Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/qIE08Z5-tL-M9zTNgvda0yMohCw.roa
File:                     qIE08Z5-tL-M9zTNgvda0yMohCw.roa (raw, json)
Hash identifier:          hRNXja9whv/fntSoRUtdd07E+BxpCV4+GA4azgCq87k=
Subject key identifier:   A8:81:34:F1:9E:7E:B4:BF:8C:F7:34:CD:82:F7:5A:D3:23:28:84:2C
Certificate issuer:       /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial:       0186DC0FE41C5EEA0EFB8AB9E9A9DC0EAB93
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/qIE08Z5-tL-M9zTNgvda0yMohCw.roa
Signing time:             Mon 13 Mar 2023 17:41:14 +0000
ROA not before:           Mon 13 Mar 2023 17:41:14 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16353
IP address blocks:        45.135.166.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:dc:0f:e4:1c:5e:ea:0e:fb:8a:b9:e9:a9:dc:0e:ab:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
        Validity
            Not Before: Mar 13 17:41:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a88134f19e7eb4bf8cf734cd82f75ad32328842c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:16:66:66:01:a4:09:cf:bb:4c:13:aa:35:25:
                    07:3a:e9:d5:b5:0c:90:ce:bd:b4:da:c0:2e:d0:9a:
                    6d:b7:16:f2:de:46:c7:66:03:c2:90:75:36:0e:b0:
                    5a:fe:ab:82:77:25:f2:17:1c:b3:d6:c0:37:47:f7:
                    4b:6d:db:aa:16:67:59:e9:cf:57:ba:f5:9a:ae:f8:
                    bf:1b:b0:18:f8:3f:ea:41:ec:e8:ef:98:c9:7e:29:
                    55:66:78:10:bb:84:23:ea:b1:e2:fc:56:2a:7c:93:
                    a6:e3:f4:6c:b6:ba:a0:93:df:f7:d4:43:49:c6:ef:
                    3c:14:b7:6d:46:d9:49:6f:68:bc:a7:48:31:71:2b:
                    7f:ce:73:fe:30:c5:07:47:d7:99:81:e1:e8:61:87:
                    7b:91:a4:40:cb:c1:53:02:15:1f:9f:af:ee:f9:d6:
                    8b:48:69:15:03:7d:a2:fd:42:2c:3d:65:ca:04:46:
                    2d:41:81:40:cc:75:8a:7d:ed:21:46:d0:22:a8:3a:
                    21:33:20:cd:9d:7f:37:e7:01:5f:61:af:90:8a:9f:
                    11:c3:64:2b:e1:20:f3:85:51:12:82:76:77:e8:a5:
                    7a:59:f1:9f:73:94:31:80:e6:57:9d:5c:97:e1:c0:
                    33:30:5d:26:54:54:97:5a:f5:1b:a9:9d:46:d3:2f:
                    96:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:81:34:F1:9E:7E:B4:BF:8C:F7:34:CD:82:F7:5A:D3:23:28:84:2C
            X509v3 Authority Key Identifier:
                keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/qIE08Z5-tL-M9zTNgvda0yMohCw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.135.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:4a:53:39:b8:a3:3b:f7:11:a2:8a:7c:9e:74:0a:e5:ff:bd:
         bd:51:9a:e3:a9:ac:10:fc:73:e0:3c:d7:e8:b3:35:a6:7d:7d:
         92:77:92:10:68:e1:fd:32:f6:ed:7b:c1:0e:aa:b2:1a:c3:01:
         1f:12:6f:43:e7:b3:41:51:82:23:18:bd:21:70:8f:60:df:35:
         28:ef:3f:07:d4:83:68:e9:eb:dd:ad:1b:5c:03:6d:c2:62:89:
         e3:4b:3b:3e:0c:b2:8a:62:ed:1a:c6:4a:89:ee:ca:d2:9a:17:
         36:69:bc:06:ff:e9:96:45:55:71:c6:74:5b:96:16:84:e2:85:
         49:fe:c2:2c:a7:28:5c:28:b3:c1:4a:89:3a:ae:a3:75:20:dd:
         67:05:be:14:90:0f:59:64:43:06:06:29:f1:7e:51:e1:44:0f:
         5b:d7:85:20:b4:58:28:55:91:a7:8b:61:7e:c6:27:ef:99:98:
         95:1d:d7:21:2a:ae:0d:ba:e5:eb:fa:d3:a2:ff:6e:7b:f4:a0:
         64:ed:e0:89:99:0f:13:4e:6c:78:30:61:c4:06:79:90:96:b8:
         6e:e9:33:4d:51:0f:97:3e:ab:b3:1d:dd:51:0e:65:80:09:28:
         d3:67:b3:c6:d1:6f:87:9a:2c:c2:84:b7:b6:d0:9f:dd:6c:24:
         8c:7c:7d:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbcD+QcXuoO+4q56ancDquTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjMwMzEzMTc0MTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODgxMzRmMTllN2ViNGJmOGNmNzM0Y2Q4MmY3NWFkMzIzMjg4NDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRZmZgGkCc+7TBOqNSUHOunVtQyQ
zr202sAu0Jpttxby3kbHZgPCkHU2DrBa/quCdyXyFxyz1sA3R/dLbduqFmdZ6c9X
uvWarvi/G7AY+D/qQezo75jJfilVZngQu4Qj6rHi/FYqfJOm4/Rstrqgk9/31ENJ
xu88FLdtRtlJb2i8p0gxcSt/znP+MMUHR9eZgeHoYYd7kaRAy8FTAhUfn6/u+daL
SGkVA32i/UIsPWXKBEYtQYFAzHWKfe0hRtAiqDohMyDNnX835wFfYa+Qip8Rw2Qr
4SDzhVESgnZ36KV6WfGfc5QxgOZXnVyX4cAzMF0mVFSXWvUbqZ1G0y+WKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKiBNPGefrS/jPc0zYL3WtMjKIQsMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvcUlFMDhaNS10TC1NOXpUTmd2ZGEweU1vaEN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYemMA0G
CSqGSIb3DQEBCwUAA4IBAQAESlM5uKM79xGiinyedArl/729UZrjqawQ/HPgPNfo
szWmfX2Sd5IQaOH9Mvbte8EOqrIawwEfEm9D57NBUYIjGL0hcI9g3zUo7z8H1INo
6evdrRtcA23CYonjSzs+DLKKYu0axkqJ7srSmhc2abwG/+mWRVVxxnRblhaE4oVJ
/sIspyhcKLPBSok6rqN1IN1nBb4UkA9ZZEMGBinxflHhRA9b14UgtFgoVZGni2F+
xifvmZiVHdchKq4NuuXr+tOi/2579KBk7eCJmQ8TTmx4MGHEBnmQlrhu6TNNUQ+X
PquzHd1RDmWACSjTZ7PG0W+HmizChLe20J/dbCSMfH1q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:51 2024 by rpki-client on console-fra.rpki-client.org