Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/lQ5TrdjsV-8GP_cCnpDY1U2qqAo.roa
File:                     lQ5TrdjsV-8GP_cCnpDY1U2qqAo.roa (raw, json)
Hash identifier:          MyZM1BG8+7DbJIhLCKKvq9vcpg4lt2dO3NPGOr787i0=
Subject key identifier:   95:0E:53:AD:D8:EC:57:EF:06:3F:F7:02:9E:90:D8:D5:4D:AA:A8:0A
Certificate issuer:       /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial:       01856F14AF263295DB9148B0AAF363F8C79D
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/lQ5TrdjsV-8GP_cCnpDY1U2qqAo.roa
Signing time:             Sun 01 Jan 2023 20:45:04 +0000
ROA not before:           Sun 01 Jan 2023 20:45:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200702
IP address blocks:        45.159.16.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Thu 07 Sep 2023 13:49:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:14:af:26:32:95:db:91:48:b0:aa:f3:63:f8:c7:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
        Validity
            Not Before: Jan  1 20:45:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=950e53add8ec57ef063ff7029e90d8d54daaa80a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:ab:0a:ed:03:a1:e5:0c:a6:fa:16:68:d0:79:
                    4a:0f:15:f8:9c:95:31:a3:c8:fa:73:05:cd:a9:79:
                    bf:9f:07:9e:89:5c:09:31:b0:ec:ec:5e:0d:7d:45:
                    c6:71:87:5a:6c:f2:fb:7f:72:a1:3e:4d:cc:c1:78:
                    2e:a7:0e:61:bd:33:fb:62:b6:54:46:bb:98:64:9a:
                    9b:97:87:b9:b4:55:a0:9a:be:88:b4:92:05:27:7c:
                    86:6e:51:b1:37:a8:50:93:56:66:0d:61:d7:93:bc:
                    11:b0:75:aa:21:a4:a0:d9:0c:5f:31:af:2f:e4:d4:
                    24:9b:63:03:b2:7a:a0:0d:c3:0d:7c:31:bb:ba:2a:
                    76:31:24:50:a5:3a:34:f8:20:0c:55:3d:86:93:fd:
                    7e:19:55:ac:0b:1f:92:38:86:7c:ef:65:19:b9:7c:
                    8f:b5:1f:7c:26:3f:96:2f:6c:eb:b8:74:26:89:e0:
                    91:98:b5:c1:f7:de:79:e5:76:c0:44:22:60:c8:f0:
                    7d:c1:f3:d9:4b:fd:f8:9e:d9:8f:c5:ef:c7:d5:c7:
                    9f:0c:a7:d3:50:0b:6c:1c:c3:f3:67:e5:67:65:02:
                    d9:43:0e:a1:af:c9:d6:3b:70:b7:30:f0:22:18:eb:
                    48:32:63:0b:b3:bc:aa:99:64:27:ea:af:8f:49:46:
                    2a:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:0E:53:AD:D8:EC:57:EF:06:3F:F7:02:9E:90:D8:D5:4D:AA:A8:0A
            X509v3 Authority Key Identifier:
                keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/lQ5TrdjsV-8GP_cCnpDY1U2qqAo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.159.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         61:3e:e3:f6:25:54:c5:38:70:c4:9a:dc:e3:c0:7d:f9:33:9b:
         55:18:fb:fc:2a:90:4d:8c:33:0e:21:44:de:d7:ec:a6:35:ef:
         ba:e6:9b:22:56:0f:12:21:6b:f3:cc:4e:82:b3:e2:79:de:c3:
         7f:4e:27:c9:81:94:cb:a7:48:86:dc:6e:af:a3:71:8c:57:b5:
         5b:08:4f:ed:b9:a0:5c:2c:2a:b1:f5:e6:e8:56:86:a2:af:cc:
         9f:d2:bf:c2:18:49:02:60:ca:92:1c:d9:8e:fc:d3:e9:d6:02:
         50:df:53:77:01:63:07:a1:fa:38:5a:1c:4a:1b:eb:dc:fc:e3:
         06:b2:88:9b:b3:96:70:52:0d:32:59:e8:ea:11:3e:15:05:66:
         65:4f:23:4f:f5:f1:af:62:46:2a:a4:0b:85:dc:05:e7:a5:86:
         29:af:e6:77:04:58:e5:54:0b:aa:96:ee:03:20:ae:3a:c1:f1:
         85:47:d1:fb:04:4b:d6:a8:e8:95:65:95:9a:5c:9e:68:36:0e:
         a0:31:8f:4e:f3:db:19:2a:d7:54:3b:4a:16:05:aa:6d:42:80:
         51:8e:ef:51:56:89:28:3b:62:6b:7d:d2:b6:ce:07:93:e1:f3:
         a5:eb:02:b9:8b:d8:8a:0e:8c:8e:16:a5:17:2b:49:fd:75:a7:
         50:23:16:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFK8mMpXbkUiwqvNj+MedMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjMwMTAxMjA0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTBlNTNhZGQ4ZWM1N2VmMDYzZmY3MDI5ZTkwZDhkNTRkYWFhODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6sK7QOh5Qym+hZo0HlKDxX4nJUx
o8j6cwXNqXm/nweeiVwJMbDs7F4NfUXGcYdabPL7f3KhPk3MwXgupw5hvTP7YrZU
RruYZJqbl4e5tFWgmr6ItJIFJ3yGblGxN6hQk1ZmDWHXk7wRsHWqIaSg2QxfMa8v
5NQkm2MDsnqgDcMNfDG7uip2MSRQpTo0+CAMVT2Gk/1+GVWsCx+SOIZ872UZuXyP
tR98Jj+WL2zruHQmieCRmLXB99555XbARCJgyPB9wfPZS/34ntmPxe/H1cefDKfT
UAtsHMPzZ+VnZQLZQw6hr8nWO3C3MPAiGOtIMmMLs7yqmWQn6q+PSUYqRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJUOU63Y7FfvBj/3Ap6Q2NVNqqgKMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvbFE1VHJkanNWLThHUF9jQ25wRFkxVTJxcUFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ8QMA0G
CSqGSIb3DQEBCwUAA4IBAQBhPuP2JVTFOHDEmtzjwH35M5tVGPv8KpBNjDMOIUTe
1+ymNe+65psiVg8SIWvzzE6Cs+J53sN/TifJgZTLp0iG3G6vo3GMV7VbCE/tuaBc
LCqx9eboVoair8yf0r/CGEkCYMqSHNmO/NPp1gJQ31N3AWMHofo4WhxKG+vc/OMG
soibs5ZwUg0yWejqET4VBWZlTyNP9fGvYkYqpAuF3AXnpYYpr+Z3BFjlVAuqlu4D
IK46wfGFR9H7BEvWqOiVZZWaXJ5oNg6gMY9O89sZKtdUO0oWBaptQoBRju9RVoko
O2JrfdK2zgeT4fOl6wK5i9iKDoyOFqUXK0n9dadQIxbV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:53 2024 by rpki-client on console-ams.rpki-client.org