Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/375ebc-bafb-4e0b-b549-77635a22eb96/1/bswmZdP0SFAB3NE0oqq_H_npCOs.roa
File:                     bswmZdP0SFAB3NE0oqq_H_npCOs.roa (raw, json)
Hash identifier:          /BFZ4LWxu2/GdLnOJw6pJlySaHD8KIKlAaxWXJqc9G4=
Subject key identifier:   6E:CC:26:65:D3:F4:48:50:01:DC:D1:34:A2:AA:BF:1F:F9:E9:08:EB
Certificate issuer:       /CN=b7c40a747e3ac1acc611a4c403b6007398e7d79f
Certificate serial:       01856F66D6393D765D46E6CB649F99899D2E
Authority key identifier: B7:C4:0A:74:7E:3A:C1:AC:C6:11:A4:C4:03:B6:00:73:98:E7:D7:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t8QKdH46wazGEaTEA7YAc5jn158.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/375ebc-bafb-4e0b-b549-77635a22eb96/1/bswmZdP0SFAB3NE0oqq_H_npCOs.roa
Signing time:             Sun 01 Jan 2023 22:14:48 +0000
ROA not before:           Sun 01 Jan 2023 22:14:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209403
IP address blocks:        45.67.12.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:66:d6:39:3d:76:5d:46:e6:cb:64:9f:99:89:9d:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b7c40a747e3ac1acc611a4c403b6007398e7d79f
        Validity
            Not Before: Jan  1 22:14:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6ecc2665d3f4485001dcd134a2aabf1ff9e908eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:8b:66:a7:37:aa:40:4c:1b:5b:c8:97:ee:38:
                    b3:ea:50:9e:ab:0f:ab:35:a5:b4:0f:c2:2c:7d:30:
                    1e:42:52:99:d6:68:46:d3:f9:55:ea:4e:5f:7a:4e:
                    4f:3e:d5:2a:6d:d8:c6:c3:73:03:59:1d:c2:4c:72:
                    93:48:0f:f9:17:cb:93:d0:35:6d:15:0c:7b:f3:a1:
                    5a:cd:91:5f:89:b6:05:e8:68:28:15:ca:57:91:64:
                    fd:ca:c9:59:c6:18:89:67:1b:02:af:ea:59:2b:61:
                    c7:6b:24:69:9c:3d:8c:9e:54:b8:e3:63:ee:54:28:
                    76:e6:5f:61:bf:6c:18:36:5f:20:da:47:78:e5:26:
                    ae:01:76:40:fd:f0:25:93:db:d4:4d:1b:00:0d:b8:
                    b8:58:52:e6:e8:74:1e:76:9c:53:c2:82:c7:c5:2c:
                    fe:87:0f:7e:a9:e4:2d:01:a2:22:28:63:e5:e4:86:
                    69:99:55:a5:54:7b:79:5b:ed:62:52:c0:21:8a:15:
                    d2:4d:c8:d4:12:e5:0f:44:ad:ee:ed:ad:e1:1b:8a:
                    6e:a7:1f:3e:45:59:2c:f2:3f:91:11:bd:ba:b9:22:
                    52:3c:3e:2a:42:a2:7e:f2:71:9e:fc:42:e0:9d:81:
                    99:a9:8d:3b:b6:70:0f:d9:6f:82:67:3e:f1:38:0c:
                    3f:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:CC:26:65:D3:F4:48:50:01:DC:D1:34:A2:AA:BF:1F:F9:E9:08:EB
            X509v3 Authority Key Identifier:
                keyid:B7:C4:0A:74:7E:3A:C1:AC:C6:11:A4:C4:03:B6:00:73:98:E7:D7:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t8QKdH46wazGEaTEA7YAc5jn158.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/375ebc-bafb-4e0b-b549-77635a22eb96/1/bswmZdP0SFAB3NE0oqq_H_npCOs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/375ebc-bafb-4e0b-b549-77635a22eb96/1/t8QKdH46wazGEaTEA7YAc5jn158.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:c2:6e:fb:59:83:b4:4a:db:5f:56:70:fb:7f:ac:ad:72:17:
         00:0e:d7:a2:42:04:fc:b2:bb:2d:93:84:70:9b:48:8b:df:b6:
         7a:08:e4:ad:da:a9:4b:b9:14:b8:03:fb:d6:4b:c3:2f:b8:e5:
         b9:f2:25:fe:5d:23:d7:5f:af:7d:ac:ad:60:dc:c0:6a:59:a3:
         e2:6b:e6:8e:40:4d:0e:c6:e1:a9:b2:e2:ad:2c:18:27:39:a1:
         a3:c5:ac:f3:f0:0c:93:1f:a9:a4:c9:da:c1:f2:1f:2a:98:07:
         9d:d0:d7:24:9e:45:90:03:d8:d6:7e:9f:da:49:00:39:a0:c0:
         a9:de:57:3a:f8:1f:31:35:2a:b5:72:a3:bd:98:c2:80:d8:6f:
         84:48:7a:64:ef:34:ab:6f:79:a9:b5:f7:a6:dc:0b:fa:3a:f3:
         17:66:ee:09:78:8d:a6:9b:21:3d:19:bc:73:ab:2b:94:6d:05:
         b2:77:15:fb:0b:7d:eb:b6:63:0f:92:df:7d:e1:bc:b2:50:fc:
         a2:8e:11:25:54:65:dc:b8:29:f2:63:fc:b5:25:38:5b:0e:39:
         be:a5:4c:7b:78:5c:f5:89:c1:d2:d8:51:5e:8c:c9:56:bf:c4:
         03:6f:4e:0b:9d:85:a0:34:d6:88:1b:8d:82:93:81:29:d9:72:
         93:1d:d8:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZtY5PXZdRubLZJ+ZiZ0uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3YzQwYTc0N2UzYWMxYWNjNjExYTRjNDAzYjYwMDczOThl
N2Q3OWYwHhcNMjMwMTAxMjIxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWNjMjY2NWQzZjQ0ODUwMDFkY2QxMzRhMmFhYmYxZmY5ZTkwOGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYtmpzeqQEwbW8iX7jiz6lCeqw+r
NaW0D8IsfTAeQlKZ1mhG0/lV6k5fek5PPtUqbdjGw3MDWR3CTHKTSA/5F8uT0DVt
FQx786FazZFfibYF6GgoFcpXkWT9yslZxhiJZxsCr+pZK2HHayRpnD2MnlS442Pu
VCh25l9hv2wYNl8g2kd45SauAXZA/fAlk9vUTRsADbi4WFLm6HQedpxTwoLHxSz+
hw9+qeQtAaIiKGPl5IZpmVWlVHt5W+1iUsAhihXSTcjUEuUPRK3u7a3hG4pupx8+
RVks8j+REb26uSJSPD4qQqJ+8nGe/ELgnYGZqY07tnAP2W+CZz7xOAw/cwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG7MJmXT9EhQAdzRNKKqvx/56QjrMB8GA1UdIwQY
MBaAFLfECnR+OsGsxhGkxAO2AHOY59efMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDhRS2RINDZ3YXpHRWFURUE3WUFjNWpuMTU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8zNzVlYmMtYmFmYi00ZTBiLWI1NDkt
Nzc2MzVhMjJlYjk2LzEvYnN3bVpkUDBTRkFCM05FMG9xcV9IX25wQ09zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8zNzVlYmMtYmFmYi00ZTBiLWI1NDktNzc2MzVhMjJlYjk2
LzEvdDhRS2RINDZ3YXpHRWFURUE3WUFjNWpuMTU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALUMMMA0G
CSqGSIb3DQEBCwUAA4IBAQCHwm77WYO0SttfVnD7f6ytchcADteiQgT8srstk4Rw
m0iL37Z6COSt2qlLuRS4A/vWS8MvuOW58iX+XSPXX699rK1g3MBqWaPia+aOQE0O
xuGpsuKtLBgnOaGjxazz8AyTH6mkydrB8h8qmAed0NcknkWQA9jWfp/aSQA5oMCp
3lc6+B8xNSq1cqO9mMKA2G+ESHpk7zSrb3mptfem3Av6OvMXZu4JeI2mmyE9Gbxz
qyuUbQWydxX7C33rtmMPkt994byyUPyijhElVGXcuCnyY/y1JThbDjm+pUx7eFz1
icHS2FFejMlWv8QDb04LnYWgNNaIG42Ck4Ep2XKTHdiZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:37 2024 by rpki-client on console-ams.rpki-client.org