Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2773b3-5109-43c0-8009-424dda519ef1/1/mzq9idPQCmasaRHeOdafJtI4zC8.roa
File:                     mzq9idPQCmasaRHeOdafJtI4zC8.roa (raw, json)
Hash identifier:          Z7ZNEfk4jRhERDKEzUhSUMPDhkNACUVztheBmnkI1iw=
Subject key identifier:   9B:3A:BD:89:D3:D0:0A:66:AC:69:11:DE:39:D6:9F:26:D2:38:CC:2F
Certificate issuer:       /CN=1a83ce44ae4c701ea971d334dfabbc5b28e6476e
Certificate serial:       0185F2FA5403BEB0C7C6796473DD62351FE6
Authority key identifier: 1A:83:CE:44:AE:4C:70:1E:A9:71:D3:34:DF:AB:BC:5B:28:E6:47:6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GoPORK5McB6pcdM036u8WyjmR24.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/2773b3-5109-43c0-8009-424dda519ef1/1/mzq9idPQCmasaRHeOdafJtI4zC8.roa
Signing time:             Fri 27 Jan 2023 11:26:09 +0000
ROA not before:           Fri 27 Jan 2023 11:26:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5511
IP address blocks:        45.134.250.0/24 maxlen: 24
                          45.134.248.0/24 maxlen: 24
                          45.140.70.0/24 maxlen: 24
                          45.140.68.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:f2:fa:54:03:be:b0:c7:c6:79:64:73:dd:62:35:1f:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a83ce44ae4c701ea971d334dfabbc5b28e6476e
        Validity
            Not Before: Jan 27 11:26:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9b3abd89d3d00a66ac6911de39d69f26d238cc2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:45:de:18:9a:9c:32:cf:5b:f7:b5:31:76:4e:
                    f3:ea:55:89:d0:ea:80:06:9d:f1:05:dc:66:db:ba:
                    79:09:dc:df:b2:ba:be:3d:b5:1c:40:86:b5:84:5e:
                    5e:33:01:92:7d:9a:f6:a1:f8:c6:ec:3f:59:44:b4:
                    3e:f4:95:5c:35:a6:76:61:5c:e6:a6:25:29:26:56:
                    fd:ba:50:23:7c:6c:ee:fc:c5:83:63:d8:ed:1a:20:
                    e1:d4:f5:83:cb:cc:f9:10:a6:f6:e2:bc:71:42:b9:
                    0f:30:ae:45:d0:f4:b0:6b:e1:31:2e:4d:89:d8:78:
                    eb:1d:22:6c:f9:19:08:f4:ec:05:b0:bb:1a:ea:ae:
                    36:96:7a:9b:6a:d9:b8:fd:cd:37:5e:9b:06:ce:7e:
                    f5:d4:4b:94:86:7b:57:25:f3:5d:4b:30:64:66:b5:
                    a7:35:95:ff:1a:fd:18:ff:76:98:96:f5:83:99:d6:
                    9e:91:bb:6b:7d:64:41:99:a6:c2:86:89:34:e6:da:
                    6e:90:d9:4e:97:26:0e:5d:bb:98:46:21:a2:53:a5:
                    19:c7:21:6d:1b:21:1c:df:70:7c:30:5e:c2:f2:1a:
                    19:5f:45:fc:78:c1:4c:fc:1f:72:d5:fe:d2:02:88:
                    e3:f3:5c:e9:b6:0a:63:db:f4:df:96:88:39:4b:3a:
                    5a:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:3A:BD:89:D3:D0:0A:66:AC:69:11:DE:39:D6:9F:26:D2:38:CC:2F
            X509v3 Authority Key Identifier:
                keyid:1A:83:CE:44:AE:4C:70:1E:A9:71:D3:34:DF:AB:BC:5B:28:E6:47:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GoPORK5McB6pcdM036u8WyjmR24.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2773b3-5109-43c0-8009-424dda519ef1/1/mzq9idPQCmasaRHeOdafJtI4zC8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2773b3-5109-43c0-8009-424dda519ef1/1/GoPORK5McB6pcdM036u8WyjmR24.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.134.248.0/24
                  45.134.250.0/24
                  45.140.68.0/24
                  45.140.70.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:2e:3f:e7:be:d9:c8:b0:12:b7:47:11:be:88:10:d6:34:b5:
         20:48:cf:21:8f:3a:fe:68:0b:ce:f9:4e:69:13:ae:2c:b4:f1:
         57:c5:c1:06:74:b0:69:d5:af:72:ed:fb:c8:f6:15:af:11:a3:
         47:2d:aa:94:06:54:e4:f5:db:15:d7:f2:24:d3:be:1b:b3:0d:
         06:1a:33:68:39:a3:65:ff:90:f6:6e:ac:d9:3d:44:21:e1:06:
         d4:f8:a5:8e:3d:9e:71:48:93:c0:ea:86:2b:54:59:d4:18:e3:
         ec:a6:3a:ea:0b:b1:17:66:d8:7e:6b:e7:2b:ea:50:a0:b0:5c:
         a8:c1:2c:b5:38:fb:99:8b:77:74:30:b5:ba:44:cf:98:47:9a:
         f4:a7:95:58:35:c4:a0:e5:03:a8:99:84:c4:0a:c1:95:82:63:
         b1:bd:4c:2a:75:65:7a:5c:cf:45:0d:c5:c5:9a:5d:c2:f2:c1:
         8b:ad:f6:fe:4f:6a:b2:f9:33:b7:96:d2:d3:fd:a1:08:a2:ce:
         0d:13:9e:de:5d:4d:48:60:01:5b:c0:b2:09:54:30:f1:2f:b5:
         d9:aa:b2:67:9b:d0:af:55:7f:21:13:6b:b7:47:35:20:4a:33:
         6c:80:68:9d:b3:0c:8f:85:15:00:27:f5:c0:ee:96:3f:30:0d:
         36:32:45:bc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYXy+lQDvrDHxnlkc91iNR/mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhODNjZTQ0YWU0YzcwMWVhOTcxZDMzNGRmYWJiYzViMjhl
NjQ3NmUwHhcNMjMwMTI3MTEyNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjNhYmQ4OWQzZDAwYTY2YWM2OTExZGUzOWQ2OWYyNmQyMzhjYzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEXeGJqcMs9b97Uxdk7z6lWJ0OqA
Bp3xBdxm27p5Cdzfsrq+PbUcQIa1hF5eMwGSfZr2ofjG7D9ZRLQ+9JVcNaZ2YVzm
piUpJlb9ulAjfGzu/MWDY9jtGiDh1PWDy8z5EKb24rxxQrkPMK5F0PSwa+ExLk2J
2HjrHSJs+RkI9OwFsLsa6q42lnqbatm4/c03XpsGzn711EuUhntXJfNdSzBkZrWn
NZX/Gv0Y/3aYlvWDmdaekbtrfWRBmabChok05tpukNlOlyYOXbuYRiGiU6UZxyFt
GyEc33B8MF7C8hoZX0X8eMFM/B9y1f7SAojj81zptgpj2/Tflog5SzpaxQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJs6vYnT0ApmrGkR3jnWnybSOMwvMB8GA1UdIwQY
MBaAFBqDzkSuTHAeqXHTNN+rvFso5kduMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR29QT1JLNU1jQjZwY2RNMDM2dThXeWptUjI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yNzczYjMtNTEwOS00M2MwLTgwMDkt
NDI0ZGRhNTE5ZWYxLzEvbXpxOWlkUFFDbWFzYVJIZU9kYWZKdEk0ekM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yNzczYjMtNTEwOS00M2MwLTgwMDktNDI0ZGRhNTE5ZWYx
LzEvR29QT1JLNU1jQjZwY2RNMDM2dThXeWptUjI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYb4AwQA
LYb6AwQALYxEAwQALYxGMA0GCSqGSIb3DQEBCwUAA4IBAQB3Lj/nvtnIsBK3RxG+
iBDWNLUgSM8hjzr+aAvO+U5pE64stPFXxcEGdLBp1a9y7fvI9hWvEaNHLaqUBlTk
9dsV1/Ik074bsw0GGjNoOaNl/5D2bqzZPUQh4QbU+KWOPZ5xSJPA6oYrVFnUGOPs
pjrqC7EXZth+a+cr6lCgsFyowSy1OPuZi3d0MLW6RM+YR5r0p5VYNcSg5QOomYTE
CsGVgmOxvUwqdWV6XM9FDcXFml3C8sGLrfb+T2qy+TO3ltLT/aEIos4NE57eXU1I
YAFbwLIJVDDxL7XZqrJnm9CvVX8hE2u3RzUgSjNsgGidswyPhRUAJ/XA7pY/MA02
MkW8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:26 2024 by rpki-client on console-fra.rpki-client.org