Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/YPBbJ82YlLJzVOg6wqXHDQ4XtN4.roa
File:                     YPBbJ82YlLJzVOg6wqXHDQ4XtN4.roa (raw, json)
Hash identifier:          upHzlO6oYERtyHodB4ZoyXIsIGBpbVGEOn0yPKFqx+w=
Subject key identifier:   60:F0:5B:27:CD:98:94:B2:73:54:E8:3A:C2:A5:C7:0D:0E:17:B4:DE
Certificate issuer:       /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial:       0185708CD5B1CA98341AE063B28B3524CC9A
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/YPBbJ82YlLJzVOg6wqXHDQ4XtN4.roa
Signing time:             Mon 02 Jan 2023 03:35:55 +0000
ROA not before:           Mon 02 Jan 2023 03:35:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208867
IP address blocks:        45.80.96.0/22 maxlen: 22
                          45.85.128.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:8c:d5:b1:ca:98:34:1a:e0:63:b2:8b:35:24:cc:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
        Validity
            Not Before: Jan  2 03:35:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=60f05b27cd9894b27354e83ac2a5c70d0e17b4de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:8d:28:44:c7:82:f7:93:af:67:6a:5b:17:bf:
                    2d:8a:1a:1b:f4:32:f9:0a:a6:32:16:95:33:f3:2a:
                    31:dc:c4:ec:e8:9b:d3:be:3a:26:22:74:8b:d5:5d:
                    fe:7c:07:58:29:a7:44:44:10:ba:dd:f1:d5:4b:3d:
                    e7:a5:31:3f:1b:d8:33:63:25:e5:d5:39:71:02:2c:
                    d1:b1:aa:18:60:e8:e1:10:34:15:60:89:44:f3:9a:
                    80:15:fd:74:0b:90:33:69:a3:a9:73:11:25:37:d3:
                    9d:3a:55:1a:93:ee:35:cf:5c:95:0c:83:06:7d:bf:
                    76:b8:75:3e:1d:57:14:14:cc:e2:7f:85:65:63:48:
                    16:86:2e:9c:a8:26:7a:d5:bf:ad:40:e9:d0:66:f7:
                    38:e7:4e:44:33:9e:72:bd:80:80:ff:77:be:eb:9f:
                    2c:b6:92:7d:e9:6f:17:82:f4:5b:c5:61:f8:db:a5:
                    ef:c0:08:f5:d9:0d:60:30:d6:2c:a1:5b:53:15:ea:
                    2a:9e:ec:6f:ce:79:55:50:3d:b9:94:23:fc:99:78:
                    97:c2:4a:de:b9:80:6d:a6:76:27:01:81:d8:25:3e:
                    da:9e:be:3f:e4:38:19:6c:a1:86:b0:1a:44:97:7a:
                    67:af:12:5b:23:4e:82:67:a7:c8:15:cd:02:17:67:
                    3f:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:F0:5B:27:CD:98:94:B2:73:54:E8:3A:C2:A5:C7:0D:0E:17:B4:DE
            X509v3 Authority Key Identifier:
                keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/YPBbJ82YlLJzVOg6wqXHDQ4XtN4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.80.96.0/22
                  45.85.128.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7f:22:63:b9:45:4d:4c:37:22:41:83:c0:3f:69:10:45:42:fa:
         00:2e:b9:3e:31:f1:c9:4f:61:ae:40:fb:0d:89:c0:6b:62:a4:
         e5:87:72:9a:a0:f1:da:c2:18:01:7a:f0:f0:61:d5:dd:8c:dd:
         46:f9:c3:00:05:44:41:f5:11:b1:5d:51:e8:c9:10:6d:6c:66:
         83:bf:1a:83:59:5a:d7:92:72:64:91:83:fb:43:2a:f6:7c:f9:
         5c:9e:17:2e:80:ff:84:76:b5:c5:92:c5:97:d2:ab:2b:a3:8e:
         97:11:ac:13:19:fe:39:63:7b:98:dc:71:dc:c9:a6:2c:75:e6:
         d9:25:04:7f:54:d7:af:77:51:13:fc:5b:7e:cf:bd:c4:b7:ab:
         9a:55:37:ad:9d:05:27:ea:3c:ad:4e:7c:84:dd:d8:40:37:2c:
         20:2f:fe:2f:09:de:b8:8a:88:a8:25:31:6d:fc:d8:9d:2a:5e:
         e7:71:49:ef:7f:68:9a:e4:4b:f9:da:0d:62:a1:4f:70:95:48:
         ec:fb:9b:58:10:fc:3a:0f:6b:f3:9f:bc:11:a4:ce:a4:40:16:
         49:61:9d:28:5e:ad:1a:97:cd:e3:fe:93:a0:36:a5:b1:95:4d:
         53:02:be:8a:1d:e8:19:3b:de:bb:44:e5:3e:dc:3f:8b:52:fa:
         f7:a8:d9:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwjNWxypg0GuBjsos1JMyaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjMwMTAyMDMzNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGYwNWIyN2NkOTg5NGIyNzM1NGU4M2FjMmE1YzcwZDBlMTdiNGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlo0oRMeC95OvZ2pbF78tihob9DL5
CqYyFpUz8yox3MTs6JvTvjomInSL1V3+fAdYKadERBC63fHVSz3npTE/G9gzYyXl
1TlxAizRsaoYYOjhEDQVYIlE85qAFf10C5AzaaOpcxElN9OdOlUak+41z1yVDIMG
fb92uHU+HVcUFMzif4VlY0gWhi6cqCZ61b+tQOnQZvc4505EM55yvYCA/3e+658s
tpJ96W8XgvRbxWH426XvwAj12Q1gMNYsoVtTFeoqnuxvznlVUD25lCP8mXiXwkre
uYBtpnYnAYHYJT7anr4/5DgZbKGGsBpEl3pnrxJbI06CZ6fIFc0CF2c/7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGDwWyfNmJSyc1ToOsKlxw0OF7TeMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvWVBCYko4MllsTEp6Vk9nNndxWEhEUTRYdE40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVBgAwQB
LVWAMA0GCSqGSIb3DQEBCwUAA4IBAQB/ImO5RU1MNyJBg8A/aRBFQvoALrk+MfHJ
T2GuQPsNicBrYqTlh3KaoPHawhgBevDwYdXdjN1G+cMABURB9RGxXVHoyRBtbGaD
vxqDWVrXknJkkYP7Qyr2fPlcnhcugP+EdrXFksWX0qsro46XEawTGf45Y3uY3HHc
yaYsdebZJQR/VNevd1ET/Ft+z73Et6uaVTetnQUn6jytTnyE3dhANywgL/4vCd64
ioioJTFt/NidKl7ncUnvf2ia5Ev52g1ioU9wlUjs+5tYEPw6D2vzn7wRpM6kQBZJ
YZ0oXq0al83j/pOgNqWxlU1TAr6KHegZO967ROU+3D+LUvr3qNmx
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:50 2024 by rpki-client on console-ams.rpki-client.org