b9:fe:0a:80:71:d5:c1:3b:83:f4:19:d4:5b:a9:eb:
         cb:2f:92:91:b9:ff:62:91:12:cc:92:05:3e:6e:c7:cd:5b:6b:
         46:a0:07:17:52:7c:7b:71:9d:98:2c:e4:a8:cb:a5:63:40:7b:
         67:ab:d2:24:ff:2e:5c:d2:20:b7:a3:ed:ce:ca:3c:93:ad:66:
         77:d4:a2:5e:c7:78:7a:73:46:84:bd:e6:6a:9d:1e:6c:a5:12:
         c5:b6:1e:a3:c1:52:0f:b7:0b:87:ce:cc:49:c0:e1:74:5d:73:
         2c:c7:ff:05:16:b9:b0:bc:5c:ec:ce:3c:6d:b6:8f:b2:a6:87:
         f7:e6:c6:2b:02:70:6a:1f:9e:de:ad:18:15:ec:54:17:01:45:
         d4:76:f1:63:b5:d8:f9:77:9e:12:8c:17:9d:52:71:07:94:22:
         ca:d3:34:93:3b:23:ac:cd:48:68:77:9d:5a:90:52:07:48:99:
         5a:37:b6:fd:7e:d1:8d:ee:33:5f:e9:af:67:a5:b7:32:09:ef:
         3f:a3:fd:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+7nBOtsfewxuyyzmslfBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwMTAyMDUzNzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWVhOTAyYmMyZjcyODczNjJmZTU0M2NlYzgzMzA2NWYxMjViMTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA44YEOb8QIDoWt09sXNrwgFBUYZPl
Ewx+wHdZ90W5pMbVUwOvB/I2kC5QvkUXs14kVYIk/sq1oVtWCZQt4WXUVJKlSG36
12Ur1r4fuuWdNlsKOqe7SRp42we92t3LXYIWlsXTKR9rjU/EFJ3OYS8R5Hy4t+Dn
fr08t5kv9okP4VVeDJDSVXVjJSXu2qkGaMArnniLIbHX3XRdewhWugjk1130Md0m
OQt5Bvah5VgMF0IH+y3p71cnIqv32m+ADXHps/TrsPh7EgULmmF+q/6Jixe1+3sY
zIYZ2xybvdyVfhs/p88qUkRdPpJMTjE4ismVnHH6KosyG0QPVUWCFXjeaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDrqkCvC9yhzYv5UPOyDMGXxJbFjMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvT3VxUUs4TDNLSE5pX2xRODdJTXdaZkVsc1dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVZ/MA0G
CSqGSIb3DQEBCwUAA4IBAQBYJRWoEoruIobLOG1MkFy6mh2f2PyjEjnxOBQR+14l
464NEaZNyjKcxNiWy/YR5BN0B9crLV5gXLW5/gqAcdXBO4P0GdRbqevLL5KRuf9i
kRLMkgU+bsfNW2tGoAcXUnx7cZ2YLOSoy6VjQHtnq9Ik/y5c0iC3o+3OyjyTrWZ3
1KJex3h6c0aEveZqnR5spRLFth6jwVIPtwuHzsxJwOF0XXMsx/8FFrmwvFzszjxt
to+ypof35sYrAnBqH57erRgV7FQXAUXUdvFjtdj5d54SjBedUnEHlCLK0zSTOyOs
zUhod51akFIHSJlaN7b9ftGN7jNf6a9npbcyCe8/o/2E
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org