Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/c90d5d-ca61-4464-899a-d1205e0c0cce/1/zS45UZnn2shwx983uT6ZBkDPKz4.roa
File:                     zS45UZnn2shwx983uT6ZBkDPKz4.roa (raw, json)
Hash identifier:          d2UJyxLFO3voAdk8EaxByf+2LIoyZTRE4yTM2NmCSqA=
Subject key identifier:   CD:2E:39:51:99:E7:DA:C8:70:C7:DF:37:B9:3E:99:06:40:CF:2B:3E
Certificate issuer:       /CN=af5316fc4a83b3d03e2975f8bec270cb0f4efb1d
Certificate serial:       018AB6EE2DB11563C95AA177073EDB0999B9
Authority key identifier: AF:53:16:FC:4A:83:B3:D0:3E:29:75:F8:BE:C2:70:CB:0F:4E:FB:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r1MW_EqDs9A-KXX4vsJwyw9O-x0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/c90d5d-ca61-4464-899a-d1205e0c0cce/1/zS45UZnn2shwx983uT6ZBkDPKz4.roa
Signing time:             Thu 21 Sep 2023 08:49:37 +0000
ROA not before:           Thu 21 Sep 2023 08:49:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203020
IP address blocks:        82.115.215.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b6:ee:2d:b1:15:63:c9:5a:a1:77:07:3e:db:09:99:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af5316fc4a83b3d03e2975f8bec270cb0f4efb1d
        Validity
            Not Before: Sep 21 08:49:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cd2e395199e7dac870c7df37b93e990640cf2b3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:34:8a:cd:2f:73:4a:eb:28:ed:a9:8e:c4:79:
                    50:2d:e3:71:2d:c5:4b:f7:ee:88:56:4c:53:98:6a:
                    dd:ae:f7:a0:e0:23:ed:ce:32:a3:2e:5a:31:d9:f5:
                    08:90:c9:e5:5c:a8:8e:e1:8d:f8:f8:90:67:b2:65:
                    2f:36:7b:87:f0:41:9b:6b:2e:8c:51:fd:81:1b:0a:
                    c4:46:ee:9e:75:00:3b:4a:18:33:0d:93:32:0a:f3:
                    18:7a:b1:49:6a:5f:cb:c9:64:7b:07:fc:f7:ef:4b:
                    cf:43:7e:2e:c4:d0:35:0d:b3:64:ef:6e:9b:61:1b:
                    35:12:f1:d0:33:d8:d7:13:78:a9:2b:37:0b:c3:6f:
                    25:d7:c2:10:48:84:6d:5a:d4:7c:80:e1:67:0f:7d:
                    54:f3:38:34:70:aa:b7:d8:c8:d5:87:0d:98:d5:c4:
                    95:f7:ed:5e:88:22:b2:5e:61:19:89:ed:ef:8a:93:
                    a3:ef:b7:30:40:ae:6e:10:d4:b5:85:84:8b:9a:e7:
                    a5:18:0a:d4:88:2b:82:e5:aa:02:ae:4d:f3:42:2f:
                    ab:03:36:4c:18:6e:36:9a:e7:d6:56:15:79:ae:00:
                    ff:ca:f9:58:87:1d:1d:ad:0c:14:7a:66:e9:d6:d8:
                    17:fe:de:49:7d:66:0e:30:45:c2:8d:ac:28:ab:37:
                    70:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:2E:39:51:99:E7:DA:C8:70:C7:DF:37:B9:3E:99:06:40:CF:2B:3E
            X509v3 Authority Key Identifier:
                keyid:AF:53:16:FC:4A:83:B3:D0:3E:29:75:F8:BE:C2:70:CB:0F:4E:FB:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r1MW_EqDs9A-KXX4vsJwyw9O-x0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/c90d5d-ca61-4464-899a-d1205e0c0cce/1/zS45UZnn2shwx983uT6ZBkDPKz4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/c90d5d-ca61-4464-899a-d1205e0c0cce/1/r1MW_EqDs9A-KXX4vsJwyw9O-x0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.115.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:d0:27:d4:06:45:2b:23:b1:0b:f8:16:3b:e2:70:4f:c6:ed:
         b1:46:09:a7:7a:37:03:d7:49:e6:11:39:91:be:ab:40:6d:8a:
         22:15:b6:31:68:d2:65:6f:11:ad:7d:6e:c7:d3:b8:16:53:1c:
         9d:7a:a9:5c:d1:64:f3:39:46:ba:d8:d6:1a:dc:de:fd:43:f2:
         a9:6e:d9:1a:bc:4c:75:72:b2:73:55:d6:a5:37:1d:fd:31:18:
         27:0d:73:af:2b:05:b1:92:ec:2b:50:a6:bd:57:e7:c7:65:86:
         c8:37:21:73:65:8b:36:49:3b:96:8c:d9:ae:3d:1f:c0:9a:59:
         dc:c4:00:7a:0c:49:02:6a:b0:b9:86:d6:3b:9a:53:dc:10:fb:
         5b:1d:80:2e:2d:98:84:a2:9b:28:ad:ae:53:9a:5e:aa:b5:29:
         8d:c9:05:b3:96:eb:7e:06:89:1a:10:69:56:c2:45:a1:2b:2a:
         0c:e5:e6:0a:63:6c:fd:b4:f0:0a:3e:c8:27:07:0d:bf:b1:a5:
         81:8c:0d:91:9d:63:f9:2e:82:83:45:11:61:9c:89:92:95:c2:
         b9:7f:a4:30:0f:23:6c:ef:02:e9:a6:bf:6a:da:a3:67:2e:f0:
         2b:e1:81:e1:4c:1f:99:f7:b6:61:51:cb:a1:46:01:3a:05:ba:
         4b:80:dd:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYq27i2xFWPJWqF3Bz7bCZm5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNTMxNmZjNGE4M2IzZDAzZTI5NzVmOGJlYzI3MGNiMGY0
ZWZiMWQwHhcNMjMwOTIxMDg0OTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDJlMzk1MTk5ZTdkYWM4NzBjN2RmMzdiOTNlOTkwNjQwY2YyYjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujSKzS9zSuso7amOxHlQLeNxLcVL
9+6IVkxTmGrdrveg4CPtzjKjLlox2fUIkMnlXKiO4Y34+JBnsmUvNnuH8EGbay6M
Uf2BGwrERu6edQA7ShgzDZMyCvMYerFJal/LyWR7B/z370vPQ34uxNA1DbNk726b
YRs1EvHQM9jXE3ipKzcLw28l18IQSIRtWtR8gOFnD31U8zg0cKq32MjVhw2Y1cSV
9+1eiCKyXmEZie3vipOj77cwQK5uENS1hYSLmuelGArUiCuC5aoCrk3zQi+rAzZM
GG42mufWVhV5rgD/yvlYhx0drQwUembp1tgX/t5JfWYOMEXCjawoqzdwLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM0uOVGZ59rIcMffN7k+mQZAzys+MB8GA1UdIwQY
MBaAFK9TFvxKg7PQPil1+L7CcMsPTvsdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjFNV19FcURzOUEtS1hYNHZzSnd5dzlPLXgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9jOTBkNWQtY2E2MS00NDY0LTg5OWEt
ZDEyMDVlMGMwY2NlLzEvelM0NVVabm4yc2h3eDk4M3VUNlpCa0RQS3o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9jOTBkNWQtY2E2MS00NDY0LTg5OWEtZDEyMDVlMGMwY2Nl
LzEvcjFNV19FcURzOUEtS1hYNHZzSnd5dzlPLXgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUnPXMA0G
CSqGSIb3DQEBCwUAA4IBAQCF0CfUBkUrI7EL+BY74nBPxu2xRgmnejcD10nmETmR
vqtAbYoiFbYxaNJlbxGtfW7H07gWUxydeqlc0WTzOUa62NYa3N79Q/KpbtkavEx1
crJzVdalNx39MRgnDXOvKwWxkuwrUKa9V+fHZYbINyFzZYs2STuWjNmuPR/Amlnc
xAB6DEkCarC5htY7mlPcEPtbHYAuLZiEopsora5Tml6qtSmNyQWzlut+BokaEGlW
wkWhKyoM5eYKY2z9tPAKPsgnBw2/saWBjA2RnWP5LoKDRRFhnImSlcK5f6QwDyNs
7wLppr9q2qNnLvAr4YHhTB+Z97ZhUcuhRgE6BbpLgN22
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:59 2024 by rpki-client on console-ams.rpki-client.org