Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/2599f9-6f76-4db6-bca7-c1331f49fc09/1/dV0VUVu5DSEWRwwejafyZdPIN14.roa
File:                     dV0VUVu5DSEWRwwejafyZdPIN14.roa (raw, json)
Hash identifier:          WsRRkP8ehTm9B9XgOyUgqkaOzfSwKkL6CaaQnX5HQD0=
Subject key identifier:   75:5D:15:51:5B:B9:0D:21:16:47:0C:1E:8D:A7:F2:65:D3:C8:37:5E
Certificate issuer:       /CN=bd19d4535c7e62b921e859e6557b821f278e716a
Certificate serial:       0188AF75FB7788929DE48A2352D91B6DB6B6
Authority key identifier: BD:19:D4:53:5C:7E:62:B9:21:E8:59:E6:55:7B:82:1F:27:8E:71:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vRnUU1x-Yrkh6FnmVXuCHyeOcWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/2599f9-6f76-4db6-bca7-c1331f49fc09/1/dV0VUVu5DSEWRwwejafyZdPIN14.roa
Signing time:             Mon 12 Jun 2023 11:55:24 +0000
ROA not before:           Mon 12 Jun 2023 11:55:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7018
IP address blocks:        45.134.8.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:af:75:fb:77:88:92:9d:e4:8a:23:52:d9:1b:6d:b6:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bd19d4535c7e62b921e859e6557b821f278e716a
        Validity
            Not Before: Jun 12 11:55:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=755d15515bb90d2116470c1e8da7f265d3c8375e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:f1:74:e4:be:b8:36:7c:fd:da:b1:63:3c:25:
                    c3:ce:69:72:de:55:27:46:16:6e:75:6d:33:a7:d1:
                    62:74:33:77:dc:cf:a2:3c:02:ee:e3:45:2c:6c:4c:
                    9e:b9:9d:d4:c3:70:50:9c:fb:31:b3:06:57:2e:61:
                    03:dd:69:c0:6c:e5:5c:e2:99:3e:79:1c:f9:9e:02:
                    53:90:4d:62:d3:fc:b0:13:60:bb:d6:7f:83:4b:ee:
                    47:1d:87:f8:30:fb:d1:9d:fe:b6:d6:a8:e6:e1:74:
                    8a:46:22:5d:71:89:72:22:a2:f1:93:e1:2a:b2:11:
                    fd:db:9f:94:f2:a6:49:7f:6d:1b:b0:b0:d2:1e:cb:
                    c5:72:0c:05:45:e2:52:3c:76:3b:d4:9a:eb:fc:c5:
                    86:af:2a:33:e8:12:ba:31:2b:0a:ae:b5:88:47:bb:
                    28:dc:a8:77:a9:ac:d3:cb:2f:0b:45:67:60:ae:56:
                    2d:2b:60:0a:b6:ac:1e:55:0d:0d:e7:d2:39:00:74:
                    27:55:f2:e4:25:de:f2:7c:66:58:67:24:a9:6c:2d:
                    08:27:d3:6b:fb:cc:2c:9f:1d:da:76:40:22:d7:a2:
                    95:50:9b:c3:e8:42:4e:93:63:98:36:a5:5d:80:1a:
                    da:37:ee:a0:fe:ff:ec:79:e7:e8:5c:86:c6:85:9e:
                    8e:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:5D:15:51:5B:B9:0D:21:16:47:0C:1E:8D:A7:F2:65:D3:C8:37:5E
            X509v3 Authority Key Identifier:
                keyid:BD:19:D4:53:5C:7E:62:B9:21:E8:59:E6:55:7B:82:1F:27:8E:71:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vRnUU1x-Yrkh6FnmVXuCHyeOcWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/2599f9-6f76-4db6-bca7-c1331f49fc09/1/dV0VUVu5DSEWRwwejafyZdPIN14.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/2599f9-6f76-4db6-bca7-c1331f49fc09/1/vRnUU1x-Yrkh6FnmVXuCHyeOcWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.134.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:52:82:f7:47:09:2d:9d:61:34:4a:da:41:08:d2:2a:ab:81:
         71:af:74:1c:90:e1:f4:ac:72:8c:8b:8e:7f:37:37:b5:d8:8d:
         58:1e:41:f1:bb:cb:c2:78:85:20:b6:ae:26:26:74:d5:ac:75:
         fd:a4:2a:c3:01:cd:3e:1b:fa:79:e9:8b:c7:48:fd:fa:58:7d:
         bc:f3:1b:7d:97:d5:36:fb:4a:fe:e9:2b:15:77:02:21:fa:79:
         62:0a:9c:4d:9d:0d:f7:21:9e:35:f5:d8:09:a7:3a:24:d2:7f:
         c5:c1:41:c4:e0:a9:92:a6:49:c8:8f:84:89:92:2d:42:47:62:
         cc:0e:fb:8d:b5:c3:bf:70:fb:59:76:8e:1e:ea:79:f6:76:4c:
         62:b6:bd:50:79:c4:bf:76:7f:3e:90:2e:f1:4b:b9:b1:75:ee:
         f8:15:59:8a:e0:3e:77:6f:d8:a9:e0:7c:b7:76:ab:67:05:0a:
         3d:43:18:96:22:ec:e8:73:aa:57:fd:9f:0c:b6:03:4e:c4:51:
         b5:84:a6:86:5d:f0:b2:0a:ec:93:87:f3:ed:96:b7:4c:b0:c7:
         ba:46:51:41:79:62:80:06:fd:3c:37:8c:46:72:cb:92:d2:94:
         dd:00:7e:47:3e:ec:f2:3c:d7:bb:01:4e:7b:a9:16:26:50:4a:
         8d:65:65:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYivdft3iJKd5IojUtkbbba2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMTlkNDUzNWM3ZTYyYjkyMWU4NTllNjU1N2I4MjFmMjc4
ZTcxNmEwHhcNMjMwNjEyMTE1NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTVkMTU1MTViYjkwZDIxMTY0NzBjMWU4ZGE3ZjI2NWQzYzgzNzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifF05L64Nnz92rFjPCXDzmly3lUn
RhZudW0zp9FidDN33M+iPALu40UsbEyeuZ3Uw3BQnPsxswZXLmED3WnAbOVc4pk+
eRz5ngJTkE1i0/ywE2C71n+DS+5HHYf4MPvRnf621qjm4XSKRiJdcYlyIqLxk+Eq
shH925+U8qZJf20bsLDSHsvFcgwFReJSPHY71Jrr/MWGryoz6BK6MSsKrrWIR7so
3Kh3qazTyy8LRWdgrlYtK2AKtqweVQ0N59I5AHQnVfLkJd7yfGZYZySpbC0IJ9Nr
+8wsnx3adkAi16KVUJvD6EJOk2OYNqVdgBraN+6g/v/seefoXIbGhZ6O6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHVdFVFbuQ0hFkcMHo2n8mXTyDdeMB8GA1UdIwQY
MBaAFL0Z1FNcfmK5IehZ5lV7gh8njnFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlJuVVUxeC1ZcmtoNkZubVZYdUNIeWVPY1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8yNTk5ZjktNmY3Ni00ZGI2LWJjYTct
YzEzMzFmNDlmYzA5LzEvZFYwVlVWdTVEU0VXUnd3ZWphZnlaZFBJTjE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8yNTk5ZjktNmY3Ni00ZGI2LWJjYTctYzEzMzFmNDlmYzA5
LzEvdlJuVVUxeC1ZcmtoNkZubVZYdUNIeWVPY1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYYIMA0G
CSqGSIb3DQEBCwUAA4IBAQA6UoL3RwktnWE0StpBCNIqq4Fxr3QckOH0rHKMi45/
Nze12I1YHkHxu8vCeIUgtq4mJnTVrHX9pCrDAc0+G/p56YvHSP36WH288xt9l9U2
+0r+6SsVdwIh+nliCpxNnQ33IZ419dgJpzok0n/FwUHE4KmSpknIj4SJki1CR2LM
DvuNtcO/cPtZdo4e6nn2dkxitr1QecS/dn8+kC7xS7mxde74FVmK4D53b9ip4Hy3
dqtnBQo9QxiWIuzoc6pX/Z8MtgNOxFG1hKaGXfCyCuyTh/PtlrdMsMe6RlFBeWKA
Bv08N4xGcsuS0pTdAH5HPuzyPNe7AU57qRYmUEqNZWXQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:52 2024 by rpki-client on console-fra.rpki-client.org