Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/UmJRbd7PzVd2Tv_9_rQaioq566M.roa
File:                     UmJRbd7PzVd2Tv_9_rQaioq566M.roa (raw, json)
Hash identifier:          BiEat8r13ux71oouR4qPre2+GtCjbQL9MaVxfxb8ijY=
Subject key identifier:   52:62:51:6D:DE:CF:CD:57:76:4E:FF:FD:FE:B4:1A:8A:8A:B9:EB:A3
Certificate issuer:       /CN=6a798f0fe4f4dffdfed2c8e62d235430f49377cd
Certificate serial:       018CC56E31181B21C0FF37047C39761CD1B8
Authority key identifier: 6A:79:8F:0F:E4:F4:DF:FD:FE:D2:C8:E6:2D:23:54:30:F4:93:77:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/anmPD-T03_3-0sjmLSNUMPSTd80.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/UmJRbd7PzVd2Tv_9_rQaioq566M.roa
Signing time:             Mon 01 Jan 2024 14:29:42 +0000
ROA not before:           Mon 01 Jan 2024 14:29:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     136258
IP address blocks:        45.154.204.0/24 maxlen: 24
                          195.137.220.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 30 Mar 2024 09:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:31:18:1b:21:c0:ff:37:04:7c:39:76:1c:d1:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a798f0fe4f4dffdfed2c8e62d235430f49377cd
        Validity
            Not Before: Jan  1 14:29:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5262516ddecfcd57764efffdfeb41a8a8ab9eba3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:ac:ea:34:a4:04:85:41:3e:08:59:85:ba:57:
                    b9:36:2b:9d:71:af:a8:1a:f3:fd:8c:c1:c2:29:f3:
                    c2:26:4f:47:c1:28:71:32:5e:f5:c1:b5:38:93:59:
                    fd:f7:f8:d9:31:c5:bd:5b:7f:59:3c:9f:53:71:19:
                    11:c8:7e:19:99:2d:2a:3a:54:3a:02:be:07:af:d3:
                    8f:e4:59:a1:39:31:e3:d4:f6:f9:e8:7c:c7:6e:a4:
                    4c:c7:64:3c:37:aa:4e:12:c8:2b:3d:12:64:81:c5:
                    1e:21:d6:4e:78:8d:23:46:4f:3d:79:31:72:4d:a0:
                    6c:b4:f2:b5:1f:b1:f5:36:e1:66:b5:ab:85:e9:da:
                    55:1c:a5:fd:22:ef:93:0e:d7:cc:fe:95:e7:56:32:
                    b8:5e:15:a8:d3:11:ac:17:f1:58:72:0d:16:3c:3e:
                    0c:6b:c0:82:93:32:d9:98:39:e2:f3:b3:74:bf:4c:
                    1e:de:d6:17:9c:e6:c8:ff:8f:83:56:8f:c2:de:3d:
                    c6:c7:b6:dc:48:da:d4:52:6a:00:60:29:a5:60:64:
                    2f:ea:e6:b7:c5:4b:44:9b:d5:5a:4e:1c:3a:39:22:
                    fb:85:88:f2:ea:93:ee:32:fd:7c:87:26:66:29:4a:
                    80:2b:8f:4a:57:27:a8:07:5f:bd:78:54:4f:79:38:
                    3d:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:62:51:6D:DE:CF:CD:57:76:4E:FF:FD:FE:B4:1A:8A:8A:B9:EB:A3
            X509v3 Authority Key Identifier:
                keyid:6A:79:8F:0F:E4:F4:DF:FD:FE:D2:C8:E6:2D:23:54:30:F4:93:77:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/anmPD-T03_3-0sjmLSNUMPSTd80.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/UmJRbd7PzVd2Tv_9_rQaioq566M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/anmPD-T03_3-0sjmLSNUMPSTd80.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.154.204.0/24
                  195.137.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:1c:61:a7:99:09:69:41:7a:b2:7c:51:4d:2b:b8:21:7b:dd:
         28:66:0d:aa:d2:21:6e:e5:4f:eb:dd:93:77:99:2c:a0:80:30:
         e0:4c:b1:75:21:76:a9:71:70:b9:1f:84:ed:5a:34:15:ef:93:
         8d:bb:5d:fb:51:cb:a1:48:33:a4:62:0f:ca:5b:f4:a7:42:54:
         89:b0:5e:b2:d2:ae:ef:73:31:7e:98:ee:c3:13:46:65:bc:a9:
         64:16:79:ca:31:f5:1a:3d:c8:20:14:94:9c:17:bc:f3:db:35:
         1d:13:3a:87:da:ed:99:88:e8:d7:16:5c:86:6d:d5:bd:e4:cc:
         8a:0a:3e:47:0e:01:1f:d5:79:29:7f:8a:27:c8:c4:d6:e8:7b:
         92:ba:77:ae:cd:8f:15:74:d5:95:99:ad:a8:c0:f5:5f:c3:49:
         45:cb:32:21:dd:ff:a7:de:d5:2a:05:da:20:ab:b9:e1:be:42:
         f2:02:11:36:57:43:9a:29:d6:85:be:ae:17:21:af:79:92:5c:
         02:80:9a:20:85:bb:67:89:58:cc:de:ff:ec:9a:c6:90:c1:e1:
         1b:73:69:ab:ea:7d:78:80:9f:3b:a1:ec:1c:3e:c7:07:b0:77:
         76:4b:3d:8d:98:36:63:1b:47:d9:c7:43:07:26:a4:b0:30:c0:
         ee:93:8f:a8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbjEYGyHA/zcEfDl2HNG4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNzk4ZjBmZTRmNGRmZmRmZWQyYzhlNjJkMjM1NDMwZjQ5
Mzc3Y2QwHhcNMjQwMTAxMTQyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjYyNTE2ZGRlY2ZjZDU3NzY0ZWZmZmRmZWI0MWE4YThhYjllYmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoazqNKQEhUE+CFmFule5Niudca+o
GvP9jMHCKfPCJk9HwShxMl71wbU4k1n99/jZMcW9W39ZPJ9TcRkRyH4ZmS0qOlQ6
Ar4Hr9OP5FmhOTHj1Pb56HzHbqRMx2Q8N6pOEsgrPRJkgcUeIdZOeI0jRk89eTFy
TaBstPK1H7H1NuFmtauF6dpVHKX9Iu+TDtfM/pXnVjK4XhWo0xGsF/FYcg0WPD4M
a8CCkzLZmDni87N0v0we3tYXnObI/4+DVo/C3j3Gx7bcSNrUUmoAYCmlYGQv6ua3
xUtEm9VaThw6OSL7hYjy6pPuMv18hyZmKUqAK49KVyeoB1+9eFRPeTg9hQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFJiUW3ez81Xdk7//f60GoqKueujMB8GA1UdIwQY
MBaAFGp5jw/k9N/9/tLI5i0jVDD0k3fNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW5tUEQtVDAzXzMtMHNqbUxTTlVNUFNUZDgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC83Yjc4MjUtYTBmNy00ZjViLTljMjMt
NzdjZjgxMDQxMDgzLzEvVW1KUmJkN1B6VmQyVHZfOV9yUWFpb3E1NjZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC83Yjc4MjUtYTBmNy00ZjViLTljMjMtNzdjZjgxMDQxMDgz
LzEvYW5tUEQtVDAzXzMtMHNqbUxTTlVNUFNUZDgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZrMAwQA
w4ncMA0GCSqGSIb3DQEBCwUAA4IBAQB9HGGnmQlpQXqyfFFNK7ghe90oZg2q0iFu
5U/r3ZN3mSyggDDgTLF1IXapcXC5H4TtWjQV75ONu137UcuhSDOkYg/KW/SnQlSJ
sF6y0q7vczF+mO7DE0ZlvKlkFnnKMfUaPcggFJScF7zz2zUdEzqH2u2ZiOjXFlyG
bdW95MyKCj5HDgEf1Xkpf4onyMTW6HuSuneuzY8VdNWVma2owPVfw0lFyzIh3f+n
3tUqBdogq7nhvkLyAhE2V0OaKdaFvq4XIa95klwCgJoghbtniVjM3v/smsaQweEb
c2mr6n14gJ87oewcPscHsHd2Sz2NmDZjG0fZx0MHJqSwMMDuk4+o
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:45 2024 by rpki-client on console-fra.rpki-client.org