Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/acdf4f-f10a-4323-893a-ba102cdb2397/1/oKip0kins-tyiCHRtBvU6Q56n8o.roa
File:                     oKip0kins-tyiCHRtBvU6Q56n8o.roa (raw, json)
Hash identifier:          GYUXvY7G48t/sqoZ+TP1BDVOoRiuHsnh12jiN+T9+/0=
Subject key identifier:   A0:A8:A9:D2:48:A7:B3:EB:72:88:21:D1:B4:1B:D4:E9:0E:7A:9F:CA
Certificate issuer:       /CN=0f516df64b3941b046743411ed86ea6030d72fba
Certificate serial:       01856F8B75863F6F41CD0DE0B5F2769FAF4C
Authority key identifier: 0F:51:6D:F6:4B:39:41:B0:46:74:34:11:ED:86:EA:60:30:D7:2F:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D1Ft9ks5QbBGdDQR7YbqYDDXL7o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/acdf4f-f10a-4323-893a-ba102cdb2397/1/oKip0kins-tyiCHRtBvU6Q56n8o.roa
Signing time:             Sun 01 Jan 2023 22:54:48 +0000
ROA not before:           Sun 01 Jan 2023 22:54:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208123
IP address blocks:        45.159.40.0/22 maxlen: 22
                          2a0f:6e80::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:8b:75:86:3f:6f:41:cd:0d:e0:b5:f2:76:9f:af:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f516df64b3941b046743411ed86ea6030d72fba
        Validity
            Not Before: Jan  1 22:54:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a0a8a9d248a7b3eb728821d1b41bd4e90e7a9fca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:18:9b:b7:c9:b8:1d:98:8d:68:02:f3:16:ee:
                    c9:71:0c:75:15:6c:18:c8:06:d6:ec:d3:75:b7:29:
                    84:cf:9e:73:05:c2:4f:8f:c3:6a:a8:20:d3:59:eb:
                    b0:b9:f1:95:4d:1d:a4:16:52:68:54:62:35:d8:20:
                    56:ef:db:a2:2c:37:aa:d1:f3:95:32:ec:52:49:a6:
                    8b:d5:f1:48:db:e6:51:86:79:57:1f:76:80:ed:c3:
                    dc:e0:6f:d9:f0:c9:7c:00:3e:ba:79:78:76:a2:81:
                    1f:18:6a:ad:50:71:e7:45:2b:3d:67:ab:59:1d:d5:
                    e9:05:6d:d8:f3:27:1a:2b:67:71:0d:ba:43:cb:ff:
                    1e:46:6d:83:47:a7:ba:b4:f2:0d:11:15:e2:28:94:
                    ae:00:60:f6:ac:df:90:52:b1:6b:fd:17:f6:32:01:
                    e9:c7:f0:07:ca:68:b4:31:f4:87:8b:1b:a4:22:0e:
                    88:df:5e:de:35:d5:66:d4:16:3c:c4:44:00:5f:f7:
                    01:c5:d7:c5:46:f4:c5:31:7b:41:9f:f1:3d:e4:1a:
                    31:68:78:6f:b7:20:b8:0b:19:06:75:1e:b3:52:7e:
                    4f:ed:64:af:1d:f6:77:3a:24:46:8e:00:a9:a8:52:
                    e2:4f:78:c2:d9:e3:ea:a3:8b:52:3b:41:94:90:60:
                    fe:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:A8:A9:D2:48:A7:B3:EB:72:88:21:D1:B4:1B:D4:E9:0E:7A:9F:CA
            X509v3 Authority Key Identifier:
                keyid:0F:51:6D:F6:4B:39:41:B0:46:74:34:11:ED:86:EA:60:30:D7:2F:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D1Ft9ks5QbBGdDQR7YbqYDDXL7o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/acdf4f-f10a-4323-893a-ba102cdb2397/1/oKip0kins-tyiCHRtBvU6Q56n8o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/acdf4f-f10a-4323-893a-ba102cdb2397/1/D1Ft9ks5QbBGdDQR7YbqYDDXL7o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.159.40.0/22
                IPv6:
                  2a0f:6e80::/32

    Signature Algorithm: sha256WithRSAEncryption
         6f:8b:1f:0e:e3:53:f8:b7:82:11:87:32:e8:ca:b5:2a:ed:7b:
         0d:d8:61:ad:84:94:df:6c:6e:d8:77:76:af:39:7a:2d:63:1a:
         7a:db:38:b7:7a:e4:66:b0:13:99:25:76:15:ff:5c:f8:83:b9:
         eb:a2:1f:86:6f:4a:35:a9:7d:60:2f:5b:c6:46:f6:e1:0c:31:
         23:65:e5:3e:d8:db:26:b0:41:77:49:a1:c0:c8:39:55:eb:55:
         43:1e:34:53:4e:40:b0:38:d1:41:d3:65:e7:39:cd:cc:5b:9f:
         62:b7:16:8e:33:d2:d6:1c:da:c1:84:25:93:92:ad:b8:b9:7c:
         af:e9:ea:57:9e:e1:d5:53:eb:56:53:7d:1a:80:bf:f3:82:ae:
         e7:0e:9b:b5:74:e9:e4:ee:7d:04:e8:cf:75:b6:e6:e0:38:c9:
         47:82:d2:78:f1:a0:f8:b3:81:cb:7d:b4:bd:54:61:07:29:92:
         d0:95:aa:9b:c8:76:b9:eb:18:7d:56:63:63:d9:bc:0e:1b:cc:
         eb:24:1f:60:41:3e:ed:d6:d2:c0:c0:67:04:de:9a:a5:3d:5f:
         76:8e:71:31:75:95:42:10:38:ce:4c:d3:d2:4e:cd:0d:1f:71:
         c8:b9:48:70:24:63:39:5d:f4:ce:2a:93:a6:bc:52:a8:f8:b0:
         5d:76:64:57
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvi3WGP29BzQ3gtfJ2n69MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNTE2ZGY2NGIzOTQxYjA0Njc0MzQxMWVkODZlYTYwMzBk
NzJmYmEwHhcNMjMwMTAxMjI1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGE4YTlkMjQ4YTdiM2ViNzI4ODIxZDFiNDFiZDRlOTBlN2E5ZmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRibt8m4HZiNaALzFu7JcQx1FWwY
yAbW7NN1tymEz55zBcJPj8NqqCDTWeuwufGVTR2kFlJoVGI12CBW79uiLDeq0fOV
MuxSSaaL1fFI2+ZRhnlXH3aA7cPc4G/Z8Ml8AD66eXh2ooEfGGqtUHHnRSs9Z6tZ
HdXpBW3Y8ycaK2dxDbpDy/8eRm2DR6e6tPINERXiKJSuAGD2rN+QUrFr/Rf2MgHp
x/AHymi0MfSHixukIg6I317eNdVm1BY8xEQAX/cBxdfFRvTFMXtBn/E95BoxaHhv
tyC4CxkGdR6zUn5P7WSvHfZ3OiRGjgCpqFLiT3jC2ePqo4tSO0GUkGD+NQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKCoqdJIp7Prcogh0bQb1OkOep/KMB8GA1UdIwQY
MBaAFA9RbfZLOUGwRnQ0Ee2G6mAw1y+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDFGdDlrczVRYkJHZERRUjdZYnFZRERYTDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9hY2RmNGYtZjEwYS00MzIzLTg5M2Et
YmExMDJjZGIyMzk3LzEvb0tpcDBraW5zLXR5aUNIUnRCdlU2UTU2bjhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9hY2RmNGYtZjEwYS00MzIzLTg5M2EtYmExMDJjZGIyMzk3
LzEvRDFGdDlrczVRYkJHZERRUjdZYnFZRERYTDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ8oMA0E
AgACMAcDBQAqD26AMA0GCSqGSIb3DQEBCwUAA4IBAQBvix8O41P4t4IRhzLoyrUq
7XsN2GGthJTfbG7Yd3avOXotYxp62zi3euRmsBOZJXYV/1z4g7nroh+Gb0o1qX1g
L1vGRvbhDDEjZeU+2NsmsEF3SaHAyDlV61VDHjRTTkCwONFB02XnOc3MW59itxaO
M9LWHNrBhCWTkq24uXyv6epXnuHVU+tWU30agL/zgq7nDpu1dOnk7n0E6M91tubg
OMlHgtJ48aD4s4HLfbS9VGEHKZLQlaqbyHa56xh9VmNj2bwOG8zrJB9gQT7t1tLA
wGcE3pqlPV92jnExdZVCEDjOTNPSTs0NH3HIuUhwJGM5XfTOKpOmvFKo+LBddmRX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:12 2024 by rpki-client on console-fra.rpki-client.org