Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/hhNYE3a4c7OWIXZviQygYMudUgo.roa
File:                     hhNYE3a4c7OWIXZviQygYMudUgo.roa (raw, json)
Hash identifier:          +8S6zbRCBdNtitdIfhSzNUkGo0Czj66YJc3JDRW/554=
Subject key identifier:   86:13:58:13:76:B8:73:B3:96:21:76:6F:89:0C:A0:60:CB:9D:52:0A
Certificate issuer:       /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial:       018E46979DB843F5758D693DBDD2C4A5D15C
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/hhNYE3a4c7OWIXZviQygYMudUgo.roa
Signing time:             Sat 16 Mar 2024 09:28:45 +0000
ROA not before:           Sat 16 Mar 2024 09:28:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210538
IP address blocks:        45.133.36.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 16 Mar 2024 10:03:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:46:97:9d:b8:43:f5:75:8d:69:3d:bd:d2:c4:a5:d1:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
        Validity
            Not Before: Mar 16 09:28:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8613581376b873b39621766f890ca060cb9d520a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:44:3f:75:fd:1e:7f:26:71:43:19:5a:be:30:
                    88:f3:1e:59:6e:b4:84:ed:77:88:37:fc:c7:ec:62:
                    9e:db:87:45:01:4b:a4:3b:d2:ff:36:90:1a:77:42:
                    b4:a1:c8:bc:08:f6:79:5d:d6:97:e2:e2:35:e1:82:
                    d0:9e:e0:0e:8f:59:7e:dd:ea:80:9e:7b:39:1c:68:
                    f1:a2:18:71:81:39:30:87:b3:ff:a1:25:af:65:4e:
                    e2:aa:4f:ab:eb:61:44:73:f0:a1:6b:23:28:13:20:
                    9e:e0:8b:48:78:14:55:5b:58:7a:75:b1:a1:80:9f:
                    43:4b:cb:85:68:74:fe:de:04:78:e0:bd:9c:c5:c6:
                    6f:39:c4:e4:40:ea:d2:76:23:39:ac:20:0e:d5:77:
                    c7:a4:e4:c8:87:81:c3:b0:e2:65:5c:3f:c2:f0:89:
                    d2:94:ba:07:e8:e8:94:c7:ce:42:3e:2a:54:f0:d2:
                    68:36:62:9d:36:87:0a:2b:73:9d:b2:ec:9f:dd:21:
                    65:4e:a8:4d:f1:63:88:71:0e:e6:8b:cc:ab:86:8f:
                    83:46:f4:a2:34:3e:b7:7f:c0:87:91:f8:06:8d:c1:
                    ff:2e:9b:17:e5:da:a9:79:44:80:0b:dd:0b:de:96:
                    9d:27:06:cc:15:69:a4:be:74:e5:68:84:15:fd:f9:
                    c0:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:13:58:13:76:B8:73:B3:96:21:76:6F:89:0C:A0:60:CB:9D:52:0A
            X509v3 Authority Key Identifier:
                keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/hhNYE3a4c7OWIXZviQygYMudUgo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.133.36.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:7d:94:5f:de:49:89:da:23:2e:d3:37:11:9b:c5:66:e1:ad:
         c9:92:fa:a0:a2:4c:f7:69:47:05:ae:4f:90:c2:e9:bf:ee:1d:
         af:59:5a:92:99:e4:04:86:05:6e:eb:d5:86:0c:b0:e7:85:c2:
         04:44:7e:be:b9:e3:5e:31:53:d1:6a:9c:93:64:99:74:b2:95:
         7c:a1:10:fe:12:01:6d:d0:eb:eb:3f:10:f3:3b:1d:df:92:f6:
         2b:d1:13:95:bd:20:a7:5e:63:c6:bc:27:66:b3:c1:af:26:e7:
         92:c4:83:d3:9d:24:45:dd:4c:f0:b1:34:bb:3d:80:d3:bd:f1:
         d3:d3:78:68:b4:1b:8f:27:dd:e6:bc:46:ed:1e:8c:b0:6d:88:
         d6:ab:af:57:37:e3:f9:c7:d8:5a:84:b0:87:41:dd:bd:3b:aa:
         ea:2a:c2:68:66:c4:64:9b:b9:36:a4:8f:b3:98:c3:bd:5c:5d:
         de:0c:a0:91:03:a1:c1:b4:54:73:ae:e0:ab:0e:38:2d:81:9f:
         05:dd:37:ae:7c:4f:a9:84:19:cd:c7:9c:ff:68:c8:5f:19:65:
         2a:2c:c4:82:61:9f:32:7a:95:d9:b6:9f:72:f3:a9:d2:1a:05:
         18:04:48:d8:ca:9b:07:c8:b1:00:5f:f1:5a:79:c3:ae:c9:f5:
         0d:81:bd:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5Gl524Q/V1jWk9vdLEpdFcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjQwMzE2MDkyODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjEzNTgxMzc2Yjg3M2IzOTYyMTc2NmY4OTBjYTA2MGNiOWQ1MjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkQ/df0efyZxQxlavjCI8x5ZbrSE
7XeIN/zH7GKe24dFAUukO9L/NpAad0K0oci8CPZ5XdaX4uI14YLQnuAOj1l+3eqA
nns5HGjxohhxgTkwh7P/oSWvZU7iqk+r62FEc/ChayMoEyCe4ItIeBRVW1h6dbGh
gJ9DS8uFaHT+3gR44L2cxcZvOcTkQOrSdiM5rCAO1XfHpOTIh4HDsOJlXD/C8InS
lLoH6OiUx85CPipU8NJoNmKdNocKK3Odsuyf3SFlTqhN8WOIcQ7mi8yrho+DRvSi
ND63f8CHkfgGjcH/LpsX5dqpeUSAC90L3padJwbMFWmkvnTlaIQV/fnAYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIYTWBN2uHOzliF2b4kMoGDLnVIKMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvaGhOWUUzYTRjN09XSVhadmlReWdZTXVkVWdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYUkMA0G
CSqGSIb3DQEBCwUAA4IBAQBxfZRf3kmJ2iMu0zcRm8Vm4a3Jkvqgokz3aUcFrk+Q
wum/7h2vWVqSmeQEhgVu69WGDLDnhcIERH6+ueNeMVPRapyTZJl0spV8oRD+EgFt
0OvrPxDzOx3fkvYr0ROVvSCnXmPGvCdms8GvJueSxIPTnSRF3UzwsTS7PYDTvfHT
03hotBuPJ93mvEbtHoywbYjWq69XN+P5x9hahLCHQd29O6rqKsJoZsRkm7k2pI+z
mMO9XF3eDKCRA6HBtFRzruCrDjgtgZ8F3TeufE+phBnNx5z/aMhfGWUqLMSCYZ8y
epXZtp9y86nSGgUYBEjYypsHyLEAX/FaecOuyfUNgb2E
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:45 2024 by rpki-client on console-ams.rpki-client.org