Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/c345f3-b53a-41bf-996b-34b8d9de96ca/1/wj2TJzzlkjY4gtoFBL3O47cvPD0.roa
File:                     wj2TJzzlkjY4gtoFBL3O47cvPD0.roa (raw, json)
Hash identifier:          NfJ5EK55VoPJYZ0hmB9L+SXddVsvCa0iMtoiSY4ueFg=
Subject key identifier:   C2:3D:93:27:3C:E5:92:36:38:82:DA:05:04:BD:CE:E3:B7:2F:3C:3D
Certificate issuer:       /CN=a634878281144a46a856003d622f6141ea4e006f
Certificate serial:       01865AE6D08F0A5E3396CB0B8E481B17455B
Authority key identifier: A6:34:87:82:81:14:4A:46:A8:56:00:3D:62:2F:61:41:EA:4E:00:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pjSHgoEUSkaoVgA9Yi9hQepOAG8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/c345f3-b53a-41bf-996b-34b8d9de96ca/1/wj2TJzzlkjY4gtoFBL3O47cvPD0.roa
Signing time:             Thu 16 Feb 2023 15:45:21 +0000
ROA not before:           Thu 16 Feb 2023 15:45:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199821
IP address blocks:        45.154.234.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:5a:e6:d0:8f:0a:5e:33:96:cb:0b:8e:48:1b:17:45:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a634878281144a46a856003d622f6141ea4e006f
        Validity
            Not Before: Feb 16 15:45:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c23d93273ce592363882da0504bdcee3b72f3c3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:c6:48:fd:a4:66:d4:df:2b:bc:df:be:2b:d7:
                    02:72:e7:c0:2e:47:63:2c:5e:2b:31:49:60:00:34:
                    3f:b1:b6:2b:57:67:42:d0:a5:1f:5c:30:a3:58:2d:
                    c7:6c:d8:f0:51:8c:35:e0:2a:fd:c4:78:5a:69:2e:
                    36:ed:f1:e7:15:27:56:7d:75:b7:d2:9a:f4:84:12:
                    ad:5f:02:3d:34:b5:c7:4b:1c:1b:bc:db:8a:7f:63:
                    0c:0a:30:62:44:28:8a:8a:2d:a3:20:ad:29:61:d5:
                    1a:dc:83:f1:21:ce:a0:9e:10:97:aa:c0:4a:5e:95:
                    05:d5:0f:e2:f5:66:26:f1:f3:90:94:74:a9:f3:71:
                    7f:d8:62:cf:79:98:1b:3f:b4:88:7b:8f:80:b5:23:
                    5c:6b:f2:68:33:e8:58:a4:97:05:bb:48:fc:ca:52:
                    e0:56:2e:92:61:9c:e6:8b:01:f6:9f:ce:88:4c:29:
                    5a:62:f6:cd:ab:9b:68:6f:41:64:cb:ef:2d:dc:4f:
                    86:08:da:03:8f:79:48:5f:ff:12:3b:25:29:78:76:
                    03:70:cd:5d:1b:18:e7:08:90:2f:2a:ce:29:34:6c:
                    52:2e:59:a5:b5:0a:1a:32:3a:4a:99:51:2e:8a:29:
                    e9:5d:29:b5:c5:5a:46:b6:bd:69:56:a7:69:1c:9c:
                    a5:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:3D:93:27:3C:E5:92:36:38:82:DA:05:04:BD:CE:E3:B7:2F:3C:3D
            X509v3 Authority Key Identifier:
                keyid:A6:34:87:82:81:14:4A:46:A8:56:00:3D:62:2F:61:41:EA:4E:00:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjSHgoEUSkaoVgA9Yi9hQepOAG8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c345f3-b53a-41bf-996b-34b8d9de96ca/1/wj2TJzzlkjY4gtoFBL3O47cvPD0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c345f3-b53a-41bf-996b-34b8d9de96ca/1/pjSHgoEUSkaoVgA9Yi9hQepOAG8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.154.234.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:2e:5c:06:39:eb:6f:d6:3d:d7:cc:a8:71:8f:99:91:20:92:
         56:43:62:1e:e0:54:8e:63:fe:74:36:b4:22:69:75:e7:4c:d0:
         63:e1:84:2b:e2:7d:7a:8e:26:26:43:4c:4c:b7:4e:13:aa:9e:
         31:43:11:ff:ce:a4:94:6d:b1:b0:57:30:4a:45:8a:ed:64:ae:
         a9:c8:0c:79:2c:ee:a8:ea:a6:07:62:2a:7f:1a:b4:26:32:70:
         ae:7a:c5:da:e6:7e:53:64:37:e5:a6:6d:72:5f:ba:76:47:95:
         6b:b4:43:53:df:70:31:6c:f0:5e:4f:36:34:31:93:eb:bc:e9:
         ea:af:d6:c5:31:02:13:5f:1b:47:55:32:31:e5:79:2b:78:14:
         0b:ee:be:88:19:b3:23:56:2a:47:5b:20:c5:51:5e:2d:a1:00:
         8f:b4:6e:b3:13:d5:16:05:28:73:72:f8:e6:a8:be:ab:73:17:
         4a:ed:75:61:76:e1:ef:af:4c:67:13:59:e9:01:da:ca:67:e6:
         1a:77:a3:11:33:28:85:06:cc:e0:71:fb:46:4d:30:be:79:20:
         86:a4:06:df:3d:3f:4a:a5:aa:94:fb:5a:e5:bc:b6:3f:bd:d0:
         ee:4e:8b:34:8c:91:79:e7:99:8b:c6:2d:b7:dd:c9:a2:dc:f0:
         5b:53:c3:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZa5tCPCl4zlssLjkgbF0VbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MzQ4NzgyODExNDRhNDZhODU2MDAzZDYyMmY2MTQxZWE0
ZTAwNmYwHhcNMjMwMjE2MTU0NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjNkOTMyNzNjZTU5MjM2Mzg4MmRhMDUwNGJkY2VlM2I3MmYzYzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMZI/aRm1N8rvN++K9cCcufALkdj
LF4rMUlgADQ/sbYrV2dC0KUfXDCjWC3HbNjwUYw14Cr9xHhaaS427fHnFSdWfXW3
0pr0hBKtXwI9NLXHSxwbvNuKf2MMCjBiRCiKii2jIK0pYdUa3IPxIc6gnhCXqsBK
XpUF1Q/i9WYm8fOQlHSp83F/2GLPeZgbP7SIe4+AtSNca/JoM+hYpJcFu0j8ylLg
Vi6SYZzmiwH2n86ITClaYvbNq5tob0Fky+8t3E+GCNoDj3lIX/8SOyUpeHYDcM1d
GxjnCJAvKs4pNGxSLlmltQoaMjpKmVEuiinpXSm1xVpGtr1pVqdpHJylfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMI9kyc85ZI2OILaBQS9zuO3Lzw9MB8GA1UdIwQY
MBaAFKY0h4KBFEpGqFYAPWIvYUHqTgBvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGpTSGdvRVVTa2FvVmdBOVlpOWhRZXBPQUc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jMzQ1ZjMtYjUzYS00MWJmLTk5NmIt
MzRiOGQ5ZGU5NmNhLzEvd2oyVEp6emxralk0Z3RvRkJMM080N2N2UEQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9jMzQ1ZjMtYjUzYS00MWJmLTk5NmItMzRiOGQ5ZGU5NmNh
LzEvcGpTSGdvRVVTa2FvVmdBOVlpOWhRZXBPQUc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZrqMA0G
CSqGSIb3DQEBCwUAA4IBAQAHLlwGOetv1j3XzKhxj5mRIJJWQ2Ie4FSOY/50NrQi
aXXnTNBj4YQr4n16jiYmQ0xMt04Tqp4xQxH/zqSUbbGwVzBKRYrtZK6pyAx5LO6o
6qYHYip/GrQmMnCuesXa5n5TZDflpm1yX7p2R5VrtENT33AxbPBeTzY0MZPrvOnq
r9bFMQITXxtHVTIx5XkreBQL7r6IGbMjVipHWyDFUV4toQCPtG6zE9UWBShzcvjm
qL6rcxdK7XVhduHvr0xnE1npAdrKZ+Yad6MRMyiFBszgcftGTTC+eSCGpAbfPT9K
paqU+1rlvLY/vdDuTos0jJF555mLxi233cmi3PBbU8Nq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:56 2024 by rpki-client on console-fra.rpki-client.org