Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/wMAp0LOmKS58mpfEM_QkDaRrGCw.roa
File:                     wMAp0LOmKS58mpfEM_QkDaRrGCw.roa (raw, json)
Hash identifier:          p7PSeCeXTnC6yi03wpQBSd8X8x1t1idKv5a3JE+eM+Q=
Subject key identifier:   C0:C0:29:D0:B3:A6:29:2E:7C:9A:97:C4:33:F4:24:0D:A4:6B:18:2C
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       01856C53E8989570FC1CB3373C3BAA4FBD89
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/wMAp0LOmKS58mpfEM_QkDaRrGCw.roa
Signing time:             Sun 01 Jan 2023 07:55:16 +0000
ROA not before:           Sun 01 Jan 2023 07:55:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35387
IP address blocks:        45.136.1.0/24 maxlen: 32
                          45.136.2.0/24 maxlen: 32
                          45.136.3.0/24 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:53:e8:98:95:70:fc:1c:b3:37:3c:3b:aa:4f:bd:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 07:55:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c0c029d0b3a6292e7c9a97c433f4240da46b182c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:97:5c:57:eb:0f:e7:78:dc:0b:c6:f8:f0:aa:
                    2e:7e:14:e4:a9:7a:75:93:52:d4:1b:ee:1a:5f:4b:
                    f8:52:29:bb:db:fa:6d:d0:2b:47:e1:1d:59:92:f2:
                    8d:7f:c8:77:f4:77:34:20:87:f1:85:85:04:71:1b:
                    0f:69:d9:81:f2:7b:45:f8:5a:be:60:cf:43:dc:2b:
                    f9:dd:ae:b9:ae:e8:1f:0e:e9:77:0e:61:3f:90:aa:
                    e1:24:9d:e9:3b:b6:b9:20:20:0a:1c:f4:f9:ae:38:
                    a6:4e:f2:a6:2f:12:bd:3c:04:e5:0e:22:89:b0:49:
                    f1:a1:60:71:28:9f:f1:26:c7:34:c4:8d:81:a9:cf:
                    c9:52:eb:d7:1c:97:d8:af:5a:8f:07:7c:8a:3a:fd:
                    82:65:7e:e4:a6:7e:de:0e:b8:b1:de:ae:b4:59:4b:
                    59:3b:4d:f3:ee:08:b6:37:dd:43:b9:ad:21:40:f8:
                    1c:49:09:4a:99:60:3a:dd:48:e7:c1:00:67:50:da:
                    70:fb:4a:91:a1:6c:c8:b2:f6:83:39:30:9a:85:be:
                    90:cd:f4:47:f1:6b:4d:dd:63:3f:70:25:a3:3f:76:
                    cc:4a:58:85:31:40:e6:73:4f:60:33:d3:74:83:19:
                    bf:a6:89:48:2e:5c:dc:23:9d:4a:e3:cf:71:8a:59:
                    51:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:C0:29:D0:B3:A6:29:2E:7C:9A:97:C4:33:F4:24:0D:A4:6B:18:2C
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/wMAp0LOmKS58mpfEM_QkDaRrGCw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.136.1.0-45.136.3.255

    Signature Algorithm: sha256WithRSAEncryption
         22:b9:a2:a0:29:b8:0d:6d:26:43:9b:9e:7b:bb:b9:e2:81:fe:
         41:7a:2a:f3:1e:64:51:91:dc:c7:4f:35:b7:d2:d1:00:57:38:
         aa:eb:61:f9:0b:cc:a2:cf:24:b3:2e:de:18:3c:59:d2:18:b4:
         38:18:83:39:40:b3:92:3f:ad:fd:49:15:ee:26:c7:d5:fd:4f:
         2d:7c:66:11:3a:7d:1d:7b:da:1e:b7:c7:0d:ee:5d:00:68:ab:
         0c:09:a0:c3:3f:c1:ec:fa:c5:fe:70:06:52:b1:9d:ea:a1:6c:
         93:7e:1c:a5:3e:1a:f5:47:86:ab:94:d9:e7:96:39:31:46:f3:
         90:93:3e:58:b5:06:e5:d4:a9:b6:11:0b:d0:91:4c:cb:4f:78:
         3d:e7:8e:cc:ac:52:8a:78:bc:38:f7:56:13:41:e0:a6:92:8e:
         2a:23:4d:9c:32:93:97:71:24:4a:0e:5c:75:a2:cb:4c:1d:3f:
         0f:5d:d5:6a:2e:7d:35:2b:11:b6:6e:db:1a:b3:75:38:5b:cf:
         56:b9:42:15:24:6f:4d:ff:8d:84:c3:eb:c6:fe:ba:1a:b8:3b:
         d9:49:62:ec:db:6f:38:03:a9:6d:82:32:63:bf:82:c7:00:e2:
         57:07:16:d3:be:c7:7d:39:5f:a2:11:5b:8f:4b:86:d7:54:0a:
         e0:7f:d9:91
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVsU+iYlXD8HLM3PDuqT72JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGMwMjlkMGIzYTYyOTJlN2M5YTk3YzQzM2Y0MjQwZGE0NmIxODJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5dcV+sP53jcC8b48KoufhTkqXp1
k1LUG+4aX0v4Uim72/pt0CtH4R1ZkvKNf8h39Hc0IIfxhYUEcRsPadmB8ntF+Fq+
YM9D3Cv53a65rugfDul3DmE/kKrhJJ3pO7a5ICAKHPT5rjimTvKmLxK9PATlDiKJ
sEnxoWBxKJ/xJsc0xI2Bqc/JUuvXHJfYr1qPB3yKOv2CZX7kpn7eDrix3q60WUtZ
O03z7gi2N91Dua0hQPgcSQlKmWA63UjnwQBnUNpw+0qRoWzIsvaDOTCahb6QzfRH
8WtN3WM/cCWjP3bMSliFMUDmc09gM9N0gxm/polILlzcI51K489xillRCwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMDAKdCzpikufJqXxDP0JA2kaxgsMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvd01BcDBMT21LUzU4bXBmRU1fUWtEYVJyR0N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtiAED
BAItiAAwDQYJKoZIhvcNAQELBQADggEBACK5oqApuA1tJkObnnu7ueKB/kF6KvMe
ZFGR3MdPNbfS0QBXOKrrYfkLzKLPJLMu3hg8WdIYtDgYgzlAs5I/rf1JFe4mx9X9
Ty18ZhE6fR172h63xw3uXQBoqwwJoMM/wez6xf5wBlKxneqhbJN+HKU+GvVHhquU
2eeWOTFG85CTPli1BuXUqbYRC9CRTMtPeD3njsysUop4vDj3VhNB4KaSjiojTZwy
k5dxJEoOXHWiy0wdPw9d1WoufTUrEbZu2xqzdThbz1a5QhUkb03/jYTD68b+uhq4
O9lJYuzbbzgDqW2CMmO/gscA4lcHFtO+x305X6IRW49LhtdUCuB/2ZE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:33 2024 by rpki-client on console-ams.rpki-client.org