Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/2dfdb6-7a4d-43c3-870f-c86c2fc6c61b/1/T2qOU1zSQvvYRfraaOgtxgJI-AQ.roa
File:                     T2qOU1zSQvvYRfraaOgtxgJI-AQ.roa (raw, json)
Hash identifier:          7X/Y1CrfkN/gPCog5BbG+1p72ZfGQYKtKYKD6J/jLCQ=
Subject key identifier:   4F:6A:8E:53:5C:D2:42:FB:D8:45:FA:DA:68:E8:2D:C6:02:48:F8:04
Certificate issuer:       /CN=78688182b8f253c5cf946294786b7901435fc8c3
Certificate serial:       01891C7B9F1CE5D30EEFC8BA05B6FD848F1A
Authority key identifier: 78:68:81:82:B8:F2:53:C5:CF:94:62:94:78:6B:79:01:43:5F:C8:C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eGiBgrjyU8XPlGKUeGt5AUNfyMM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/2dfdb6-7a4d-43c3-870f-c86c2fc6c61b/1/T2qOU1zSQvvYRfraaOgtxgJI-AQ.roa
Signing time:             Mon 03 Jul 2023 16:00:10 +0000
ROA not before:           Mon 03 Jul 2023 16:00:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199904
IP address blocks:        45.141.192.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:1c:7b:9f:1c:e5:d3:0e:ef:c8:ba:05:b6:fd:84:8f:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=78688182b8f253c5cf946294786b7901435fc8c3
        Validity
            Not Before: Jul  3 16:00:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4f6a8e535cd242fbd845fada68e82dc60248f804
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:16:26:24:d6:b7:d3:e2:60:d3:e1:db:27:09:
                    d6:ab:3e:ad:6a:b9:e2:9e:15:ea:c8:f0:a0:0e:43:
                    3b:8d:ec:f1:90:d6:e7:2e:1c:d7:a6:a7:f3:0b:22:
                    d9:f9:cd:4c:11:9e:12:c2:9d:ff:8e:e1:76:24:49:
                    a3:3b:ef:e7:98:c3:15:ec:36:3f:6b:73:a0:47:67:
                    bd:18:fe:a0:2e:93:21:63:a1:1b:1c:0c:39:48:a1:
                    4e:95:0e:a1:c9:05:9a:ad:d7:f0:db:6f:29:91:5e:
                    95:0c:46:7d:35:a9:f7:05:a9:05:28:17:08:55:95:
                    c2:32:cd:9a:af:b3:41:07:55:4b:9c:95:f2:b2:93:
                    ea:4e:ab:83:d5:d5:12:cb:e1:88:76:61:6a:3c:06:
                    19:2b:84:04:e2:5d:d0:30:aa:d7:94:d2:a0:2a:6f:
                    71:e1:cd:65:71:3e:65:9f:66:c7:b3:3a:48:8a:3b:
                    6c:13:d1:ec:d2:d6:d1:77:50:01:81:98:61:78:4d:
                    4b:4b:df:05:26:55:c4:e8:f6:f3:1d:fd:d3:1e:b7:
                    97:a0:ec:77:43:bd:4a:23:c7:aa:67:d4:cb:ea:87:
                    c7:e7:d4:6a:e1:b7:e0:5b:58:d0:78:55:ac:8c:d1:
                    7b:6d:90:a8:d5:ae:ff:76:74:17:d4:32:54:2f:7b:
                    ab:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:6A:8E:53:5C:D2:42:FB:D8:45:FA:DA:68:E8:2D:C6:02:48:F8:04
            X509v3 Authority Key Identifier:
                keyid:78:68:81:82:B8:F2:53:C5:CF:94:62:94:78:6B:79:01:43:5F:C8:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eGiBgrjyU8XPlGKUeGt5AUNfyMM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2dfdb6-7a4d-43c3-870f-c86c2fc6c61b/1/T2qOU1zSQvvYRfraaOgtxgJI-AQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2dfdb6-7a4d-43c3-870f-c86c2fc6c61b/1/eGiBgrjyU8XPlGKUeGt5AUNfyMM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.141.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4f:c8:38:d6:3e:f0:7f:4c:25:d8:48:15:b4:79:50:26:7b:f2:
         77:f3:5b:c8:38:e3:c3:a7:ed:c3:28:82:d4:2f:e1:24:d6:00:
         9e:84:54:c6:3d:a2:29:d3:36:3f:87:3e:8a:16:2f:da:20:b7:
         2b:1f:8b:de:ed:bd:30:7f:5d:31:7d:d7:16:22:5b:b5:c2:e0:
         96:75:25:90:44:f4:e3:8a:72:27:f0:10:ec:fb:d8:f4:10:6c:
         e3:f2:ae:c7:24:99:48:b7:bb:28:57:18:e3:44:24:42:e2:c0:
         c1:2c:33:62:c3:59:f5:d0:cd:da:85:c3:1f:c0:36:92:18:0b:
         aa:7b:26:95:9e:32:9b:14:42:fc:93:9e:3d:74:f4:96:53:de:
         fe:2a:32:02:0c:01:1e:de:87:29:00:66:cf:c1:2b:40:29:17:
         8d:1a:4b:08:fd:41:87:ba:55:f5:5b:c0:63:12:8f:05:b2:df:
         e7:23:13:48:08:d6:77:fd:1a:28:54:0f:42:17:f2:e4:e7:14:
         e9:e9:23:a4:88:77:79:01:5f:e7:e6:bb:5d:52:f2:ae:6d:3d:
         ad:28:a1:28:7e:6d:ae:35:e5:18:72:01:c6:9a:a5:d6:3b:d4:
         15:90:d8:40:d2:98:15:98:c3:e7:23:e2:b9:15:29:ec:8f:2d:
         e2:b7:b1:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkce58c5dMO78i6Bbb9hI8aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4Njg4MTgyYjhmMjUzYzVjZjk0NjI5NDc4NmI3OTAxNDM1
ZmM4YzMwHhcNMjMwNzAzMTYwMDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjZhOGU1MzVjZDI0MmZiZDg0NWZhZGE2OGU4MmRjNjAyNDhmODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hYmJNa30+Jg0+HbJwnWqz6tarni
nhXqyPCgDkM7jezxkNbnLhzXpqfzCyLZ+c1MEZ4Swp3/juF2JEmjO+/nmMMV7DY/
a3OgR2e9GP6gLpMhY6EbHAw5SKFOlQ6hyQWardfw228pkV6VDEZ9Nan3BakFKBcI
VZXCMs2ar7NBB1VLnJXyspPqTquD1dUSy+GIdmFqPAYZK4QE4l3QMKrXlNKgKm9x
4c1lcT5ln2bHszpIijtsE9Hs0tbRd1ABgZhheE1LS98FJlXE6PbzHf3THreXoOx3
Q71KI8eqZ9TL6ofH59Rq4bfgW1jQeFWsjNF7bZCo1a7/dnQX1DJUL3urzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE9qjlNc0kL72EX62mjoLcYCSPgEMB8GA1UdIwQY
MBaAFHhogYK48lPFz5RilHhreQFDX8jDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUdpQmdyanlVOFhQbEdLVWVHdDVBVU5meU1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8yZGZkYjYtN2E0ZC00M2MzLTg3MGYt
Yzg2YzJmYzZjNjFiLzEvVDJxT1UxelNRdnZZUmZyYWFPZ3R4Z0pJLUFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8yZGZkYjYtN2E0ZC00M2MzLTg3MGYtYzg2YzJmYzZjNjFi
LzEvZUdpQmdyanlVOFhQbEdLVWVHdDVBVU5meU1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLY3AMA0G
CSqGSIb3DQEBCwUAA4IBAQBPyDjWPvB/TCXYSBW0eVAme/J381vIOOPDp+3DKILU
L+Ek1gCehFTGPaIp0zY/hz6KFi/aILcrH4ve7b0wf10xfdcWIlu1wuCWdSWQRPTj
inIn8BDs+9j0EGzj8q7HJJlIt7soVxjjRCRC4sDBLDNiw1n10M3ahcMfwDaSGAuq
eyaVnjKbFEL8k549dPSWU97+KjICDAEe3ocpAGbPwStAKReNGksI/UGHulX1W8Bj
Eo8Fst/nIxNICNZ3/RooVA9CF/Lk5xTp6SOkiHd5AV/n5rtdUvKubT2tKKEofm2u
NeUYcgHGmqXWO9QVkNhA0pgVmMPnI+K5FSnsjy3it7Gm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:17 2024 by rpki-client on console-fra.rpki-client.org