Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b648fb-f50b-4cc2-a2b1-2f68216b7424/1/d_Hk8oEiOaKMPy3OijDYeOQPXvQ.roa
File:                     d_Hk8oEiOaKMPy3OijDYeOQPXvQ.roa (raw, json)
Hash identifier:          gJUSuq20az2eR2doq1ca9y//C3R6Z1SrcAdpteVQvGs=
Subject key identifier:   77:F1:E4:F2:81:22:39:A2:8C:3F:2D:CE:8A:30:D8:78:E4:0F:5E:F4
Certificate issuer:       /CN=32010f70276e418d58f08c56a79a82b99aca1763
Certificate serial:       0188332D1D76947EC8946D7E1434386BE9E0
Authority key identifier: 32:01:0F:70:27:6E:41:8D:58:F0:8C:56:A7:9A:82:B9:9A:CA:17:63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MgEPcCduQY1Y8IxWp5qCuZrKF2M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/b648fb-f50b-4cc2-a2b1-2f68216b7424/1/d_Hk8oEiOaKMPy3OijDYeOQPXvQ.roa
Signing time:             Fri 19 May 2023 08:42:54 +0000
ROA not before:           Fri 19 May 2023 08:42:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        45.88.248.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:33:2d:1d:76:94:7e:c8:94:6d:7e:14:34:38:6b:e9:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32010f70276e418d58f08c56a79a82b99aca1763
        Validity
            Not Before: May 19 08:42:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=77f1e4f2812239a28c3f2dce8a30d878e40f5ef4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:bb:b9:d4:ac:51:74:93:54:16:8a:23:62:9c:
                    16:04:f9:62:c3:e4:f8:71:43:af:cd:29:05:21:b3:
                    ea:c0:0a:14:04:84:4e:c1:67:43:79:87:a9:50:7e:
                    f9:91:1f:82:cd:fb:ff:47:0f:92:96:16:43:bc:9c:
                    18:05:77:31:06:35:fd:78:01:74:7d:a5:43:49:1d:
                    b8:3b:67:6b:b0:69:84:2c:95:39:3d:7a:31:d4:21:
                    cc:48:bb:11:1f:90:4a:17:4d:dd:eb:53:ee:ed:e0:
                    1c:75:b1:b7:bf:c9:78:d4:ee:47:97:bd:43:69:5d:
                    94:37:73:fd:57:a7:5d:a0:7c:b5:c0:52:56:50:2d:
                    19:59:1f:b5:af:04:02:f6:d6:ec:f2:99:42:19:03:
                    b0:84:f4:ca:fc:c9:44:43:00:e6:05:a7:6a:60:7b:
                    08:f8:44:cd:0a:d4:93:09:e8:43:18:a0:62:cf:94:
                    1f:13:73:21:ba:dd:f3:6c:dd:00:7c:07:e0:13:0d:
                    25:14:c9:53:f0:da:2f:bf:df:37:24:84:6d:5b:8e:
                    cf:ab:48:f2:2f:b5:43:52:e0:39:24:15:5c:21:46:
                    fe:9c:90:0c:08:4c:35:a3:2b:05:91:95:30:e2:dc:
                    79:61:b4:d1:3a:a9:02:93:84:91:a9:f7:1d:45:72:
                    e7:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:F1:E4:F2:81:22:39:A2:8C:3F:2D:CE:8A:30:D8:78:E4:0F:5E:F4
            X509v3 Authority Key Identifier:
                keyid:32:01:0F:70:27:6E:41:8D:58:F0:8C:56:A7:9A:82:B9:9A:CA:17:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MgEPcCduQY1Y8IxWp5qCuZrKF2M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b648fb-f50b-4cc2-a2b1-2f68216b7424/1/d_Hk8oEiOaKMPy3OijDYeOQPXvQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b648fb-f50b-4cc2-a2b1-2f68216b7424/1/MgEPcCduQY1Y8IxWp5qCuZrKF2M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.88.248.0/22

    Signature Algorithm: sha256WithRSAEncryption
         22:80:9a:ee:10:d1:e9:aa:1c:67:fd:c5:f1:5a:d5:3a:fa:6d:
         9a:bb:77:cd:84:c1:21:b9:d1:8b:3f:4c:4a:ed:47:e2:0a:07:
         ed:48:a5:30:83:0b:2c:b3:bf:f0:61:2f:36:06:3f:4e:d9:5f:
         40:6c:4e:0a:f9:f3:5b:12:c7:64:65:b1:55:22:44:82:13:27:
         d6:da:6d:02:9c:85:e1:15:53:93:5f:86:ba:c3:71:a7:44:48:
         1a:35:51:b9:f5:36:06:25:18:f6:b3:af:d7:b5:32:0e:cb:10:
         00:de:88:ee:f9:01:fd:d4:95:e2:a0:78:da:ba:7a:e4:65:82:
         d4:ff:f4:54:74:42:c9:a6:f9:28:ea:56:ba:ab:b0:23:68:ae:
         48:d7:9d:f7:5b:42:f5:51:f5:b8:a6:d3:dc:18:e6:8c:36:86:
         d8:e2:3a:89:57:07:9c:05:e3:4b:07:07:85:4f:30:f0:5e:ed:
         78:ed:cc:07:3f:35:32:25:d4:22:ca:2a:84:29:d1:21:6d:49:
         33:11:33:48:3e:4c:e4:6b:e7:07:37:8c:9a:a4:3e:61:29:4c:
         0a:93:69:2b:c6:60:30:2b:b9:48:78:72:ea:9e:fb:73:2c:c6:
         10:78:9b:1d:11:2b:d8:09:7d:ea:ee:b5:3f:17:b2:3b:cf:f7:
         7b:38:78:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgzLR12lH7IlG1+FDQ4a+ngMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMDEwZjcwMjc2ZTQxOGQ1OGYwOGM1NmE3OWE4MmI5OWFj
YTE3NjMwHhcNMjMwNTE5MDg0MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2YxZTRmMjgxMjIzOWEyOGMzZjJkY2U4YTMwZDg3OGU0MGY1ZWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6bu51KxRdJNUFoojYpwWBPliw+T4
cUOvzSkFIbPqwAoUBIROwWdDeYepUH75kR+Czfv/Rw+SlhZDvJwYBXcxBjX9eAF0
faVDSR24O2drsGmELJU5PXox1CHMSLsRH5BKF03d61Pu7eAcdbG3v8l41O5Hl71D
aV2UN3P9V6ddoHy1wFJWUC0ZWR+1rwQC9tbs8plCGQOwhPTK/MlEQwDmBadqYHsI
+ETNCtSTCehDGKBiz5QfE3Mhut3zbN0AfAfgEw0lFMlT8Novv983JIRtW47Pq0jy
L7VDUuA5JBVcIUb+nJAMCEw1oysFkZUw4tx5YbTROqkCk4SRqfcdRXLniwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHfx5PKBIjmijD8tzoow2HjkD170MB8GA1UdIwQY
MBaAFDIBD3AnbkGNWPCMVqeagrmayhdjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWdFUGNDZHVRWTFZOEl4V3A1cUN1WnJLRjJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iNjQ4ZmItZjUwYi00Y2MyLWEyYjEt
MmY2ODIxNmI3NDI0LzEvZF9IazhvRWlPYUtNUHkzT2lqRFllT1FQWHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iNjQ4ZmItZjUwYi00Y2MyLWEyYjEtMmY2ODIxNmI3NDI0
LzEvTWdFUGNDZHVRWTFZOEl4V3A1cUN1WnJLRjJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVj4MA0G
CSqGSIb3DQEBCwUAA4IBAQAigJruENHpqhxn/cXxWtU6+m2au3fNhMEhudGLP0xK
7UfiCgftSKUwgwsss7/wYS82Bj9O2V9AbE4K+fNbEsdkZbFVIkSCEyfW2m0CnIXh
FVOTX4a6w3GnREgaNVG59TYGJRj2s6/XtTIOyxAA3oju+QH91JXioHjaunrkZYLU
//RUdELJpvko6la6q7AjaK5I1533W0L1UfW4ptPcGOaMNobY4jqJVwecBeNLBweF
TzDwXu147cwHPzUyJdQiyiqEKdEhbUkzETNIPkzka+cHN4yapD5hKUwKk2krxmAw
K7lIeHLqnvtzLMYQeJsdESvYCX3q7rU/F7I7z/d7OHiU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:56 2024 by rpki-client on console-fra.rpki-client.org