Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/XNCZW6F49564o44otKbch1d85VI.roa
File:                     XNCZW6F49564o44otKbch1d85VI.roa (raw, json)
Hash identifier:          dhEMDSGuxWy3hvc5MHOXYX1JHAiM37DzNZ8fnTiFrEM=
Subject key identifier:   5C:D0:99:5B:A1:78:F7:9E:B8:A3:8E:28:B4:A6:DC:87:57:7C:E5:52
Certificate issuer:       /CN=44fc887c977393575de6257e75fa99cde2037c6c
Certificate serial:       018571A78EC3776EDD463315850529244CD6
Authority key identifier: 44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/XNCZW6F49564o44otKbch1d85VI.roa
Signing time:             Mon 02 Jan 2023 08:44:44 +0000
ROA not before:           Mon 02 Jan 2023 08:44:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        45.85.13.0/24 maxlen: 24
                          45.85.12.0/23 maxlen: 24
                          193.43.142.0/23 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:a7:8e:c3:77:6e:dd:46:33:15:85:05:29:24:4c:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44fc887c977393575de6257e75fa99cde2037c6c
        Validity
            Not Before: Jan  2 08:44:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5cd0995ba178f79eb8a38e28b4a6dc87577ce552
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:77:c9:99:d5:68:f2:76:e4:b1:52:49:32:09:
                    d1:14:98:47:6c:e9:d7:81:45:d7:80:a4:9f:0c:d3:
                    4e:a2:f4:55:65:97:a5:63:8d:8b:4e:95:f4:e4:55:
                    a0:df:f3:7e:94:b2:b5:d8:b5:89:dd:31:59:42:c4:
                    5c:a4:3d:bd:88:a0:cd:e0:91:af:48:94:ea:00:fe:
                    59:b4:dc:17:b3:58:00:31:5b:ff:00:c0:2e:b4:a5:
                    51:a6:0f:a0:93:cb:5e:94:e2:d5:6b:96:3d:54:5c:
                    a3:02:96:04:32:b3:9b:e9:8b:a6:ed:e8:41:ba:98:
                    f2:6c:91:67:f6:70:ad:12:26:17:6b:81:52:47:d0:
                    27:0a:27:53:b5:ca:62:83:df:eb:2c:70:5d:7d:52:
                    14:45:0c:8a:33:48:71:29:52:0a:04:33:db:89:b2:
                    17:8b:31:ed:f6:86:ec:77:de:53:9a:15:b3:f6:8c:
                    a0:60:02:e3:29:93:f7:6d:b2:03:a4:be:35:21:91:
                    de:72:b7:6d:ee:bd:11:6c:29:4c:9e:f1:e1:0f:4a:
                    a6:74:70:28:bb:ae:e8:dc:df:95:7a:18:77:db:e3:
                    36:e2:d0:98:93:a0:94:6b:d6:0e:66:da:97:2e:bf:
                    e3:79:f0:81:34:6e:4c:6f:43:d4:d5:bf:99:10:7f:
                    9b:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:D0:99:5B:A1:78:F7:9E:B8:A3:8E:28:B4:A6:DC:87:57:7C:E5:52
            X509v3 Authority Key Identifier:
                keyid:44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/XNCZW6F49564o44otKbch1d85VI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/RPyIfJdzk1dd5iV-dfqZzeIDfGw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.85.12.0/23
                  193.43.142.0/23

    Signature Algorithm: sha256WithRSAEncryption
         13:9a:5e:92:c5:67:44:6e:85:6a:30:5d:fd:1c:bf:5b:0f:21:
         40:1e:d7:9c:3b:0b:76:61:66:95:28:5d:ec:9a:5f:12:e5:7b:
         37:63:7d:2b:a4:2f:fb:89:a6:ac:4c:c4:b9:cf:03:cc:77:f6:
         e9:41:7a:78:31:af:a6:e1:3b:0e:f9:ab:f1:47:29:c6:38:09:
         27:a9:62:7d:ec:e3:32:e7:da:2f:41:6a:f7:23:d2:97:c4:ed:
         57:7a:cd:7b:9a:1c:f5:8f:13:22:ee:d8:fa:81:23:88:de:e7:
         4b:c5:09:dd:36:b0:71:a2:68:20:d5:8b:38:ee:59:be:a7:6f:
         e1:0b:a2:33:6a:0f:1d:ee:a9:50:89:0c:66:ce:14:d0:1e:8f:
         06:b7:84:33:a8:31:60:32:3e:1f:8b:a7:f9:a0:1b:66:5a:b2:
         8f:08:65:4e:2a:ef:db:1f:39:f3:6e:60:2a:b7:95:c7:38:f3:
         db:b0:d9:5e:d4:14:7c:6a:ad:79:52:5e:5a:b5:59:12:79:55:
         53:14:83:0b:0c:e4:d9:11:1d:74:04:36:82:d8:7e:b4:7b:42:
         01:3a:4a:43:ef:5d:09:e3:e1:3f:ee:f6:d3:72:95:63:3e:e9:
         ac:f1:37:6e:b8:55:6f:97:24:93:6d:9e:74:2b:df:cc:32:e2:
         b6:e7:0f:ad
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxp47Dd27dRjMVhQUpJEzWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZmM4ODdjOTc3MzkzNTc1ZGU2MjU3ZTc1ZmE5OWNkZTIw
MzdjNmMwHhcNMjMwMTAyMDg0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2QwOTk1YmExNzhmNzllYjhhMzhlMjhiNGE2ZGM4NzU3N2NlNTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3fJmdVo8nbksVJJMgnRFJhHbOnX
gUXXgKSfDNNOovRVZZelY42LTpX05FWg3/N+lLK12LWJ3TFZQsRcpD29iKDN4JGv
SJTqAP5ZtNwXs1gAMVv/AMAutKVRpg+gk8telOLVa5Y9VFyjApYEMrOb6Yum7ehB
upjybJFn9nCtEiYXa4FSR9AnCidTtcpig9/rLHBdfVIURQyKM0hxKVIKBDPbibIX
izHt9obsd95TmhWz9oygYALjKZP3bbIDpL41IZHecrdt7r0RbClMnvHhD0qmdHAo
u67o3N+Vehh32+M24tCYk6CUa9YOZtqXLr/jefCBNG5Mb0PU1b+ZEH+blwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFzQmVuhePeeuKOOKLSm3IdXfOVSMB8GA1UdIwQY
MBaAFET8iHyXc5NXXeYlfnX6mc3iA3xsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlB5SWZKZHprMWRkNWlWLWRmcVp6ZUlEZkd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMDdjNjYtNDczZC00MzVhLWI2OTMt
YzM2OWMxZDRjMzM3LzEvWE5DWlc2RjQ5NTY0bzQ0b3RLYmNoMWQ4NVZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMDdjNjYtNDczZC00MzVhLWI2OTMtYzM2OWMxZDRjMzM3
LzEvUlB5SWZKZHprMWRkNWlWLWRmcVp6ZUlEZkd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLVUMAwQB
wSuOMA0GCSqGSIb3DQEBCwUAA4IBAQATml6SxWdEboVqMF39HL9bDyFAHtecOwt2
YWaVKF3sml8S5Xs3Y30rpC/7iaasTMS5zwPMd/bpQXp4Ma+m4TsO+avxRynGOAkn
qWJ97OMy59ovQWr3I9KXxO1Xes17mhz1jxMi7tj6gSOI3udLxQndNrBxomgg1Ys4
7lm+p2/hC6Izag8d7qlQiQxmzhTQHo8Gt4QzqDFgMj4fi6f5oBtmWrKPCGVOKu/b
HznzbmAqt5XHOPPbsNle1BR8aq15Ul5atVkSeVVTFIMLDOTZER10BDaC2H60e0IB
OkpD710J4+E/7vbTcpVjPums8TduuFVvlySTbZ50K9/MMuK25w+t
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:48 2024 by rpki-client on console-fra.rpki-client.org