Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/B-p68vjCLzw2t6RZKIm3t1P6_nw.roa
File:                     B-p68vjCLzw2t6RZKIm3t1P6_nw.roa (raw, json)
Hash identifier:          2tAjirp704PGewRuNL5sRk7kLbYBd+9v/n0OElnGAK4=
Subject key identifier:   07:EA:7A:F2:F8:C2:2F:3C:36:B7:A4:59:28:89:B7:B7:53:FA:FE:7C
Certificate issuer:       /CN=ed30a131718560a34ab3493884e858ec431f6ad1
Certificate serial:       018D78FBAB4BFE8F34EBAC1D77C7149F5E78
Authority key identifier: ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/B-p68vjCLzw2t6RZKIm3t1P6_nw.roa
Signing time:             Mon 05 Feb 2024 11:16:15 +0000
ROA not before:           Mon 05 Feb 2024 11:16:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49022
IP address blocks:        45.139.8.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 12 Feb 2024 12:48:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:78:fb:ab:4b:fe:8f:34:eb:ac:1d:77:c7:14:9f:5e:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed30a131718560a34ab3493884e858ec431f6ad1
        Validity
            Not Before: Feb  5 11:16:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=07ea7af2f8c22f3c36b7a4592889b7b753fafe7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:ff:0b:ad:06:97:02:00:75:35:2f:34:bb:0c:
                    59:50:74:9e:2f:61:8c:ed:ed:f3:ae:c5:61:0e:01:
                    ef:44:eb:78:19:1a:bc:a6:2d:10:a2:5d:ff:3e:4c:
                    9e:1c:15:82:15:34:c6:21:04:67:43:cf:15:1f:63:
                    95:c8:d4:bc:cc:be:de:bd:ab:ea:fc:cd:98:25:87:
                    92:33:14:56:ca:aa:ab:df:a0:d6:ca:85:af:0d:7a:
                    b1:3d:24:cf:e9:76:f9:38:75:e2:93:12:08:fd:ca:
                    36:3b:f6:12:cf:b5:47:47:d4:5a:aa:f7:4e:81:5a:
                    20:be:86:10:5c:a4:f6:79:09:ec:1b:dc:0e:21:45:
                    b7:22:22:00:19:aa:da:bf:08:8d:16:04:04:9a:7d:
                    80:42:98:7b:9b:3a:67:ad:25:ed:98:04:42:5c:de:
                    c3:fc:54:84:22:21:75:7e:42:57:03:9c:37:9d:7a:
                    fd:e6:55:f9:95:02:2d:a7:90:3b:75:07:de:c3:d0:
                    95:35:a4:86:5b:3d:23:08:dc:a6:0c:06:43:89:38:
                    a8:3b:36:cf:47:58:de:d5:d3:17:18:cd:e5:f2:65:
                    da:6e:35:08:70:7a:6b:41:1a:42:2c:ef:7f:e2:82:
                    df:e1:97:a1:f3:c3:e0:fd:21:13:f9:c2:95:8f:d5:
                    6a:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:EA:7A:F2:F8:C2:2F:3C:36:B7:A4:59:28:89:B7:B7:53:FA:FE:7C
            X509v3 Authority Key Identifier:
                keyid:ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/B-p68vjCLzw2t6RZKIm3t1P6_nw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.139.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:7a:7a:ef:16:17:8e:85:27:35:58:0e:a3:0d:61:94:35:5b:
         80:f1:f7:7e:2c:26:bd:cc:ef:d3:50:77:5a:31:64:f0:0d:99:
         be:e0:ba:a7:61:2f:46:d1:3c:97:aa:de:eb:ab:e7:b6:cc:56:
         45:37:95:fc:a2:77:ff:5a:b7:c3:75:7a:59:7c:9e:43:59:80:
         61:0a:00:b4:e9:76:69:6b:4b:18:23:40:52:3c:de:43:ac:e2:
         21:82:0b:f5:fe:0b:b2:d0:2d:41:80:df:23:fa:31:de:b5:1f:
         1a:5b:b8:0f:d4:a4:48:65:23:a2:f2:98:d2:2b:40:24:9f:1d:
         15:c3:22:4c:a5:69:47:0a:67:57:46:26:67:2e:c8:7a:51:24:
         94:34:d7:73:eb:c5:f1:c4:b4:e7:e4:ea:39:da:77:33:49:7e:
         51:7e:fe:94:d4:b3:68:57:82:0e:14:23:dd:d7:1e:6c:10:5f:
         21:69:00:e7:d1:6e:27:9f:db:6c:98:94:69:56:2c:9e:02:94:
         27:f9:08:95:e6:1c:b2:a9:f5:cb:bb:2d:d8:f0:67:4f:00:c9:
         69:f9:30:33:10:88:4b:e9:29:42:9e:f2:8b:3b:a7:c4:88:47:
         1c:53:0c:7b:6a:2e:55:8d:43:ba:54:a4:01:36:81:c4:dc:89:
         86:3f:57:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY14+6tL/o8066wdd8cUn154MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkMzBhMTMxNzE4NTYwYTM0YWIzNDkzODg0ZTg1OGVjNDMx
ZjZhZDEwHhcNMjQwMjA1MTExNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2VhN2FmMmY4YzIyZjNjMzZiN2E0NTkyODg5YjdiNzUzZmFmZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgP8LrQaXAgB1NS80uwxZUHSeL2GM
7e3zrsVhDgHvROt4GRq8pi0Qol3/PkyeHBWCFTTGIQRnQ88VH2OVyNS8zL7evavq
/M2YJYeSMxRWyqqr36DWyoWvDXqxPSTP6Xb5OHXikxII/co2O/YSz7VHR9RaqvdO
gVogvoYQXKT2eQnsG9wOIUW3IiIAGaravwiNFgQEmn2AQph7mzpnrSXtmARCXN7D
/FSEIiF1fkJXA5w3nXr95lX5lQItp5A7dQfew9CVNaSGWz0jCNymDAZDiTioOzbP
R1je1dMXGM3l8mXabjUIcHprQRpCLO9/4oLf4Zeh88Pg/SET+cKVj9Vq8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAfqevL4wi88NrekWSiJt7dT+v58MB8GA1UdIwQY
MBaAFO0woTFxhWCjSrNJOIToWOxDH2rRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTkt
NGIzYjFiNjNiNmFiLzEvQi1wNjh2akNMencydDZSWktJbTN0MVA2X253LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTktNGIzYjFiNjNiNmFi
LzEvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYsIMA0G
CSqGSIb3DQEBCwUAA4IBAQAGenrvFheOhSc1WA6jDWGUNVuA8fd+LCa9zO/TUHda
MWTwDZm+4LqnYS9G0TyXqt7rq+e2zFZFN5X8onf/WrfDdXpZfJ5DWYBhCgC06XZp
a0sYI0BSPN5DrOIhggv1/guy0C1BgN8j+jHetR8aW7gP1KRIZSOi8pjSK0Aknx0V
wyJMpWlHCmdXRiZnLsh6USSUNNdz68XxxLTn5Oo52nczSX5Rfv6U1LNoV4IOFCPd
1x5sEF8haQDn0W4nn9tsmJRpViyeApQn+QiV5hyyqfXLuy3Y8GdPAMlp+TAzEIhL
6SlCnvKLO6fEiEccUwx7ai5VjUO6VKQBNoHE3ImGP1eR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:01 2024 by rpki-client on console-fra.rpki-client.org