Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/c3e329-15ef-423a-bb12-3a6063cfea95/1/AowcxmUKHeQlUkCWGfBSvFjRPEM.roa
File:                     AowcxmUKHeQlUkCWGfBSvFjRPEM.roa (raw, json)
Hash identifier:          CjmIUfy0557Dl+Q4rPGurT6AKLptJ7QT0hnXZydjqYM=
Subject key identifier:   02:8C:1C:C6:65:0A:1D:E4:25:52:40:96:19:F0:52:BC:58:D1:3C:43
Certificate issuer:       /CN=bee0a94997672a920a290ccbfd049126f7075c99
Certificate serial:       01856DDD3764C3E28A4048B67D3121DBD6C4
Authority key identifier: BE:E0:A9:49:97:67:2A:92:0A:29:0C:CB:FD:04:91:26:F7:07:5C:99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vuCpSZdnKpIKKQzL_QSRJvcHXJk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/c3e329-15ef-423a-bb12-3a6063cfea95/1/AowcxmUKHeQlUkCWGfBSvFjRPEM.roa
Signing time:             Sun 01 Jan 2023 15:04:52 +0000
ROA not before:           Sun 01 Jan 2023 15:04:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51876
IP address blocks:        45.136.132.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:dd:37:64:c3:e2:8a:40:48:b6:7d:31:21:db:d6:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bee0a94997672a920a290ccbfd049126f7075c99
        Validity
            Not Before: Jan  1 15:04:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=028c1cc6650a1de42552409619f052bc58d13c43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:4e:11:94:77:6b:80:53:55:34:16:e6:ae:54:
                    41:10:3d:8f:5b:99:ec:7e:a9:db:fa:5e:0e:16:ff:
                    7c:11:69:b8:73:e1:4f:9b:08:11:3f:b4:05:be:16:
                    62:15:2a:39:22:57:04:fd:e9:0e:66:f8:ac:03:72:
                    c1:d2:16:70:56:f3:47:ec:91:43:8d:c3:11:0b:1b:
                    46:d0:c4:c6:5c:8a:e4:58:64:01:d5:59:1e:25:47:
                    69:2d:11:46:a0:df:59:03:9c:0f:93:20:f4:ed:7c:
                    a9:52:d1:60:52:10:37:a9:68:ba:70:21:9f:ec:99:
                    bd:d6:9e:a6:ab:f6:9e:a2:3c:cd:ec:33:bd:cb:ca:
                    ae:bc:2a:80:e5:09:c0:c5:d5:04:0d:58:57:3e:25:
                    ca:d3:1f:a2:da:57:21:16:97:e9:12:af:95:9e:c5:
                    09:52:72:c0:54:1d:98:ff:b8:72:74:28:5e:bb:db:
                    46:c6:b1:30:dd:4a:41:c4:a2:f3:c7:6a:e3:34:ec:
                    16:9f:eb:6e:bc:f2:35:db:7c:88:ed:0d:1e:d7:59:
                    ee:68:4c:76:a1:95:0f:68:93:43:70:4b:30:fa:56:
                    02:5c:96:ab:a1:8d:de:3f:a3:c9:1f:c8:51:f8:58:
                    ca:52:6e:83:23:70:2d:f3:60:bc:d5:99:03:f1:1b:
                    11:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:8C:1C:C6:65:0A:1D:E4:25:52:40:96:19:F0:52:BC:58:D1:3C:43
            X509v3 Authority Key Identifier:
                keyid:BE:E0:A9:49:97:67:2A:92:0A:29:0C:CB:FD:04:91:26:F7:07:5C:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vuCpSZdnKpIKKQzL_QSRJvcHXJk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c3e329-15ef-423a-bb12-3a6063cfea95/1/AowcxmUKHeQlUkCWGfBSvFjRPEM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c3e329-15ef-423a-bb12-3a6063cfea95/1/vuCpSZdnKpIKKQzL_QSRJvcHXJk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.136.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6c:ed:1f:e5:6b:d6:57:3f:51:12:76:c3:a8:08:a8:43:48:10:
         6d:86:4e:7a:76:32:6e:13:43:a8:8d:93:c4:42:53:5a:c9:f1:
         7e:74:db:24:65:40:1c:3a:95:39:9f:ac:e8:99:2a:fa:86:10:
         9f:04:56:f7:67:18:76:85:a2:91:82:73:18:43:c2:b4:63:50:
         ee:80:90:17:1e:86:0b:d2:0c:72:ac:6c:d9:9b:86:c3:49:71:
         02:5a:08:4a:6d:69:ce:15:a5:09:5c:a6:cd:67:67:e6:dc:89:
         ff:6e:6f:75:10:db:cb:d3:b7:7b:c4:2b:cc:bd:54:a8:d1:8a:
         fb:cf:49:33:c8:41:43:1c:ae:5c:ef:7b:31:10:ad:3f:bd:38:
         26:c2:40:7d:95:64:d9:82:ff:5e:65:c2:83:f2:36:71:a6:dd:
         7f:0e:9a:09:b0:56:5e:21:22:5e:df:8f:f6:58:b5:8e:84:a2:
         6a:d0:78:63:6c:4e:ca:e3:8e:05:dd:b4:cf:9c:33:9e:56:cf:
         7e:b6:bb:39:4d:e4:54:bf:db:a2:24:05:97:3d:b3:66:9c:df:
         60:6c:fa:41:a5:00:49:68:5a:39:01:0f:44:25:a2:ac:c9:d0:
         b5:c4:21:47:e4:87:8f:19:96:d1:32:6f:e6:9b:36:a6:f2:5a:
         5f:1f:f3:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt3Tdkw+KKQEi2fTEh29bEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlZTBhOTQ5OTc2NzJhOTIwYTI5MGNjYmZkMDQ5MTI2Zjcw
NzVjOTkwHhcNMjMwMTAxMTUwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjhjMWNjNjY1MGExZGU0MjU1MjQwOTYxOWYwNTJiYzU4ZDEzYzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmE4RlHdrgFNVNBbmrlRBED2PW5ns
fqnb+l4OFv98EWm4c+FPmwgRP7QFvhZiFSo5IlcE/ekOZvisA3LB0hZwVvNH7JFD
jcMRCxtG0MTGXIrkWGQB1VkeJUdpLRFGoN9ZA5wPkyD07XypUtFgUhA3qWi6cCGf
7Jm91p6mq/aeojzN7DO9y8quvCqA5QnAxdUEDVhXPiXK0x+i2lchFpfpEq+VnsUJ
UnLAVB2Y/7hydCheu9tGxrEw3UpBxKLzx2rjNOwWn+tuvPI123yI7Q0e11nuaEx2
oZUPaJNDcEsw+lYCXJaroY3eP6PJH8hR+FjKUm6DI3At82C81ZkD8RsRFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAKMHMZlCh3kJVJAlhnwUrxY0TxDMB8GA1UdIwQY
MBaAFL7gqUmXZyqSCikMy/0EkSb3B1yZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnVDcFNaZG5LcElLS1F6TF9RU1JKdmNIWEprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9jM2UzMjktMTVlZi00MjNhLWJiMTIt
M2E2MDYzY2ZlYTk1LzEvQW93Y3htVUtIZVFsVWtDV0dmQlN2RmpSUEVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9jM2UzMjktMTVlZi00MjNhLWJiMTItM2E2MDYzY2ZlYTk1
LzEvdnVDcFNaZG5LcElLS1F6TF9RU1JKdmNIWEprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYiEMA0G
CSqGSIb3DQEBCwUAA4IBAQBs7R/la9ZXP1ESdsOoCKhDSBBthk56djJuE0OojZPE
QlNayfF+dNskZUAcOpU5n6zomSr6hhCfBFb3Zxh2haKRgnMYQ8K0Y1DugJAXHoYL
0gxyrGzZm4bDSXECWghKbWnOFaUJXKbNZ2fm3In/bm91ENvL07d7xCvMvVSo0Yr7
z0kzyEFDHK5c73sxEK0/vTgmwkB9lWTZgv9eZcKD8jZxpt1/DpoJsFZeISJe34/2
WLWOhKJq0HhjbE7K444F3bTPnDOeVs9+trs5TeRUv9uiJAWXPbNmnN9gbPpBpQBJ
aFo5AQ9EJaKsydC1xCFH5IePGZbRMm/mmzam8lpfH/NW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:30 2024 by rpki-client on console-ams.rpki-client.org