Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/eadacb-e4a4-41f9-89ed-c5718bde6751/1/eWEZQmLiMVXiM4PgOLbEEip5ALM.roa
File:                     eWEZQmLiMVXiM4PgOLbEEip5ALM.roa (raw, json)
Hash identifier:          4CkRyQnwQ6jLGAWZsl3Z+kdVh30IaJ30f3kqz9aHd+c=
Subject key identifier:   79:61:19:42:62:E2:31:55:E2:33:83:E0:38:B6:C4:12:2A:79:00:B3
Certificate issuer:       /CN=9af4f122622fc3bb6fb83b7c8269036eda62466f
Certificate serial:       018E5CB7FC0CDF772C4C56CC4B1B8C7417BA
Authority key identifier: 9A:F4:F1:22:62:2F:C3:BB:6F:B8:3B:7C:82:69:03:6E:DA:62:46:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mvTxImIvw7tvuDt8gmkDbtpiRm8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/eadacb-e4a4-41f9-89ed-c5718bde6751/1/eWEZQmLiMVXiM4PgOLbEEip5ALM.roa
Signing time:             Wed 20 Mar 2024 16:35:45 +0000
ROA not before:           Wed 20 Mar 2024 16:35:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215927
IP address blocks:        45.156.178.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 22 Mar 2024 08:30:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:5c:b7:fc:0c:df:77:2c:4c:56:cc:4b:1b:8c:74:17:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9af4f122622fc3bb6fb83b7c8269036eda62466f
        Validity
            Not Before: Mar 20 16:35:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7961194262e23155e23383e038b6c4122a7900b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:bb:e6:72:df:c0:cf:19:4b:62:66:f5:5c:8e:
                    db:eb:3a:16:9c:c7:de:9d:1f:e0:a7:85:e6:5a:e0:
                    c8:05:69:d1:b4:01:5f:7e:54:f0:53:98:24:5f:55:
                    c8:b4:79:9e:c4:bf:9a:3b:d7:03:66:2e:2c:e6:0f:
                    5e:38:40:b4:36:f4:58:f3:00:be:94:8a:23:dd:81:
                    33:01:49:0d:af:8f:a0:f8:88:14:24:f7:83:79:c5:
                    3e:92:99:4b:34:07:51:ab:55:3f:f0:21:25:f5:0d:
                    0d:97:ee:e6:40:e6:4f:bf:02:fa:9c:88:41:2d:f3:
                    4a:3e:4f:f4:27:13:d6:c5:14:f9:f2:05:55:07:f5:
                    c2:96:17:a1:17:1a:da:85:3d:78:14:d8:67:9d:1b:
                    b6:61:9c:50:51:94:e2:7b:d8:af:97:9f:aa:2b:c2:
                    54:ce:25:1e:d3:58:09:ad:a8:38:9f:c4:86:b9:a4:
                    32:ac:93:3f:5b:40:fa:5b:e6:44:37:4f:56:e6:17:
                    46:64:e5:c6:9a:68:cd:2e:09:7e:a2:60:ca:4d:9b:
                    9c:a2:61:f1:a1:40:66:17:eb:d8:02:25:a1:44:3d:
                    b3:28:cf:b1:4e:8d:7f:db:c6:e8:14:a1:a2:01:11:
                    84:f9:bf:96:7a:45:c7:c6:bb:ef:c4:77:8e:56:bc:
                    c4:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:61:19:42:62:E2:31:55:E2:33:83:E0:38:B6:C4:12:2A:79:00:B3
            X509v3 Authority Key Identifier:
                keyid:9A:F4:F1:22:62:2F:C3:BB:6F:B8:3B:7C:82:69:03:6E:DA:62:46:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mvTxImIvw7tvuDt8gmkDbtpiRm8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/eadacb-e4a4-41f9-89ed-c5718bde6751/1/eWEZQmLiMVXiM4PgOLbEEip5ALM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/eadacb-e4a4-41f9-89ed-c5718bde6751/1/mvTxImIvw7tvuDt8gmkDbtpiRm8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.156.178.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:bd:e8:ae:4c:30:57:6e:75:62:ab:59:9b:3b:1b:05:ab:87:
         7e:9b:9b:93:5f:e0:c4:57:64:f9:6d:eb:9e:73:8e:bc:bd:51:
         85:23:3b:83:0d:29:9d:b1:22:50:c1:24:1e:8a:82:1d:03:8d:
         b4:6f:c8:c1:44:55:89:2a:54:cd:9a:62:19:c4:28:df:34:50:
         cd:f7:fc:89:c4:c5:5e:f8:9f:ca:81:a0:3f:cf:8c:ae:36:a2:
         7e:45:c8:81:20:c8:8b:42:89:cc:cb:89:6b:cf:3e:67:49:af:
         e2:fc:21:e8:70:0a:ef:d9:59:f3:4c:89:3e:66:cc:4a:e0:db:
         0a:f5:fb:5b:38:a2:b1:28:73:5a:ef:4e:11:df:a2:6c:1e:f0:
         bf:e4:e6:a4:4c:a1:03:b0:3c:a3:92:c0:6f:fb:03:4b:17:a0:
         3a:a9:76:c4:a1:5f:0d:b8:a5:e6:a3:c9:34:05:8a:7c:06:19:
         7f:df:0f:13:68:4d:13:59:72:3b:86:c8:e1:a3:23:39:47:c8:
         c2:21:d1:6e:16:c5:0c:8e:8c:e1:21:e9:0c:9c:46:cd:4a:41:
         3f:7b:86:e3:bf:2a:6f:64:8d:85:17:e1:4c:ec:d5:b8:e5:ad:
         81:12:5c:fc:c6:3e:94:b5:23:83:3e:2f:2d:d6:2b:1a:a1:28:
         d5:80:24:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5ct/wM33csTFbMSxuMdBe6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZjRmMTIyNjIyZmMzYmI2ZmI4M2I3YzgyNjkwMzZlZGE2
MjQ2NmYwHhcNMjQwMzIwMTYzNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTYxMTk0MjYyZTIzMTU1ZTIzMzgzZTAzOGI2YzQxMjJhNzkwMGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobvmct/AzxlLYmb1XI7b6zoWnMfe
nR/gp4XmWuDIBWnRtAFfflTwU5gkX1XItHmexL+aO9cDZi4s5g9eOEC0NvRY8wC+
lIoj3YEzAUkNr4+g+IgUJPeDecU+kplLNAdRq1U/8CEl9Q0Nl+7mQOZPvwL6nIhB
LfNKPk/0JxPWxRT58gVVB/XClhehFxrahT14FNhnnRu2YZxQUZTie9ivl5+qK8JU
ziUe01gJrag4n8SGuaQyrJM/W0D6W+ZEN09W5hdGZOXGmmjNLgl+omDKTZucomHx
oUBmF+vYAiWhRD2zKM+xTo1/28boFKGiARGE+b+WekXHxrvvxHeOVrzE/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHlhGUJi4jFV4jOD4Di2xBIqeQCzMB8GA1UdIwQY
MBaAFJr08SJiL8O7b7g7fIJpA27aYkZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXZUeEltSXZ3N3R2dUR0OGdta0RidHBpUm04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9lYWRhY2ItZTRhNC00MWY5LTg5ZWQt
YzU3MThiZGU2NzUxLzEvZVdFWlFtTGlNVlhpTTRQZ09MYkVFaXA1QUxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9lYWRhY2ItZTRhNC00MWY5LTg5ZWQtYzU3MThiZGU2NzUx
LzEvbXZUeEltSXZ3N3R2dUR0OGdta0RidHBpUm04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZyyMA0G
CSqGSIb3DQEBCwUAA4IBAQATveiuTDBXbnViq1mbOxsFq4d+m5uTX+DEV2T5beue
c468vVGFIzuDDSmdsSJQwSQeioIdA420b8jBRFWJKlTNmmIZxCjfNFDN9/yJxMVe
+J/KgaA/z4yuNqJ+RciBIMiLQonMy4lrzz5nSa/i/CHocArv2VnzTIk+ZsxK4NsK
9ftbOKKxKHNa704R36JsHvC/5OakTKEDsDyjksBv+wNLF6A6qXbEoV8NuKXmo8k0
BYp8Bhl/3w8TaE0TWXI7hsjhoyM5R8jCIdFuFsUMjozhIekMnEbNSkE/e4bjvypv
ZI2FF+FM7NW45a2BElz8xj6UtSODPi8t1isaoSjVgCQM
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:14 2024 by rpki-client on console-ams.rpki-client.org